syzkaller login: [ 227.574313][ T2895] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 227.666571][ T2895] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 227.711389][ T2895] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 227.755743][ T2895] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:23143' (ECDSA) to the list of known hosts. 1970/01/01 00:04:28 fuzzer started 1970/01/01 00:04:39 dialing manager at localhost:40515 1970/01/01 00:04:42 syscalls: 2768 1970/01/01 00:04:42 code coverage: enabled 1970/01/01 00:04:42 comparison tracing: enabled 1970/01/01 00:04:42 extra coverage: enabled 1970/01/01 00:04:42 setuid sandbox: enabled 1970/01/01 00:04:42 namespace sandbox: enabled 1970/01/01 00:04:42 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:04:42 fault injection: enabled 1970/01/01 00:04:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:04:43 net packet injection: enabled 1970/01/01 00:04:43 net device setup: enabled 1970/01/01 00:04:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:04:43 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:04:43 USB emulation: enabled 1970/01/01 00:04:43 hci packet injection: /dev/vhci does not exist 1970/01/01 00:04:43 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:04:43 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:04:47 fetching corpus: 50, signal 25213/26782 (executing program) 1970/01/01 00:04:49 fetching corpus: 100, signal 29822/32833 (executing program) 1970/01/01 00:04:51 fetching corpus: 150, signal 35599/39806 (executing program) 1970/01/01 00:04:53 fetching corpus: 200, signal 39303/44612 (executing program) 1970/01/01 00:04:55 fetching corpus: 250, signal 42375/48711 (executing program) 1970/01/01 00:04:57 fetching corpus: 300, signal 46053/53302 (executing program) 1970/01/01 00:05:01 fetching corpus: 350, signal 48154/56316 (executing program) 1970/01/01 00:05:03 fetching corpus: 400, signal 51655/60476 (executing program) 1970/01/01 00:05:05 fetching corpus: 450, signal 54166/63692 (executing program) 1970/01/01 00:05:07 fetching corpus: 500, signal 55656/66015 (executing program) 1970/01/01 00:05:09 fetching corpus: 550, signal 57773/68713 (executing program) 1970/01/01 00:05:11 fetching corpus: 600, signal 59203/70819 (executing program) 1970/01/01 00:05:13 fetching corpus: 650, signal 60672/72987 (executing program) 1970/01/01 00:05:15 fetching corpus: 700, signal 63252/75878 (executing program) 1970/01/01 00:05:17 fetching corpus: 750, signal 64320/77569 (executing program) 1970/01/01 00:05:19 fetching corpus: 800, signal 65330/79187 (executing program) 1970/01/01 00:05:21 fetching corpus: 850, signal 66300/80684 (executing program) 1970/01/01 00:05:23 fetching corpus: 900, signal 69114/83463 (executing program) 1970/01/01 00:05:24 fetching corpus: 950, signal 70245/85020 (executing program) 1970/01/01 00:05:26 fetching corpus: 1000, signal 71057/86296 (executing program) 1970/01/01 00:05:28 fetching corpus: 1050, signal 72375/87869 (executing program) 1970/01/01 00:05:30 fetching corpus: 1100, signal 73068/89056 (executing program) 1970/01/01 00:05:32 fetching corpus: 1150, signal 74440/90605 (executing program) 1970/01/01 00:05:33 fetching corpus: 1200, signal 75380/91834 (executing program) 1970/01/01 00:05:36 fetching corpus: 1250, signal 76580/93199 (executing program) 1970/01/01 00:05:37 fetching corpus: 1300, signal 77460/94329 (executing program) 1970/01/01 00:05:39 fetching corpus: 1350, signal 78091/95331 (executing program) 1970/01/01 00:05:42 fetching corpus: 1400, signal 79705/96800 (executing program) 1970/01/01 00:05:44 fetching corpus: 1450, signal 81188/98114 (executing program) 1970/01/01 00:05:45 fetching corpus: 1500, signal 82214/99222 (executing program) 1970/01/01 00:05:47 fetching corpus: 1550, signal 82893/100130 (executing program) 1970/01/01 00:05:49 fetching corpus: 1600, signal 84383/101321 (executing program) 1970/01/01 00:05:50 fetching corpus: 1650, signal 85459/102280 (executing program) 1970/01/01 00:05:52 fetching corpus: 1700, signal 86833/103388 (executing program) 1970/01/01 00:05:54 fetching corpus: 1750, signal 87712/104229 (executing program) 1970/01/01 00:05:56 fetching corpus: 1800, signal 88364/104968 (executing program) 1970/01/01 00:05:58 fetching corpus: 1850, signal 89031/105661 (executing program) 1970/01/01 00:06:00 fetching corpus: 1900, signal 89965/106380 (executing program) 1970/01/01 00:06:03 fetching corpus: 1950, signal 90643/107047 (executing program) 1970/01/01 00:06:05 fetching corpus: 2000, signal 91300/107669 (executing program) 1970/01/01 00:06:06 fetching corpus: 2050, signal 91972/108237 (executing program) 1970/01/01 00:06:09 fetching corpus: 2100, signal 92652/108802 (executing program) 1970/01/01 00:06:10 fetching corpus: 2150, signal 93659/109462 (executing program) 1970/01/01 00:06:12 fetching corpus: 2200, signal 95590/110319 (executing program) 1970/01/01 00:06:13 fetching corpus: 2250, signal 96202/110758 (executing program) 1970/01/01 00:06:16 fetching corpus: 2300, signal 96732/111201 (executing program) 1970/01/01 00:06:18 fetching corpus: 2350, signal 97955/111765 (executing program) 1970/01/01 00:06:20 fetching corpus: 2400, signal 98498/112147 (executing program) 1970/01/01 00:06:22 fetching corpus: 2450, signal 99103/112533 (executing program) 1970/01/01 00:06:24 fetching corpus: 2500, signal 99824/112915 (executing program) 1970/01/01 00:06:25 fetching corpus: 2522, signal 100068/113183 (executing program) 1970/01/01 00:06:25 fetching corpus: 2522, signal 100068/113419 (executing program) 1970/01/01 00:06:25 fetching corpus: 2522, signal 100068/113677 (executing program) 1970/01/01 00:06:25 fetching corpus: 2522, signal 100068/113935 (executing program) 1970/01/01 00:06:25 fetching corpus: 2522, signal 100068/114188 (executing program) 1970/01/01 00:06:25 fetching corpus: 2522, signal 100068/114455 (executing program) 1970/01/01 00:06:25 fetching corpus: 2522, signal 100068/114706 (executing program) 1970/01/01 00:06:26 fetching corpus: 2522, signal 100068/114821 (executing program) 1970/01/01 00:06:26 fetching corpus: 2522, signal 100068/114821 (executing program) 1970/01/01 00:07:51 starting 2 fuzzer processes 00:08:09 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) fdatasync(r0) sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x5c, 0x6, 0x6, 0x401, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20040081}, 0x2000c004) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000140)=""/254, &(0x7f0000000240)=0xfe) getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000280)={'nat\x00'}, &(0x7f0000000300)=0x54) getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000340)=""/213, &(0x7f0000000440)=0xd5) getsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000480), &(0x7f00000004c0)=0x4) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000500)="13d12e775e5f00007953c8dd2a4dba58ed5520335753a6e60a70cbfc0b7592741b9ca67ef1b0bdc3516c000e6b3619f05f9278161f35524d533fc12a55765e0cc34f5d482ab5acfc78bd54946394c1c887990f680fd70e0dcf5a5650feb5ca526f5ee68434e5a2b648ee45d9d005aa8bbb2662dfc0a651d0410985c8ec32f373fc3628f1aeb29f38ef9b4d07c1465f34b48458fa42e625e90e45296ea773b461247e1a1ab2b8209fa68c53a2d2050b51f4c41f088e72070e919eac00441f0c7f40a62153e66560f9", 0xc8) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000600)=0x0) r2 = syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x1, 0x5, &(0x7f00000009c0)=[{&(0x7f00000006c0)="ade0c4de0b1112c4b582d1c775c4e5ccae636b837d8511f8880acc5d4e575885fe99e1701b8dcc386ca7e97ebc657942168c8614e62729a9e92b56a055b75052d9f56eb5e5926d1754853ea22efe19420c6c741b32da1aa0aeacd39d44cf6197c2347e6879bba2b5236b1f4a7202647725316e0bead7d073191026b0dec2ba522f6f2e9f23e6fc58534e45499a780d80243a11b001699b8240a8968994c44f5e9575693f9dcbdf09f8a95c60f8f6c3e2e47bf44544cdaaedbc2510376b13994a683e69", 0xc3, 0x1}, {&(0x7f00000007c0)="f8c8ab0a549279b7aef15e370f7ab8c06ecc2063ee1ccfdc4628ac75a3584414d779bf96aeeb4995ab3f168d8ebf2e24a22ca36c96bfa21a1f7d3482fa42c3ef46f435f43b089e3f0d3a26a06fb891df11c4250c7c9bba0c3cd97a53a57b65ebaf728d8e5a858dad1cea120c681a87869b9d3db742254198b34c7736eef765748f3ad3864a633932db5dbe069ae32033ef13dc3fd08a096113e5b55b8a183dd4ab111d24c950dc7e9d477b4ae91a1482", 0xb0, 0x9}, {&(0x7f0000000880)="73ebc6f840f803ca6cb70cba4e8db75da402a3bac08d7b49040b099a06781cec5a53010f94e1b1a176fbe3ddd4857ab40bd47602ec292733ae5658d8b64a5745783cbdccdedc12fc94331d07c669ea481d09bcf5213b673ff153ae119a502d627f613aac859aef3a5e113e0d2ae8b60901d0b924e39d9506f6b30f695be4b6ad8ff4dff49be68802144a8c3be995056716cf80a2b29c15f57c10e69bc248dedba4", 0xa1, 0xffffffffffffff80}, {&(0x7f0000000940)="56c3b97ce0da18bc1a2074f862cb4ba9c4bfff445e85565ce8e2bb1b89517c42", 0x20, 0x4}, {&(0x7f0000000980)="2ec1eebae2afde21512d524af743fe10", 0x10, 0x2}], 0x420, &(0x7f0000000a40)={[{@user_xattr='user_xattr'}, {@lazytime='lazytime'}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}], [{@subj_type={'subj_type', 0x3d, 'nat\x00'}}, {@func={'func', 0x3d, 'FILE_CHECK'}}, {@uid_lt={'uid<', 0xffffffffffffffff}}, {@dont_hash='dont_hash'}, {@audit='audit'}, {@obj_user={'obj_user'}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}]}) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, r1, 0x7, r2, &(0x7f0000000b00)={0xffffffffffffffff, r0, 0x101}) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000b40)='/dev/null\x00', 0x4000, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000b80)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000bc0)=0x28) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000c00)={0x3, 0x2, {0x1, 0x2, 0x9, 0x1, 0x5}, 0x2}) r5 = syz_io_uring_complete(0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, &(0x7f0000000c80)={r4, 0x9}, &(0x7f0000000cc0)=0x8) r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000d00)='/dev/autofs\x00', 0x80000, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r6, &(0x7f0000000e00)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x1c, 0x3, 0x8, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x88}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8004) setsockopt$netlink_NETLINK_RX_RING(0xffffffffffffffff, 0x10e, 0x6, &(0x7f0000000e40)={0xfff, 0x9, 0x200, 0x6}, 0x10) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000f00)={0x0, 0x200}, 0x8) 00:08:31 executing program 1: io_pgetevents(0x0, 0x7, 0x3, &(0x7f0000000000)=[{}, {}, {}], &(0x7f0000000080)={0x0, 0x3938700}, 0x0) io_destroy(0x0) io_setup(0x9, &(0x7f00000000c0)=0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x940, 0x0) io_cancel(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x7, 0xffffffffffffffff, &(0x7f0000000100)="ace2cca6719067e753d00cc210c9dab2d59d8ac5d68e1704a407ce6531a0f77f03ff7ffdfe82bbbb81c4db781b11a5e0dc9ccc0e7159c3900f133d356e49ad509994614c916baeb918d664e320521fe03d8f96a48a0855925fa13202b86dc961aa705633ce83", 0x66, 0x0, 0x0, 0x702933e1aea0f832, r1}, &(0x7f0000000200)) r2 = socket(0x2b, 0x5, 0x4) sendmsg$IPSET_CMD_DEL(r2, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000280)={0x1a8, 0xa, 0x6, 0x401, 0x0, 0x0, {0xc}, [@IPSET_ATTR_ADT={0x78, 0x8, 0x0, 0x1, [{0x18, 0x7, 0x0, 0x1, @IPSET_ATTR_IFACE={0x14, 0x17, 'wg1\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x2}}, {0x18, 0x7, 0x0, 0x1, @IPSET_ATTR_IFACE={0x14, 0x17, 'bridge_slave_0\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0xffffffffffffcc91}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @ipv4={[], [], @rand_addr=0x64010102}}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x2}}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x9c, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x1ff}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x3}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x3}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz0\x00'}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private1}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x6, 0x1a, '&\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x7}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}}]}, @IPSET_ATTR_DATA={0x68, 0x7, 0x0, 0x1, [@IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x1ff}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x18c4}, @IPSET_ATTR_COMMENT={0xf, 0x1a, '/dev/vsock\x00'}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x41}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x4}, @IPSET_ATTR_LINENO={0x8}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x4}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x9}, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz0\x00'}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x8}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x4}]}, 0x1a8}}, 0x80) io_cancel(0x0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x100, r2, &(0x7f00000004c0)="e4cc81514c8665d3db9dd2b537a712ccaea77746e8876619c046b1edab59b192cb4ff978002ab9424f0251a9da8b90de45a511e66cd1f25840a2a89f556088934798a214affa2bc7e080398534041934828cf44d69482d26b231e6211e65d71db2ab949ddce5ffb2de1dce31353a8e0545411511cb3337da7787ab124171e1a38c870357cbd382124cac0137e22b3ec4a11869bb3089c58031e77afa834c854ea822f2230f", 0xa5, 0x1000, 0x0, 0x2, r1}, &(0x7f00000005c0)) r3 = fcntl$dupfd(0xffffffffffffffff, 0x406, r2) ioctl$BLKTRACESTART(r3, 0x1274, 0x0) io_destroy(r0) ioctl$NBD_SET_SIZE(r3, 0xab02, 0x1000) io_setup(0x80000000, &(0x7f0000000600)=0x0) io_submit(r4, 0x1, &(0x7f0000000740)=[&(0x7f0000000700)={0x0, 0x0, 0x0, 0x6, 0x7f, 0xffffffffffffffff, &(0x7f0000000640)="aafa56bd9c16cb3e9da9621c54c14c9adbb19256a9ed54fa6883efca758495d2529a1cde10d7b4fb07fc5319dfa0b3cec287c2187b29d38bdf88abe5ef21c4c92cf42e1fa081a69d3508ababb0e04b3354f734b7474f8bccb5acedc26eb6659b44876d137c320356be184671ad55109033ca93af6eabb754f8805842a733108675244704acb736d75b4badf5293d75", 0x8f, 0x7fffffff, 0x0, 0x3}]) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000780)='/dev/autofs\x00', 0x8000, 0x0) read$FUSE(r1, &(0x7f0000000d00)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) statx(r1, &(0x7f0000002d40)='./file0\x00', 0x0, 0x400, &(0x7f0000002d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) newfstatat(0xffffffffffffff9c, &(0x7f0000002e80)='./file0\x00', &(0x7f0000002ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4000) r9 = fcntl$getown(r3, 0x9) sendmsg$unix(r5, &(0x7f0000003040)={&(0x7f00000007c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000840)="a3be86ecca58574860c17b3a573ec93298d96c850790580a348400778fd0c9124c554e3d82dfb82284d13b95683a341a9e2eaac6025ef77ad54fb2efbe597f73e540c552d0c5a46a391ef32cde5853ab6bc84bd4a455eca96113c9641db71ca1a2a998371a44a333d70e567a0f4e9014228e4cbbafe3c9b83181cb6f947635a2d922b5ff36fb2e9d55929b4edcb2", 0x8e}, {&(0x7f0000000900)="4e28ee828f107e8b7e1de88c9e4684f5f602129e3454dc2ffc1688f0e01fa64881fdcebe43ffb4fc5762390d56238eb451c93b64514b9be7d5b925ca85d097f44fd8ec0b46d8bd09bdaec7fc06c54461f17b9af37a137e6f2b4ff2698a27fad5645bd135dd46d9284b0622ed416985383f8329c5d2a9cea64265b8f7b00ed01b2ac2ddb79d", 0x85}, {&(0x7f00000009c0)="0cc2b31c827c8dd3b14328b59055d83c1cfefbfadb5517ba6f47714db9fd943aca2d9623532bfa6a79ea7e751bdf9879f9d5164e24595bf42518d827631eedb6e7dd52d3a2da7dc989a8c01cd3d6c432177c920ff9c3ea43667f35337c9d42d68ce3eab2631082eccb38cbccf2ea7edb7d20a2aceb9c930539bd624e2b4227cae43c96a4994e1090c4ecd1509ee3d2cb2559cf7a", 0x94}, {&(0x7f0000000a80)="d8f05f860168a9d871024fb0a5cff1f65a4388f921d822a067cb19eafb26d14d62403052e749416d5fb002ad54ea25523d9184", 0x33}, {&(0x7f0000000ac0)="f6b9083c12a5fbb44e14cf2da62888b6e9c9e40b6fd6607c075afd2b227417a78a9beab87ed0b69caf143d8d370481077adddf2cb78900fb5dc506f2860d8aadc617dfd7d4c45f2b61e114213b750d0d4d4e410d66234bd7fe0edeeec83fb873032acd2b823470a346296882738af06a4a9a531fae14427bb2fc197b11e2317eac7eaf322235909cd47357360eaf5075de0b48338e0b63d80b0f3f91a30115eb9e221311224b25e67dafb097923a2ac36cc0cd8e6ddf", 0xb6}, {&(0x7f0000000b80)="82d3cb8c8e28f2967b46bd111beef844bad9db9890263c4844e6958977869784eadd712779caa49b81e7c87d5fff36e31385a6ff38ddeb905421333aae6031c9aa6f183f674e15e796fffaffde604eaeaba0657f0771a835823826259e44", 0x5e}, {&(0x7f0000000c00)="0ad240445cdc9218c6fa945fb77f234fdbfaf9e1b8175b87f24cf28c27d92b646507c99c56cda262b39851820ed0925114dfdf9153636ad0d58e9fd1cb2570c3d290bb2f", 0x44}], 0x7, &(0x7f0000002f80)=[@cred={{0x1c, 0x1, 0x2, {r6, 0xffffffffffffffff, r7}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r8}}}, @cred={{0x1c, 0x1, 0x2, {r9, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01}}}], 0xc0, 0x20000000}, 0x24004080) [ 515.457202][ T3070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 515.568458][ T3070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 525.740153][ T3070] device hsr_slave_0 entered promiscuous mode [ 525.796767][ T3070] device hsr_slave_1 entered promiscuous mode [ 530.673732][ T3070] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 530.876176][ T3070] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 531.055511][ T3070] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 531.166894][ T3070] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 540.682407][ T3070] 8021q: adding VLAN 0 to HW filter on device bond0 [ 541.150417][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 541.206641][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 546.427413][ T3235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 546.531569][ T3235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 546.844781][ T1936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 546.896378][ T1936] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 547.271190][ T3151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 547.295889][ T3151] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 547.466728][ T3151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 547.666446][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 547.971588][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 547.992961][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 548.123836][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 548.152666][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 548.320666][ T3070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 549.261519][ T1936] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 549.265481][ T1936] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 556.001602][ T3235] device hsr_slave_0 entered promiscuous mode [ 556.054503][ T3235] device hsr_slave_1 entered promiscuous mode [ 556.107079][ T3235] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 556.114047][ T3235] Cannot create hsr debugfs directory [ 560.346701][ T3235] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 560.511730][ T3235] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 560.652766][ T3235] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 560.714877][ T3235] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 561.367417][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 561.425204][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 567.124194][ T3412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 567.143708][ T3412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 567.166233][ T3412] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 567.196156][ T3412] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 567.422871][ T3070] device veth0_vlan entered promiscuous mode [ 567.765707][ T3070] device veth1_vlan entered promiscuous mode [ 569.040221][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 569.096964][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 569.501445][ T3070] device veth0_macvtap entered promiscuous mode [ 569.745158][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 569.956424][ T3235] 8021q: adding VLAN 0 to HW filter on device bond0 [ 570.030341][ T3070] device veth1_macvtap entered promiscuous mode [ 570.660038][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 570.716945][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 570.986005][ T1936] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 571.021921][ T1936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 571.312368][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 571.354668][ T3141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 571.624168][ T3070] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 571.632017][ T3070] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 571.633817][ T3070] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 571.635544][ T3070] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.326394][ T3070] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 576.874344][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 576.943937][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 577.115350][ T3513] Unable to handle kernel access to user memory without uaccess routines at virtual address 0000000020000600 [ 577.143213][ T3513] Oops [#1] [ 577.144109][ T3513] Modules linked in: [ 577.144920][ T3513] CPU: 1 PID: 3513 Comm: syz-executor.0 Not tainted 5.12.0-rc2-syzkaller-00474-ga5406a7ff56e #0 [ 577.146048][ T3513] Hardware name: riscv-virtio,qemu (DT) [ 577.146855][ T3513] epc : sock_ioctl+0x4c4/0x66c [ 577.148675][ T3513] ra : sock_ioctl+0x4c4/0x66c [ 577.149550][ T3513] epc : ffffffe0020e2068 ra : ffffffe0020e2068 sp : ffffffe01f4afda0 [ 577.150301][ T3513] gp : ffffffe004588910 tp : ffffffe00c2997c0 t0 : 0000000000000000 [ 577.151166][ T3513] t1 : 0000000000000001 t2 : 000000001dcd6500 s0 : ffffffe01f4afe30 [ 577.151967][ T3513] s1 : 0000000000040000 a0 : 0000000000000000 a1 : 0000000000000007 [ 577.152842][ T3513] a2 : 1ffffffc018532f8 a3 : ffffffe002a8f8e6 a4 : 0000000000000000 [ 577.153813][ T3513] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000084ac8 [ 577.154215][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 577.154682][ T3513] s2 : 0000000000000000 s3 : 0000000000008902 s4 : 0000000020000600 [ 577.154971][ T3513] s5 : ffffffe00458c0d0 s6 : ffffffe00d005500 s7 : ffffffe00e658000 [ 577.160249][ T3513] s8 : 0000000000008903 s9 : ffffffe00d0055c0 s10: 0000000000000000 [ 577.161413][ T3513] s11: 0000000000020000 t3 : bcf3307ba2e17f00 t4 : ffffffc403e9577a [ 577.162519][ T3513] t5 : ffffffc403e95782 t6 : 0000000000040000 [ 577.164210][ T3513] status: 0000000000000120 badaddr: 0000000020000600 cause: 000000000000000f [ 577.165478][ T3513] Call Trace: [ 577.166172][ T3513] [] sock_ioctl+0x4c4/0x66c [ 577.167679][ T3513] [] sys_ioctl+0x5c2/0xd56 [ 577.168903][ T3513] [] ret_from_syscall+0x0/0x2 [ 577.172557][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 577.197180][ T3513] ---[ end trace 7c299d0b4b6bacd2 ]--- [ 577.203920][ T3513] Kernel panic - not syncing: Fatal exception [ 577.205210][ T3513] SMP: stopping secondary CPUs [ 577.206897][ T3513] Rebooting in 86400 seconds.. VM DIAGNOSIS: 06:20:11 Registers: info registers vcpu 0 pc ffffffe00000e9d0 mhartid 0000000000000000 mstatus 00000000000000a0 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffe00000542c mepc ffffffe00000e9d4 sepc 0000000000053688 mcause 0000000000000009 scause 0000000000000008 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffe00000e9ba x2/sp ffffffe01ddb7b30 x3/gp ffffffe004588910 x4/tp ffffffe00618df00 x5/t0 ffffffe01ddb7dd0 x6/t1 ffffffc403bb6fb9 x7/t2 00000000000f4240 x8/s0 ffffffe01ddb7b50 x9/s1 000000015bfa5db8 x10/a0 000000015bfa5db8 x11/a1 0000000000000000 x12/a2 0000000000000000 x13/a3 0000000000000000 x14/a4 0000000000000000 x15/a5 0000000000000000 x16/a6 0000000000000000 x17/a7 0000000054494d45 x18/s2 0000000000002644 x19/s3 00000000000ef290 x20/s4 0000000000000001 x21/s5 00000000000ef290 x22/s6 ffffffe067d48100 x23/s7 0000000064f1c000 x24/s8 0000000000000000 x25/s9 ffffffe01ddb7dc0 x26/s10 0000000000000000 x27/s11 ffffffe01ddb7da8 x28/t3 000000000000023f x29/t4 ffffffc403bb6fb2 x30/t5 ffffffc403bb6fba x31/t6 0000000000040000 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffe0007e670c mhartid 0000000000000001 mstatus 00000000000000a2 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffe00000542c mepc ffffffe00000e9d4 sepc 0000003ff0b8e3c4 mcause 0000000000000009 scause 0000000000000008 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffe0001d0f3e x2/sp ffffffe00789fb90 x3/gp ffffffe004588910 x4/tp ffffffe0079d8000 x5/t0 0000000000000000 x6/t1 ffffffc400f13f9a x7/t2 0000000000000009 x8/s0 ffffffe00789fb00 x9/s1 0000000000000000 x10/a0 ffffffe067d6e0a8 x11/a1 ffffffe0079d9000 x12/a2 0000000000000002 x13/a3 ffffffe00008430c x14/a4 0000000000000000 x15/a5 ffffffe0051c6fb4 x16/a6 ffffffe000997e06 x17/a7 bcf3307ba2e17f00 x18/s2 ffffffe0051c6fc8 x19/s3 ffffffe0050495b0 x20/s4 ffffffe0079d8000 x21/s5 00000000000cc618 x22/s6 0000000000000001 x23/s7 0000000000000122 x24/s8 0000000000000003 x25/s9 0000000000000100 x26/s10 0000000000000002 x27/s11 0000003ff0cec095 x28/t3 0000000000000000 x29/t4 ffffffc400f13f99 x30/t5 ffffffc400f13f9b x31/t6 0000000000000004 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000