[  229.591204][ T2893] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  229.662682][ T2893] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:61404' (ECDSA) to the list of known hosts.
1970/01/01 00:04:29 fuzzer started
1970/01/01 00:04:40 dialing manager at localhost:38261
1970/01/01 00:04:43 syscalls: 2768
1970/01/01 00:04:43 code coverage: enabled
1970/01/01 00:04:43 comparison tracing: enabled
1970/01/01 00:04:43 extra coverage: enabled
1970/01/01 00:04:43 setuid sandbox: enabled
1970/01/01 00:04:43 namespace sandbox: enabled
1970/01/01 00:04:43 Android sandbox: /sys/fs/selinux/policy does not exist
1970/01/01 00:04:43 fault injection: enabled
1970/01/01 00:04:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:04:43 net packet injection: enabled
1970/01/01 00:04:43 net device setup: enabled
1970/01/01 00:04:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:04:43 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:04:43 USB emulation: enabled
1970/01/01 00:04:43 hci packet injection: /dev/vhci does not exist
1970/01/01 00:04:43 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:04:43 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:04:48 fetching corpus: 50, signal 24496/26110 (executing program)
1970/01/01 00:04:50 fetching corpus: 100, signal 30682/33668 (executing program)
1970/01/01 00:04:52 fetching corpus: 150, signal 35241/39538 (executing program)
1970/01/01 00:04:54 fetching corpus: 200, signal 37854/43448 (executing program)
1970/01/01 00:04:56 fetching corpus: 250, signal 41841/48458 (executing program)
1970/01/01 00:04:58 fetching corpus: 300, signal 44108/51806 (executing program)
1970/01/01 00:05:00 fetching corpus: 350, signal 47343/55938 (executing program)
1970/01/01 00:05:03 fetching corpus: 400, signal 49158/58725 (executing program)
1970/01/01 00:05:05 fetching corpus: 450, signal 51227/61714 (executing program)
1970/01/01 00:05:06 fetching corpus: 500, signal 52122/63632 (executing program)
1970/01/01 00:05:08 fetching corpus: 550, signal 54517/66768 (executing program)
1970/01/01 00:05:10 fetching corpus: 600, signal 56865/69830 (executing program)
1970/01/01 00:05:13 fetching corpus: 650, signal 58909/72557 (executing program)
1970/01/01 00:05:15 fetching corpus: 700, signal 60604/74909 (executing program)
1970/01/01 00:05:18 fetching corpus: 750, signal 61503/76646 (executing program)
1970/01/01 00:05:20 fetching corpus: 800, signal 62469/78367 (executing program)
1970/01/01 00:05:22 fetching corpus: 850, signal 64322/80700 (executing program)
1970/01/01 00:05:24 fetching corpus: 900, signal 65729/82639 (executing program)
1970/01/01 00:05:25 fetching corpus: 950, signal 66894/84442 (executing program)
1970/01/01 00:05:27 fetching corpus: 1000, signal 68519/86446 (executing program)
1970/01/01 00:05:30 fetching corpus: 1050, signal 69327/87884 (executing program)
1970/01/01 00:05:31 fetching corpus: 1100, signal 70275/89372 (executing program)
1970/01/01 00:05:33 fetching corpus: 1150, signal 71462/90985 (executing program)
1970/01/01 00:05:35 fetching corpus: 1200, signal 72303/92372 (executing program)
1970/01/01 00:05:38 fetching corpus: 1250, signal 74237/94333 (executing program)
1970/01/01 00:05:40 fetching corpus: 1300, signal 75014/95593 (executing program)
1970/01/01 00:05:42 fetching corpus: 1350, signal 75679/96774 (executing program)
1970/01/01 00:05:43 fetching corpus: 1400, signal 76777/98145 (executing program)
1970/01/01 00:05:45 fetching corpus: 1450, signal 78505/99793 (executing program)
1970/01/01 00:05:47 fetching corpus: 1500, signal 79233/100897 (executing program)
1970/01/01 00:05:49 fetching corpus: 1550, signal 80017/101978 (executing program)
1970/01/01 00:05:50 fetching corpus: 1600, signal 81629/103500 (executing program)
1970/01/01 00:05:52 fetching corpus: 1650, signal 82462/104592 (executing program)
1970/01/01 00:05:54 fetching corpus: 1700, signal 83458/105775 (executing program)
1970/01/01 00:05:56 fetching corpus: 1750, signal 84038/106717 (executing program)
1970/01/01 00:05:58 fetching corpus: 1800, signal 84451/107552 (executing program)
1970/01/01 00:05:59 fetching corpus: 1850, signal 84986/108426 (executing program)
1970/01/01 00:06:01 fetching corpus: 1900, signal 85545/109284 (executing program)
1970/01/01 00:06:04 fetching corpus: 1950, signal 86326/110211 (executing program)
1970/01/01 00:06:06 fetching corpus: 2000, signal 87006/111027 (executing program)
1970/01/01 00:06:07 fetching corpus: 2050, signal 87619/111835 (executing program)
1970/01/01 00:06:08 fetching corpus: 2095, signal 87964/112519 (executing program)
1970/01/01 00:06:08 fetching corpus: 2095, signal 87964/113093 (executing program)
1970/01/01 00:06:09 fetching corpus: 2095, signal 87964/113625 (executing program)
1970/01/01 00:06:09 fetching corpus: 2095, signal 87964/114204 (executing program)
1970/01/01 00:06:09 fetching corpus: 2095, signal 87964/114772 (executing program)
1970/01/01 00:06:09 fetching corpus: 2095, signal 87964/115330 (executing program)
1970/01/01 00:06:09 fetching corpus: 2095, signal 87964/115932 (executing program)
1970/01/01 00:06:09 fetching corpus: 2095, signal 87964/116512 (executing program)
1970/01/01 00:06:09 fetching corpus: 2095, signal 87964/117105 (executing program)
1970/01/01 00:06:10 fetching corpus: 2095, signal 87964/117746 (executing program)
1970/01/01 00:06:10 fetching corpus: 2095, signal 87964/118337 (executing program)
1970/01/01 00:06:10 fetching corpus: 2095, signal 87964/118916 (executing program)
1970/01/01 00:06:10 fetching corpus: 2095, signal 87964/119469 (executing program)
1970/01/01 00:06:10 fetching corpus: 2095, signal 87964/120009 (executing program)
1970/01/01 00:06:10 fetching corpus: 2095, signal 87964/120563 (executing program)
1970/01/01 00:06:10 fetching corpus: 2095, signal 87964/121130 (executing program)
1970/01/01 00:06:11 fetching corpus: 2095, signal 87964/121674 (executing program)
1970/01/01 00:06:11 fetching corpus: 2095, signal 87964/122249 (executing program)
1970/01/01 00:06:11 fetching corpus: 2095, signal 87964/122849 (executing program)
1970/01/01 00:06:11 fetching corpus: 2095, signal 87964/123400 (executing program)
1970/01/01 00:06:11 fetching corpus: 2095, signal 87964/123823 (executing program)
1970/01/01 00:06:11 fetching corpus: 2095, signal 87964/123823 (executing program)
1970/01/01 00:07:35 starting 2 fuzzer processes
00:07:52 executing program 0:
r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x40f4, 0x4400)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080)='SMC_PNETID\x00', 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r1, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x4044014)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000180)={0x0, 0xd528, 0x3, 0x9, 0x8, 0x7}, &(0x7f00000001c0)=0x14)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000200))
close(r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280)='802.15.4 MAC\x00', 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r3, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x34}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/net/pfkey\x00', 0x80000, 0x0)
fcntl$F_GET_FILE_RW_HINT(r5, 0x40d, &(0x7f00000003c0))
close(r5)
write$dsp(r5, &(0x7f0000000400)="93ae7b5c4e8ba3841514681c2dc1d20d2e8d56495b91e9b5214b7a0e6b1b672ba558b01ce2f15abe95c0a4267c2e6fd1b37b22056b6dee642e8f1a02bbcb628db7dbf87494845b839302cd4d99e184546a574250856d68ce580e04a742d3936696df3a1ce23e93e9e8807db95dfb9010bbb24f0d857332768758a99ec51fba35205c07936713bc563d727008f7de47da42bc2cc1e5419c984ee77953d6f4ae8de8a38cddb2cdb381c6a73b40a5a088c7503a61413ae18ac8eea89ee9dcaa561e76a58b6b09823e861cac4c244776769988b363", 0xd3)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, 0x0, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@GTPA_NET_NS_FD={0x8}]}, 0x1c}}, 0x0)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640)='nl802154\x00', r4)
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000680)=<r7=>0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x34, r6, 0x400, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_PID={0x8, 0x1c, r7}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000003}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0)='nl80211\x00', r5)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f00000008c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x58, r8, 0x100, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x18}}}}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_IE={0x7, 0x2a, [@sec_chan_ofs={0x3e, 0x1, 0x2}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0x4800}, 0x4000000)

00:08:13 executing program 1:
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000000)={"ac6c48c12c7d23881eb08d25d680f199", <r0=>0x0, 0x0, {0xfc, 0x3}, {0x4, 0x1}, 0x1, [0x9123a9b, 0xff, 0x1, 0x9, 0x3, 0x40, 0x5, 0x40cf, 0x7ff, 0x1f, 0x0, 0x8c61, 0x2, 0x73d9, 0x7, 0x5]})
ioctl$USBDEVFS_GET_SPEED(0xffffffffffffffff, 0x551f)
sync_file_range(0xffffffffffffffff, 0xffffffffffffff80, 0x7ff, 0x3)
ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, &(0x7f0000000100))
r1 = open_tree(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x88001)
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000180)=0x97)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x800, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x48, 0x140b, 0x2, 0x70bd26, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_RES_CM_IDN={0x8, 0x3f, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_RES_CM_IDN={0x8, 0x3f, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_CM_IDN={0x8, 0x3f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4080}, 0x4004000)
ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f0000000340)={0x0, 0x114, 0x1, [0x7ff, 0x7f, 0x238c, 0x9, 0x3], [0x100, 0x374, 0xfff, 0x5, 0x8, 0x0, 0x400, 0x1, 0xfffffffffffffe01, 0x200, 0x7, 0x101, 0x3f, 0xffffffffffff9a3b, 0x5, 0x100000001, 0x1, 0x5, 0x4, 0x8, 0x4, 0x100000000, 0x1, 0xffffffff, 0x3, 0xc0, 0x6, 0x80000001, 0xb5c, 0x8, 0x1, 0x4, 0x0, 0x9, 0x0, 0x80, 0x8, 0x4, 0x2, 0x6, 0x37, 0xfffffffffffffffd, 0x55b, 0x6, 0xb919, 0x8204, 0x400000000000, 0xfff, 0x0, 0x800, 0x0, 0x8001, 0x101, 0x0, 0x6, 0x7, 0x101, 0x1ff, 0x100000000, 0x5, 0x9, 0xff, 0x200, 0x40, 0x1, 0x40, 0x80, 0x8, 0x5fa, 0x1, 0x80, 0x8, 0x8, 0x7, 0x2, 0x7, 0x0, 0x9, 0x2, 0x0, 0x9, 0x7, 0x101, 0x2b668fdc, 0xfff, 0x2, 0x8000, 0x3, 0x100, 0x7ff, 0x5, 0x5, 0x7, 0xb6, 0x9, 0x3, 0x180000, 0x5, 0xc0f7, 0x8001, 0x1, 0x0, 0x5, 0x73e, 0x0, 0x6, 0xd277, 0x1, 0x1000, 0x46ea, 0x22e5, 0xffffffff7fffffff, 0x2, 0x6955712, 0xffffffffffffe70d, 0x1, 0x50, 0x0, 0x2, 0x1, 0x5]})
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000780)='/dev/loop-control\x00', 0x2000, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f00000007c0))
r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000800)='/dev/ttynull\x00', 0x402080, 0x0)
ioctl$TIOCSIG(r4, 0x40045436, 0x1d)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r4, 0x8008f513, &(0x7f0000000840))
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000880)='/dev/uhid\x00', 0x1, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snd/seq\x00', 0x80000)
splice(r5, &(0x7f00000008c0)=0x29, r6, &(0x7f0000000940)=0x697000, 0x2, 0x1)
write$UHID_CREATE2(r2, &(0x7f0000000980)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x1000, 0x1, 0x7f, 0x0, 0x1, 0x4, "815df063fce269f907f6daebc0781d7584afb81fb41b89757efe1e948a8a374e05acc33ad164bc5ed54fe57fd826e8f2e998f6e442ea248a49ff5a15f01ce34c9467500a5d44d41c30d8d6c3a18037442c1abc84ce1edbe4a3138f46d6fcd79bbebc42c1c695163a63e6f6423b43f18a3a4a6f6631dfb9d25d3380e5fbb30537572b4028314aacd83ecba6088ba7a50806f6570efc9af852900744b0505067b9bdeb61798208ed260d96252d49fb8adf5515907eda20ea8201a4b58e2bbf7ebe811bf85ebf14937a4d034f18fc66967a96c2edb1f048b7055de5a81bce670264e695adeb2e1065c3d78405715211a23b2ece7a29066c2f7fb46960c43664c1cfea7bb885943832bbc58833dd0f284eb144e1249b2f8c46ea44d14750ee85ac57afa6cd0bd3568a52b864b6a364ef450e9b5788df8c0d200f751783279e38c8d2e6855df727ecdf740acbb3944a2ffaab14075aaf05021cfa1431ea4232351eb155e8dcd351cc84d8e14fedfac327e333c398ffde0a28d1756af3380a8b06e235803767d49444f8c741a024cbab8c736be02f2328c0f038a1ecde6eb9cbad928653035be43a20ceddba5b9ac31b34016357210a0e9ada2730bd95eaa4b7bbed970fe74cfbb15bbae75e0dc47ef376848d753b1627d81496c6abf67d3fd0783ad685396b18eec3708664720f2ad2ac0243cdf3ca91c78b3f3402fea102938464764b7e2614df53f73dd398bfaa3cf2a8cf5087494f57533ee6e2cf48cf4c319e6c9d0560b94a0797cfe61748e88d84b8a60c1bfab19c268b9f25019e9b9e01bcb1b2cda6e39177098614a01bdb11a6a5a8b113bd5224433dce3c432f4df362a07b09046a57916ffb24f0ee1daabb4faaa3600d0890eedb4102d700e37784fa76e8df87d2d042c787a6c44f73103174f9cbce771ba9beb8cf42c79cb614e88fd808d2313a806c950c687ac2a2103a02f1bea110882902150572f04aa271bff2cfbf2099e3d1a4b0148b16b4d725e7a94628e17f4d7edb6b2d181adff2c032f8addcb9b564477285edd59252fe09e6758041ccdc4767b3e715008ea822607a3966c02e2e6c4d9ab4b24dcb272bebfe1e63b98cdcfd0134cad5f8e28927eb69bbb129ea49e60964ebcd8bea31e84535e2ab352e8ab75102020cf5b58e3316508fe89e3cb90629c102e963242b72f1ad403dea7f2df6ad50c0f6bef074655240d27690236999518b56ff035770203e764113e45d2ea099e4d75a3ff5373f0b2f67a75a492d18dce7782efa668da34767ca09124068665fde62d7fcbe48771248f946df502b6e43969d2cd90d7a310044e23aed0f2de03f83898f209a6405d44559b347a77de3daf586eee7c1dd456598a22693571f78edf975267e7f4fbf632bc9dec65f4853e1c3d4326fb93eab9e4ca5638d0bdcde2438aa27d9b3010ccab678fcd44427c1828882c4d05c296b3d947b9dbde2393d0727c1e570e2b5cce3a6ebb573a0d8d7ae5cefb13406a6071a61ed4926650070be1efab278816770b9bd70b8306f9aa3a61473887067c5b905c353d2b692074bcdb50137ec61c62e067611b78969a641d60047feca56b01fa244e8a2c6176db9f1a4c93de1d39f3f6d6f15adb0eabee7eaa17ca741573d20cc90e80eb37644dfb502731854fb05294249237bbbdfe64bf8d7e7e9eb9dda2488b8eea1f8f20d7d9386d46c691d3dc82463e45e44f2798571af7ead800fb70ec023f0fc1454af0ed1b53788c6e7a455c9600e8b061b2aefbbb5801bebcef25ff0d82595ac3e7af211999216f90c6f53942d24ad36be465d4bba4513a19c561146cca8379de4cd51c3988ef4b51afe9a2b30643bbd57c50ae1b83c4dfc24badab48ced1397f3ee56b21a8a07cc13f9663a130ec902dcca48e2440ccf45cb8070572e3db1840db702568d2a7417198a25333f291301e4ff54e582674e02138db12c25daca436566a776a0d540e0537e9b895df5128c0ffe771ddc71542812bce4754f1b4adc3aa20fe9edae715dcf8b54705c78874a6d7c6ea1b8ecd63d7f6ef7d683860dfbe9d5939cb8cda5da60022c645b2e7ec5628c5f08ea86d7c3d93e7b3f6676c9bc729213694909bea2b84ec33d28cb4b46426c8bf54ae432ef538becbc946921cb6e818acd1d8c7cda334504a8ea1f04e5d7acbd88afc66c24743d7097776812bc639e86e0d44965ad05a22a569f80efde1bc7a7474a8676b593606433cd57f793dcd0b30457debacc4be41d067d6ab473df46d019874cf9c00abf97b3df779bd5dfbaee818c6be58346d74a27d02b11f6acce398bd951fad04085c8baafdce7f53a22077ca767d831b7e0705818db4d6b1c3c150465520947875b99fd77a61b788d80bc96178eead68f8375a1e6074bba77de48235d761fd822899017c32e2f1951b84923a2efd93803ad746de73a0f77a22aab94e3b697fc8a80a4704dfef596331b7d03d22767aa6219abeb541326b47a597db5e6f14a16e0d81b5326367fc18a22228e6863382df47dce35df102500b2ba7961b507781ab458cebd968c17f7f35540445c1b2f89613d62d37cd5ac0436e810355f81ca746513634e479c95438e29995d7ed34d5d5ae829c542585d12bdcc8b688573c988bfaad4f62b1317f2edd2586aac9d4606305d53c5d88dad5a1c3c05a9c69f0d82d9571d17cf07c9f5c3fd92d119cd0615cfdab0f81eeb9a3eba4504bfb8f463fdeb9294fd452b72405a72ef2f8e6c1e1d40ed95ac0b41a9f842d66201a2e7d4b65600daa4de978c58717934d54ed18d386348bdd040d7301419a69dcb8af1f2edc5b4d99947b27e74dd49a04c692396eb7b26090266608a0594ab395a75264f7a66478efb069ff0615689436a63584e1aa1344977ccad81ec3df8c3da7b3fa0b79beb5351bbed0b0ed64656322e5be1d91ce0bd2aec14527a83525e2aca33df09c8dc7cc84a46921e964a525a3e1e2482c328518b1992e2d7b01a1fe341b0c2a0e946a4be2e6324cc94489aa9f5024dfdcec352be152ff8ef9fab5a083018c1bb43a1f5ca2dea4a11f8a21ddaf22c4d122403aebd98bfe6e4bd6a44dd5890839976340d7e50157e760f6e4a5b9d73c0afe109981267f99f52872a8c767c882d28dcd8a17523a71688b23157ef6d886a1a8da127aacff08e3927aa050e2749a2cdbd2b026cad27cc6a36202244336323aacd360cf275951d9ab1f24e069e736b1d46142380a982d81885514251e860fddffedce875035159683f9eada0e1823171a3324b0da5fbc7d3a5871b66ca5577a36510593b8cca64ad3981da3ae8c6586c59c1510a28e1aa85950056305132de412273c8d0dc70fa0c7814ff394b8934045ade7b77c299536cfad3a988467adeb71eb87b83ce5463d6870ea94fb06e1c02569c81e84b2c27ec44dff0b72460a122f8a67572a0daee80f908d77d5cbda1b2268752f6592d03750e56c7c3b0a5edde829ff94fd7ae283c429ad7cfcf67fb7f59b5ffc3257fec8c24df943814c28e5d862f9d7902d10132c5b8da1d8f7a0b4472aab9f7b298e55236ba7c1fdb2e5f72a86e232158476687b03adfdb3997600f3c6133521ee7d5770da122dc72bc91ab0bdcc12fc1537a1beee852e439bd1654dfd880c70d8faacae17474fb726ebb94b960028ce4d50fe0794253a657bc423c573faaa0ed0a3f41f7dace445e7fb1d39262c4b86bb3e73e31cf5acb57a1ac4588b16ece70ccd25096bc7f63919aa3d539a355482443869165bdad25c7e7327aa372093771d963391cdd40d8ab924739e213c76dfd9da6aa3fa309bbeb03696aff746ebfb832f985cb4c62169b813f64da77136c883b05b48f2d3a09737346d724265e28b2fb7abc84dc43ccd21c65ca43ac7415f31e6e8b387fe8c551d57dd2fe7cfacb634ce2fad5e293cd49dc8c2f47216851b6997da3bc7b97d5af5fc7d5a6b6ec7436d6be75f5fa967d4efa464118d5739b4cbd3a5da299189e65a0e56e83ad51e5d7d7db2d4c46d7bf6da3d7a3f5068350b79bc8d275e7829b45143c79bfbccdafb3b14046019b87860a7b670f7364311f350ba5f03445e06cb8c99df8e8b6e26e3a43cb6c907321432c5481aa2171267220c93411ef445d60e5c20c460885b0fb43eb162b188123787a3e8a978bfcad9602d5879cbbf718299f03fea1fa341eef4fa7223cab95d45bedc9458cddc7454a30b23f7199ca85ae9fd086994356efd505dca8ff8739b58183522a648fa0aa2c7d16d201ca2e2cf43bee1ebb66c595c0421b0ab36b29360c26f2f8767873ee9aa552cddc03ad5fef8aea8fb2b79917c17fb90e8bfa843e487a9d3d4a75a006c3225e120010ccc965e5497aa0f71898981a384a5f3c37d22c61f3fd6b9e212654b7d80aa0e62764663a78e74a4eaffe36e99dedff8cf1065ec9a486e4e7e3dd25f71a38f180e176c01e6a8aa371a6b74f070b83b291572252294974a9d4aae6a4c1b55fba54e3585a0142a96083a2383401cb9416866440cfcea156c5a70a1195d153cc906d6b287b34bc7be2d6359d9ba141177e76893b76a951d79104bfec89a236e6540c06612bfc9a0fce3e4c96b5170203d52e182d174943a6bf3d989e14198b6d0dbd345e7d68b5cccdd699d71b06e050efdf0b07d887832701ce2d33925de9c64a5674e4220f905cf8eae633a6cd9ed7992966c3fb70c94f692acb059ffd856d9db9348eb1bbc1746270d3c8b9bf9d1b97dd54999b824a13bd4d6c2d8cb789c482df24fc2302dfc6fce898ec8aa099d3df8379f4ae43c6a82f6bb601b4cf6640aa7a24c6b5be91792d9bd45714fbb5902eeb175fc4ba65aba378e441030c4268254caaf587f30eb7f8562690bd7c9de3ab012ca2c5fed8e69e6707f2f0cfca9d09fd08ff85e40a1a158274bac5461299cd2bf5f232f69cccee470855d2a646314cc456f6f33f464abf47e72d27cc6ea377c82d4a8d807d44313f65beb67f4b14f3198b7813d9558aae44ee94e10030b6858fe0acd9bcf34d57ca842fdaf18e7c0be6f734a6db85242235ec1d823a802672e02bcfd2ec541c3abf303163590c107163af1463cbf76392c01aa00b7ca585f5d76fb61104e52604031b0045cf919ee5c50a48d48aa1067a83e22c70a7c23c2fac16312316fa553e70d63392dc6e75d68de3687e99d27960c98278806eddf23b2fb86c4153fbdbeecda19879730eb6a0fbb57c440e3505a3bb117d5c3b56a1a55c1ed6567bf07a551a7d7a4796863ec9d26593dc3ee622344e653ddb8dbdca29fb0467c8296aef02f85f99b1df7f031aafa2b6109c80403d94fe575cde29f9c3a3e7a91f3db4f01e6a2e8befdd2b29f75a20884bd029dec8d37899c08113629a57595b47b4301b31b856836535ccc024f0b75be19638d5238d6720d11b090cf395226dddf8b31728e22275c0b921d432784256cc6cfb235b8756e548665de13e8a91c65ea771b6a12b5e2fba96e9b3422a35ec1fc7d0b3fd9eda3606261f807ef0cce3cf57b2a2d5a8b67589596e0c93a3913840b373f24025a37d0031b4079f3c51ded948e83ca42bcf227506dc7bab6fbe6a2703c75e4cc2965b57178ea594f49550fe8f22f25310e99e34e5ffd980ca5942d83542ed62ee06071be16966c142c713d6a3e7158eeb4f1a0d42ce68454dc1ba255aa3988bd65074956770aeee310e6771754823b822d601649f464f456d996f9c2df5ac4745faeb078cc0d72a24fde68624b6c845cfc668698b1f1c60a356df3f52cf469da6731bca77ce9aec19e3e9527e62261d2be23ac6184c56d1"}}, 0x1118)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f0000001ac0)={0x401, 0x3, 0x1, 'queue0\x00', 0x7fff})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000002a00)={{}, r0, 0x8, @unused=[0x2, 0x6885b8d1, 0x9, 0x80000001], @devid})

[  497.429485][ T3069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  497.552837][ T3069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  505.844932][ T3069] device hsr_slave_0 entered promiscuous mode
[  505.943467][ T3069] device hsr_slave_1 entered promiscuous mode
[  510.391569][ T3069] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  510.564766][ T3069] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  510.734022][ T3069] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  510.962896][ T3069] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  519.674324][ T3069] 8021q: adding VLAN 0 to HW filter on device bond0
[  520.095211][ T1934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  520.169775][ T1934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  525.783746][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  525.830254][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  526.068392][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  526.094497][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  526.750630][ T3235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  526.963972][ T3235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  526.982412][ T3259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  527.552859][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  528.208635][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  528.253523][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  528.672811][ T3069] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  528.746791][ T3069] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  529.065054][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  529.131892][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  529.493414][ T3259] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  529.511907][ T3259] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  535.716515][ T3235] device hsr_slave_0 entered promiscuous mode
[  535.760029][ T3235] device hsr_slave_1 entered promiscuous mode
[  535.794854][ T3235] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  535.801980][ T3235] Cannot create hsr debugfs directory
[  539.442261][ T3235] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  539.592398][ T3235] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  539.805128][ T3235] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  539.964605][ T3235] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  540.771074][ T3259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  540.831579][ T3259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  546.517511][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  546.564551][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  546.629669][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  546.641019][ T2050] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  546.822097][ T3069] device veth0_vlan entered promiscuous mode
[  547.518296][ T3069] device veth1_vlan entered promiscuous mode
[  548.374859][ T3235] 8021q: adding VLAN 0 to HW filter on device bond0
[  548.871689][ T1934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  548.893110][ T1934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  549.063837][ T3203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  549.098310][ T3203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  549.325092][ T3069] device veth0_macvtap entered promiscuous mode
[  549.558443][ T3069] device veth1_macvtap entered promiscuous mode
[  549.941301][ T3203] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  550.012106][ T3203] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  550.402116][ T3259] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  550.462303][ T3259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  550.810917][ T3203] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  550.867776][ T3203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  551.143781][ T3069] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  551.159759][ T3069] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  551.161636][ T3069] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  551.163504][ T3069] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  554.441426][ T3069] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[  556.494030][ T3496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  556.528239][ T3496] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  557.419658][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  557.451831][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  557.563706][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  557.615196][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  558.590618][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  558.672182][ T3100] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  559.123344][ T3235] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  559.198936][ T3235] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  559.654230][ T3496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  559.734511][ T3496] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  560.363564][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  560.391391][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  560.809305][ T3515] Unable to handle kernel access to user memory without uaccess routines at virtual address 0000000020000680
[  560.882453][ T3515] Oops [#1]
[  560.883453][ T3515] Modules linked in:
[  560.884569][ T3515] CPU: 1 PID: 3515 Comm: syz-executor.0 Not tainted 5.12.0-rc2-syzkaller #0
[  560.886832][ T3515] Hardware name: riscv-virtio,qemu (DT)
[  560.887980][ T3515] epc : sock_ioctl+0x4c4/0x66c
[  560.889405][ T3515]  ra : sock_ioctl+0x4c4/0x66c
[  560.890646][ T3515] epc : ffffffe0020e2068 ra : ffffffe0020e2068 sp : ffffffe00ec7bda0
[  560.891896][ T3515]  gp : ffffffe004588910 tp : ffffffe007765f00 t0 : 0000000000000000
[  560.893199][ T3515]  t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00ec7be30
[  560.894844][ T3515]  s1 : 0000000000040000 a0 : 0000000000000000 a1 : 0000000000000007
[  560.896911][ T3515]  a2 : 1ffffffc00eecbe0 a3 : ffffffe002a8f8e6 a4 : 0000000000000000
[  560.898228][ T3515]  a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000084ac8
[  560.899491][ T3515]  s2 : 0000000000000000 s3 : 0000000000008902 s4 : 0000000020000680
[  560.900789][ T3515]  s5 : ffffffe00458c0d0 s6 : ffffffe00d0e1a40 s7 : ffffffe00447ca00
[  560.902070][ T3515]  s8 : 0000000000008904 s9 : ffffffe00d0e1b00 s10: 0000000000000000
[  560.903333][ T3515]  s11: 0000000000020000 t3 : 0645d3c48874aa00 t4 : ffffffc403c3d7b2
[  560.904604][ T3515]  t5 : ffffffc403c3d7ba t6 : 0000000000040000
[  560.905882][ T3515] status: 0000000000000120 badaddr: 0000000020000680 cause: 000000000000000f
[  560.907260][ T3515] Call Trace:
[  560.908032][ T3515] [<ffffffe0020e2068>] sock_ioctl+0x4c4/0x66c
[  560.909651][ T3515] [<ffffffe00041f7f4>] sys_ioctl+0x5c2/0xd56
[  560.910984][ T3515] [<ffffffe000005572>] ret_from_syscall+0x0/0x2
[  560.977963][ T3515] ---[ end trace b6bb1bf58239b1f3 ]---
[  560.981065][ T3515] Kernel panic - not syncing: Fatal exception
[  560.982441][ T3515] SMP: stopping secondary CPUs
[  560.984277][ T3515] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:55:07  Registers:
info registers vcpu 0
 pc       ffffffe0001268a4
 mhartid  0000000000000000
 mstatus  00000000000001a0
 mip      00000000000000a0
 mie      000000000000020a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffe00000542c
 mepc     ffffffe000995c3c
 sepc     ffffffe0000c994e
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffe0001268a0 x2/sp ffffffe006acf660 x3/gp ffffffe004588910
 x4/tp ffffffe006ce97c0 x5/t0 0000000000046000 x6/t1 0000000000000001 x7/t2 ffffffe0030002b0
 x8/s0 ffffffe006acf6d0 x9/s1 0000000000000000 x10/a0 0000000000000000 x11/a1 00000000000f0000
 x12/a2 0000000000010000 x13/a3 ffffffe0001268a0 x14/a4 ffffffe006ce97c0 x15/a5 0000000000000000
 x16/a6 0000000000f00000 x17/a7 ffffffe00013bd02 x18/s2 0000000000000000 x19/s3 ffffffe0050495a8
 x20/s4 ffffffe00432e3c0 x21/s5 0000000000010000 x22/s6 ffffffe00013bd02 x23/s7 ffffffe00432e3c8
 x24/s8 ffffffe067d48190 x25/s9 ffffffe067d48a40 x26/s10 ffffffe067d48100 x27/s11 ffffffe00013bc88
 x28/t3 0645d3c48874aa00 x29/t4 0000000000000040 x30/t5 ffffffc40130bc00 x31/t6 000000000000000f
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000
info registers vcpu 1
 pc       ffffffe0000c9910
 mhartid  0000000000000001
 mstatus  00000000000001a0
 mip      00000000000000a0
 mie      000000000000020a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffe00000542c
 mepc     ffffffe002a95c22
 sepc     ffffffe002a95c22
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffe002a8ae26 x2/sp ffffffe02170b640 x3/gp ffffffe004588910
 x4/tp ffffffe0077617c0 x5/t0 0000000000046000 x6/t1 00000000000081ad x7/t2 ffffffe0030002b0
 x8/s0 ffffffe02170b650 x9/s1 0000000000001000 x10/a0 0000000000000120 x11/a1 ffffffffffffffff
 x12/a2 1ffffffc00eec2f9 x13/a3 ffffffe0001005e4 x14/a4 0000000000010003 x15/a5 0000000000000000
 x16/a6 0000000000f00000 x17/a7 ffffffe00420b540 x18/s2 0000000000000001 x19/s3 ffffffe00432b2b8
 x20/s4 ffffffe00458c228 x21/s5 ffffffe002e27840 x22/s6 ffffffffffffffff x23/s7 ffffffe00008f672
 x24/s8 ffffffe0050495a8 x25/s9 ffffffe067d65a40 x26/s10 ffffffe067d65100 x27/s11 ffffffe00013bc88
 x28/t3 000000010000653b x29/t4 ffffffc400eec38d x30/t5 ffffffc400eec391 x31/t6 0000003fda8fd000
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000