Warning: Permanently added '10.128.0.44' (ED25519) to the list of known hosts. 2024/04/23 18:30:19 fuzzer started 2024/04/23 18:30:20 dialing manager at 10.128.0.169:30012 [ 158.383563][ T5026] cgroup: Unknown subsys name 'net' [ 158.607016][ T5026] cgroup: Unknown subsys name 'rlimit' 2024/04/23 18:31:06 code coverage: enabled 2024/04/23 18:31:06 comparison tracing: enabled 2024/04/23 18:31:06 extra coverage: enabled 2024/04/23 18:31:06 delay kcov mmap: enabled 2024/04/23 18:31:06 setuid sandbox: enabled 2024/04/23 18:31:06 namespace sandbox: enabled 2024/04/23 18:31:06 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/23 18:31:06 fault injection: enabled 2024/04/23 18:31:06 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/23 18:31:06 net packet injection: enabled 2024/04/23 18:31:06 net device setup: enabled 2024/04/23 18:31:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/23 18:31:06 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/23 18:31:06 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/23 18:31:06 USB emulation: enabled 2024/04/23 18:31:06 hci packet injection: enabled 2024/04/23 18:31:06 wifi device emulation: enabled 2024/04/23 18:31:06 802.15.4 emulation: enabled 2024/04/23 18:31:06 swap file: enabled [ 204.006700][ T5026] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 204.028020][ T5026] syz-executor (5026) used greatest stack depth: 4848 bytes left 2024/04/23 18:31:07 starting 5 executor processes [ 205.798715][ T5043] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 205.834551][ T5046] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 205.843708][ T5046] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 205.853565][ T5046] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 205.883269][ T5046] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 205.895235][ T5046] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 205.910653][ T5048] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 205.929899][ T5048] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 205.936034][ T49] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 205.946744][ T5048] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 205.957068][ T49] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 205.969456][ T4406] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 206.290954][ T5043] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 206.304865][ T4406] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 206.314701][ T4406] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 206.327958][ T4406] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 206.339216][ T4406] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 206.348541][ T4406] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 206.375571][ T4406] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 206.437755][ T49] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 206.447814][ T49] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 206.462578][ T49] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 206.474657][ T49] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 206.483919][ T49] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 206.601125][ T4406] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 206.623446][ T5043] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 206.638245][ T5048] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 206.673047][ T5048] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 206.714143][ T5048] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 206.794057][ T5048] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 207.476098][ T5045] chnl_net:caif_netlink_parms(): no params data found [ 207.641551][ T5040] chnl_net:caif_netlink_parms(): no params data found [ 207.706981][ T5051] chnl_net:caif_netlink_parms(): no params data found [ 208.062830][ T5048] Bluetooth: hci1: command tx timeout [ 208.068489][ T5048] Bluetooth: hci0: command tx timeout [ 208.325772][ T5055] chnl_net:caif_netlink_parms(): no params data found [ 208.374396][ T5052] chnl_net:caif_netlink_parms(): no params data found [ 208.473504][ T5048] Bluetooth: hci2: command tx timeout [ 208.707199][ T5048] Bluetooth: hci3: command tx timeout [ 208.853058][ T5048] Bluetooth: hci4: command tx timeout [ 208.912892][ T5045] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.920613][ T5045] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.928545][ T5045] bridge_slave_0: entered allmulticast mode [ 208.937641][ T5045] bridge_slave_0: entered promiscuous mode [ 208.949736][ T5051] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.957551][ T5051] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.965368][ T5051] bridge_slave_0: entered allmulticast mode [ 208.974261][ T5051] bridge_slave_0: entered promiscuous mode [ 209.030396][ T5051] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.038846][ T5051] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.046817][ T5051] bridge_slave_1: entered allmulticast mode [ 209.056014][ T5051] bridge_slave_1: entered promiscuous mode [ 209.074382][ T5045] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.082751][ T5045] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.090605][ T5045] bridge_slave_1: entered allmulticast mode [ 209.100136][ T5045] bridge_slave_1: entered promiscuous mode [ 209.110535][ T5040] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.118403][ T5040] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.126327][ T5040] bridge_slave_0: entered allmulticast mode [ 209.135459][ T5040] bridge_slave_0: entered promiscuous mode [ 209.217203][ T5040] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.227267][ T5040] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.235187][ T5040] bridge_slave_1: entered allmulticast mode [ 209.244108][ T5040] bridge_slave_1: entered promiscuous mode [ 209.463502][ T5045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.486521][ T5051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.506995][ T5045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.548187][ T5055] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.556377][ T5055] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.564289][ T5055] bridge_slave_0: entered allmulticast mode [ 209.573265][ T5055] bridge_slave_0: entered promiscuous mode [ 209.623472][ T5051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.704223][ T5040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.714996][ T5055] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.724618][ T5055] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.732276][ T5055] bridge_slave_1: entered allmulticast mode [ 209.740166][ T5055] bridge_slave_1: entered promiscuous mode [ 209.814864][ T5051] team0: Port device team_slave_0 added [ 209.831159][ T5040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.874832][ T5045] team0: Port device team_slave_0 added [ 209.916935][ T5051] team0: Port device team_slave_1 added [ 209.924943][ T5052] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.932689][ T5052] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.940345][ T5052] bridge_slave_0: entered allmulticast mode [ 209.949481][ T5052] bridge_slave_0: entered promiscuous mode [ 210.058615][ T5045] team0: Port device team_slave_1 added [ 210.074997][ T5055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.115427][ T5052] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.123351][ T5052] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.131042][ T5052] bridge_slave_1: entered allmulticast mode [ 210.142598][ T5052] bridge_slave_1: entered promiscuous mode [ 210.143510][ T5048] Bluetooth: hci0: command tx timeout [ 210.154388][ T5048] Bluetooth: hci1: command tx timeout [ 210.166852][ T5040] team0: Port device team_slave_0 added [ 210.183841][ T5040] team0: Port device team_slave_1 added [ 210.231460][ T5055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.420325][ T5051] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.427695][ T5051] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.455227][ T5051] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.538755][ T5048] Bluetooth: hci2: command tx timeout [ 210.549259][ T5045] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.558958][ T5045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.585194][ T5045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.630902][ T5051] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.639293][ T5051] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.666777][ T5051] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.688002][ T5052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.699797][ T5040] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.707199][ T5040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.733402][ T5040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.750571][ T5045] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.757918][ T5045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.784226][ T5045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.793164][ T5048] Bluetooth: hci3: command tx timeout [ 210.816548][ T5055] team0: Port device team_slave_0 added [ 210.845130][ T5055] team0: Port device team_slave_1 added [ 210.863061][ T5052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.905416][ T5040] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.912895][ T5040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.939203][ T5040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.942441][ T5048] Bluetooth: hci4: command tx timeout [ 211.191017][ T5055] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.199525][ T5055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.227090][ T5055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.246806][ T5052] team0: Port device team_slave_0 added [ 211.327179][ T5045] hsr_slave_0: entered promiscuous mode [ 211.336572][ T5045] hsr_slave_1: entered promiscuous mode [ 211.359423][ T5040] hsr_slave_0: entered promiscuous mode [ 211.368236][ T5040] hsr_slave_1: entered promiscuous mode [ 211.376804][ T5040] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 211.384807][ T5040] Cannot create hsr debugfs directory [ 211.397536][ T5052] team0: Port device team_slave_1 added [ 211.443241][ T5055] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.450401][ T5055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.476816][ T5055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.526282][ T5051] hsr_slave_0: entered promiscuous mode [ 211.535909][ T5051] hsr_slave_1: entered promiscuous mode [ 211.546355][ T5051] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 211.554264][ T5051] Cannot create hsr debugfs directory [ 211.755743][ T5052] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.763149][ T5052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.789476][ T5052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.913313][ T5052] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.920497][ T5052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.947473][ T5052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.097994][ T5055] hsr_slave_0: entered promiscuous mode [ 212.106780][ T5055] hsr_slave_1: entered promiscuous mode [ 212.117286][ T5055] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 212.125135][ T5055] Cannot create hsr debugfs directory [ 212.211933][ T5048] Bluetooth: hci0: command tx timeout [ 212.212826][ T49] Bluetooth: hci1: command tx timeout [ 212.556005][ T5052] hsr_slave_0: entered promiscuous mode [ 212.566059][ T5052] hsr_slave_1: entered promiscuous mode [ 212.574812][ T5052] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 212.584908][ T5052] Cannot create hsr debugfs directory [ 212.617301][ T49] Bluetooth: hci2: command tx timeout [ 212.857530][ T49] Bluetooth: hci3: command tx timeout [ 213.033386][ T49] Bluetooth: hci4: command tx timeout [ 213.169313][ T5051] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 213.197508][ T5051] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 213.264400][ T5051] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 213.299253][ T5051] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 213.442050][ T5045] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 213.510219][ T5045] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 213.541453][ T5045] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 213.582813][ T5045] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 213.688576][ T5040] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 213.740704][ T5040] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 213.811252][ T5040] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 213.901399][ T5055] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 213.927714][ T5040] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 213.978541][ T5055] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 214.084034][ T5055] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 214.115065][ T5055] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 214.227150][ T5052] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 214.265175][ T5052] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 214.292601][ T49] Bluetooth: hci1: command tx timeout [ 214.298254][ T49] Bluetooth: hci0: command tx timeout [ 214.354947][ T5052] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 214.415024][ T5052] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 214.694042][ T49] Bluetooth: hci2: command tx timeout [ 214.716765][ T5051] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.950875][ T5045] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.951871][ T49] Bluetooth: hci3: command tx timeout [ 215.095947][ T49] Bluetooth: hci4: command tx timeout [ 215.109575][ T5051] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.155305][ T5045] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.186851][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.194707][ T5090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.301862][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.309544][ T5090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.326534][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.334303][ T5090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.354240][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.362018][ T5090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.393847][ T5055] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.579587][ T5040] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.739212][ T5055] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.923018][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.930703][ T5090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.962929][ T5040] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.011395][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.019207][ T5090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.119981][ T5052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.140349][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.148202][ T5090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.164113][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.171914][ T5090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.273860][ T5052] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.402597][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.410437][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.579547][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.587345][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.763881][ T5040] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 216.818761][ T5055] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 216.829657][ T5055] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 217.828207][ T5045] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.899706][ T5051] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.371526][ T5045] veth0_vlan: entered promiscuous mode [ 218.470126][ T5051] veth0_vlan: entered promiscuous mode [ 218.504129][ T5045] veth1_vlan: entered promiscuous mode [ 218.598516][ T5051] veth1_vlan: entered promiscuous mode [ 218.755751][ T5040] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.955864][ T5045] veth0_macvtap: entered promiscuous mode [ 218.976764][ T5055] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.016861][ T5051] veth0_macvtap: entered promiscuous mode [ 219.056995][ T5045] veth1_macvtap: entered promiscuous mode [ 219.124152][ T5051] veth1_macvtap: entered promiscuous mode [ 219.148296][ T1218] ieee802154 phy0 wpan0: encryption failed: -22 [ 219.154215][ T5052] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.155057][ T1218] ieee802154 phy1 wpan1: encryption failed: -22 [ 219.277521][ T5045] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.393076][ T5051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.404623][ T5051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.422430][ T5051] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.477298][ T5045] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.505954][ T5051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 219.516942][ T5051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.531911][ T5051] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.619901][ T5045] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.630434][ T5045] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.639671][ T5045] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.648814][ T5045] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.745681][ T5051] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.755138][ T5051] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.764370][ T5051] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.773503][ T5051] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.913357][ T5040] veth0_vlan: entered promiscuous mode [ 219.964436][ T5052] veth0_vlan: entered promiscuous mode [ 220.037813][ T5040] veth1_vlan: entered promiscuous mode [ 220.098902][ T5052] veth1_vlan: entered promiscuous mode [ 220.469127][ T5040] veth0_macvtap: entered promiscuous mode [ 220.536707][ T5052] veth0_macvtap: entered promiscuous mode [ 220.578094][ T5040] veth1_macvtap: entered promiscuous mode [ 220.614136][ T5052] veth1_macvtap: entered promiscuous mode [ 220.780405][ T5040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.791316][ T5040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.802752][ T5040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.814462][ T5040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.829521][ T5040] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.904175][ T5052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.915589][ T5052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.925778][ T5052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.937626][ T5052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.947773][ T5052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.958527][ T5052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.973675][ T5052] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.090033][ T5040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.103989][ T5040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.115162][ T5040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.125981][ T5040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.141107][ T5040] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.176713][ T5052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.188987][ T5052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.200301][ T5052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.212408][ T5052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.223911][ T5052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.236052][ T5052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.256572][ T5052] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.329083][ T5040] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.342068][ T5040] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.351133][ T5040] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.362527][ T5040] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.527472][ T5052] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.536642][ T5052] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.545901][ T5052] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.555041][ T5052] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.908593][ T5055] veth0_vlan: entered promiscuous mode [ 222.057104][ T5055] veth1_vlan: entered promiscuous mode [ 222.427868][ T5055] veth0_macvtap: entered promiscuous mode [ 222.473880][ T5055] veth1_macvtap: entered promiscuous mode [ 222.725166][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.736057][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.746334][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.757215][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.767495][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.781959][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.793785][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.804729][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.819721][ T5055] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 223.109321][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.120996][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.131306][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.142216][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.152434][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.163359][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.175828][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.187552][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.202692][ T5055] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 223.457272][ T5055] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.467304][ T5055] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.476710][ T5055] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.485958][ T5055] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.370142][ T4462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.379570][ T4462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.538741][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.547485][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.881744][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.889895][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 2: openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x162e02, 0x0) r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) [ 227.086390][ T2456] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.096336][ T2456] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 1: inotify_init1(0x0) inotify_init1(0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4affeeaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x0) executing program 2: r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0xa, 0x2, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x1c, 0x2, 0x0, 0x1, {{0x8}, {0x8}, [@IFLA_GTP_FD1={0x8, 0x2, r2}]}}}}]}, 0x48}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 227.705254][ T5215] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list executing program 1: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000000)=@newtaction={0x60, 0x30, 0x53b, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_simple={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x15, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0) executing program 2: r0 = open(&(0x7f0000000140)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x7800007, 0x12, r0, 0x0) r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r1, 0x81fd) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r2 = io_uring_setup(0x6370, &(0x7f00000001c0)) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) [ 228.216511][ T5223] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 228.227121][ T5223] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 228.237620][ T5223] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. [ 228.283174][ T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.291241][ T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 2: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x5}, 0x8) [ 228.542103][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.550181][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 1: r0 = syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0) mmap$snddsp_control(&(0x7f0000000000/0x3000)=nil, 0x1000, 0x1, 0x11, r0, 0x82000000) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af14, &(0x7f0000000040)) [ 228.689658][ T4462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.700545][ T4462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 3: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0xb, 0x0, &(0x7f00000000c0)=0x24) [ 228.927619][ T2456] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.935806][ T2456] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 2: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0xa, 0x0, 0x1, 0x80, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x4}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@alu={0x4, 0x0, 0x7, 0x7, 0x3, 0xc}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0xc7}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) r2 = open(&(0x7f0000000180)='./bus\x00', 0xcc27e, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x1fe) write$binfmt_script(r3, &(0x7f0000000a80)={'#! ', './file0'}, 0xb) close(r3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff3, 0x13, r2, 0x0) fallocate(r2, 0x0, 0x0, 0x1008004) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000000)={0x8}) fcntl$getownex(r2, 0x10, &(0x7f0000000080)) write$cgroup_int(r2, &(0x7f0000000080)=0x4, 0x12) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) accept(0xffffffffffffffff, 0x0, 0x0) executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x1000000}]}]}}, 0x0, 0x32, 0x0, 0x1}, 0x20) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)="975f7fc128ae3b12a2e0898fb18a7d91f5a892b3e273d75ee57c3038d4d800786ab9cb964869ee4181d13637190f6b63f06e2fc727f5ed604299ec8afe5beca022b48628f7364c0ebb24845da17ba4cc1cded246aea8cec80af6a9a4867318359c5ede7691d3fbd4599e1fb9cbbb688589f91a35d6c07184e81d2a7fb7c830649d668d3699326297aeb7c2ee58d2db4e8f2c15eb6db04a0091d0ad9c3ae85c4f28346b148f20ee18038a9f4940e16d1da2c34a94f1469a096333afbc4aa41ba80920b90c4f53bc8b07ed68fb86f32528a16dc8d1dbfaccb7c6b1aa38d4b68f9739a82c5bee254c3da039e1309b6b5df91e71f07ae7f513d3a0283954828dfe5a93d7ff70cd24ade1de28551de21de7e8da7374dff4369984e5aa4778f8abcb1ed690b6085123cccbb46f36c41f9e302093f4eaf707a939bf30f2e1db0c65f8caa3a5abe0a25e7f59911ccc0ce0b6c61e7564f2475b4586bfcfe255ce6f3264228f04fc85a1628970e51260140c2c56696820a9615542390f016fb5a9bff2d0b44966b17010c1dee5cee5a2934a5ece0eade3fe165eecc943f050eeab244274818f2148f1176c034f88110db7cf8fdc9b3a480ee42e396df867052731998f4ccf485fbf12424f30bf62e80ea371630537c8c7ae0a3c0d396871f1ba111ef8e7fa92439a798a5079092ca01ff1ea7fb32bfcfdb5069172db694bed5ab57e5ffe8b597e16c36ae8416d6f4d7d8f7ffadbb6a4a7ca2a057dac0b10e937a127ee674912f7baa109e634316b935b15c3bd2256dffe219e8d2acc67fa013dfa03489323479b03256c676c9116cc7de9834403331b81373c4c54e7fbd017dabcc6118e5e7df5251af59658289f59720658edc35acb22b8dff878c16eec154a35ec0ca5c12234b6f1cb4384bbe137a7cfb82b56c123792dd966fe22207fba70a1ef36fef1c3340cf54caafa856775ae8f26c80f90606168f699e6340e4631b5932be8c478fa18bfa0b8290ec69786bff2ed0115d5c8629495d2b3d319dd8d67c56ba2c7a39e56fe483d9ea4e71f34df12e3fa477626a82f0729d5510bdada3c5ad947cedb5f681144267f8adff3eb379a97eb7ca14ea413070905f1a4a11e0ac8349aa3e5d75db31a7ec209b3f879e4be954d1609b6dac8969cd59dfbe215cc2fcb53555cff0c5910c3da686da1dc32d8656142b1943816eb1b803b0cba5021ff76819f960b1af20461fa36c6242634bdd9aefa69d2f2d41a518f1b3ed3e7d16ab1240c9aea812a0902c54476de23da69d31d2c38b60d2bbe9a0403b4adc313b334b1f6f966ce59cf37e657b33c4bc75057b5557456b57b673ad369ca68bd431ec18beb9e955de7095923561a20a646c1c081522d99a37a14e3f2390f354c2f7ee5beb65f3b79d3a557b199a1ff7f20b2233ab075879c6c5c3407e195370de00354587bd6"}) rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8) r1 = gettid() rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8) timer_create(0x0, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r1}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$FOU_CMD_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_PEER_PORT={0x6}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}]}, 0x2c}}, 0x0) executing program 3: inotify_init1(0x0) inotify_init1(0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4affeeaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x0) [ 229.653382][ T28] audit: type=1800 audit(1713897092.115:2): pid=5241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1954 res=0 errno=0 [ 229.677995][ T5241] process 'syz-executor.2' launched './file1' with NULL argv: empty string added executing program 0: setitimer(0x0, &(0x7f0000000580)={{}, {0x6}}, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r0) r1 = inotify_init1(0x0) fcntl$setstatus(r0, 0x4, 0x2c00) r2 = gettid() fcntl$setown(r0, 0x8, r2) fcntl$setsig(r1, 0xa, 0xe) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8) inotify_add_watch(r1, &(0x7f0000000180)='./control\x00', 0xa4000960) rmdir(&(0x7f0000000100)='./control\x00') executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r2 = socket(0x1e, 0x5, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) listen(r2, 0x0) r3 = socket(0x1e, 0x805, 0x0) sendmsg$tipc(r3, &(0x7f0000000080)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000}, 0x1c) accept4$inet6(r2, 0x0, 0x0, 0x0) sendmsg$tipc(r3, &(0x7f0000000640)={&(0x7f0000000300), 0x10, &(0x7f0000000500)=[{&(0x7f0000000340)='Z', 0x1}], 0x1}, 0x0) [ 230.582943][ T5097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.591036][ T5097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.803636][ T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.811985][ T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 executing program 3: syz_usb_connect$hid(0xf0faa75b50e5de1a, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000106a056500000000ecff00090224000100000000090404fe010300000009210600050122070009058103d7030000005ba216bf7e2eabcee59be9a31c2ef04aa1a001d1d8c0eb791f9b6ff0710450a0b9895a424946e1ef9eaa3b0cd60f9b504271e477c499e8"], 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010000a000090400000103010100092100080001220100090581", @ANYRES64], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000080)={0x7b, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0}) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r1, &(0x7f0000000000)={&(0x7f0000000340)={0xa, 0x4e24, 0x1000000080000, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f0000000280)=[@hopopts_2292={{0x18}}, @flowinfo={{0x14, 0x29, 0xb, 0x80000001}}], 0x30}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) syz_usb_control_io(r0, 0x0, &(0x7f0000000b40)={0x84, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000380)={0x34, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x20, 0x0, 0x4, {0x2, "2eae"}}, 0x0, 0x0}) r2 = syz_usb_connect(0x0, 0x1c, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x25, 0x32, 0x8b, 0x20, 0x19d2, 0x170, 0x1238, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0xff, 0xff, 0xfc}}]}}]}}, 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_open_dev$evdev(0x0, 0x100000001, 0x18001) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/221) executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x41, 0x3, 0x2a0, 0x138, 0xa, 0x9a000000, 0x0, 0x0, 0x208, 0x1f0, 0x1f0, 0x208, 0x1f0, 0x3, 0x0, {[{{@ip={@private, @remote, 0x0, 0x0, 'wlan1\x00', 'wg1\x00'}, 0x0, 0xd8, 0x138, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@connbytes={{0x38}, {[], 0x0, 0x5}}, @common=@inet=@tcp={{0x30}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x300) [ 231.462001][ T7] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 231.734744][ T7] usb 4-1: Using ep0 maxpacket: 32 [ 231.862434][ T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 231.874197][ T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 231.885971][ T7] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 231.906754][ T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.025262][ T7] usb 4-1: config 0 descriptor?? [ 232.044621][ T5261] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 232.113085][ T7] hub 4-1:0.0: USB hub found executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_linger(r1, 0x1, 0xd, 0xfffffffffffffffd, &(0x7f0000000200)) connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000)) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4) sendmmsg$inet(r0, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000700)="a8", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000480)="ec", 0x1}], 0x1}}], 0x2, 0x4004441) [ 232.337137][ T7] hub 4-1:0.0: 2 ports detected executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r0}, 0x48) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x4}, 0x38) executing program 1: r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0xa, 0x2, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x1c, 0x2, 0x0, 0x1, {{0x8}, {0x8}, [@IFLA_GTP_FD1={0x8, 0x2, r2}]}}}}]}, 0x48}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$FOU_CMD_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_PEER_PORT={0x6}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}]}, 0x2c}}, 0x0) executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x30}, 0x0) sendmmsg$inet_sctp(r0, &(0x7f0000000080)=[{&(0x7f0000000180)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, &(0x7f0000562000), 0x0, &(0x7f00000c3000)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x241}}], 0x20}], 0x4924924924924d0, 0x0) executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x8, 0xb, &(0x7f0000000040)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0x8, 0xa}}]}, &(0x7f0000000400)='GPL\x00', 0x6, 0xcf, &(0x7f0000000740)=""/207}, 0x90) executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000010000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) r3 = gettid() fcntl$setown(r2, 0x8, r3) readv(r2, &(0x7f0000000240)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1) executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000d40)='./file0\x00', 0x40c2, 0x0) r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r5 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000, &(0x7f0000000680)={0x0, 0x3938700}) capget(&(0x7f0000000440), 0x0) r6 = getpid() r7 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r7, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x9, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @local}}}, 0x108) setsockopt$inet6_group_source_req(r7, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}}, {{0xa, 0x0, 0x0, @empty, 0xfffffffc}}}, 0x108) r8 = socket$inet6(0xa, 0x2, 0x3a) sendto$inet6(r8, &(0x7f00000005c0)="800037e91708a1ce", 0x8, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18003f00000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70b00000000000085000000710000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000003c0), 0x2950b0, &(0x7f00000006c0)=ANY=[@ANYBLOB="b7d8ffc4d4c9b0140e74690206e14460e13510205be8d25440001eea889b9401fb5effe0210200000000000000007f638ead91c77c0daae7524faf7bcf40cbf18b9e1044acf847727bd96dc09ede4340940df0778793bfc1ed9d376fc58ec218e23b2e2d4c802984bc6d3b652544f7f039db5c65a6faffffffffffffffd94aef72d0d0fec1caef96406aecd7421f7d1850b7d2a329630ad3776739be5eec5fcd1cd4b564e0830be847836310ba26873c5bc2a1afa45183ea348c0255b0ddd138d20d35d19d580c4eea54960bcb1bfccb638ca0ab08ed9013d6ce", @ANYBLOB="e329ef6d746d6f6465", @ANYRESDEC=0x0, @ANYRES8=r8, @ANYRES64=r2, @ANYBLOB=',default_permissions,fsmagic=0x000000000000', @ANYRESDEC, @ANYRESDEC=r9]) setreuid(0xee01, 0xee00) ptrace(0x3f, r6) r10 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r10, 0x0, 0xee01) fallocate(r5, 0x0, 0x80000, 0x4103fe) sendfile(r3, r4, 0x0, 0xffffffff054) sendmsg$nl_route(r5, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=@getrule={0x14, 0x22, 0x220, 0x70bd2d, 0x25dfdbfc, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) [ 234.450614][ T5261] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 234.468581][ T5261] misc raw-gadget: fail, usb_gadget_register_driver returned -16 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r2 = socket(0x1e, 0x5, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) listen(r2, 0x0) r3 = socket(0x1e, 0x805, 0x0) sendmsg$tipc(r3, &(0x7f0000000080)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000}, 0x1c) accept4$inet6(r2, 0x0, 0x0, 0x0) sendmsg$tipc(r3, &(0x7f0000000640)={&(0x7f0000000300), 0x10, &(0x7f0000000500)=[{&(0x7f0000000340)='Z', 0x1}], 0x1}, 0x0) [ 234.909405][ T28] audit: type=1800 audit(1713897096.525:3): pid=5280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=1965 res=0 errno=0 [ 234.934377][ T28] audit: type=1804 audit(1713897096.535:4): pid=5280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1606688838/syzkaller.ParS7C/7/file0" dev="sda1" ino=1965 res=1 errno=0 [ 234.961039][ T28] audit: type=1804 audit(1713897096.535:5): pid=5280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1606688838/syzkaller.ParS7C/7/file0" dev="sda1" ino=1965 res=1 errno=0 [ 235.213078][ T24] usb 4-1: USB disconnect, device number 2 executing program 0: capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0xc6}, @exit], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x80) executing program 3: r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0xa, 0x2, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x1c, 0x2, 0x0, 0x1, {{0x8}, {0x8}, [@IFLA_GTP_FD1={0x8, 0x2, r2}]}}}}]}, 0x48}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x0, 0x0) r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x0, 0x1}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) linkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0) [ 236.112899][ T5287] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000400)={{{@in=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x6c}, 0x0, @in=@empty}}, 0xe8) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) executing program 0: syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) r1 = dup(r0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) executing program 1: syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000140)='./file1\x00', 0x3000c00, &(0x7f0000000200)=ANY=[], 0x1, 0x654, &(0x7f0000000a40)="$eJzs3c9vHGf9B/D3rje2N99+UzdN2hRVitVIgLBI/EMumAsBIeRDhapy4GwlTmNlkxbbRW6FqMvPaw/5A8rBN05I3COVCxe49epjJQSXXjCnRTM7a29tr38Ux2uX1yuafZ6ZZ+Z5Ps9nZ3Z214o2wP+s+Yk0nqSW+YnX1or1zY2Z1ubGzMNuPclIknrS6BSp/avdbn+c3E5nyUvFxqq7Wr9xHi/NvfHJZ5ufdtYa1VLuXz/ouKNZr5aMJxmqypPq785h/Y0e1l1te4ZFwm50EweDdiFJu/SPx50tP/3LM9stPZr7HX3omQ+cA7XOfXOPseRidaEX7wM6d8XOPftcWx90AAAAAHAKnt3KVtZyadBxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHlS/f5/rVrq3fp4at3f/x+utqWqny3Xj7f7k6cVBwAAAAAAAACcoutb2cpaLnXX27Xyb/6vlCtXysf/yztZyWKWczNrWchqVrOcqSRjPR0Nry2sri5PHeHI6X2PnD4k0JGqbJ7MvAEAAAAAAADgS+aXmd/5+z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJwFtWSoU5TLlW59LPVGktEkw8V+68nfuvXz7MmgAwAAAIBT8OxWtrKWS931dq38zP9C+bl/NO/kUVazlNW0spi75XcBnU/99c2NmdbmxszDYtnb7/f+eawwyh7T+e5h/5GvlXs0cy9L5ZabuZO30srd1MsjC9e68ewf1wdFTLXvVo4Y2d2qLGb+YVXu8f6xJtvPMb9MGSszcmE7I5NVbEU2njs4E8d8dnaPNJX6drBXdo20axJfKOcXq7KYz2/75Xwgdmdiuufse+HgnCdf+9MffnK/9ejB/XsrE2dnSgdbr8qhqmyXj829mZjpycSLX8ZM9DVZZuLq9vp8fpgfZyLjeT3LWcrPspDVLGY8PyhrC9X5XOu55Ptk6vbn1l4/LJLh6gztPFnHi+mV8thLWcqP8lbuZjGvlv+mM5VvZTazmet5hq8e4ZW23ueqb///vsHf+HpVaSb5XVWeDUVen+vJa+9r7ljZ1rtlJ0uXT/5+1PhKVSnG+FVVng27MzHVk4nnD87E78uXlZXWowfL9xfePtpwlz+sKsV19JszdZcozpfLxZNVrn3+7Cjant+3bapsu7LdVt/TdnW7rXOlrve9Uoer93B7e5ou217ct22mbLvW07bf+y0AzryL37g43Px786/Nj5q/bt5vvjb6/ZFvj7w8nAt/vvCdxuTQV+sv1/6Yj/KLnc//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF7fy7nsPFlqtxeVdlXa7/X6fpvNc6f6c2SkO+tIzyaCmPJzkbGT+3+12u9pSOwvxHFxpF0bSfupjNZLs13S9d8sHAzl/BvzCBDx1t1Yfvn1r5d33vrn0cOHNxTcXH83Nzs5Nzs2+OnPr3lJrcbLzOOgogadh56Y/6EgAAAAAAAAAAACAozqZ/zPQTNJ/n/6jj57mVAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBzan4ijSepZWry5mSxvrkx0yqWbn1nz0aSepLaz5Pax8ntdJaM9XRX6zfO46W5Nz75bPPTnb4a3f3rBx13NOvVkvEkQ1V5Uv3d+a/7q23PsEjYjW7iYND+EwAA//9nMgTf") mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file1\x00', 0x0, 0x101a000, 0x0) executing program 3: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='smaps_rollup\x00') preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/92, 0x5c}], 0x1, 0x0, 0x0) [ 237.473179][ T5298] loop1: detected capacity change from 0 to 1024 [ 237.957876][ T5045] ===================================================== [ 237.965617][ T5045] BUG: KMSAN: uninit-value in hfsplus_lookup+0x671/0xf00 [ 237.973119][ T5045] hfsplus_lookup+0x671/0xf00 [ 237.978011][ T5045] __lookup_slow+0x506/0x6e0 [ 237.983017][ T5045] lookup_slow+0x6a/0xd0 [ 237.987452][ T5045] walk_component+0x467/0x650 [ 237.992742][ T5045] path_lookupat+0x27d/0x6f0 [ 238.002006][ T5045] filename_lookup+0x22f/0x750 [ 238.006970][ T5045] user_path_at_empty+0x8b/0x3a0 [ 238.013995][ T5045] __x64_sys_umount+0x149/0x240 [ 238.019084][ T5045] x64_sys_call+0x3da/0x3b50 [ 238.024155][ T5045] do_syscall_64+0xcf/0x1e0 [ 238.028942][ T5045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.035344][ T5045] [ 238.037763][ T5045] Uninit was created at: [ 238.042432][ T5045] __alloc_pages+0x9d6/0xe70 [ 238.047178][ T5045] new_slab+0x2de/0x1400 [ 238.051791][ T5045] ___slab_alloc+0x1184/0x33d0 [ 238.056739][ T5045] kmem_cache_alloc_lru+0x6d7/0xbe0 [ 238.062344][ T5045] hfsplus_alloc_inode+0x5a/0xd0 [ 238.067478][ T5045] alloc_inode+0x86/0x460 [ 238.072209][ T5045] iget_locked+0x2bf/0xee0 [ 238.076834][ T5045] hfsplus_iget+0x59/0xaf0 [ 238.081420][ T5045] hfsplus_btree_open+0x13e/0x1d10 [ 238.086983][ T5045] hfsplus_fill_super+0x1113/0x2700 [ 238.092599][ T5045] mount_bdev+0x397/0x520 [ 238.097116][ T5045] hfsplus_mount+0x4d/0x60 [ 238.106290][ T5045] legacy_get_tree+0x114/0x290 [ 238.111272][ T5045] vfs_get_tree+0xa7/0x570 [ 238.117411][ T5045] do_new_mount+0x71f/0x15e0 [ 238.122349][ T5045] path_mount+0x742/0x1f20 [ 238.126974][ T5045] __se_sys_mount+0x725/0x810 [ 238.133986][ T5045] __x64_sys_mount+0xe4/0x150 [ 238.138875][ T5045] x64_sys_call+0x2bf4/0x3b50 [ 238.144271][ T5045] do_syscall_64+0xcf/0x1e0 [ 238.149108][ T5045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.155412][ T5045] [ 238.157844][ T5045] CPU: 0 PID: 5045 Comm: syz-executor.1 Not tainted 6.9.0-rc5-syzkaller-00031-g71b1543c83d6 #0 [ 238.168605][ T5045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 238.179000][ T5045] ===================================================== [ 238.186199][ T5045] Disabling lock debugging due to kernel taint [ 238.192635][ T5045] Kernel panic - not syncing: kmsan.panic set ... [ 238.199171][ T5045] CPU: 0 PID: 5045 Comm: syz-executor.1 Tainted: G B 6.9.0-rc5-syzkaller-00031-g71b1543c83d6 #0 [ 238.211185][ T5045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 238.221388][ T5045] Call Trace: [ 238.224770][ T5045] [ 238.227806][ T5045] dump_stack_lvl+0x216/0x2d0 [ 238.232657][ T5045] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 238.238701][ T5045] dump_stack+0x1e/0x30 [ 238.243034][ T5045] panic+0x4e2/0xcd0 [ 238.247138][ T5045] ? kmsan_get_metadata+0x101/0x1d0 [ 238.252533][ T5045] kmsan_report+0x2d5/0x2e0 [ 238.257219][ T5045] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 238.263200][ T5045] ? __msan_warning+0x95/0x120 [ 238.268166][ T5045] ? hfsplus_lookup+0x671/0xf00 [ 238.273204][ T5045] ? __lookup_slow+0x506/0x6e0 [ 238.278137][ T5045] ? lookup_slow+0x6a/0xd0 [ 238.282717][ T5045] ? walk_component+0x467/0x650 [ 238.287727][ T5045] ? path_lookupat+0x27d/0x6f0 [ 238.292663][ T5045] ? filename_lookup+0x22f/0x750 [ 238.297768][ T5045] ? user_path_at_empty+0x8b/0x3a0 [ 238.303058][ T5045] ? __x64_sys_umount+0x149/0x240 [ 238.308262][ T5045] ? x64_sys_call+0x3da/0x3b50 [ 238.313221][ T5045] ? do_syscall_64+0xcf/0x1e0 [ 238.318066][ T5045] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.324377][ T5045] ? __hfsplus_brec_find+0x6a4/0x7b0 [ 238.329878][ T5045] ? kmsan_get_metadata+0x146/0x1d0 [ 238.335239][ T5045] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 238.341708][ T5045] ? __msan_memcpy+0x108/0x1c0 [ 238.346682][ T5045] ? hfsplus_bnode_read+0x23a/0x250 [ 238.352083][ T5045] ? kmsan_get_metadata+0x146/0x1d0 [ 238.357445][ T5045] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 238.363426][ T5045] __msan_warning+0x95/0x120 [ 238.368214][ T5045] hfsplus_lookup+0x671/0xf00 [ 238.373102][ T5045] ? kmsan_get_metadata+0x146/0x1d0 [ 238.378523][ T5045] ? kmsan_get_metadata+0x146/0x1d0 [ 238.383885][ T5045] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 238.389859][ T5045] ? __pfx_hfsplus_lookup+0x10/0x10 [ 238.395247][ T5045] ? __pfx_hfsplus_lookup+0x10/0x10 [ 238.400634][ T5045] __lookup_slow+0x506/0x6e0 [ 238.405414][ T5045] lookup_slow+0x6a/0xd0 [ 238.409854][ T5045] walk_component+0x467/0x650 [ 238.414703][ T5045] ? kmsan_get_metadata+0x146/0x1d0 [ 238.420078][ T5045] path_lookupat+0x27d/0x6f0 [ 238.424849][ T5045] filename_lookup+0x22f/0x750 [ 238.429795][ T5045] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 238.435799][ T5045] user_path_at_empty+0x8b/0x3a0 [ 238.440930][ T5045] __x64_sys_umount+0x149/0x240 [ 238.445968][ T5045] x64_sys_call+0x3da/0x3b50 [ 238.450759][ T5045] do_syscall_64+0xcf/0x1e0 [ 238.455435][ T5045] ? clear_bhb_loop+0x25/0x80 [ 238.460281][ T5045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.466398][ T5045] RIP: 0033:0x7f77e147f1d7 [ 238.470938][ T5045] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 238.490733][ T5045] RSP: 002b:00007ffc2131c118 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 238.499339][ T5045] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f77e147f1d7 [ 238.507453][ T5045] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc2131c1d0 [ 238.515561][ T5045] RBP: 00007ffc2131c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 238.523675][ T5045] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc2131d2c0 [ 238.531782][ T5045] R13: 00007f77e14c93b9 R14: 0000000000039ece R15: 0000000000000003 [ 238.539911][ T5045] [ 238.543291][ T5045] Kernel Offset: disabled [ 238.547672][ T5045] Rebooting in 86400 seconds..