Warning: Permanently added '10.128.1.142' (ED25519) to the list of known hosts.
2024/04/01 21:44:32 fuzzer started
2024/04/01 21:44:33 dialing manager at 10.128.0.169:30012
[ 158.711013][ T5024] cgroup: Unknown subsys name 'net'
[ 158.911218][ T5024] cgroup: Unknown subsys name 'rlimit'
2024/04/01 21:45:22 syscalls: 3852
2024/04/01 21:45:22 code coverage: enabled
2024/04/01 21:45:22 comparison tracing: enabled
2024/04/01 21:45:22 extra coverage: enabled
2024/04/01 21:45:22 delay kcov mmap: enabled
2024/04/01 21:45:22 setuid sandbox: enabled
2024/04/01 21:45:22 namespace sandbox: enabled
2024/04/01 21:45:22 Android sandbox: /sys/fs/selinux/policy does not exist
2024/04/01 21:45:22 fault injection: enabled
2024/04/01 21:45:22 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2024/04/01 21:45:22 net packet injection: enabled
2024/04/01 21:45:22 net device setup: enabled
2024/04/01 21:45:22 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2024/04/01 21:45:22 devlink PCI setup: PCI device 0000:00:10.0 is not available
2024/04/01 21:45:22 NIC VF setup: PCI device 0000:00:11.0 is not available
2024/04/01 21:45:22 USB emulation: enabled
2024/04/01 21:45:22 hci packet injection: enabled
2024/04/01 21:45:22 wifi device emulation: enabled
2024/04/01 21:45:22 802.15.4 emulation: enabled
2024/04/01 21:45:22 swap file: enabled
[ 205.395087][ T5024] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2024/04/01 21:45:23 starting 5 executor processes
[ 207.066516][ T5043] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 207.077046][ T5043] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 207.094397][ T5043] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 207.158465][ T5043] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 207.177526][ T49] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 207.190059][ T5046] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 207.199917][ T5046] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 207.216985][ T5046] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 207.248207][ T4401] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 207.273197][ T4401] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 207.292838][ T5048] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 207.305632][ T5048] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 207.315088][ T5046] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 207.326390][ T5046] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 207.358089][ T5048] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 207.421993][ T5048] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 207.581768][ T5048] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 207.598439][ T5048] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 207.646660][ T5048] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 207.714773][ T49] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 207.738405][ T4401] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 207.762264][ T4401] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 207.774533][ T4401] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 207.785604][ T4401] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 207.812919][ T5043] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 207.822852][ T5043] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 207.832366][ T5043] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 207.851350][ T5043] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 207.864606][ T5043] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 207.874479][ T5043] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 208.153591][ T5041] chnl_net:caif_netlink_parms(): no params data found
[ 208.852645][ T5041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 208.860750][ T5041] bridge0: port 1(bridge_slave_0) entered disabled state
[ 208.869208][ T5041] bridge_slave_0: entered allmulticast mode
[ 208.878467][ T5041] bridge_slave_0: entered promiscuous mode
[ 209.089435][ T5041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 209.097321][ T5041] bridge0: port 2(bridge_slave_1) entered disabled state
[ 209.104976][ T5041] bridge_slave_1: entered allmulticast mode
[ 209.114205][ T5041] bridge_slave_1: entered promiscuous mode
[ 209.276440][ T5043] Bluetooth: hci0: command tx timeout
[ 209.402543][ T5041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 209.453411][ T5043] Bluetooth: hci1: command tx timeout
[ 209.457780][ T5044] chnl_net:caif_netlink_parms(): no params data found
[ 209.518377][ T5049] chnl_net:caif_netlink_parms(): no params data found
[ 209.547529][ T5041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 209.693405][ T5055] chnl_net:caif_netlink_parms(): no params data found
[ 209.762244][ T5043] Bluetooth: hci2: command tx timeout
[ 209.828143][ T5041] team0: Port device team_slave_0 added
[ 209.893206][ T5041] team0: Port device team_slave_1 added
[ 209.936430][ T5043] Bluetooth: hci4: command tx timeout
[ 209.964849][ T5057] chnl_net:caif_netlink_parms(): no params data found
[ 209.998238][ T5043] Bluetooth: hci3: command tx timeout
[ 210.154367][ T5041] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 210.162055][ T5041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 210.188764][ T5041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 210.268982][ T5041] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 210.276329][ T5041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 210.302898][ T5041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 210.656634][ T5044] bridge0: port 1(bridge_slave_0) entered blocking state
[ 210.664311][ T5044] bridge0: port 1(bridge_slave_0) entered disabled state
[ 210.673931][ T5044] bridge_slave_0: entered allmulticast mode
[ 210.682770][ T5044] bridge_slave_0: entered promiscuous mode
[ 210.793809][ T5041] hsr_slave_0: entered promiscuous mode
[ 210.805111][ T5041] hsr_slave_1: entered promiscuous mode
[ 210.814934][ T5044] bridge0: port 2(bridge_slave_1) entered blocking state
[ 210.823917][ T5044] bridge0: port 2(bridge_slave_1) entered disabled state
[ 210.831820][ T5044] bridge_slave_1: entered allmulticast mode
[ 210.841045][ T5044] bridge_slave_1: entered promiscuous mode
[ 210.935587][ T5055] bridge0: port 1(bridge_slave_0) entered blocking state
[ 210.943536][ T5055] bridge0: port 1(bridge_slave_0) entered disabled state
[ 210.953621][ T5055] bridge_slave_0: entered allmulticast mode
[ 210.961715][ T5055] bridge_slave_0: entered promiscuous mode
[ 211.031357][ T5049] bridge0: port 1(bridge_slave_0) entered blocking state
[ 211.039430][ T5049] bridge0: port 1(bridge_slave_0) entered disabled state
[ 211.047230][ T5049] bridge_slave_0: entered allmulticast mode
[ 211.055622][ T5049] bridge_slave_0: entered promiscuous mode
[ 211.128379][ T5055] bridge0: port 2(bridge_slave_1) entered blocking state
[ 211.136051][ T5055] bridge0: port 2(bridge_slave_1) entered disabled state
[ 211.143983][ T5055] bridge_slave_1: entered allmulticast mode
[ 211.154875][ T5055] bridge_slave_1: entered promiscuous mode
[ 211.168501][ T5057] bridge0: port 1(bridge_slave_0) entered blocking state
[ 211.176002][ T5057] bridge0: port 1(bridge_slave_0) entered disabled state
[ 211.185793][ T5057] bridge_slave_0: entered allmulticast mode
[ 211.195343][ T5057] bridge_slave_0: entered promiscuous mode
[ 211.210703][ T5049] bridge0: port 2(bridge_slave_1) entered blocking state
[ 211.218569][ T5049] bridge0: port 2(bridge_slave_1) entered disabled state
[ 211.226432][ T5049] bridge_slave_1: entered allmulticast mode
[ 211.235428][ T5049] bridge_slave_1: entered promiscuous mode
[ 211.285209][ T5057] bridge0: port 2(bridge_slave_1) entered blocking state
[ 211.293011][ T5057] bridge0: port 2(bridge_slave_1) entered disabled state
[ 211.300927][ T5057] bridge_slave_1: entered allmulticast mode
[ 211.309943][ T5057] bridge_slave_1: entered promiscuous mode
[ 211.356270][ T5043] Bluetooth: hci0: command tx timeout
[ 211.386397][ T5044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 211.526443][ T5043] Bluetooth: hci1: command tx timeout
[ 211.531801][ T5044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 211.620597][ T5049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 211.639230][ T5057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 211.689821][ T5055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 211.722744][ T5055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 211.740668][ T5057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 211.758445][ T5049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 211.836459][ T5043] Bluetooth: hci2: command tx timeout
[ 211.898233][ T5044] team0: Port device team_slave_0 added
[ 211.978359][ T5055] team0: Port device team_slave_0 added
[ 211.999576][ T5043] Bluetooth: hci4: command tx timeout
[ 212.035280][ T5049] team0: Port device team_slave_0 added
[ 212.050259][ T5057] team0: Port device team_slave_0 added
[ 212.065102][ T5044] team0: Port device team_slave_1 added
[ 212.096737][ T5043] Bluetooth: hci3: command tx timeout
[ 212.118789][ T5055] team0: Port device team_slave_1 added
[ 212.144300][ T5057] team0: Port device team_slave_1 added
[ 212.162760][ T5049] team0: Port device team_slave_1 added
[ 212.322237][ T5044] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 212.330338][ T5044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 212.356789][ T5044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 212.376344][ T5044] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 212.383522][ T5044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 212.411621][ T5044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 212.565732][ T5055] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 212.572997][ T5055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 212.600370][ T5055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 212.630505][ T5057] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 212.638119][ T5057] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 212.664652][ T5057] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 212.679218][ T5049] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 212.686497][ T5049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 212.712873][ T5049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 212.765054][ T5055] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 212.772414][ T5055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 212.799007][ T5055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 212.841691][ T5057] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 212.849019][ T5057] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 212.876153][ T5057] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 212.902008][ T5049] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 212.909576][ T5049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 212.936847][ T5049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 212.999502][ T5044] hsr_slave_0: entered promiscuous mode
[ 213.009894][ T5044] hsr_slave_1: entered promiscuous mode
[ 213.020358][ T5044] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 213.028221][ T5044] Cannot create hsr debugfs directory
[ 213.247967][ T5057] hsr_slave_0: entered promiscuous mode
[ 213.257323][ T5057] hsr_slave_1: entered promiscuous mode
[ 213.265362][ T5057] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 213.274420][ T5057] Cannot create hsr debugfs directory
[ 213.442959][ T5043] Bluetooth: hci0: command tx timeout
[ 213.487241][ T5055] hsr_slave_0: entered promiscuous mode
[ 213.497402][ T5055] hsr_slave_1: entered promiscuous mode
[ 213.506605][ T5055] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 213.514471][ T5055] Cannot create hsr debugfs directory
[ 213.534074][ T5049] hsr_slave_0: entered promiscuous mode
[ 213.543083][ T5049] hsr_slave_1: entered promiscuous mode
[ 213.551721][ T5049] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 213.559816][ T5049] Cannot create hsr debugfs directory
[ 213.596392][ T5043] Bluetooth: hci1: command tx timeout
[ 213.636013][ T5041] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 213.657750][ T5041] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 213.679894][ T5041] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 213.808551][ T5041] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 213.916754][ T5043] Bluetooth: hci2: command tx timeout
[ 214.076783][ T5043] Bluetooth: hci4: command tx timeout
[ 214.156741][ T5043] Bluetooth: hci3: command tx timeout
[ 214.766860][ T5044] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 214.853275][ T5044] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 214.872305][ T5044] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 214.983089][ T5044] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 215.005246][ T5049] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 215.081621][ T5049] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 215.186420][ T5049] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 215.227685][ T5057] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 215.248316][ T5057] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 215.282632][ T5049] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 215.416543][ T5057] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 215.441567][ T5057] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 215.512132][ T5041] 8021q: adding VLAN 0 to HW filter on device bond0
[ 215.521383][ T5055] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 215.531647][ T5043] Bluetooth: hci0: command tx timeout
[ 215.576882][ T5055] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 215.677678][ T5043] Bluetooth: hci1: command tx timeout
[ 215.680602][ T5055] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 215.715488][ T5055] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 215.778254][ T5041] 8021q: adding VLAN 0 to HW filter on device team0
[ 215.839125][ T5091] bridge0: port 1(bridge_slave_0) entered blocking state
[ 215.846998][ T5091] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 215.974050][ T5091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 215.981854][ T5091] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 216.006224][ T5043] Bluetooth: hci2: command tx timeout
[ 216.158485][ T5043] Bluetooth: hci4: command tx timeout
[ 216.236356][ T5043] Bluetooth: hci3: command tx timeout
[ 216.641144][ T5044] 8021q: adding VLAN 0 to HW filter on device bond0
[ 216.734663][ T5057] 8021q: adding VLAN 0 to HW filter on device bond0
[ 216.888740][ T5044] 8021q: adding VLAN 0 to HW filter on device team0
[ 216.932467][ T5049] 8021q: adding VLAN 0 to HW filter on device bond0
[ 217.010863][ T5057] 8021q: adding VLAN 0 to HW filter on device team0
[ 217.033907][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state
[ 217.041755][ T5097] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 217.168367][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state
[ 217.176269][ T5097] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 217.297275][ T5049] 8021q: adding VLAN 0 to HW filter on device team0
[ 217.334461][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state
[ 217.342504][ T5097] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 217.383763][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state
[ 217.391677][ T5097] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 217.458970][ T5055] 8021q: adding VLAN 0 to HW filter on device bond0
[ 217.574563][ T5055] 8021q: adding VLAN 0 to HW filter on device team0
[ 217.666651][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state
[ 217.674437][ T5097] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 217.698361][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state
[ 217.706255][ T5097] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 217.809909][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state
[ 217.817724][ T5097] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 217.934664][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state
[ 217.942585][ T5097] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 218.421055][ T5041] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 219.080013][ T5041] veth0_vlan: entered promiscuous mode
[ 219.156708][ T1220] ieee802154 phy0 wpan0: encryption failed: -22
[ 219.163395][ T1220] ieee802154 phy1 wpan1: encryption failed: -22
[ 219.253822][ T5041] veth1_vlan: entered promiscuous mode
[ 219.499356][ T5041] veth0_macvtap: entered promiscuous mode
[ 219.611257][ T5041] veth1_macvtap: entered promiscuous mode
[ 219.779325][ T5041] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 219.925180][ T5041] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 220.043677][ T5041] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 220.052978][ T5041] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 220.062332][ T5041] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 220.071445][ T5041] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 220.121368][ T5044] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 220.214872][ T5057] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 220.430919][ T5049] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 220.487259][ T5055] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 220.682329][ T5044] veth0_vlan: entered promiscuous mode
[ 220.833227][ T5057] veth0_vlan: entered promiscuous mode
[ 220.875838][ T5044] veth1_vlan: entered promiscuous mode
[ 220.949887][ T5057] veth1_vlan: entered promiscuous mode
[ 221.260410][ T5055] veth0_vlan: entered promiscuous mode
[ 221.294108][ T5044] veth0_macvtap: entered promiscuous mode
[ 221.369721][ T5055] veth1_vlan: entered promiscuous mode
[ 221.416393][ T5044] veth1_macvtap: entered promiscuous mode
[ 221.480065][ T5057] veth0_macvtap: entered promiscuous mode
[ 221.563604][ T5057] veth1_macvtap: entered promiscuous mode
[ 221.736334][ T5057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 221.749401][ T5057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 221.765534][ T5057] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 221.793557][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 221.804519][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 221.815751][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 221.826900][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 221.841756][ T5044] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 221.899612][ T5057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 221.910553][ T5057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 221.928129][ T5057] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 221.998963][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 222.010597][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 222.020916][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 222.031729][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 222.046813][ T5044] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 222.072557][ T5055] veth0_macvtap: entered promiscuous mode
[ 222.145951][ T5055] veth1_macvtap: entered promiscuous mode
[ 222.170953][ T5057] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 222.182679][ T5057] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 222.192043][ T5057] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 222.201995][ T5057] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 222.221589][ T5044] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 222.230833][ T5044] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 222.241203][ T5044] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 222.250551][ T5044] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 222.392919][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 222.409011][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 222.420520][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 222.431328][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 222.441463][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 222.452377][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 222.471785][ T5055] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 222.582645][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 222.594762][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 222.606922][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 222.618795][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 222.628949][ T5055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 222.642519][ T5055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 222.659748][ T5055] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 223.043889][ T5055] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 223.054175][ T5055] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 223.063875][ T5055] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 223.073113][ T5055] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 223.327145][ T5049] veth0_vlan: entered promiscuous mode
[ 223.435341][ T5049] veth1_vlan: entered promiscuous mode
[ 223.807785][ T5049] veth0_macvtap: entered promiscuous mode
[ 223.930701][ T5049] veth1_macvtap: entered promiscuous mode
[ 224.140632][ T5049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 224.151660][ T5049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 224.165440][ T5049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 224.178615][ T5049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 224.188967][ T5049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 224.199830][ T5049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 224.210197][ T5049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 224.221217][ T5049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 224.239249][ T5049] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 224.423149][ T5049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 224.435621][ T5049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 224.446285][ T5049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 224.457108][ T5049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 224.467301][ T5049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 224.478998][ T5049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 224.489212][ T5049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 224.499968][ T5049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 224.515559][ T5049] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 224.803837][ T5049] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 224.813214][ T5049] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 224.822454][ T5049] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 224.834328][ T5049] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 227.048141][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 227.056238][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 227.300325][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 227.308586][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
21:45:45 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 227.839938][ T5104] ------------[ cut here ]------------
[ 227.845699][ T5104] WARNING: CPU: 1 PID: 5104 at drivers/scsi/sg.c:2236 sg_remove_sfp_usercontext+0x826/0x9e0
[ 227.858576][ T5104] Modules linked in:
[ 227.862736][ T5104] CPU: 1 PID: 5104 Comm: kworker/1:5 Not tainted 6.9.0-rc2-syzkaller #0
[ 227.872805][ T5104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 227.883726][ T5104] Workqueue: events sg_remove_sfp_usercontext
[ 227.890274][ T5104] RIP: 0010:sg_remove_sfp_usercontext+0x826/0x9e0
[ 227.897110][ T5104] Code: e9 fa fd ff ff 8b 7d d0 e8 77 42 15 fa e9 0a fe ff ff 44 89 f7 e8 6a 42 15 fa 41 83 ff 01 0f 84 47 fe ff ff e8 cb 88 84 f9 90 <0f> 0b 90 e9 3e fe ff ff 8b 7d d0 e8 4a 42 15 fa 4d 85 f6 0f 84 50
[ 227.921470][ T5104] RSP: 0018:ffff8880425fbb88 EFLAGS: 00010293
[ 227.930431][ T5104] RAX: ffffffff882d8f85 RBX: 0000000000000000 RCX: ffff88804031a0c0
[ 227.938795][ T5104] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[ 227.947787][ T5104] RBP: ffff8880425fbc48 R08: ffffffff882d8da9 R09: 0000000000000000
[ 227.956330][ T5104] R10: ffff888042b2c000 R11: ffffffff8242d6f6 R12: ffff8881084a0d58
[ 227.964574][ T5104] R13: ffff88804031abf8 R14: 0000000000000000 R15: 0000000000000002
[ 227.973016][ T5104] FS: 0000000000000000(0000) GS:ffff88813fd00000(0000) knlGS:0000000000000000
[ 227.982523][ T5104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 227.989811][ T5104] CR2: 00007feb77ba3bac CR3: 0000000010c70000 CR4: 00000000003506f0
[ 227.999478][ T5104] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 228.008633][ T5104] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 228.017249][ T5104] Call Trace:
[ 228.021026][ T5104]
[ 228.024142][ T5104] ? show_trace_log_lvl+0x3b1/0x500
[ 228.029776][ T5104] ? process_scheduled_works+0xa81/0x1bd0
[ 228.035818][ T5104] ? show_regs+0x148/0x160
[ 228.040641][ T5104] ? __warn+0x2c2/0x770
[ 228.045246][ T5104] ? sg_remove_sfp_usercontext+0x826/0x9e0
[ 228.051641][ T5104] ? report_bug+0x929/0xbd0
[ 228.056596][ T5104] ? sg_remove_sfp_usercontext+0x826/0x9e0
[ 228.062713][ T5104] ? handle_bug+0x47/0x70
[ 228.067529][ T5104] ? exc_invalid_op+0x1f/0x50
[ 228.072508][ T5104] ? asm_exc_invalid_op+0x1f/0x30
[ 228.084951][ T5104] ? kmsan_slab_free+0xd6/0x140
[ 228.090264][ T5104] ? sg_remove_sfp_usercontext+0x649/0x9e0
[ 228.096578][ T5104] ? sg_remove_sfp_usercontext+0x825/0x9e0
[ 228.102873][ T5104] ? sg_remove_sfp_usercontext+0x826/0x9e0
[ 228.109119][ T5104] ? sg_remove_sfp_usercontext+0x825/0x9e0
[ 228.115280][ T5104] ? kmsan_get_metadata+0x146/0x1d0
[ 228.120860][ T5104] ? kmsan_get_metadata+0x146/0x1d0
[ 228.126513][ T5104] ? __pfx_sg_remove_sfp_usercontext+0x10/0x10
[ 228.132964][ T5104] process_scheduled_works+0xa81/0x1bd0
21:45:45 executing program 0:
add_key$fscrypt_provisioning(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x331, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x3e, {0x3e, 0x0, "e700667369218bc6976dcd75cec15512fd24683fc7938905118d91cf26212287e6a9b539c2b8a00be607635e0b71ff1d110861ac924a623b51aa1c8d"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
[ 228.139049][ T5104] worker_thread+0xea5/0x1560
[ 228.144122][ T5104] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 228.150375][ T5104] kthread+0x3e2/0x540
[ 228.154747][ T5104] ? __pfx_worker_thread+0x10/0x10
[ 228.161789][ T5104] ? __pfx_kthread+0x10/0x10
[ 228.167245][ T5104] ret_from_fork+0x6d/0x90
[ 228.172024][ T5104] ? __pfx_kthread+0x10/0x10
[ 228.177034][ T5104] ret_from_fork_asm+0x1a/0x30
[ 228.182145][ T5104]
[ 228.185349][ T5104] ---[ end trace 0000000000000000 ]---
[ 228.790387][ T5097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 228.799650][ T5097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 228.872189][ T5101] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 228.915338][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 228.923582][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 229.085181][ T1040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 229.094245][ T1040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 229.227408][ T1040] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 229.235698][ T1040] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 229.308690][ T5101] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 229.321412][ T5101] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 229.333853][ T5101] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 229.343935][ T5101] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
21:45:46 executing program 1:
r0 = fsopen(&(0x7f0000000040)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
pipe2(&(0x7f0000000040), 0x0)
[ 229.439848][ T5101] usb 1-1: config 0 descriptor??
21:45:47 executing program 3:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/power_supply', 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f0000000040))
21:45:47 executing program 1:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+ \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\xde\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r0, &(0x7f0000000740)=ANY=[], 0xff67)
sendfile(0xffffffffffffffff, r0, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r0, 0x409, 0x8)
[ 229.931504][ T1073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 229.940320][ T1073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 230.008767][ T5101] wacom 0003:056A:0331.0001: unknown main item tag 0x0
21:45:47 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x11}, 0x48)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0x6b78}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
[ 230.115035][ T5101] wacom 0003:056A:0331.0001: hidraw0: USB HID v0.00 Device [HID 056a:0331] on usb-dummy_hcd.0-1/input0
[ 230.205089][ T1073] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 230.213428][ T1073] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 230.301848][ T5101] usb 1-1: USB disconnect, device number 2
21:45:48 executing program 2:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
lseek(r1, 0x7ffffc, 0x0)
write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[], 0x426f)
fallocate(r0, 0x100000003, 0x7ffffc, 0x2811ffff)
21:45:48 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f00000001c0))
21:45:48 executing program 3:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000080))
21:45:48 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='map_files\x00')
fchdir(r0)
open(&(0x7f0000001900)='./file0\x00', 0x0, 0x0)
21:45:48 executing program 1:
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000180)={&(0x7f00000016c0)={0x2, 0x0, @dev}, 0x10, 0x0}, 0x30064845)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'team0\x00', 0x0})
r4 = socket$inet(0x2, 0x0, 0x0)
bind$inet(r4, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000680)={r2, &(0x7f0000000a00)="259605b076be60ac3ae93ab7ea49553951c2230401748481247d92d62918cb7cead2be33568c3234075c9f8cc421b9718843eddbf9cc97a35c2795087604a3255762e393e018b9515a56749c8337c4653b3cb6d6f631857844e5f50162734f307a5ae27c69bb7dab9b82a60789fa81374ad4d6e8a15ed1c98dd71505e9601c8d13757c71cde0f703ee3af367009c036caf099b71d5f31418fc52f3d250bed6b185b0366223ec33f0cbf65df50def8434381d7ad31821531fcbc5706777e3716833ebc2f84fa044ea9ee862bc1e49fff84b6d44f9429d5e"}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'batadv_slave_0\x00', 0x0})
recvmsg(r4, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
write$binfmt_elf64(r4, &(0x7f0000001ac0)=ANY=[@ANYBLOB="582783c3e3ccc0346aa1d50b364f34cbe53d6b16b2e994b05482579b238fbd6079f480d121611259a7b7be7c8cdbdaf0d5fbe189734d2a1ecc766d5945020013777b2f56189a9acb339ad14db1b461117b79feff2e7a17a9b72d02efb862a3b31ce6a9909138712570452ae5a16583c1a4e2b9f0fa6c35b3a40d7d61608268bccf74e36ea732626d03d2ddf8cec53e59db116fce6fe75fb34cb18b95f0c78226414f9252057fc06cfa4d5eb809fcc54ccd5c03002caf036d60f85b27638e802bb5b2aef5867af1dfee630008000058c7741ac46a1a75d496aef19173e03bef5409a4f462c265a6c9523e5e036d10bd42b8d89fd806104e9a4fadf5718e5c237301c874d3edc28b6704129a09ece6c4e82fca616fd40dd8a91b99f8e3cbc0f13453a8d9b7190c65cf50fc701a0900000000000000f8a65abd2993bead6f33663fdaba69d74ffb33f99382482e6e6c509da1ce07c9a3e378737b4b8901a1e569cba863e217604c035124b0847ee2d3a64890d3d69e9ba22d3d86b5baf0a01151eac098c4f30000", @ANYRESHEX=r5], 0x100000530)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x20, &(0x7f00000004c0)={&(0x7f0000000600)=""/18, 0x68, 0x0, 0x0}}, 0x21)
r7 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r7, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1e, 0x2, &(0x7f0000000900)=ANY=[@ANYBLOB], &(0x7f0000000b00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x54, '\x00', r5, 0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x3, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x5, 0x10, 0x2, 0x4}, 0x10, r6, 0xffffffffffffffff, 0x0, &(0x7f0000000500)=[0xffffffffffffffff, 0xffffffffffffffff, r7], 0x0, 0x10, 0x8001}, 0x90)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000cc0)={0xe9fc, 0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0xc, 0x9, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6cc2}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0xfff}, @map_idx={0x18, 0x5}, @map_idx_val={0x18, 0xd, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000000880)='syzkaller\x00', 0x10000, 0x4b, &(0x7f0000000bc0)=""/75, 0x41100, 0x2, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000c40)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000c80)={0x0, 0xe, 0x3, 0x8}, 0x10, r8, r1, 0x0, 0x0, 0x0, 0x10, 0xffff}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x15, 0x2, &(0x7f0000000800)=@raw=[@btf_id={0x18, 0x4, 0x3, 0x0, 0x4}], &(0x7f0000000280)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x21, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000340)={0x0, 0x4, 0x800, 0x1ff}, 0x10, r6, r1, 0x0, &(0x7f0000000380)=[r2, r2, 0xffffffffffffffff, r2, r2, r2, 0xffffffffffffffff, r2]}, 0x90)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x14, r10, 0x1}, 0x14}}, 0x0)
21:45:48 executing program 2:
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
connect$inet(r0, &(0x7f0000000140)={0x10, 0x2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20104, 0x0, 0x0)
21:45:48 executing program 3:
r0 = syz_io_uring_setup(0xaeb, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000500)=0x0, &(0x7f00000000c0)=0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_STATX={0x15, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0})
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB=')'], 0x118)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
21:45:48 executing program 0:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
21:45:49 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x11}, 0x48)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0x6b78}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
[ 232.110831][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 232.119213][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
21:45:49 executing program 3:
io_uring_setup(0x66a, &(0x7f0000000040))
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000000)=0xffffffff, 0x4)
bind$inet(r0, &(0x7f0000003900)={0x2, 0x4e24, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000100)="f4", 0x1, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
21:45:49 executing program 0:
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0xffff110ffcdf, 0x0, 0x0, 0x0)
21:45:50 executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010000a000090400000103010100092100080001220100090581", @ANYRES64], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000080)={0x7b, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000009c0)={0x84, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x20, 0x0, 0x4, {0x5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000004c0)={0x2c, &(0x7f0000000600)={0x0, 0x0, 0x4, '!^gL'}, 0x0, 0x0, 0x0, 0x0})
[ 232.625312][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 232.634443][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
21:45:50 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff})
setsockopt$sock_int(r0, 0xffff, 0x1001, &(0x7f0000000000)=0x700000, 0x4)
21:45:50 executing program 0:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x214})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
21:45:50 executing program 4:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
21:45:50 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x20, 0x4, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0)
[ 233.326829][ T779] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 233.481271][ T5270] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
21:45:51 executing program 2:
r0 = syz_io_uring_setup(0xaeb, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000500)=0x0, &(0x7f00000000c0)=0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_STATX={0x15, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0})
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB=')'], 0x118)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
[ 233.656897][ T779] usb 2-1: Using ep0 maxpacket: 32
21:45:51 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x0, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2b, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
recvfrom$l2tp6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
[ 233.831127][ T779] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 233.849219][ T779] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 233.864763][ T779] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 233.874601][ T779] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 233.957307][ T779] usb 2-1: config 0 descriptor??
[ 233.993481][ T5264] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
21:45:51 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x11}, 0x48)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0x6b78}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
[ 234.100610][ T779] hub 2-1:0.0: USB hub found
[ 234.352183][ T779] hub 2-1:0.0: 2 ports detected
21:45:51 executing program 2:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x202, 0xbc)
open$dir(&(0x7f0000000000)='./file0\x00', 0x9, 0x0)
21:45:51 executing program 3:
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='gfs2\x00', 0x0, 0x0)
21:45:52 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r1 = openat$cgroup_pressure(r0, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r1, &(0x7f0000001840)={'full', 0x20, 0x5, 0x20, 0x5}, 0x2f)
[ 234.802759][ T5291] gfs2: not a GFS2 filesystem
21:45:52 executing program 0:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stack\x00')
preadv(r0, &(0x7f0000001180)=[{&(0x7f0000000100)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
21:45:52 executing program 3:
pipe2(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0)
poll(&(0x7f00000005c0)=[{r0}], 0x1, 0x0)
poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0)
21:45:52 executing program 4:
r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d04031d5abf0009050400005539000009050b00000000000009050200000005000009"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000fc0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x3, "96f53d"}, 0x0, 0x0, 0x0, 0x0})
21:45:52 executing program 2:
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000003e80)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x15)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$FUSE(r0, &(0x7f0000001340)={0x2020}, 0x2020)
21:45:52 executing program 0:
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
poll(&(0x7f0000000080)=[{}], 0x1, 0x101)
21:45:52 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080)='hfs\x00', 0x4485, 0x0)
21:45:53 executing program 2:
memfd_create(&(0x7f0000000340)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b', 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000480)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f00000001c0)=""/74})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000280)={0x1, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000b40))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
[ 235.846511][ T5097] usb 5-1: new high-speed USB device number 2 using dummy_hcd
21:45:53 executing program 3:
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
21:45:53 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_DELRULE={0x2c, 0x8, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x54}}, 0x0)
21:45:53 executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000003700f0ff04000000b5000000000000"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10)
[ 236.118152][ T5101] usb 2-1: USB disconnect, device number 2
[ 236.137033][ T5097] usb 5-1: Using ep0 maxpacket: 16
[ 236.296905][ T5097] usb 5-1: config index 0 descriptor too short (expected 16456, got 72)
[ 236.305621][ T5097] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[ 236.314418][ T5097] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 236.325268][ T5097] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 236.334599][ T5097] usb 5-1: config 0 has no interface number 0
[ 236.341334][ T5097] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 236.352920][ T5097] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 236.363159][ T5097] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 236.373791][ T5097] usb 5-1: config 0 interface 125 has no altsetting 0
21:45:53 executing program 2:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000580)={0x14}, 0x14}}, 0x0)
21:45:54 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x92, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd608a37f2005c0600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='p'], 0x0)
[ 236.590881][ T5097] usb 5-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 236.601221][ T5097] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 236.610119][ T5097] usb 5-1: Product: syz
[ 236.614831][ T5097] usb 5-1: Manufacturer: syz
[ 236.620002][ T5097] usb 5-1: SerialNumber: syz
21:45:54 executing program 0:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$peeksig(0x10, r0, 0x0, 0x0)
waitid(0x1, r0, &(0x7f00000003c0), 0x2, 0x0)
[ 236.725543][ T5097] usb 5-1: config 0 descriptor??
21:45:54 executing program 1:
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
read(r1, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x335})
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r1, 0xc0105303, &(0x7f00000006c0)={0xbf})
tkill(r0, 0x7)
21:45:54 executing program 0:
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount(&(0x7f00000001c0)=ANY=[@ANYBLOB='/dev/nbd0'], 0x0, &(0x7f0000000080)='cramfs\x00', 0x80c0d3, 0x0)
21:45:54 executing program 3:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, r1}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @local}, r1}}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
21:45:54 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x8924, &(0x7f00000002c0)={'syztnl0\x00', 0x0})
21:45:55 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c40)=ANY=[@ANYBLOB="6c0300001200010000000000fedbdf25ffffffff000000000000000000000000000000000000ff00ac00070020010000000000000000000000000002ac1414aa0000000000000000000000004e2100014e240008020080b062000000", @ANYRES32, @ANYRES32, @ANYBLOB="010000000000000020000000000000008601000000000000ffffff7f000000000600000000000000b3e1000000000000ff7f000000000000ffffffffffffffff09000000000000005b0000000000000000000000000000000000000000000080ff010000000000000200000100000000bd00140063726333322d67656e657269630000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008803000060000000de36adc5665981e49482c60421f5de03ba50eb0e5e8ce080301e34a9d5fa1f955ac71da0802edf35c51efe3afccb83d4c43dbfb2d1c76dc6f946ed923d2936ed26153b150ac48c609f7ed5b58debbd160897cc26aa9a5ec921e6c3ee1000baea5db6ad3c6875dd51b01810fcf5d38fc7e0000000200017000100000029bd700025bd700027bd70002cbd700001800000040000006700020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f80000005cdfc25ca3159cb8dab949baa766f73a7d98921001376eebc62e1d8c49726f00"], 0x36c}}, 0x0)
[ 237.753098][ T28] audit: type=1326 audit(1712007955.180:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3e2447dda9 code=0x0
21:45:55 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000004180)={0x14}, 0x14}}, 0x4)
21:45:55 executing program 3:
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x20, &(0x7f0000000180)={&(0x7f00000000c0)=""/139, 0x8b, 0x0, 0x0}}, 0x10)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000a00), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000340)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000000)={0x7, 0x41546})
readv(r0, &(0x7f0000000140), 0x10000000000001ad)
21:45:55 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$unix(r1, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e)
[ 238.029972][ T5335] netlink: 336 bytes leftover after parsing attributes in process `syz-executor.1'.
21:45:55 executing program 2:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x3)
21:45:55 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x11}, 0x48)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0x6b78}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
21:45:55 executing program 0:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0002, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x800c5012, &(0x7f0000000140))
21:45:55 executing program 3:
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_DELRULE={0x2c, 0x8, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x54}}, 0x0)
21:45:56 executing program 4:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, r1}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @local}, r1}}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
[ 238.657760][ T779] usb 5-1: USB disconnect, device number 2
21:45:56 executing program 1:
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000180), 0x4)
sendmsg$tipc(r0, &(0x7f00000004c0)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x5}}, 0x10, 0x0}, 0x0)
recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000003140)=""/155, 0x9b}], 0x1}}], 0x1, 0x0, 0x0)
21:45:56 executing program 2:
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x0)
openat$incfs(0xffffffffffffffff, &(0x7f00000007c0)='.pending_reads\x00', 0x410a02, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xfffffefffbfbbfbe, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, 0x0, 0x0)
21:45:56 executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000040)=0x2, &(0x7f0000000200)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r1, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
21:45:56 executing program 0:
r0 = syz_io_uring_setup(0xaeb, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000500)=0x0, &(0x7f00000000c0)=0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_STATX={0x15, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
21:45:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000100)="b9800000c00f3235010000000f30eaf21400001100260f01caeafa0900000f0136650f019a0dd20000660f65429d660fc772f20f35f30f090f219c", 0x3b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
[ 239.240241][ T28] audit: type=1326 audit(1712007956.610:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5353 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e2ae7dda9 code=0x0
21:45:56 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8fe"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='jbd2_handle_stats\x00', r1}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')
[ 239.733743][ T5044] =====================================================
[ 239.741162][ T5044] BUG: KMSAN: uninit-value in percpu_array_map_lookup_elem+0x142/0x160
[ 239.749882][ T5044] percpu_array_map_lookup_elem+0x142/0x160
[ 239.756028][ T5044] bpf_map_lookup_elem+0x5c/0x80
[ 239.763419][ T5044] ___bpf_prog_run+0x13fe/0xe0f0
[ 239.775627][ T5044] __bpf_prog_run288+0xb5/0xe0
[ 239.782490][ T5044] bpf_trace_run8+0x1bd/0x3a0
[ 239.787592][ T5044] __bpf_trace_jbd2_handle_stats+0x51/0x70
[ 239.793611][ T5044] jbd2_journal_stop+0x1157/0x12c0
[ 239.799011][ T5044] __ext4_journal_stop+0x115/0x310
[ 239.804423][ T5044] __ext4_unlink+0x10f5/0x11b0
[ 239.809432][ T5044] ext4_unlink+0x226/0x630
[ 239.814093][ T5044] vfs_unlink+0x676/0xa30
[ 239.819312][ T5044] do_unlinkat+0x823/0xe10
[ 239.823907][ T5044] __x64_sys_unlink+0x78/0xb0
[ 239.828857][ T5044] do_syscall_64+0xd5/0x1f0
[ 239.833534][ T5044] entry_SYSCALL_64_after_hwframe+0x72/0x7a
[ 239.839727][ T5044]
[ 239.842155][ T5044] Local variable stack created at:
[ 239.847622][ T5044] __bpf_prog_run288+0x45/0xe0
[ 239.852547][ T5044] bpf_trace_run8+0x1bd/0x3a0
[ 239.857572][ T5044]
[ 239.866524][ T5044] CPU: 0 PID: 5044 Comm: syz-executor.3 Tainted: G W 6.9.0-rc2-syzkaller #0
[ 239.878684][ T5044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 239.889050][ T5044] =====================================================
[ 239.896232][ T5044] Disabling lock debugging due to kernel taint
[ 239.902495][ T5044] Kernel panic - not syncing: kmsan.panic set ...
[ 239.909194][ T5044] CPU: 0 PID: 5044 Comm: syz-executor.3 Tainted: G B W 6.9.0-rc2-syzkaller #0
[ 239.919471][ T5044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 239.929745][ T5044] Call Trace:
[ 239.933181][ T5044]
[ 239.936185][ T5044] dump_stack_lvl+0x216/0x2d0
[ 239.941286][ T5044] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 239.947585][ T5044] dump_stack+0x1e/0x30
[ 239.951959][ T5044] panic+0x4e2/0xcd0
[ 239.956070][ T5044] ? kmsan_get_metadata+0xf1/0x1d0
[ 239.961609][ T5044] kmsan_report+0x2d5/0x2e0
[ 239.966480][ T5044] ? kmsan_get_metadata+0x146/0x1d0
[ 239.972760][ T5044] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 239.979284][ T5044] ? __msan_warning+0x95/0x120
[ 239.984261][ T5044] ? percpu_array_map_lookup_elem+0x142/0x160
[ 239.990504][ T5044] ? bpf_map_lookup_elem+0x5c/0x80
[ 239.995933][ T5044] ? ___bpf_prog_run+0x13fe/0xe0f0
[ 240.001183][ T5044] ? __bpf_prog_run288+0xb5/0xe0
[ 240.006330][ T5044] ? bpf_trace_run8+0x1bd/0x3a0
[ 240.012082][ T5044] ? __bpf_trace_jbd2_handle_stats+0x51/0x70
[ 240.018200][ T5044] ? jbd2_journal_stop+0x1157/0x12c0
[ 240.023630][ T5044] ? __ext4_journal_stop+0x115/0x310
[ 240.029075][ T5044] ? __ext4_unlink+0x10f5/0x11b0
[ 240.034129][ T5044] ? ext4_unlink+0x226/0x630
[ 240.038845][ T5044] ? vfs_unlink+0x676/0xa30
[ 240.043576][ T5044] ? do_unlinkat+0x823/0xe10
[ 240.048593][ T5044] ? __x64_sys_unlink+0x78/0xb0
[ 240.053605][ T5044] ? do_syscall_64+0xd5/0x1f0
[ 240.058455][ T5044] ? entry_SYSCALL_64_after_hwframe+0x72/0x7a
[ 240.064764][ T5044] ? __module_address+0xef/0x7e0
[ 240.069877][ T5044] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 240.075811][ T5044] ? kmsan_get_metadata+0x146/0x1d0
[ 240.081177][ T5044] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 240.087126][ T5044] ? percpu_counter_add_batch+0x43/0x290
[ 240.093079][ T5044] ? filter_irq_stacks+0x60/0x1a0
[ 240.098253][ T5044] ? kmsan_get_metadata+0x146/0x1d0
[ 240.103659][ T5044] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 240.109601][ T5044] ? __find_get_block+0x4b/0x1d70
[ 240.114821][ T5044] ? kmsan_get_metadata+0x146/0x1d0
[ 240.120226][ T5044] ? kmsan_get_metadata+0x146/0x1d0
[ 240.125542][ T5044] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 240.131474][ T5044] __msan_warning+0x95/0x120
[ 240.136302][ T5044] percpu_array_map_lookup_elem+0x142/0x160
[ 240.142363][ T5044] ? __pfx_percpu_array_map_lookup_elem+0x10/0x10
[ 240.148943][ T5044] bpf_map_lookup_elem+0x5c/0x80
[ 240.154032][ T5044] ___bpf_prog_run+0x13fe/0xe0f0
[ 240.159144][ T5044] ? kmsan_get_metadata+0x146/0x1d0
[ 240.164481][ T5044] __bpf_prog_run288+0xb5/0xe0
[ 240.169395][ T5044] ? _raw_spin_unlock_irqrestore+0x3f/0x60
[ 240.175379][ T5044] ? stack_depot_save_flags+0x66d/0x6e0
[ 240.181057][ T5044] ? kmsan_get_metadata+0x146/0x1d0
[ 240.186374][ T5044] ? kmsan_get_metadata+0x146/0x1d0
[ 240.191718][ T5044] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 240.197791][ T5044] ? __pfx___bpf_prog_run288+0x10/0x10
[ 240.203393][ T5044] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 240.209799][ T5044] ? __pfx___bpf_prog_run288+0x10/0x10
[ 240.215396][ T5044] bpf_trace_run8+0x1bd/0x3a0
[ 240.220194][ T5044] ? ext4_mark_iloc_dirty+0x28ef/0x2a70
[ 240.225921][ T5044] __bpf_trace_jbd2_handle_stats+0x51/0x70
[ 240.231908][ T5044] jbd2_journal_stop+0x1157/0x12c0
[ 240.237201][ T5044] __ext4_journal_stop+0x115/0x310
[ 240.242491][ T5044] __ext4_unlink+0x10f5/0x11b0
[ 240.247496][ T5044] ext4_unlink+0x226/0x630
[ 240.252033][ T5044] ? __pfx_ext4_unlink+0x10/0x10
[ 240.257104][ T5044] vfs_unlink+0x676/0xa30
[ 240.261584][ T5044] do_unlinkat+0x823/0xe10
[ 240.266158][ T5044] __x64_sys_unlink+0x78/0xb0
[ 240.270978][ T5044] do_syscall_64+0xd5/0x1f0
[ 240.275632][ T5044] entry_SYSCALL_64_after_hwframe+0x72/0x7a
[ 240.281666][ T5044] RIP: 0033:0x7f3e2447d557
[ 240.286172][ T5044] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 240.306015][ T5044] RSP: 002b:00007ffc6d9474c8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[ 240.314565][ T5044] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3e2447d557
[ 240.322813][ T5044] RDX: 00007ffc6d9474f0 RSI: 00007ffc6d947580 RDI: 00007ffc6d947580
[ 240.330901][ T5044] RBP: 00007ffc6d947580 R08: 0000000000000000 R09: 0000000000000000
[ 240.338973][ T5044] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffc6d948640
[ 240.347054][ T5044] R13: 00007f3e244c93b9 R14: 000000000003a6de R15: 0000000000000007
[ 240.355142][ T5044]
[ 241.736616][ T5044] Shutting down cpus with NMI
[ 241.741717][ T5044] Kernel Offset: disabled
[ 241.746125][ T5044] Rebooting in 86400 seconds..