Warning: Permanently added '10.128.0.33' (ECDSA) to the list of known hosts. 2019/11/11 12:07:02 fuzzer started 2019/11/11 12:07:04 dialing manager at 10.128.0.26:45793 2019/11/11 12:07:05 syscalls: 2566 2019/11/11 12:07:05 code coverage: enabled 2019/11/11 12:07:05 comparison tracing: enabled 2019/11/11 12:07:05 extra coverage: extra coverage is not supported by the kernel 2019/11/11 12:07:05 setuid sandbox: enabled 2019/11/11 12:07:05 namespace sandbox: enabled 2019/11/11 12:07:05 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/11 12:07:05 fault injection: enabled 2019/11/11 12:07:05 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/11 12:07:05 net packet injection: enabled 2019/11/11 12:07:05 net device setup: enabled 2019/11/11 12:07:05 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/11 12:07:05 devlink PCI setup: PCI device 0000:00:10.0 is not available 12:10:17 executing program 0: open(&(0x7f0000000040)='.\x00', 0x0, 0x0) syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) pipe(&(0x7f0000000140)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) gin: [ 262.032308][ T8792] IPVS: ftp: loaded support on port[0] = 21 12:10:17 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x0) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) [ 262.182037][ T8792] chnl_net:caif_netlink_parms(): no params data found [ 262.274158][ T8792] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.283329][ T8792] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.292475][ T8795] IPVS: ftp: loaded support on port[0] = 21 [ 262.303045][ T8792] device bridge_slave_0 entered promiscuous mode 12:10:18 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000200)="063b8d8ecb3baaf234c1cc62655a21af", 0x10) [ 262.327475][ T8792] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.336586][ T8792] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.347646][ T8792] device bridge_slave_1 entered promiscuous mode [ 262.431611][ T8792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.461438][ T8792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 262.522440][ T8792] team0: Port device team_slave_0 added [ 262.538465][ T8792] team0: Port device team_slave_1 added [ 262.551315][ T8798] IPVS: ftp: loaded support on port[0] = 21 [ 262.561338][ T8795] chnl_net:caif_netlink_parms(): no params data found 12:10:18 executing program 3: perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = timerfd_create(0x8, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) [ 262.684283][ T8792] device hsr_slave_0 entered promiscuous mode [ 262.754328][ T8792] device hsr_slave_1 entered promiscuous mode [ 262.842625][ T8800] IPVS: ftp: loaded support on port[0] = 21 12:10:18 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, 0x0, &(0x7f0000000380)) [ 263.109474][ T8795] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.126053][ T8795] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.172852][ T8795] device bridge_slave_0 entered promiscuous mode [ 263.218260][ T8792] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.225561][ T8792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.233545][ T8792] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.240648][ T8792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.335180][ T2935] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.346267][ T2935] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.407302][ T8795] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.423115][ T8795] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.431282][ T8795] device bridge_slave_1 entered promiscuous mode [ 263.500988][ T8824] IPVS: ftp: loaded support on port[0] = 21 12:10:19 executing program 5: clock_adjtime(0x0, &(0x7f0000000140)={0xff, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 263.669287][ T8795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 263.705121][ T8795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 263.762419][ T8798] chnl_net:caif_netlink_parms(): no params data found [ 263.911521][ T8795] team0: Port device team_slave_0 added [ 264.028617][ T8795] team0: Port device team_slave_1 added [ 264.050035][ T8792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 264.074462][ T8800] chnl_net:caif_netlink_parms(): no params data found [ 264.181355][ T8792] 8021q: adding VLAN 0 to HW filter on device team0 [ 264.211081][ T8828] IPVS: ftp: loaded support on port[0] = 21 [ 264.237100][ T8795] device hsr_slave_0 entered promiscuous mode [ 264.283479][ T8795] device hsr_slave_1 entered promiscuous mode [ 264.303198][ T8795] debugfs: Directory 'hsr0' with parent '/' already present! [ 264.311233][ T8798] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.318761][ T8798] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.326635][ T8798] device bridge_slave_0 entered promiscuous mode [ 264.338879][ T8798] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.346059][ T8798] bridge0: port 2(bridge_slave_1) entered disabled state [ 264.354351][ T8798] device bridge_slave_1 entered promiscuous mode [ 264.369014][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 264.379536][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 264.440742][ T8800] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.448252][ T8800] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.456603][ T8800] device bridge_slave_0 entered promiscuous mode [ 264.467363][ T8800] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.474964][ T8800] bridge0: port 2(bridge_slave_1) entered disabled state [ 264.482650][ T8800] device bridge_slave_1 entered promiscuous mode [ 264.514816][ T8798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 264.528177][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 264.537727][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 264.546753][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.553889][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 264.627049][ T8798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 264.668431][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 264.688106][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 264.713674][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.720802][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 264.747328][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 264.774355][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 264.808256][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 264.818512][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 264.893869][ T8824] chnl_net:caif_netlink_parms(): no params data found [ 264.902713][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 264.943842][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 264.977797][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 265.017933][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 265.026850][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 265.046968][ T8792] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 265.080772][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 265.123217][ T8800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.140710][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 265.158923][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 265.240873][ T8798] team0: Port device team_slave_0 added [ 265.266895][ T8800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.321866][ T8798] team0: Port device team_slave_1 added [ 265.371055][ T8792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.419484][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 265.443617][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 265.490793][ T8824] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.498540][ T8824] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.528049][ T8824] device bridge_slave_0 entered promiscuous mode [ 265.549898][ T8800] team0: Port device team_slave_0 added [ 265.577667][ T8800] team0: Port device team_slave_1 added [ 265.689498][ T8798] device hsr_slave_0 entered promiscuous mode [ 265.743923][ T8798] device hsr_slave_1 entered promiscuous mode [ 265.783164][ T8798] debugfs: Directory 'hsr0' with parent '/' already present! [ 265.791003][ T8824] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.798430][ T8824] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.806498][ T8824] device bridge_slave_1 entered promiscuous mode [ 265.936055][ T8800] device hsr_slave_0 entered promiscuous mode [ 265.973612][ T8800] device hsr_slave_1 entered promiscuous mode [ 266.023080][ T8800] debugfs: Directory 'hsr0' with parent '/' already present! [ 266.033972][ T8828] chnl_net:caif_netlink_parms(): no params data found [ 266.044441][ T8824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.055920][ T8824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.120932][ T8824] team0: Port device team_slave_0 added [ 266.156704][ T8824] team0: Port device team_slave_1 added [ 266.279930][ T8795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 266.418415][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 266.452607][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 266.505702][ T8828] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.518487][ T8828] bridge0: port 1(bridge_slave_0) entered disabled state 12:10:22 executing program 0: open(&(0x7f0000000040)='.\x00', 0x0, 0x0) syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) pipe(&(0x7f0000000140)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) [ 266.596151][ T8828] device bridge_slave_0 entered promiscuous mode [ 266.746226][ T8824] device hsr_slave_0 entered promiscuous mode [ 266.804075][ T8824] device hsr_slave_1 entered promiscuous mode [ 266.843219][ T8824] debugfs: Directory 'hsr0' with parent '/' already present! [ 266.867887][ T8795] 8021q: adding VLAN 0 to HW filter on device team0 [ 266.888273][ T8828] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.913193][ T8828] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.959216][ T8828] device bridge_slave_1 entered promiscuous mode [ 267.185044][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 267.206165][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready 12:10:23 executing program 0: r0 = socket(0x10, 0x2, 0x0) sendto(r0, &(0x7f0000000900)="120000001200e7ef077b1a3fcd00000200a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f0000000140)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380), 0x8, &(0x7f0000002400)=""/191, 0x1f9}}], 0x4000000000001de, 0x6, &(0x7f0000003700)={0x77359400}) r1 = socket(0x2, 0x3, 0x67) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x52c) sendto$unix(r1, &(0x7f0000000180)="210000d9", 0xff25, 0x4008000, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendto$unix(r1, 0x0, 0x31f, 0x80, &(0x7f0000000240)=@abs={0x1, 0x0, 0xd1000e3}, 0xfffffffffffffff6) [ 267.293488][ T8841] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.300603][ T8841] bridge0: port 1(bridge_slave_0) entered forwarding state [ 267.423709][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 267.432492][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 267.530304][ T8946] raw_sendmsg: syz-executor.0 forgot to set AF_INET. Fix it! [ 267.583603][ T8841] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.590708][ T8841] bridge0: port 2(bridge_slave_1) entered forwarding state [ 267.726298][ T8828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.873498][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 267.881547][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 267.973943][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 268.047381][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 268.132315][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 268.206664][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 268.276487][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 268.354599][ T8828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 268.440574][ T8800] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.506602][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 268.537642][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 268.601287][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 268.680172][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 268.723825][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 12:10:24 executing program 0: syz_emit_ethernet(0x1, &(0x7f0000000000)=ANY=[@ANYRESHEX], 0x0) [ 268.851017][ T8828] team0: Port device team_slave_0 added [ 268.982903][ T8795] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 269.002860][ T8798] 8021q: adding VLAN 0 to HW filter on device bond0 [ 269.059009][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 269.077945][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 12:10:24 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000200)=0x5, 0x4) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c) [ 269.117715][ T8800] 8021q: adding VLAN 0 to HW filter on device team0 [ 269.201544][ T8828] team0: Port device team_slave_1 added [ 269.232336][ T8798] 8021q: adding VLAN 0 to HW filter on device team0 12:10:25 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x40000, 0x0) ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={'rose', 0x0}, 0x3, [@default, @null, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 269.280767][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 269.303963][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 269.339958][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 269.380514][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 269.420261][ T8844] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.427458][ T8844] bridge0: port 1(bridge_slave_0) entered forwarding state [ 269.471908][ T8979] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 269.488381][ T8795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 269.550659][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 269.563511][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 269.585995][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 269.616313][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 269.626248][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 269.638297][ T8844] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.645424][ T8844] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.659574][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 269.719867][ T8824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 269.731985][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 269.743728][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 269.752255][ T8846] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.759730][ T8846] bridge0: port 1(bridge_slave_0) entered forwarding state [ 269.771354][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 269.781394][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 269.790305][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 269.798986][ T8846] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.806091][ T8846] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.814843][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 269.824071][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 269.832621][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 269.841837][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 269.850568][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 269.859262][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 12:10:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0300a1695e1dcfe87b1071") r1 = socket$inet6(0xa, 0x3, 0x1) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x800, 0x0, @mcast2, 0x9}, 0x1c) setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f00000000c0)=ANY=[@ANYBLOB="000400130000000000010005020000000000000000000009000000000000040100efff"], 0x28) sendmmsg(r1, &(0x7f00000092c0), 0x400000000000064, 0x0) [ 269.868638][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 269.877467][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 269.945723][ T8828] device hsr_slave_0 entered promiscuous mode [ 269.993608][ T8828] device hsr_slave_1 entered promiscuous mode [ 270.043182][ T8828] debugfs: Directory 'hsr0' with parent '/' already present! [ 270.057089][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 270.067399][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 270.075618][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 270.089235][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 270.099242][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 270.108844][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 270.118147][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 270.129306][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 270.137551][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 270.146197][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 270.155257][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 270.167366][ T8798] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 270.180927][ T8798] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 12:10:25 executing program 0: r0 = socket(0x1000000000000010, 0x2, 0x0) write(r0, &(0x7f0000000180)="220000001500070500e80000004c030502040303010000000800060041024fc10768", 0x22) socket(0x0, 0x0, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, 0x0, 0x0) r1 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x6, 0x10000) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$BLKRRPART(r3, 0x125f, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000100)={{0x1f, 0x3}, {0x40, 0x2}, 0x7fff, 0xccedf39fcd30d013, 0x9}) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r5, 0x400454cd, 0x334) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_ifreq(r4, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00^\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) bind$alg(0xffffffffffffffff, 0x0, 0x0) [ 270.198384][ T8824] 8021q: adding VLAN 0 to HW filter on device team0 [ 270.221076][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 270.255824][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 270.270737][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 270.280145][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 270.290574][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 270.301674][ T8926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 270.310555][ T8926] bridge0: port 1(bridge_slave_0) entered blocking state [ 270.317700][ T8926] bridge0: port 1(bridge_slave_0) entered forwarding state [ 270.387121][ T8800] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 270.424152][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 270.442801][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 270.465509][ T9008] input: syz1 as /devices/virtual/input/input5 [ 270.483846][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 270.492322][ T8841] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.499461][ T8841] bridge0: port 2(bridge_slave_1) entered forwarding state [ 270.510349][ C0] hrtimer: interrupt took 28647 ns [ 270.577581][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 270.633332][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 270.645691][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 270.708455][ T8798] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 270.775344][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 12:10:26 executing program 1: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(0xffffffffffffffff, 0xc040563d, &(0x7f0000000140)={0x3, 0x0, 0x100, 0x2, {0x4, 0xffff, 0x1, 0x1}}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0xe1a198ff8f708288) getsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='erofs\x00', 0x0, 0x0) readlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)=""/69, 0x305) [ 271.174591][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 271.191270][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 271.220794][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 271.248672][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 271.275194][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 271.299566][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 271.329899][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 271.359091][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 271.390342][ T8824] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 271.424987][ T3509] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 271.491310][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 271.532023][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 271.583668][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 271.591279][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 271.689773][ T8800] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 271.722507][ T8824] 8021q: adding VLAN 0 to HW filter on device batadv0 12:10:27 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@ipv4={[], [], @multicast2}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x12ef4addf03930b6, 0x0, 0x0, 0x67}, {0x0, 0x7, 0x9, 0x3}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x3c}, 0x0, @in6=@rand_addr="005a6128b45dbe9dcbf765a1b416cc17"}}, 0xfffffffffffffdd2) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 271.844435][ T8828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.920475][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 271.934833][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 271.950301][ T8828] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.987935][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 271.999836][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 272.040022][ T2935] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.047265][ T2935] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.110520][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 272.129583][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 272.162441][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 272.197819][ T8846] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.204959][ T8846] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.221673][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 272.231005][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 272.240333][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 272.250394][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 272.261874][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 272.287756][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 272.297352][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 272.317771][ T8828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 272.333639][ T8828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 272.348870][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 272.374680][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready 12:10:28 executing program 3: perf_event_open(&(0x7f00000003c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x97138075a81f9917, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x1, 0x1b, &(0x7f0000000b00)=[{&(0x7f0000000080)="c278455beed0b0c448ce459659e8387e9c702b21c45d3de6dbc1e58826ec72ea4729ca26660e7484012cc12395cd3bb9b6bd4d47925f85bed432c5b74f4d1a223c57727bf87df5fe34de38fa0be14a1afdd8a223279ef3a90f21adb3f8c6", 0x0, 0x80000001}, {&(0x7f0000000100)="b2ab62e2221ecd6a5cb5f066e15067444173c0638ee4c25c2e51ab01ceb2e9102cc5c6e414add7c788071015968e2e75bbe8b927fe39e18246112f405100823b01c270458b56a2f89300b5efcbd76ad93dfad7697b616ef8d71f271ae2d909d847696d3449cb5d789cc4c7e64b", 0x0, 0x4}, {&(0x7f0000000180)="9702904908933f3c297ce8b875342d50067f8d98152e8a316a812f6a4cfe39bba6494d023c7d67ddd71da31c076ad1f449bf3e968c7dae5642ef15716e4e1ea5d6086150185263ebe26b9a61c88fdcc12fda6065ac852075b62c1034df094b6f5eb3dbbcca24604821fba209d27d5d01ace39d526a6d28655a32af785dfaa23f0cb80715359a980429b4cc1bcca92c67abdc", 0x0, 0x80}, {&(0x7f0000000240)="72f764124cb8d40ece73782eddd766de796fd95b02753b0375be9080e61ae11d3553e24a073e481c8dae8af654a5002c8c10e6d11f36ca5c4368535e5c80a389a627aa4a320070dbec0b7324050639e0f58e28f66831be40d8772fb862c83b7c6d067058175fd82ac0ab50", 0x0, 0x9}, {&(0x7f00000002c0)="e72082f176161d69f90f2eed11c8adb9ff7aea1bec4fe27f66b7333480a2addb8b53a51f175109276004729fc7dd129b4c829bd7e81c2c56c996cebe5bac2d18c864b974dfa891f117381e031bac27d769c903a8202a2a28bad034d431f439fae616517c9e91f30e12c63f8717097ed62ec9235a1617fb14e2b383532ae274c02b", 0x0, 0x3}, {&(0x7f0000000a40)="a5c6b9c987f2b3f68e8eb48d974e9638c2905f71bde2ef73232635e2850fc78430c6756f36ec9c4ea29e1251c25626b11603fbde97d71b6a321b44122093368a872c197c44f4d59b32938517fd89f8156db656395e113b518a8c6d50cdda37a2fbd905556e7e22684e8b844cf41a6f2a22318614b14ba933cc556cc536a0b2c7bb6656ca8db1613e3b0e1fccd2f95d2f9839602f704dc9702a440541bee4e2e33556820b9f59dfa8b2f4cf078d0f29284e7b", 0x0, 0x4}, {&(0x7f0000000380)="80cb673460b8f11eb0"}]) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) io_uring_enter(r1, 0x0, 0x2, 0x1, &(0x7f0000000000)={0x3}, 0x8) 12:10:28 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000080), 0x0) [ 272.388314][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 272.397147][ T8846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 272.415812][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 272.443578][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 272.451103][ T2935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 272.472782][ T8828] 8021q: adding VLAN 0 to HW filter on device batadv0 12:10:28 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0xfffffffffffffc57, 0x0, 0x0, 0x0, 0x274}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x8000000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)) socketpair$unix(0x1, 0x6, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setresuid(0x0, r1, 0x0) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000300)) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rtc0\x00', 0x100, 0x0) open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x18a, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/igmp6\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x800000) 12:10:28 executing program 3: mkdir(&(0x7f0000639000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000880)='./file0\x00', &(0x7f0000000380)='ramfs\x00', 0x10040, 0x0) mount(&(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='exfat\x00', 0x800, 0x0) r0 = creat(&(0x7f0000139000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x8040, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f00000000c0)={0x9ba1, 0x5, 0x9, 0x7, 0x101}) r2 = creat(&(0x7f0000139000)='./file0/bus\x00', 0x0) r3 = creat(&(0x7f0000e8f000)='./file0/bus\x00', 0x0) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/audio\x00', 0x1202, 0x0) ioctl$CAPI_CLR_FLAGS(r4, 0x80044325, &(0x7f0000000240)=0x1) dup2(r2, r3) write$P9_RCREATE(r0, &(0x7f0000000040)={0x6171ca2a72de7957}, 0xfdef) r5 = syz_open_dev$dspn(&(0x7f00000001c0)='/dev/dsp#\x00', 0x50000000000, 0x200) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) creat(&(0x7f0000139000)='./file0/bus\x00', 0x0) 12:10:28 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x28, &(0x7f00000005c0)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9dbafdc0a00e9bfde51afe9c81a9cf05725caf1cae63487d70c028dcde5c0198e4796e2c43f6b8fd41b7e76662db41543b7185a4650732b48588a84f8347a1b5efd0791e750effef0a58637038277beb5e0615c40dbb7006ea716bb5b94bdab4cfd808f25bfc91c15d7dc2adcdefba065af283792104d628063a7f14ab13064868942577d8953191eeb79379829652b10737d4e25a22695df1cff25340af4fc990000099fff70b24f8228bd07741c710ebde4bf17dc8f3259ec78e5b39515991b1428faf2d37919c1398f35aa2073f4c69d97a312e45eb76f1b2c8fea54fb3726850310bd480355921c9c0c120d049000b3190974f06e53eb9e0000cc4bd12f5d44b172a4a281ced161c40784e62a8af72bb3fd2656551881b945861d8f3eb0a543de4c71e4f306767a70e371398069eb701ed1229439cf8a1b1b0662f9aaa6cd0720295465df614b006795fa8df5254a2940d4034c6ec286deddbce79ac6f2b2a3d814b2e0d373adb1ac27c48d0dfcb218764f045c64ffce0c44949c3e56ec1934e305659e09de8e3cc48211859d4beb88b4e0042e35346c8c070b924eb176e80e01ea"], &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x4d2fbf7ff5012790, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x4}, 0x10}, 0x70) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x12, 0xffffff89, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8640888a8", 0x0, 0x1200}, 0x28) r1 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x43, 0x100) ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000140)=0x2000) 12:10:28 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfa\x81\x00\x00\x00\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7.\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r3 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) r4 = dup2(r3, r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$UHID_CREATE2(r4, &(0x7f0000000840)=ANY=[@ANYBLOB="0500000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000059435af5a83f95d9d0ced664ca5ee100000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000005030e030f28f10aa57303e508d1b545a0000000000000000000000000000000060000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000"/263], 0x118) accept$packet(r4, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000003c0)=0x14) mknod(&(0x7f0000000040)='./bus\x00', 0x0, 0x663) add_key$user(&(0x7f0000000380)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000400)='X', 0x1, 0xfffffffffffffffe) r5 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r5, &(0x7f0000004000)=[{{&(0x7f0000000040)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}, {{&(0x7f0000000840)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000070000004404060044040000d20e678cf2f7838417f969cfc6cf9d6ba7eea76f9177d708cc495739f0c638839262"], 0x18}}], 0x2, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r10, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd00010000000000", @ANYRES32=0x0, @ANYBLOB="e6d2759622f87074763ef8c3c6b0915ec1d32cd4fd6367e4d59c98610ebbf4ba2eb2a35b08ff338832ca84b13a719c053724c5666747ea7723ef96ff4508ed4fcff49b3ce469c2a538e65fc994c45b"], 0x48}}, 0x0) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x845, 0x0, 0x0, {0x0, 0x0, 0x0, r10}, [@IFLA_PROTO_DOWN={0x8, 0xa, 0x10}]}, 0x28}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0x20, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r10, 0x20003}}, 0x20}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000003d80)={'team0\x00', r10}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000003dc0)={'team0\x00', r11}) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) clone(0x7fd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) 12:10:28 executing program 5: pipe2(&(0x7f0000000000), 0x0) r0 = socket$kcm(0x2b, 0x8000000000001, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair(0x1d, 0x3, 0x1, &(0x7f0000000040)) 12:10:28 executing program 1: mount(0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x75, 0x0) r1 = socket(0x2000000000000021, 0x2, 0x2) dup2(r1, r0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x5, 0x1) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x20000, 0x0) r3 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfa\x81\x00\x00\x00\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7.\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) r5 = dup2(r4, r3) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$UHID_CREATE2(r5, &(0x7f0000000840)=ANY=[@ANYBLOB="0500000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000059435af5a83f95d9d0ced664ca5ee100000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000005030e030f28f10aa57303e508d1b545a0000000000000000000000000000000060000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000"/263], 0x118) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r5) [ 272.788391][ T9102] [EXFAT] trying to mount... 12:10:28 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x180800) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffc}, 0x1000, 0xfffffffffffffffd}, 0x0, 0xfffffffffffffffc, r0, 0x0) r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) close(r1) writev(0xffffffffffffffff, 0x0, 0x0) pipe(0x0) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x0, 0x0) r3 = fcntl$getown(0xffffffffffffffff, 0x9) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f00000000c0)={{0x8, 0x5, 0xffffffff, 0x4, '\x00', 0x3}, 0x5, 0x30, 0x1, r3, 0x5, 0x5, 'syz0\x00', &(0x7f0000000080)=['syz', 'syz', 'keyring\x00', '{-vmnet1$vboxnet1&^]\x00', 'syz'], 0x26, [], [0x3, 0x7, 0x2, 0x120]}) add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f0000000240)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd) syz_genetlink_get_family_id$ipvs(0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) r4 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfa\x81\x00\x00\x00\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7.\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r5 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) r6 = dup2(r5, r4) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) r7 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r7, &(0x7f0000004000)=[{{&(0x7f0000000040)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}, {{&(0x7f0000000840)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x18, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x6}, @timestamp={0x44, 0x4}]}}}], 0x18}}], 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r7, 0x0, 0x484, &(0x7f0000000340)=""/149, &(0x7f0000000440)=0x95) write$UHID_CREATE2(r6, &(0x7f0000000840)=ANY=[@ANYBLOB="0500000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000059435af5a83f95d9d0ced664ca5ee100000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000005030e030f28f10aa57303e508d1b545a0000000000000000000000000000000060000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000"/263], 0x118) setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000200)=@req3={0xfffffff8, 0x8, 0x6, 0x6, 0x200, 0x4, 0x1}, 0x1c) 12:10:28 executing program 0: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x1, 's\x8dz_tun\x00'}, 0xffffffffffffffbc) add_key(&(0x7f0000000080)='ceph\x00', &(0x7f0000000040)={'\xff\xff\xfe'}, &(0x7f0000000000), 0x1fe, 0xffffffffffffffff) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x10200, 0x0) ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000200)=0x1) r1 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x100000000, 0x101000) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000100)={0x3, 0x0, [{0x2, 0x2, 0x0, 0x0, @msi={0x6, 0x80000000, 0x6}}, {0x2e, 0x2, 0x0, 0x0, @sint={0x1, 0x6}}, {0xb14, 0x3, 0x0, 0x0, @adapter={0x3, 0x100000000, 0x1, 0x5, 0x5}}]}) [ 272.873737][ T2501] block nbd3: Attempted send on invalid socket [ 272.880330][ T2501] blk_update_request: I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 272.908007][ T9102] ------------[ cut here ]------------ 12:10:28 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x74, &(0x7f0000013ff4)=@assoc_value, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x20000000000000a, 0x2, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r1, &(0x7f0000004000)=[{{&(0x7f0000000040)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}, {{&(0x7f0000000840)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x18, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x6}, @timestamp={0x44, 0x4}]}}}], 0x18}}], 0x2, 0x0) r2 = accept4$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, &(0x7f00000000c0)=0x1c, 0x80000) getsockopt$inet6_opts(r2, 0x29, 0x35, &(0x7f0000000100)=""/38, &(0x7f0000000140)=0x26) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, 0x0) getsockopt$sock_buf(r0, 0x1, 0x29, &(0x7f0000b56f40)=""/192, &(0x7f0000004ffc)=0xc0) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r4 = openat$cgroup_int(r3, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r4, &(0x7f0000000700), 0x100000000000000c) [ 272.966432][ T9102] [EXFAT] No bh, device seems wrong or to be ejected. [ 273.003714][ T9102] WARNING: CPU: 0 PID: 9102 at drivers/staging/exfat/exfat_blkdev.c:62 bdev_read+0x258/0x2b0 [ 273.013907][ T9102] Kernel panic - not syncing: panic_on_warn set ... [ 273.020508][ T9102] CPU: 0 PID: 9102 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0 [ 273.028317][ T9102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.038378][ T9102] Call Trace: [ 273.041768][ T9102] dump_stack+0x197/0x210 [ 273.046113][ T9102] ? bdev_read+0x1a0/0x2b0 [ 273.050548][ T9102] panic+0x2e3/0x75c [ 273.054451][ T9102] ? add_taint.cold+0x16/0x16 [ 273.059165][ T9102] ? __kasan_check_write+0x14/0x20 [ 273.064290][ T9102] ? __warn.cold+0x14/0x35 [ 273.064956][ T3900] kobject: 'loop1' (000000001c060796): kobject_uevent_env [ 273.068710][ T9102] ? bdev_read+0x258/0x2b0 [ 273.080844][ T9102] __warn.cold+0x2f/0x35 [ 273.085099][ T9102] ? bdev_read+0x258/0x2b0 [ 273.089528][ T9102] report_bug+0x289/0x300 [ 273.093861][ T9102] do_error_trap+0x11b/0x200 [ 273.098491][ T9102] do_invalid_op+0x37/0x50 [ 273.103122][ T9102] ? bdev_read+0x258/0x2b0 [ 273.107591][ T9102] invalid_op+0x23/0x30 [ 273.111757][ T9102] RIP: 0010:bdev_read+0x258/0x2b0 [ 273.116106][ T3900] kobject: 'loop1' (000000001c060796): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 273.116783][ T9102] Code: ff df 80 3c 02 00 0f 84 51 ff ff ff 4c 89 e7 e8 fe bf 39 fc e9 44 ff ff ff e8 e4 5c fe fb 48 c7 c7 20 08 3d 88 e8 20 8f cf fb <0f> 0b eb 8a e8 df be 39 fc e9 17 fe ff ff e8 15 bf 39 fc e9 99 fe [ 273.138406][ T9122] IPVS: length: 149 != 24 [ 273.147552][ T9102] RSP: 0018:ffff888059e9fad0 EFLAGS: 00010282 [ 273.147564][ T9102] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 273.147572][ T9102] RDX: 000000000002c799 RSI: ffffffff815cc846 RDI: ffffed100b3d3f4c [ 273.147580][ T9102] RBP: ffff888059e9fb10 R08: ffff88809b0c6200 R09: ffffed1015d06159 [ 273.147587][ T9102] R10: ffffed1015d06158 R11: ffff8880ae830ac7 R12: 0000000000000000 [ 273.147594][ T9102] R13: ffff88805d740000 R14: 0000000000000001 R15: 0000000000000200 [ 273.147623][ T9102] ? vprintk_func+0x86/0x189 [ 273.147647][ T9102] sector_read+0x156/0x1e0 [ 273.147666][ T9102] exfat_fill_super.cold+0x4d6/0xdba [ 273.147681][ T9102] ? exfat_read_root+0x8d0/0x8d0 [ 273.147705][ T9102] ? vsprintf+0x40/0x40 [ 273.221534][ T9102] ? wait_for_completion+0x440/0x440 [ 273.226832][ T9102] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 273.232559][ T9102] ? set_blocksize+0x2bf/0x340 [ 273.237342][ T9102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.243599][ T9102] mount_bdev+0x304/0x3c0 [ 273.247941][ T9102] ? exfat_read_root+0x8d0/0x8d0 [ 273.252906][ T9102] exfat_fs_mount+0x35/0x40 [ 273.257414][ T9102] ? exfat_remount+0x50/0x50 [ 273.262014][ T9102] legacy_get_tree+0x108/0x220 [ 273.268028][ T3900] kobject: 'loop5' (000000009a30cabc): kobject_uevent_env [ 273.268548][ T9102] vfs_get_tree+0x8e/0x300 [ 273.280035][ T9102] do_mount+0x143d/0x1d10 [ 273.284391][ T9102] ? copy_mount_string+0x40/0x40 [ 273.289345][ T9102] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 273.295595][ T9102] ? _copy_from_user+0x12c/0x1a0 [ 273.300550][ T9102] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 273.306810][ T9102] ? copy_mount_options+0x2e8/0x3f0 12:10:28 executing program 1: mount(0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x75, 0x0) r1 = socket(0x2000000000000021, 0x2, 0x2) dup2(r1, r0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x5, 0x1) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x20000, 0x0) r3 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfa\x81\x00\x00\x00\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7.\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) r5 = dup2(r4, r3) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$UHID_CREATE2(r5, &(0x7f0000000840)=ANY=[@ANYBLOB="0500000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000059435af5a83f95d9d0ced664ca5ee100000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000005030e030f28f10aa57303e508d1b545a0000000000000000000000000000000060000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000"/263], 0x118) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r5) [ 273.307743][ T3900] kobject: 'loop5' (000000009a30cabc): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 273.312014][ T9102] ksys_mount+0xdb/0x150 [ 273.312033][ T9102] __x64_sys_mount+0xbe/0x150 [ 273.312053][ T9102] do_syscall_64+0xfa/0x760 [ 273.312076][ T9102] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.330912][ T9124] IPVS: length: 149 != 24 [ 273.331097][ T9102] RIP: 0033:0x45a219 [ 273.349659][ T9102] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 273.369269][ T9102] RSP: 002b:00007ffb2c1b2c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 273.377694][ T9102] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045a219 [ 273.385683][ T9102] RDX: 0000000020000180 RSI: 0000000020000140 RDI: 0000000020000100 [ 273.393666][ T9102] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 273.401644][ T9102] R10: 0000000000000800 R11: 0000000000000246 R12: 00007ffb2c1b36d4 [ 273.409648][ T9102] R13: 00000000004c6d95 R14: 00000000004dc508 R15: 00000000ffffffff [ 273.419487][ T9102] Kernel Offset: disabled [ 273.423902][ T9102] Rebooting in 86400 seconds..