program: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$unix(r0, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x168, r2, 0x800, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x68, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xac}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x60ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}]}, @TIPC_NLA_LINK={0xbc, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb0}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x67}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xece}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x39b4}]}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x3ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4b}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x200}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}]}]}, 0x168}, 0x1, 0x0, 0x0, 0x8000}, 0x800) syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nouid32}, {@mblk_io_submit}, {@i_version}]}, 0x1, 0x746, &(0x7f0000000f40)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulG5vWUkGkogcpVop689Bud7ehZLdbspvShIpWFMGTSPHsj5M3/wFRBL15FDx7kkKRUi+CsDLb2bjt7jabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJlupiYiTd/e7c/taMV2SaDZf/y1p7ZPmo+MzqT1Z5rGI+O79iEO57nLrK6uLhUqlvJTl5xrVy3P1ldXDF6uFhfJC+dL88WePzp+Yf+bE/JbF+sd7r54/9dVLX9x498dfXnvr1JNJnIy92bbOOLbKbMxm38lk+hXe48WtLmzEklEfAJuS3po77t7lsT+mY0crBQD8l70dEU0AYMwk2n8AGDPt/wO0x/aGMQ72T3brhYjY1Sv+iWzMbldrHHT3neSekZEkIma2oPzZiLj65gdfp0sMaRwSoJd3rkfEuZnZ7vov6ZqzsFFPD7DP7H159R9sn2/T/s+JXv2f3Fr/J3r0f6Z63Lubsf79n7u5BcX0lfb/nuvZ/12btDazI8v9v9Xnm0wuXKyU07rtkYg4GJNTaf7IA8o49vHzP/Tb1tn/S5e0/HZfMDuOmxNT936mVGgUHibmTreuRzw+0Sv+ZO38J336v2cGLKPx/ROf99u2fvzD1fws4qme5//vGW1Jx/zEqeianzjXuh7m2ldFt/yH0/v6lT/q+NPzv/vB8c8knfM16xsv46dP/ny537bNXv87kzda6Z3ZuquFRmPpSMTO5JXu9R1TSNv59v5p/AcPPLj+63X9p38Tnhsw/sVPvzy/+fiHK42/tKHzv/HEgZ+/6R1PM5ttvO75P9ZKHczWDFL/DXqAD/PdAQAAAAAAAAAAAAAAAAAAAAAAAMCgchGxN5Jcfi2dy+Xzd9/h/WjszlVq9cahC7XlS6VovSt7JiZz7SddTnc8D/VI9jz8dn7+vvzRiNgXETem/tfK54u1SmnUwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZk+f9/+nfp0a9dEBAEOza9QHAABsO+0/AIwf7T8AjB/tPwCMH+0/AIwf7T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDdub06XRp/n77WjHNl66sLC/WrhwuleuL+epyMV+sLV3OL9RqC5Vyvlirrvf7KrXa5fnjsXx1rlGuN+bqK6tnq7XlS42zF6uFhfLZ8uS2RAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1NfWV0sVCrlJQkJCYm1xKhrJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/h78CAAD//6LRHug=") r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x8010661b, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) linkat(r3, &(0x7f0000000180)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x0) bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @private=0xa010101}, 0x10) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x200000, {0x0, 0x0, 0x4a00, 0x0, 0x0, 0x10c}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r7}, @IFLA_ADDRESS={0xa, 0x1, @random="79cd7beb8750"}]}, 0x48}}, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) (async) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async) connect$unix(r0, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) (async) dup2(0xffffffffffffffff, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$TIPC_NL_MON_SET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x168, r2, 0x800, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x68, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xac}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x60ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}]}, @TIPC_NLA_LINK={0xbc, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb0}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x67}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xece}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x39b4}]}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x3ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4b}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x200}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}]}]}, 0x168}, 0x1, 0x0, 0x0, 0x8000}, 0x800) (async) syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nouid32}, {@mblk_io_submit}, {@i_version}]}, 0x1, 0x746, &(0x7f0000000f40)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulG5vWUkGkogcpVop689Bud7ehZLdbspvShIpWFMGTSPHsj5M3/wFRBL15FDx7kkKRUi+CsDLb2bjt7jabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJlupiYiTd/e7c/taMV2SaDZf/y1p7ZPmo+MzqT1Z5rGI+O79iEO57nLrK6uLhUqlvJTl5xrVy3P1ldXDF6uFhfJC+dL88WePzp+Yf+bE/JbF+sd7r54/9dVLX9x498dfXnvr1JNJnIy92bbOOLbKbMxm38lk+hXe48WtLmzEklEfAJuS3po77t7lsT+mY0crBQD8l70dEU0AYMwk2n8AGDPt/wO0x/aGMQ72T3brhYjY1Sv+iWzMbldrHHT3neSekZEkIma2oPzZiLj65gdfp0sMaRwSoJd3rkfEuZnZ7vov6ZqzsFFPD7DP7H159R9sn2/T/s+JXv2f3Fr/J3r0f6Z63Lubsf79n7u5BcX0lfb/nuvZ/12btDazI8v9v9Xnm0wuXKyU07rtkYg4GJNTaf7IA8o49vHzP/Tb1tn/S5e0/HZfMDuOmxNT936mVGgUHibmTreuRzw+0Sv+ZO38J336v2cGLKPx/ROf99u2fvzD1fws4qme5//vGW1Jx/zEqeianzjXuh7m2ldFt/yH0/v6lT/q+NPzv/vB8c8knfM16xsv46dP/ny537bNXv87kzda6Z3ZuquFRmPpSMTO5JXu9R1TSNv59v5p/AcPPLj+63X9p38Tnhsw/sVPvzy/+fiHK42/tKHzv/HEgZ+/6R1PM5ttvO75P9ZKHczWDFL/DXqAD/PdAQAAAAAAAAAAAAAAAAAAAAAAAMCgchGxN5Jcfi2dy+Xzd9/h/WjszlVq9cahC7XlS6VovSt7JiZz7SddTnc8D/VI9jz8dn7+vvzRiNgXETem/tfK54u1SmnUwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZk+f9/+nfp0a9dEBAEOza9QHAABsO+0/AIwf7T8AjB/tPwCMH+0/AIwf7T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDdub06XRp/n77WjHNl66sLC/WrhwuleuL+epyMV+sLV3OL9RqC5Vyvlirrvf7KrXa5fnjsXx1rlGuN+bqK6tnq7XlS42zF6uFhfLZ8uS2RAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1NfWV0sVCrlJQkJCYm1xKhrJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/h78CAAD//6LRHug=") (async) open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) (async) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x8010661b, 0x0) (async) socket$inet_mptcp(0x2, 0x1, 0x106) (async) linkat(r3, &(0x7f0000000180)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x0) (async) bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @private=0xa010101}, 0x10) (async) socket$netlink(0x10, 0x3, 0x0) (async) socket(0x200000000000011, 0x3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge0\x00'}) (async) sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x200000, {0x0, 0x0, 0x4a00, 0x0, 0x0, 0x10c}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r7}, @IFLA_ADDRESS={0xa, 0x1, @random="79cd7beb8750"}]}, 0x48}}, 0x0) (async) [ 74.596787][ T46] Bluetooth: hci0: command tx timeout [ 74.674470][ T5336] loop0: detected capacity change from 0 to 2048 [ 74.699482][ T5336] EXT4-fs: Ignoring removed mblk_io_submit option [ 74.702258][ T5336] EXT4-fs: Ignoring removed i_version option [ 74.781353][ T5336] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.879442][ T5337] ------------[ cut here ]------------ [ 74.881920][ T5337] WARNING: net/mptcp/subflow.c:1528 at subflow_data_ready+0x49b/0x7c0, CPU#0: syz.0.0/5337 [ 74.886205][ T5337] Modules linked in: [ 74.888160][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 74.892011][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.896522][ T5337] RIP: 0010:subflow_data_ready+0x49b/0x7c0 [ 74.899012][ T5337] Code: 48 0f b9 3a e9 c9 fc ff ff e8 d1 d5 77 f6 48 89 df 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6b 0e 00 00 e8 b6 d5 77 f6 90 <0f> 0b 90 e9 f2 fd ff ff 90 0f 0b 90 43 0f b6 04 2f 84 c0 0f 85 a1 [ 74.907389][ T5337] RSP: 0018:ffffc9000ba07720 EFLAGS: 00010293 [ 74.910107][ T5337] RAX: ffffffff8b49ec3a RBX: ffff888041024240 RCX: ffff888000c68000 [ 74.913373][ T5337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 74.916609][ T5337] RBP: 0000000000000000 R08: ffff88800026894f R09: 1ffff1100004d129 [ 74.920279][ T5337] R10: dffffc0000000000 R11: ffffed100004d12a R12: 0000000000000000 [ 74.923690][ T5337] R13: dffffc0000000000 R14: ffff888000268000 R15: 0000000000000000 [ 74.927422][ T5337] FS: 00007fe22ab406c0(0000) GS:ffff88808d22a000(0000) knlGS:0000000000000000 [ 74.931796][ T5337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.934640][ T5337] CR2: 00007fe22ab3ffc8 CR3: 000000001fd50000 CR4: 0000000000352ef0 [ 74.938045][ T5337] Call Trace: [ 74.939367][ T5337] [ 74.940722][ T5337] tcp_data_queue+0x1e14/0x5e30 [ 74.942912][ T5337] ? __pfx_tcp_data_queue+0x10/0x10 [ 74.945189][ T5337] ? __pfx_tcp_urg+0x10/0x10 [ 74.947102][ T5337] tcp_rcv_state_process+0x23ae/0x4530 [ 74.949532][ T5337] ? __pfx_tcp_rcv_state_process+0x10/0x10 [ 74.952287][ T5337] ? tcp_v6_connect+0x124b/0x18a0 [ 74.954393][ T5337] tcp_v6_do_rcv+0xbef/0x1ba0 [ 74.956495][ T5337] ? __pfx_tcp_v6_do_rcv+0x10/0x10 [ 74.958933][ T5337] __release_sock+0x1b8/0x3a0 [ 74.961240][ T5337] release_sock+0x5f/0x1f0 [ 74.963426][ T5337] mptcp_connect+0x5be/0x860 [ 74.965492][ T5337] __inet_stream_connect+0x298/0xf00 [ 74.967879][ T5337] ? __local_bh_enable_ip+0x12d/0x1c0 [ 74.970303][ T5337] ? __pfx___inet_stream_connect+0x10/0x10 [ 74.972786][ T5337] ? __local_bh_enable_ip+0x12d/0x1c0 [ 74.974982][ T5337] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 74.977393][ T5337] inet_stream_connect+0x66/0xa0 [ 74.979597][ T5337] __sys_connect+0x316/0x440 [ 74.981594][ T5337] ? __pfx___sys_connect+0x10/0x10 [ 74.983739][ T5337] ? rcu_is_watching+0x15/0xb0 [ 74.985826][ T5337] __x64_sys_connect+0x7a/0x90 [ 74.987864][ T5337] do_syscall_64+0xfa/0xf80 [ 74.989829][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.992337][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 74.994048][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.996344][ T5337] RIP: 0033:0x7fe229d8f7c9 [ 74.998219][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.006016][ T5337] RSP: 002b:00007fe22ab40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 75.009693][ T5337] RAX: ffffffffffffffda RBX: 00007fe229fe6090 RCX: 00007fe229d8f7c9 [ 75.012901][ T5337] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000003 [ 75.016318][ T5337] RBP: 00007fe229e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 75.019903][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.023335][ T5337] R13: 00007fe229fe6128 R14: 00007fe229fe6090 R15: 00007ffea32d21f8 [ 75.026785][ T5337] [ 75.028600][ T5337] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 75.031844][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 75.035601][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.040288][ T5337] Call Trace: [ 75.041759][ T5337] [ 75.043034][ T5337] dump_stack_lvl+0x99/0x250 [ 75.045102][ T5337] ? __asan_memcpy+0x40/0x70 [ 75.047129][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.049368][ T5337] ? __pfx__printk+0x10/0x10 [ 75.051490][ T5337] vpanic+0x237/0x6d0 [ 75.053231][ T5337] ? __pfx_vpanic+0x10/0x10 [ 75.055152][ T5337] ? is_bpf_text_address+0x292/0x2b0 [ 75.057418][ T5337] ? is_bpf_text_address+0x26/0x2b0 [ 75.059807][ T5337] panic+0xb9/0xc0 [ 75.061506][ T5337] ? __pfx_panic+0x10/0x10 [ 75.063453][ T5337] __warn+0x317/0x4b0 [ 75.065226][ T5337] ? subflow_data_ready+0x49b/0x7c0 [ 75.067432][ T5337] ? subflow_data_ready+0x49b/0x7c0 [ 75.069747][ T5337] __report_bug+0x288/0x500 [ 75.071708][ T5337] ? subflow_data_ready+0x49b/0x7c0 [ 75.073955][ T5337] ? __pfx___report_bug+0x10/0x10 [ 75.076005][ T5337] ? mptcp_subflow_data_available+0x300f/0x3a20 [ 75.078662][ T5337] ? subflow_data_ready+0x49b/0x7c0 [ 75.080941][ T5337] report_bug+0x16a/0x220 [ 75.082898][ T5337] ? subflow_data_ready+0x49b/0x7c0 [ 75.085213][ T5337] ? subflow_data_ready+0x49d/0x7c0 [ 75.087526][ T5337] handle_bug+0x98/0x200 [ 75.089535][ T5337] exc_invalid_op+0x1a/0x50 [ 75.091500][ T5337] asm_exc_invalid_op+0x1a/0x20 [ 75.093638][ T5337] RIP: 0010:subflow_data_ready+0x49b/0x7c0 [ 75.096210][ T5337] Code: 48 0f b9 3a e9 c9 fc ff ff e8 d1 d5 77 f6 48 89 df 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6b 0e 00 00 e8 b6 d5 77 f6 90 <0f> 0b 90 e9 f2 fd ff ff 90 0f 0b 90 43 0f b6 04 2f 84 c0 0f 85 a1 [ 75.104402][ T5337] RSP: 0018:ffffc9000ba07720 EFLAGS: 00010293 [ 75.107039][ T5337] RAX: ffffffff8b49ec3a RBX: ffff888041024240 RCX: ffff888000c68000 [ 75.110598][ T5337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 75.114219][ T5337] RBP: 0000000000000000 R08: ffff88800026894f R09: 1ffff1100004d129 [ 75.117712][ T5337] R10: dffffc0000000000 R11: ffffed100004d12a R12: 0000000000000000 [ 75.121354][ T5337] R13: dffffc0000000000 R14: ffff888000268000 R15: 0000000000000000 [ 75.124859][ T5337] ? subflow_data_ready+0x49a/0x7c0 [ 75.127270][ T5337] tcp_data_queue+0x1e14/0x5e30 [ 75.129486][ T5337] ? __pfx_tcp_data_queue+0x10/0x10 [ 75.131765][ T5337] ? __pfx_tcp_urg+0x10/0x10 [ 75.133868][ T5337] tcp_rcv_state_process+0x23ae/0x4530 [ 75.136382][ T5337] ? __pfx_tcp_rcv_state_process+0x10/0x10 [ 75.138789][ T5337] ? tcp_v6_connect+0x124b/0x18a0 [ 75.141021][ T5337] tcp_v6_do_rcv+0xbef/0x1ba0 [ 75.142916][ T5337] ? __pfx_tcp_v6_do_rcv+0x10/0x10 [ 75.144986][ T5337] __release_sock+0x1b8/0x3a0 [ 75.146910][ T5337] release_sock+0x5f/0x1f0 [ 75.148926][ T5337] mptcp_connect+0x5be/0x860 [ 75.150996][ T5337] __inet_stream_connect+0x298/0xf00 [ 75.153331][ T5337] ? __local_bh_enable_ip+0x12d/0x1c0 [ 75.155669][ T5337] ? __pfx___inet_stream_connect+0x10/0x10 [ 75.158137][ T5337] ? __local_bh_enable_ip+0x12d/0x1c0 [ 75.160542][ T5337] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 75.163027][ T5337] inet_stream_connect+0x66/0xa0 [ 75.165313][ T5337] __sys_connect+0x316/0x440 [ 75.167303][ T5337] ? __pfx___sys_connect+0x10/0x10 [ 75.169698][ T5337] ? rcu_is_watching+0x15/0xb0 [ 75.171833][ T5337] __x64_sys_connect+0x7a/0x90 [ 75.173885][ T5337] do_syscall_64+0xfa/0xf80 [ 75.175853][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.178426][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 75.180583][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.183226][ T5337] RIP: 0033:0x7fe229d8f7c9 [ 75.185276][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.193756][ T5337] RSP: 002b:00007fe22ab40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 75.197392][ T5337] RAX: ffffffffffffffda RBX: 00007fe229fe6090 RCX: 00007fe229d8f7c9 [ 75.200625][ T5337] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000003 [ 75.203915][ T5337] RBP: 00007fe229e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 75.207528][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.211162][ T5337] R13: 00007fe229fe6128 R14: 00007fe229fe6090 R15: 00007ffea32d21f8 [ 75.214779][ T5337] [ 75.216581][ T5337] Kernel Offset: disabled [ 75.218545][ T5337] Rebooting in 86400 seconds..