Warning: Permanently added '10.128.0.228' (ED25519) to the list of known hosts. 2024/04/05 02:37:02 fuzzer started 2024/04/05 02:37:03 dialing manager at 10.128.0.169:30012 [ 156.699783][ T5015] cgroup: Unknown subsys name 'net' [ 156.895953][ T5015] cgroup: Unknown subsys name 'rlimit' [ 157.988636][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 157.996042][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 2024/04/05 02:37:51 syscalls: 3852 2024/04/05 02:37:51 code coverage: enabled 2024/04/05 02:37:51 comparison tracing: enabled 2024/04/05 02:37:51 extra coverage: enabled 2024/04/05 02:37:51 delay kcov mmap: enabled 2024/04/05 02:37:51 setuid sandbox: enabled 2024/04/05 02:37:51 namespace sandbox: enabled 2024/04/05 02:37:51 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/05 02:37:51 fault injection: enabled 2024/04/05 02:37:51 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/05 02:37:51 net packet injection: enabled 2024/04/05 02:37:51 net device setup: enabled 2024/04/05 02:37:51 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/05 02:37:51 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/05 02:37:51 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/05 02:37:51 USB emulation: enabled 2024/04/05 02:37:51 hci packet injection: enabled 2024/04/05 02:37:51 wifi device emulation: enabled 2024/04/05 02:37:51 802.15.4 emulation: enabled 2024/04/05 02:37:51 swap file: enabled [ 203.686288][ T5015] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/05 02:37:51 starting 5 executor processes [ 205.376640][ T5033] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 205.435338][ T5033] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 205.460547][ T5033] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 205.524569][ T5033] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 205.573917][ T5033] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 205.588380][ T5033] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 205.786356][ T5033] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 205.796744][ T5033] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 205.806664][ T5033] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 205.823153][ T5033] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 205.834794][ T5033] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 205.896524][ T50] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 205.938757][ T4400] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 205.948962][ T5041] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 205.991023][ T5041] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 206.000366][ T5041] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 206.011151][ T5041] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 206.019869][ T5041] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 206.031389][ T5041] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 206.042319][ T5041] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 206.052585][ T5041] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 206.054814][ T5046] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 206.066221][ T5041] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 206.076440][ T5041] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 206.078643][ T5046] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 206.088501][ T5041] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 206.095249][ T5046] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 206.101834][ T5041] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 206.112479][ T5046] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 206.114706][ T5046] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 206.716647][ T5032] chnl_net:caif_netlink_parms(): no params data found [ 207.550844][ T5037] chnl_net:caif_netlink_parms(): no params data found [ 207.693146][ T5032] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.700799][ T5032] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.708778][ T5032] bridge_slave_0: entered allmulticast mode [ 207.717912][ T5032] bridge_slave_0: entered promiscuous mode [ 207.742806][ T4400] Bluetooth: hci0: command tx timeout [ 207.742961][ T5032] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.757056][ T5032] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.765534][ T5032] bridge_slave_1: entered allmulticast mode [ 207.774945][ T5032] bridge_slave_1: entered promiscuous mode [ 207.857580][ T5038] chnl_net:caif_netlink_parms(): no params data found [ 207.986888][ T4400] Bluetooth: hci1: command tx timeout [ 208.134335][ T5032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 208.146604][ T4400] Bluetooth: hci2: command tx timeout [ 208.197338][ T5032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 208.236581][ T4400] Bluetooth: hci4: command tx timeout [ 208.242346][ T4400] Bluetooth: hci3: command tx timeout [ 208.255867][ T5044] chnl_net:caif_netlink_parms(): no params data found [ 208.429811][ T5032] team0: Port device team_slave_0 added [ 208.466965][ T5032] team0: Port device team_slave_1 added [ 208.477329][ T5045] chnl_net:caif_netlink_parms(): no params data found [ 208.660788][ T5032] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 208.668245][ T5032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.696389][ T5032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 208.734316][ T5032] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 208.741507][ T5032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.768747][ T5032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.980613][ T5037] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.989505][ T5037] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.999829][ T5037] bridge_slave_0: entered allmulticast mode [ 209.009966][ T5037] bridge_slave_0: entered promiscuous mode [ 209.102978][ T5037] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.114789][ T5037] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.124907][ T5037] bridge_slave_1: entered allmulticast mode [ 209.137559][ T5037] bridge_slave_1: entered promiscuous mode [ 209.211563][ T5038] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.219944][ T5038] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.228095][ T5038] bridge_slave_0: entered allmulticast mode [ 209.236335][ T5038] bridge_slave_0: entered promiscuous mode [ 209.395925][ T5032] hsr_slave_0: entered promiscuous mode [ 209.413632][ T5032] hsr_slave_1: entered promiscuous mode [ 209.433406][ T5038] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.441288][ T5038] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.449326][ T5038] bridge_slave_1: entered allmulticast mode [ 209.458510][ T5038] bridge_slave_1: entered promiscuous mode [ 209.477697][ T5044] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.485930][ T5044] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.493977][ T5044] bridge_slave_0: entered allmulticast mode [ 209.503563][ T5044] bridge_slave_0: entered promiscuous mode [ 209.530732][ T5037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.642300][ T5044] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.650800][ T5044] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.658884][ T5044] bridge_slave_1: entered allmulticast mode [ 209.668449][ T5044] bridge_slave_1: entered promiscuous mode [ 209.688358][ T5038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.708721][ T5037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.841688][ T5041] Bluetooth: hci0: command tx timeout [ 209.925467][ T5038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.080279][ T5041] Bluetooth: hci1: command tx timeout [ 210.134595][ T5044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.185012][ T5037] team0: Port device team_slave_0 added [ 210.193090][ T5045] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.201190][ T5045] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.209501][ T5045] bridge_slave_0: entered allmulticast mode [ 210.218964][ T5045] bridge_slave_0: entered promiscuous mode [ 210.240961][ T5041] Bluetooth: hci2: command tx timeout [ 210.255163][ T5038] team0: Port device team_slave_0 added [ 210.263176][ T5045] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.271410][ T5045] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.279389][ T5045] bridge_slave_1: entered allmulticast mode [ 210.288465][ T5045] bridge_slave_1: entered promiscuous mode [ 210.294664][ T5041] Bluetooth: hci3: command tx timeout [ 210.300310][ T5041] Bluetooth: hci4: command tx timeout [ 210.310492][ T5044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.327500][ T5037] team0: Port device team_slave_1 added [ 210.385635][ T5038] team0: Port device team_slave_1 added [ 210.567217][ T5045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.606341][ T5037] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.613526][ T5037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.640395][ T5037] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.710388][ T5045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.729010][ T5044] team0: Port device team_slave_0 added [ 210.740106][ T5037] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.747457][ T5037] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.775449][ T5037] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.820083][ T5038] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.827353][ T5038] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.854691][ T5038] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.899842][ T5044] team0: Port device team_slave_1 added [ 210.969795][ T5038] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.977460][ T5038] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.009497][ T5038] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.119147][ T5045] team0: Port device team_slave_0 added [ 211.208836][ T5045] team0: Port device team_slave_1 added [ 211.222011][ T5044] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.229432][ T5044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.257361][ T5044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.399737][ T5044] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.407452][ T5044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.438731][ T5044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.466099][ T5037] hsr_slave_0: entered promiscuous mode [ 211.475718][ T5037] hsr_slave_1: entered promiscuous mode [ 211.484445][ T5037] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 211.492823][ T5037] Cannot create hsr debugfs directory [ 211.511133][ T5038] hsr_slave_0: entered promiscuous mode [ 211.520553][ T5038] hsr_slave_1: entered promiscuous mode [ 211.530737][ T5038] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 211.538843][ T5038] Cannot create hsr debugfs directory [ 211.580139][ T5045] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.587810][ T5045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.614905][ T5045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.657212][ T5045] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.665822][ T5045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.693225][ T5045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.895214][ T5041] Bluetooth: hci0: command tx timeout [ 212.052025][ T5044] hsr_slave_0: entered promiscuous mode [ 212.062997][ T5044] hsr_slave_1: entered promiscuous mode [ 212.072272][ T5044] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 212.080265][ T5044] Cannot create hsr debugfs directory [ 212.123042][ T5032] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 212.134543][ T5041] Bluetooth: hci1: command tx timeout [ 212.146331][ T5032] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 212.201864][ T5045] hsr_slave_0: entered promiscuous mode [ 212.210771][ T5045] hsr_slave_1: entered promiscuous mode [ 212.219798][ T5045] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 212.227983][ T5045] Cannot create hsr debugfs directory [ 212.287064][ T5032] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 212.296395][ T5041] Bluetooth: hci2: command tx timeout [ 212.379795][ T5032] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 212.380106][ T5041] Bluetooth: hci3: command tx timeout [ 212.394737][ T5041] Bluetooth: hci4: command tx timeout [ 213.166339][ T5037] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 213.215216][ T5037] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 213.300009][ T5037] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 213.401093][ T5037] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 213.570688][ T5038] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 213.598585][ T5038] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 213.649216][ T5038] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 213.752926][ T5038] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 213.788822][ T5045] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 213.848921][ T5045] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 213.900369][ T5045] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 213.953287][ T5032] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.962677][ T5045] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 213.981586][ T5041] Bluetooth: hci0: command tx timeout [ 214.237831][ T5044] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 214.239912][ T5041] Bluetooth: hci1: command tx timeout [ 214.345209][ T5044] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 214.369188][ T5044] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 214.378586][ T5041] Bluetooth: hci2: command tx timeout [ 214.403061][ T5032] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.443222][ T5044] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 214.458102][ T5041] Bluetooth: hci3: command tx timeout [ 214.458324][ T4400] Bluetooth: hci4: command tx timeout [ 214.601136][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.609129][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.690219][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.698354][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.981048][ T5037] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.168604][ T5037] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.321395][ T778] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.329385][ T778] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.402069][ T5038] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.467907][ T778] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.475893][ T778] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.679954][ T5044] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.716707][ T5038] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.806217][ T5045] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.900730][ T779] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.908678][ T779] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.009836][ T5044] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.088347][ T779] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.096178][ T779] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.172596][ T5045] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.201138][ T779] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.209198][ T779] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.378601][ T779] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.386414][ T779] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.410422][ T779] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.418263][ T779] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.439749][ T779] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.447703][ T779] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.359233][ T5032] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.937017][ T5032] veth0_vlan: entered promiscuous mode [ 218.066077][ T5032] veth1_vlan: entered promiscuous mode [ 218.097559][ T5037] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.448490][ T5038] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.498634][ T5032] veth0_macvtap: entered promiscuous mode [ 218.573159][ T5032] veth1_macvtap: entered promiscuous mode [ 218.794951][ T5037] veth0_vlan: entered promiscuous mode [ 218.922282][ T5037] veth1_vlan: entered promiscuous mode [ 218.986720][ T5032] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.011345][ T5045] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.050165][ T5038] veth0_vlan: entered promiscuous mode [ 219.120598][ T5044] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.137024][ T5032] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.219391][ T5038] veth1_vlan: entered promiscuous mode [ 219.250494][ T5032] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.260891][ T5032] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.273037][ T5032] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.282448][ T5032] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.432752][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 219.439713][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 219.542895][ T5037] veth0_macvtap: entered promiscuous mode [ 219.662858][ T5037] veth1_macvtap: entered promiscuous mode [ 219.710780][ T5045] veth0_vlan: entered promiscuous mode [ 219.819639][ T5038] veth0_macvtap: entered promiscuous mode [ 219.846743][ T5045] veth1_vlan: entered promiscuous mode [ 219.888716][ T5038] veth1_macvtap: entered promiscuous mode [ 220.004450][ T5037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.016188][ T5037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.031887][ T5037] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.120699][ T5038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.133841][ T5038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.147027][ T5038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.157976][ T5038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.174371][ T5038] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.205019][ T5037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 220.216085][ T5037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.231486][ T5037] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.329354][ T5038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 220.340492][ T5038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.352231][ T5038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 220.363351][ T5038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.378672][ T5038] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.479339][ T5037] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.488844][ T5037] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.498263][ T5037] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.507819][ T5037] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.551773][ T5045] veth0_macvtap: entered promiscuous mode [ 220.588280][ T5038] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.598539][ T5038] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.608245][ T5038] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.618813][ T5038] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.681098][ T5045] veth1_macvtap: entered promiscuous mode [ 220.950980][ T5045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.965792][ T5045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 220.978195][ T5045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 220.990688][ T5045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.001147][ T5045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.012109][ T5045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.070835][ T5045] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.120446][ T5045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.132053][ T5045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.142388][ T5045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.153304][ T5045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.163713][ T5045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.174981][ T5045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.189964][ T5045] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.439970][ T5045] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.450883][ T5045] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.460417][ T5045] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.469741][ T5045] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.850816][ T5044] veth0_vlan: entered promiscuous mode [ 221.962292][ T5044] veth1_vlan: entered promiscuous mode [ 222.272573][ T5044] veth0_macvtap: entered promiscuous mode [ 222.358843][ T5044] veth1_macvtap: entered promiscuous mode [ 222.540262][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.552704][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.563344][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.574502][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.584857][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.595946][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.606291][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 222.621776][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.639007][ T5044] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 222.709081][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.722906][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.733677][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.744642][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.755120][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.766176][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.777332][ T5044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.789082][ T5044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.805567][ T5044] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.848434][ T5044] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.858377][ T5044] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.868127][ T5044] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.878014][ T5044] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.533842][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.542080][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.745513][ T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.753712][ T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 02:38:14 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="80000000f5ffffff000000004700008000000000d5000000000000009500000000"], &(0x7f0000000100)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 02:38:14 executing program 0: r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) fchdir(r0) openat$cgroup_ro(r0, &(0x7f00000001c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000000140)={0x5, 0x0, [{0x80000007, 0x4, 0x4, 0xfffffffd, 0x401, 0x8, 0x6}, {0x80000008, 0x6, 0x1, 0x3ff, 0x7, 0x20000, 0x9}, {0x80000019, 0x3, 0x2, 0x7f, 0x4e99, 0x80, 0x91f}, {0xd, 0x3, 0x0, 0x1, 0x8, 0x2, 0x7fff}, {0xc0000003, 0x7, 0x3, 0x0, 0x7, 0x10001, 0xffffffff}]}) r1 = socket$inet6(0xa, 0x6, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) r5 = gettid() sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14}]}]}, @IFLA_NET_NS_PID={0x8, 0x13, r5}]}, 0x44}}, 0x0) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x40000001, 0x4) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0xfffffffe, @empty}, 0x1c) [ 227.521522][ T1044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.530903][ T1044] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.710560][ T1044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.719554][ T1044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.980058][ T5214] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 228.026241][ T779] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.034844][ T779] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 02:38:15 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="850000003900000056fffffffe0000009500000000000000", @ANYRES8, @ANYRES64, @ANYRES32=0x0], &(0x7f0000000240)='syzkaller\x00', 0x1, 0xfc76, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffe77, 0x0, 0xffffffffffffffff, 0x5d}, 0x48) r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x100000e, &(0x7f0000000800)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x3, 0x435, &(0x7f0000000900)="$eJzs28tvG0UYAPBv7aSlLxKq8ugDCBRExCNp0lJ64AICiQNISHAox+CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezexHdvNw4kL/v2kTWZ2x5n5vDv2zE42gL41kv5IIvZHxO8RMVTLNhYYqf26vbxY+nt5sZREpfLWX0m13K3lxVJeNH/dvjwzEFH4LImjLeqdv3L1wlS5PHM5y48vXHx/fP7K1edmL06dnzk/c2nyzJlTJydeOD35fFfiTOO6deSjuWOHX3vn+huls9ff/fnbJI+/KY4uGel08MlKpcvV9daBunQy0MOGsCHFWjeNwWr/H4pirJ68oXj10542DthWlUql8kD7w0sV4H8siV63AOiN/Is+nf/m2w4NPe4KN1/KJkCxWLq9XNtqRwaikJUZbJrfdtNIRJxd+uerdIvtuQ8BANDg+3T882yr8V8h6u8L3ZutoQxHxH0RcTAiTkfEoYi4P6Ja9sGIeGiD9Tcvkqwd/xRubCqwdUrHfy9ma1uN47989BfDxSx3oBr/YHJutjxzIntPRmNwd5qf6FDHD6/89kW7Y/Xjv3RL68/Hglk7bgzsbnzN9NTC1FZirnfzk4gjA63iT1ZWApKIOBwRRzZZx+zT3xxrd+zO8XfQhXWmytcRT9XO/1I0xZ9LOq9Pjt8T5ZkT4/lVsdYvv157s139W4q/C9Lzv7fl9b8S/3BSv147v/E6rv3xeds5zWav/13J2w37PpxaWLg8EbEreb3W6Pr9k03lJlfLp/GPHm/d/w/G6jtxNCLSi/jhiHgkIh7N2v5YRDweEcc7xP/Ty0+8t/n4I5Y6/O2tSuOf3tD5X03siuY9rRPFCz9+11Dp8EbiT8//qWpqNNuzns+/9bRrc1czAAAA/PcUImJ/JIWxlXShMDZW+x/+Q7G3UJ6bX3jm3NwHl6ZrzwgMx2Ahv9M1VHc/dCKb1uf5yab8yey+8ZfFPdX8WGmuPN3r4KHP7WvT/1N/FnvdOmDbeV4L+pf+D/1L/4f+pf9D/2rR//f0oh3Azmv1/f9xD9oB7Lym/m/ZD/qI+T/0L/0f+pf+D31pfk/c+SF5CYk1iSjcFc2Q2KZErz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuuPfAAAA//8uh+Vu") getpeername$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000580)=0x14) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000008c0)={0xffffffffffffffff, 0x20, &(0x7f0000000880)={&(0x7f0000000680)=""/207, 0xcf, 0x0, &(0x7f0000000780)=""/75, 0x4b}}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001000)={{0x1, 0xffffffffffffffff}, &(0x7f0000000f80), &(0x7f0000000fc0)=r0}, 0x20) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000001200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6d, 0x6d, 0x7, [@typedef={0xb, 0x0, 0x0, 0x8, 0x1}, @struct={0xe, 0x2, 0x0, 0x4, 0x1, 0x4b39, [{0x5, 0x1, 0x80000001}, {0x6, 0x0, 0x40}]}, @volatile={0xc, 0x0, 0x0, 0x9, 0x1}, @datasec={0x2, 0x3, 0x0, 0xf, 0x1, [{0x3, 0x3f, 0xfff}, {0x3, 0x6, 0x5}, {0x1, 0x0, 0x8}], "bb"}]}, {0x0, [0x0, 0x30, 0x2e, 0x5f, 0x61]}}, &(0x7f00000012c0)=""/142, 0x8f, 0x8e, 0x0, 0xff}, 0x20) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchmod(r6, 0x504) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=@base={0xa, 0x3c03, 0xffffff81, 0x8, 0x100, 0xffffffffffffffff, 0x61b, '\x00', r2, 0xffffffffffffffff, 0x4, 0x0, 0x4}, 0x48) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000014c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x400, '\x00', r2, 0xffffffffffffffff, 0x0, 0x5, 0x4}, 0x48) r9 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r10, r9, 0x16, 0x0, @val=@tcx={@prog_fd}}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0x14, 0xe, &(0x7f0000001040)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffb}, @initr0={0x18, 0x0, 0x0, 0x0, 0xcf, 0x0, 0x0, 0x0, 0x3a78463f}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8001}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x401}], &(0x7f00000010c0)='syzkaller\x00', 0x7f, 0xed, &(0x7f0000001100)=""/237, 0x41000, 0x4d, '\x00', r2, 0xa, r5, 0x8, &(0x7f00000013c0)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000001400)={0x2, 0x4, 0x8, 0xf3}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x4, &(0x7f0000001540)=[r6, r1, r7, r8, r9], &(0x7f0000001580)=[{0x3, 0x3, 0xa, 0x9}, {0x0, 0x1, 0xd, 0x7}, {0x3, 0x5, 0xb, 0x8}, {0x0, 0x5, 0x4, 0x8}], 0x10, 0x6}, 0x90) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$GIO_SCRNMAP(r11, 0x5421, &(0x7f0000000280)=""/229) recvmsg$unix(r11, &(0x7f0000003dc0)={&(0x7f0000003ac0), 0x6e, &(0x7f0000003d00)=[{&(0x7f0000003b40)=""/211, 0xd3}, {&(0x7f0000003c40)=""/90, 0x5a}, {&(0x7f0000003cc0)=""/58, 0x3a}], 0x3}, 0x10102) bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x18, 0x1d, &(0x7f0000000e80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6}, {}, {}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @tail_call, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x94, &(0x7f0000000440)=""/148, 0x41100, 0x0, '\x00', r2, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000640)={0x2, 0xb, 0x40, 0x7fff}, 0x10, r3, r0, 0x2, &(0x7f0000000d40)=[r11, 0x1], &(0x7f0000000d80)=[{0x3, 0x5, 0x3, 0xb}, {0x3, 0x4, 0xa, 0x9}], 0x10, 0x9}, 0x90) r12 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x40}}, 0x0) open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) [ 228.130888][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.139516][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 02:38:15 executing program 0: iopl(0x3) (async) iopl(0x3) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000080), 0x2, 0x0) write$cgroup_netprio_ifpriomap(r1, &(0x7f0000000040)=ANY=[], 0x11) syz_clone3(&(0x7f00000036c0)={0x0, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {}, &(0x7f0000000100)=""/145, 0xfffffffffffffd03, &(0x7f00000001c0)=""/45, &(0x7f0000003680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}, 0x58) [ 228.439587][ T5218] loop2: detected capacity change from 0 to 512 [ 228.528279][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.537572][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.604742][ T5218] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 228.619341][ T5218] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode 02:38:16 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a30000000000a05000000000000000000010000000900010073797a3000000000080002400000000108000240000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a300000000038000000060a03000000000000000000010000000900020073797a32000000000c00034000000000000000000900010073797a30"], 0xbc}}, 0x0) [ 228.822401][ T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.831526][ T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 02:38:16 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r2, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r2, 0x0) r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0) connect$x25(r3, &(0x7f00000000c0)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}}, 0x12) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x54, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}, @IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x0) [ 228.961280][ T5218] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2847: Unable to expand inode 15. Delete some EAs or run e2fsck. 02:38:16 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000140)={r3, 0x1, 0x6, @multicast}, 0x10) r4 = socket$packet(0x11, 0x3, 0x300) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r5, &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) openat$cgroup_ro(r5, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) r6 = socket$unix(0x1, 0x1, 0x0) bind$unix(r6, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) ioctl$sock_SIOCGIFINDEX(r4, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'}) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_MODULUS={0x8}, @NFTA_NG_DREG={0x8}, @NFTA_NG_OFFSET={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) [ 229.072279][ T5218] EXT4-fs (loop2): 1 truncate cleaned up [ 229.079139][ T5218] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. 02:38:16 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_generic(0x10, 0x3, 0x10) connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000001580), 0x1, 0x14d1, &(0x7f00000015c0)="$eJzs3AlwlcW2KOBe3f1DiBG3EZl79fphiwGaiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBg5iIiIyCSTQL/C47ncczy3uO+8cy+vKuur6kqv/Hut3Z1VyT9UZf/UdViNxjWrNiAi8a9Qf5vAX78kCyFihBADhRC3CSECIUTZ+LLx147nUpD8L70J+x/SMPVmr4DdTNz/7I37n71x/7M37n/2xv3P3rj/2Rv3P3vj/jOWraUVuJ1H9h38/D874/N/9sb9z964/9kb9z974/5nb9z/7I37n71x/7M37j9j2dr/B8+gedzEwRhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM/S+44K/TQoi/zW/2uhhjjDHGGGOMMfbv43Pe7BUwxhhjjDHGGGPsfx4IKZTQIhA5RE4RI3KJWHGLiBO3itziNhERt4t4cYfII+4UeUU+kV8UEAVFIVFYGIHCChKhKCKKiqi4SxQTd4sEUVyUECWFE6VEorhHlBb3ijLiPlFW3C/KiQdEeVFBVBSVxIOisnhIVBEPi6riEVFNVBc1RE3xqKglHhO1xeOijnhC1BVPinriKVFfPC0aiIaikXhGNBbPiiaiqWgmmosWoqVo9S/lvyV6iLdFT9FLJIveoo94R/QV/UR/MUAMFO+KQeI9MVi8L4aIoWKY+EAMFx+KEeIjMVKMEqPFx2KMGCvGifFigpgoUsQnYpL4VEwWn4kpYqqYJqaLVDFDpInPxUwxS8wWX4g54ksxV8wT88UCkS4WikViscgQX4kl4muRKZaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdopdYrfYI/aKfWK/OCC+EVni2//L/PP/kN8NBAiQIEGDhhyQA2IgBmIhFuIgDnJDbohABOIhHvJAHsgLeSE/5IeCUBAKQ2FAQCAgKAJFIApRKAbFIAESoASUAAcOEiERSsO9UAbKQFkoC+WgHJSHClABKkElqAyVoQpUgapQFapBNagBNeBReBQeg9pQG+pAHagLdaEe1IP6UB8aQANoBI2gMTSGJtAEmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIAk6QkfoBJ2gM3SGLtAFukJX6AZvwpvwFrwFb8Pb0Auqyd7QB/pAX+gL/WEADIB3YRC8B+/B+zAEhsIw+AA+gA9hBJyDkTAKRsNoqCzHwjgYDyQnQgqkwCSYBJNhMkyBqTAVpkMqzIA0SIOZMAtmwRcwB76EL2EezIMFkA7psAgWQwZkwBI4D5mwFJbBclgBK2EFrIY1sBrWwXpYBxthI2yGzbAVtsJ22A47YSfsht2wF/bCftgPQyALsuAgHIRDcAgOw2E4AkfgKByFY3AMjsNxOAEn4CScgtNwCs7CWTgH5+ECXIBLcAkuw2W4Clev/fLLa7TUMofMIWNkjIyVsTJOxsncMreMyIiMl/Eyj8wj88q8Mr/MLwvKgrKwLCxRoiQZyiKyiIzKqCwmi8kEmSBLyBLSSScTZaIsLUvLMrKMLCvvl+XkA7K8rCDbukqykqws27kq8mFZVVaV1WR1WUPWlDVlLVlL1pa1ZR1ZR9aVdWU9+ZSsL3tDf2gor3WmsRwKTeQwaCabyxaypfwQnpOt5QhoI9vKdvIFOQpGQgfZ2iXJl2VHOQ46yVfleHhNdpEToat8Q3aTb8ru8i3ZQ7ZxPWUvOQV6yz5yOvSV/WR/OUDOhOryWsdqyPflEDlUDpMfyAXwoRwhP5Ij5Sg5Wn4sx8ixcpwcLyfIiTJFfiInyU/lZPmZnCKnymlyukyVM2Sa/FzOlLPkbPmFnCO/lHPlPDlfLpDpcqFcJBfLDPmVXCK/lplyqVwml8sVcqVcJVfLNXKtXCfXyw1yo9wkN8stcqvcJrfLHXKn3CV3yz1yr9wn98sD8huZJb+VB+Vf5CH5nTwsv5dH5A/yqPxRHpM/yePyZ3lC/iJPylPytDwjz8pf5Tl5Xl6QF+Ul+Zu8LK/Iq9JLoUBJpZRWgcqhcqoYlUvFqltUnLpV5Va3qYi6XcWrO1QedafKq/Kp/KqAKqgKqcLKKFRWkQpVEVVURdVdqpi6WyWo4qqEKqmcKqUS1T2qtLpXlVH3qbLqflVOPaDKqwqqoqqkHlSV1UOqinpYVVWPqGqquqqhaqpHVS31mKqtHld11BOqrnpS1VNPqfrqadVANVSN1DOqsXpWNVFNVTPVXLVQLVUr9ZxqrZ5XbVRb1U69oNqrF1UH9ZJKUi+rjuoV1Um9qjqr11QX9brqqt5Q3dSbqru6oq4qr3qqXipZ9VZ91Duqr+qn+qsBaqB6Vw1S76nB6n01RA1Vw9QHarj6UI1QH6mRapQarT5WY9RYNU6NVxPURJWiPlGT1KdqsvpMTVFT1TQ1XaWqGar/H5Vm/zfyP/0n+YN/f/fNaovaqrap7WqH2ql2qd1qj9qj9ql96oA6oLJUljqoDqpD6pA6rA6rI+qIOqqOqmPqmDqujqsT6oQ6qU6pi+qMOqt+VefUeXVeXVSX1CV1+Y+fgdCgpVZa60Dn0Dl1jM6lY/UtOk7fqnPr23RE367j9R06j75T59X5dH5dQBfUhXRhbTRqq0mHuoguqqP6Ll1M360TdHFdQpfUTpfSifqe/+f8G62vlW6lW+vWuo1uo9vpdrq9bq876A46SSfpjrqj7qQ76c66s+6iu+iuuqvuprvp7rq77qF76J66p07WybqPfkf31f10fz1AD9Tv6kF6kB6sB+sheogepofp4Xq4HqFH6JF6pB6tR+sxeowep8fpCXqCTtEpepKepCfryXqKnqKn6Wk6VafqNJ2mZ+qZeraerefoOXqunqvn6/k6XafrRXqRztAZeoleojP1Ur1UL9fL9Uq9Uq/Wq/VavVav1+v1Rr1RZ+oteoveprfpHXqH3qV36T16j96n9+kD+oDO0ln6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+gT+qQ+qU/r0/qsPqvP6XP6gr6gL+lL+rK+rK/qq9cu+wIZyEAHOsgR5AhigpggNogN4oK4IHeQO4gEkSA+iA/yBHcGeYN8Qf6gQFAwKBQUDkyAgQ0oCIMiQdEgGtwVFAvuDhKC4kGJoGTgglJBYnBPUDq4NygT3BeUDe4PygUPBOWDCkHFoFLwYFA5eCioEjwcVA0eCaoF1YMaQc3g0aBW8FhQO3g8qBM8EdQNngzqBU8F9YOngwZBw6BR8EzQOHg2aBI0DZoFzYMWQcug1b+1vvfn8j3veppeJtn0Nn3MO6av6Wf6mwFmoHnXDDLvmcHmfTPEDDXDzAdmuPnQjDAfmZFmlBltPjZjzFgzzow3E8xEk2I+MZPMp2ay+cxMMVPNNDPdpJoZJs18bmaaWWa2+cLMMV+auWaemW8WmHSz0Cwyi02G+cosMV+bTLPULDPLzQqz0qwyq80as9asM+vNBrPRbDKbzRaz1Wwz280Os9PsMrvNHrPX7DP7zQHzjcky35qD5i/mkPnOHDbfmyPmB3PU/GiOmZ/McfOzOWF+MSfNKXPanDFnza/mnDlvLpiL5pL5zVw2V8xV469d3F87vaNGjTkwB8ZgDMZiLMZhHObG3BjBCMZjPObBPJgX82J+zI8FsSAWxsJ4DSFhESyCUYxiMSyGCZiAJbAEOnSYiIlYGktjGSyDZbEslsNyWB7LY0WsiA/ig/gQPoQP48P4CD6C1bE61sSaWAtrYW2sjXWwDtbFulgP62F9rI8NsAE2wkbYGBtjE2yCzbAZtsAW2ApbYWtsjW2wDbbDdtge22MH7IBJmIQdsSN2wk7YGTtjF+yCXbErdsNu2B27Yw/sgT2xJyZjMvbBPtgX+2J/7I8DcSAOwkE4GAfjEByCw3AYDsfhOAJH4EgchaPxYxyDY3EcjscJOBFTMAUn4SScjJNxCk7BaTgNUzEV0zANZ+JMnI2zcQ7Owbk4F+fjfEzHdFyEizADM3AJLsFMzMRluAxX4ApchatwDa7BdbgON+AG3ISbcAtuwW24DXfgDtyFu3AP7sF9uA8P4AHMwiw8iAfxEB7Cw3gYj+ARPIpH8Rgew+N4HE/gCTyJJ/E0nsazeBbP4Tm8gBfwEv6Gl/EKXkWPMTaXjbW32Dh7q81tb7P/GOe3BWxBW8gWtsbmtfn+LkZrbYItbkvYktbZUjbR3vOnuLytYCvaSvZBW9k+ZKv8Ka5lH7O17eO2jn3C1rSP/l1c1z5p69lnbX3b1DawzW0j29I2ts/aJrapbWab2xa2pW1vX7Qd7Es2yb5sO9pX/hQvsovtGrvWrrPr7T67316wF+0x+5O9ZH+zPW0vO9C+awfZ9+xg+74dYof+KR5tP7Zj7Fg7zo63E+zEP8XT7HSbamfYNPu5nWln/SlOtwvtHJth59p5dr5d8Ht8bU0Z9iu7xH5tM+1Su8wutyvsSrvKrv6PtS63G+0mu9nusXvtNrvd7rA77S67+/f42j4O2G9slv3WHrU/2kP2O3vYHrdH7A+/x9f2d9z+bE/YX+xJe8qetmfsWfurPWfP/77/a3s/Y6/Yq9ZbQUCSFGkKKAflpBjKRbF0C8XRrZSbbqMI3U7xdAfloTspL+Wj/FSAClIhKkyGkCwRhVSEilKU7qJidDclUHEqQSXJUSlKpHuoNN1LZeg+Kkv3Uzl6gMpTBapIlehBqkwPURV6mKrSI1SNqlMNqkmPUi16jGrT41SHnqC69CTVo6eoPj1NDaghNaJnqDE9S02oKTWj5tSCWlIreo5a0/PUhtpSO3qB2tOL1IFeoiR6mTrSK9SJXqXO9Bp1odepK71B3ehN6k5vUQ96m3pSL0qm3tSH3qG+1I/60wAaSO/SIHqPBtP7NISG0jD6gIbThzSCPqKRNIpG08c0hsbSOBpPE2gipdAnNIk+pcn0GU2hqTSNplMqzaA0+pxm0iyaTV/QHPqS5tI8mk8LKJ0W0iJaTBn0FS2hrymTltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjtoJ+2i3bSH9tI+2k8H6BvKom/pIP2FDtF3dJi+pyP0Ax2lH+kY/UTH6Wc6Qb/QSTpFp+kMnaVf6Rydpwt0kS7Rb3SZrtBV8iRCCGWoQh0GYY4wZxgT5gpjw1vCuPDWMHd4WxgJbw/jwzvCPOGdYd4wX5g/LBAWDAuFhUMTYmhDCsOwSFg0jIZ3hcXCu8OEsHhYIiwZurBUmBjeE5YO7w3LhPeFZcP7w3LhA2H5sEJYMawUPhhWDh8Kq4QPh1XDR8JqYfWwRlgzfDSsFT4W1g4fD+uET4RlwifDeuFTYf3w6bBB2DBsFD4TNg6fDZuETcNmYfOwRdgybBU+F7YOnw/bhG3DduELYfvwxbBD+FKYFL4cdgxfueHx5LB32Cd8J3wn9P5xNT+6IJoeXRhdFF0czYh+FV0S/TqaGV0aXRZdHl0RXRldFV0dXRNdG10XXR/dEN0Y3RTdHPW+Zk7hwEmnnHaBy+FyuhiXy8W6W1ycu9Xldre5iLvdxbs7XB53p8vr8rn8roAr6Aq5ws44dNaRC10RV9RF3V2umLvbJbjiroQr6Zwr5RJdS9fKtXKt3fOujWvr2rkX3AvuRfeie8m95F52Hd0rrpN71XV2r7ku7nX3unvDdXNvuu7uLdfDve16ul4u2SW7Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7IW6IG+aGueFuuBvhRriRbqQb7Ua7MW6MG+fGuQlugktxKW6Sm+Qmu8luipviprlpLtWlujSX5ma6mW62m+3muDlurpvr5rv5Lt2lu0VukctwGW6JW+IyXaZb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vldrk9bo/b5/a5A+6Ay3JZ7qA76A65Q+6w+94dcT+4o+5Hd8z95I67n90J94s76U650+6MO+t+defceXfBXXSX3G/usrvirjrvUiKfRCZFPo1MjnwWmRKZGpkWmR5JjcyIpEU+j8yMzIrMjnwRmRP5MjI3Mi8yP7Igkh5ZGFkUWRzJiHwVWRL5OpIZWRpZFlkeWRFZGfG+0LbQF/FFfdTf5Yv5u32CL+5L+JLe+VI+0d/jS/t7fRl/ny/r7/fl/AO+vK/gK/qmvplv7lv4lr6Vf8639s/7Nr6tb+df8O39i76Df8kn+Zd9R/+K7+Rf9Z39a76Lf9139W/4bv5N392/5Xv4t31P38sn+96+j3/H9/X9fH8/wA/07/pB/j0/2L/vh/ihfpj/wA/3H/oR/iM/0o/yo/3Hfowf68f58X6Cn+hT/Cd+kv/UT/af+Sl+qp/mp/tUP8On+c/9TD/Lz/Zf+Dn+Sz/Xz/Pz/QKf7hf6RX6xz/Bf+SX+a5/pl/plfrlf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t9/j9/p9fr8/4L/xWf5bf9D/xR/y3/nD/nt/xP/gj/of/TH/kz/uf/Yn/C/+pD/lT/sz/qz/1Z/z5/0Ff9Ff8r/5y/6Kv8r/s8YYY4wx9t+ibnC89z/5nvxjXNNHCHHr9gJH/rHmhrx/nfeT+zpGhBAv9+ra8G+jYcPk5OQ/XpupRFB0nhAicj0/h7geLxXtxIsiSbQVpf/p+vrJikA3qB+9X4jY/5QTI67H1+vf+1/Ub7rwhvXnCZFQ9HpOLnE9vl6/zH9Rf3f7G9TP9V2KEG3+U06cuB5fr58onheviKS/eyVjjDHGGGOMMfZX/eSlbje6v712f15QX8/JKa7HN7o/Z4wxxhhjjDHG2M332pvdX3ouKaltZ57whCc8+Y/Jzf7LxBhjjDHGGPt3u37Rf7NXwhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZV//Gx8ndrP3yBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjN1s/ycAAP//fMhn/w==") [ 229.305023][ T28] audit: type=1800 audit(1712284696.689:2): pid=5218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 229.366476][ T5231] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 02:38:16 executing program 2: socket$nl_route(0x10, 0x3, 0x0) (async) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newlink={0x60, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x18, @loopback}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_DIR={0x5}]}}}]}, 0x60}}, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYRES32], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) accept$phonet_pipe(0xffffffffffffffff, 0x0, &(0x7f0000000040)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) [ 229.547069][ T5038] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.608388][ T5234] syzkaller0: entered promiscuous mode [ 229.743208][ T5235] loop1: detected capacity change from 0 to 256 [ 229.905302][ T5239] Zero length message leads to an empty skb [ 230.021639][ T5234] syzkaller0 (unregistering): left promiscuous mode [ 230.178000][ T5092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.186336][ T5092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.341164][ T5244] netlink: 'syz-executor.2': attribute type 24 has an invalid length. 02:38:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000040), 0x4) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x68, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2e}], @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x68}}, 0x0) syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f00000001c0)={@private1, 0x8000000, 0x2, 0x0, 0x8}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000200)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x1, 0xff}, 0x20) dup3(r5, r6, 0x0) r7 = gettid() process_vm_writev(r7, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mremap(&(0x7f00004b6000/0x4000)=nil, 0x4000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) r8 = socket$inet_udp(0x2, 0x2, 0x0) r9 = fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0) r10 = fsmount(r9, 0x0, 0x80) r11 = openat(r10, &(0x7f0000000040)='./file0\x00', 0x40440, 0x0) preadv(r11, &(0x7f0000001540)=[{&(0x7f0000000140)=""/28, 0x1c}], 0x1, 0x8003, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r8, 0x0, 0x2d, &(0x7f0000000080)={0x0, {{0x2, 0x0, @private}}}, 0x88) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) [ 230.473851][ T5081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.482259][ T5081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 02:38:18 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="fc010000190001000000000000000000fe88000000000000000000000000000100000000000000000000ffffffffffff", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="9d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044010500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000038000000000000000000000000000000000000000000000000000000e0000002000000000000000000000000000000006c000000000000000000000000000000000000000078439e4bfb7f728f"], 0x1fc}}, 0x0) 02:38:18 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x2, 0x0) r3 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r3, 0x29, 0x2a, &(0x7f0000000200)={0x2, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="8800000000010104000000000000000002000000240001801400018008000100ac14140008000200000000000c0002800500010000000000240002801400018008000100ac141400080002007f0000010c0002800500010000000000080007400000000024000e8014000180080001007f000001080002000a0101010c0002800500010084000000d7ce9847956e67cb51"], 0x88}}, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f00000001c0)={'wg2\x00'}) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r6, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES32=r5, @ANYBLOB], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001700)=@newtfilter={0x30, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x2, 0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}}, 0x0) 02:38:18 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x1d, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a30000000000a05000000000000000000010000000900010073797a3000000000080002400000000108000240000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a300000000038000000060a03000000000000000000010000000900020073797a32000000000c00034000000000000000000900010073797a30"], 0xbc}}, 0x0) 02:38:18 executing program 4: ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="0000000000000000c966dfbf6c653000"]) fgetxattr(r0, &(0x7f0000000280)=@known='trusted.overlay.nlink\x00', &(0x7f0000000300)=""/13, 0xd) ioctl$EVIOCGUNIQ(0xffffffffffffffff, 0x80404508, 0x0) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x9, 0x12, r1, 0x8c92e000) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000064bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071101b00000000001d400200000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086607, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) [ 231.035613][ T5250] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 231.084604][ T5251] netlink: 324 bytes leftover after parsing attributes in process `syz-executor.0'. 02:38:18 executing program 0: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x18, &(0x7f0000000340)={r3}, &(0x7f0000000240)=0x8) 02:38:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, &(0x7f0000000340)=[@cr4={0x1, 0x40090}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000016000/0x2000)=nil, 0x2000}, 0x2}) 02:38:19 executing program 4: r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x80086301, &(0x7f0000000480)=ANY=[@ANYBLOB="d348451ce2"]) 02:38:19 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) (async, rerun: 64) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000001580), 0x1, 0x14d1, &(0x7f00000015c0)="$eJzs3AlwlcW2KOBe3f1DiBG3EZl79fphiwGaiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBg5iIiIyCSTQL/C47ncczy3uO+8cy+vKuur6kqv/Hut3Z1VyT9UZf/UdViNxjWrNiAi8a9Qf5vAX78kCyFihBADhRC3CSECIUTZ+LLx147nUpD8L70J+x/SMPVmr4DdTNz/7I37n71x/7M37n/2xv3P3rj/2Rv3P3vj/jOWraUVuJ1H9h38/D874/N/9sb9z964/9kb9z974/5nb9z/7I37n71x/7M37j9j2dr/B8+gedzEwRhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM/S+44K/TQoi/zW/2uhhjjDHGGGOMMfbv43Pe7BUwxhhjjDHGGGPsfx4IKZTQIhA5RE4RI3KJWHGLiBO3itziNhERt4t4cYfII+4UeUU+kV8UEAVFIVFYGIHCChKhKCKKiqi4SxQTd4sEUVyUECWFE6VEorhHlBb3ijLiPlFW3C/KiQdEeVFBVBSVxIOisnhIVBEPi6riEVFNVBc1RE3xqKglHhO1xeOijnhC1BVPinriKVFfPC0aiIaikXhGNBbPiiaiqWgmmosWoqVo9S/lvyV6iLdFT9FLJIveoo94R/QV/UR/MUAMFO+KQeI9MVi8L4aIoWKY+EAMFx+KEeIjMVKMEqPFx2KMGCvGifFigpgoUsQnYpL4VEwWn4kpYqqYJqaLVDFDpInPxUwxS8wWX4g54ksxV8wT88UCkS4WikViscgQX4kl4muRKZaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdopdYrfYI/aKfWK/OCC+EVni2//L/PP/kN8NBAiQIEGDhhyQA2IgBmIhFuIgDnJDbohABOIhHvJAHsgLeSE/5IeCUBAKQ2FAQCAgKAJFIApRKAbFIAESoASUAAcOEiERSsO9UAbKQFkoC+WgHJSHClABKkElqAyVoQpUgapQFapBNagBNeBReBQeg9pQG+pAHagLdaEe1IP6UB8aQANoBI2gMTSGJtAEmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIAk6QkfoBJ2gM3SGLtAFukJX6AZvwpvwFrwFb8Pb0Auqyd7QB/pAX+gL/WEADIB3YRC8B+/B+zAEhsIw+AA+gA9hBJyDkTAKRsNoqCzHwjgYDyQnQgqkwCSYBJNhMkyBqTAVpkMqzIA0SIOZMAtmwRcwB76EL2EezIMFkA7psAgWQwZkwBI4D5mwFJbBclgBK2EFrIY1sBrWwXpYBxthI2yGzbAVtsJ22A47YSfsht2wF/bCftgPQyALsuAgHIRDcAgOw2E4AkfgKByFY3AMjsNxOAEn4CScgtNwCs7CWTgH5+ECXIBLcAkuw2W4Clev/fLLa7TUMofMIWNkjIyVsTJOxsncMreMyIiMl/Eyj8wj88q8Mr/MLwvKgrKwLCxRoiQZyiKyiIzKqCwmi8kEmSBLyBLSSScTZaIsLUvLMrKMLCvvl+XkA7K8rCDbukqykqws27kq8mFZVVaV1WR1WUPWlDVlLVlL1pa1ZR1ZR9aVdWU9+ZSsL3tDf2gor3WmsRwKTeQwaCabyxaypfwQnpOt5QhoI9vKdvIFOQpGQgfZ2iXJl2VHOQ46yVfleHhNdpEToat8Q3aTb8ru8i3ZQ7ZxPWUvOQV6yz5yOvSV/WR/OUDOhOryWsdqyPflEDlUDpMfyAXwoRwhP5Ij5Sg5Wn4sx8ixcpwcLyfIiTJFfiInyU/lZPmZnCKnymlyukyVM2Sa/FzOlLPkbPmFnCO/lHPlPDlfLpDpcqFcJBfLDPmVXCK/lplyqVwml8sVcqVcJVfLNXKtXCfXyw1yo9wkN8stcqvcJrfLHXKn3CV3yz1yr9wn98sD8huZJb+VB+Vf5CH5nTwsv5dH5A/yqPxRHpM/yePyZ3lC/iJPylPytDwjz8pf5Tl5Xl6QF+Ul+Zu8LK/Iq9JLoUBJpZRWgcqhcqoYlUvFqltUnLpV5Va3qYi6XcWrO1QedafKq/Kp/KqAKqgKqcLKKFRWkQpVEVVURdVdqpi6WyWo4qqEKqmcKqUS1T2qtLpXlVH3qbLqflVOPaDKqwqqoqqkHlSV1UOqinpYVVWPqGqquqqhaqpHVS31mKqtHld11BOqrnpS1VNPqfrqadVANVSN1DOqsXpWNVFNVTPVXLVQLVUr9ZxqrZ5XbVRb1U69oNqrF1UH9ZJKUi+rjuoV1Um9qjqr11QX9brqqt5Q3dSbqru6oq4qr3qqXipZ9VZ91Duqr+qn+qsBaqB6Vw1S76nB6n01RA1Vw9QHarj6UI1QH6mRapQarT5WY9RYNU6NVxPURJWiPlGT1KdqsvpMTVFT1TQ1XaWqGar/H5Vm/zfyP/0n+YN/f/fNaovaqrap7WqH2ql2qd1qj9qj9ql96oA6oLJUljqoDqpD6pA6rA6rI+qIOqqOqmPqmDqujqsT6oQ6qU6pi+qMOqt+VefUeXVeXVSX1CV1+Y+fgdCgpVZa60Dn0Dl1jM6lY/UtOk7fqnPr23RE367j9R06j75T59X5dH5dQBfUhXRhbTRqq0mHuoguqqP6Ll1M360TdHFdQpfUTpfSifqe/+f8G62vlW6lW+vWuo1uo9vpdrq9bq876A46SSfpjrqj7qQ76c66s+6iu+iuuqvuprvp7rq77qF76J66p07WybqPfkf31f10fz1AD9Tv6kF6kB6sB+sheogepofp4Xq4HqFH6JF6pB6tR+sxeowep8fpCXqCTtEpepKepCfryXqKnqKn6Wk6VafqNJ2mZ+qZeraerefoOXqunqvn6/k6XafrRXqRztAZeoleojP1Ur1UL9fL9Uq9Uq/Wq/VavVav1+v1Rr1RZ+oteoveprfpHXqH3qV36T16j96n9+kD+oDO0ln6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+gT+qQ+qU/r0/qsPqvP6XP6gr6gL+lL+rK+rK/qq9cu+wIZyEAHOsgR5AhigpggNogN4oK4IHeQO4gEkSA+iA/yBHcGeYN8Qf6gQFAwKBQUDkyAgQ0oCIMiQdEgGtwVFAvuDhKC4kGJoGTgglJBYnBPUDq4NygT3BeUDe4PygUPBOWDCkHFoFLwYFA5eCioEjwcVA0eCaoF1YMaQc3g0aBW8FhQO3g8qBM8EdQNngzqBU8F9YOngwZBw6BR8EzQOHg2aBI0DZoFzYMWQcug1b+1vvfn8j3veppeJtn0Nn3MO6av6Wf6mwFmoHnXDDLvmcHmfTPEDDXDzAdmuPnQjDAfmZFmlBltPjZjzFgzzow3E8xEk2I+MZPMp2ay+cxMMVPNNDPdpJoZJs18bmaaWWa2+cLMMV+auWaemW8WmHSz0Cwyi02G+cosMV+bTLPULDPLzQqz0qwyq80as9asM+vNBrPRbDKbzRaz1Wwz280Os9PsMrvNHrPX7DP7zQHzjcky35qD5i/mkPnOHDbfmyPmB3PU/GiOmZ/McfOzOWF+MSfNKXPanDFnza/mnDlvLpiL5pL5zVw2V8xV469d3F87vaNGjTkwB8ZgDMZiLMZhHObG3BjBCMZjPObBPJgX82J+zI8FsSAWxsJ4DSFhESyCUYxiMSyGCZiAJbAEOnSYiIlYGktjGSyDZbEslsNyWB7LY0WsiA/ig/gQPoQP48P4CD6C1bE61sSaWAtrYW2sjXWwDtbFulgP62F9rI8NsAE2wkbYGBtjE2yCzbAZtsAW2ApbYWtsjW2wDbbDdtge22MH7IBJmIQdsSN2wk7YGTtjF+yCXbErdsNu2B27Yw/sgT2xJyZjMvbBPtgX+2J/7I8DcSAOwkE4GAfjEByCw3AYDsfhOAJH4EgchaPxYxyDY3EcjscJOBFTMAUn4SScjJNxCk7BaTgNUzEV0zANZ+JMnI2zcQ7Owbk4F+fjfEzHdFyEizADM3AJLsFMzMRluAxX4ApchatwDa7BdbgON+AG3ISbcAtuwW24DXfgDtyFu3AP7sF9uA8P4AHMwiw8iAfxEB7Cw3gYj+ARPIpH8Rgew+N4HE/gCTyJJ/E0nsazeBbP4Tm8gBfwEv6Gl/EKXkWPMTaXjbW32Dh7q81tb7P/GOe3BWxBW8gWtsbmtfn+LkZrbYItbkvYktbZUjbR3vOnuLytYCvaSvZBW9k+ZKv8Ka5lH7O17eO2jn3C1rSP/l1c1z5p69lnbX3b1DawzW0j29I2ts/aJrapbWab2xa2pW1vX7Qd7Es2yb5sO9pX/hQvsovtGrvWrrPr7T67316wF+0x+5O9ZH+zPW0vO9C+awfZ9+xg+74dYof+KR5tP7Zj7Fg7zo63E+zEP8XT7HSbamfYNPu5nWln/SlOtwvtHJth59p5dr5d8Ht8bU0Z9iu7xH5tM+1Su8wutyvsSrvKrv6PtS63G+0mu9nusXvtNrvd7rA77S67+/f42j4O2G9slv3WHrU/2kP2O3vYHrdH7A+/x9f2d9z+bE/YX+xJe8qetmfsWfurPWfP/77/a3s/Y6/Yq9ZbQUCSFGkKKAflpBjKRbF0C8XRrZSbbqMI3U7xdAfloTspL+Wj/FSAClIhKkyGkCwRhVSEilKU7qJidDclUHEqQSXJUSlKpHuoNN1LZeg+Kkv3Uzl6gMpTBapIlehBqkwPURV6mKrSI1SNqlMNqkmPUi16jGrT41SHnqC69CTVo6eoPj1NDaghNaJnqDE9S02oKTWj5tSCWlIreo5a0/PUhtpSO3qB2tOL1IFeoiR6mTrSK9SJXqXO9Bp1odepK71B3ehN6k5vUQ96m3pSL0qm3tSH3qG+1I/60wAaSO/SIHqPBtP7NISG0jD6gIbThzSCPqKRNIpG08c0hsbSOBpPE2gipdAnNIk+pcn0GU2hqTSNplMqzaA0+pxm0iyaTV/QHPqS5tI8mk8LKJ0W0iJaTBn0FS2hrymTltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjtoJ+2i3bSH9tI+2k8H6BvKom/pIP2FDtF3dJi+pyP0Ax2lH+kY/UTH6Wc6Qb/QSTpFp+kMnaVf6Rydpwt0kS7Rb3SZrtBV8iRCCGWoQh0GYY4wZxgT5gpjw1vCuPDWMHd4WxgJbw/jwzvCPOGdYd4wX5g/LBAWDAuFhUMTYmhDCsOwSFg0jIZ3hcXCu8OEsHhYIiwZurBUmBjeE5YO7w3LhPeFZcP7w3LhA2H5sEJYMawUPhhWDh8Kq4QPh1XDR8JqYfWwRlgzfDSsFT4W1g4fD+uET4RlwifDeuFTYf3w6bBB2DBsFD4TNg6fDZuETcNmYfOwRdgybBU+F7YOnw/bhG3DduELYfvwxbBD+FKYFL4cdgxfueHx5LB32Cd8J3wn9P5xNT+6IJoeXRhdFF0czYh+FV0S/TqaGV0aXRZdHl0RXRldFV0dXRNdG10XXR/dEN0Y3RTdHPW+Zk7hwEmnnHaBy+FyuhiXy8W6W1ycu9Xldre5iLvdxbs7XB53p8vr8rn8roAr6Aq5ws44dNaRC10RV9RF3V2umLvbJbjiroQr6Zwr5RJdS9fKtXKt3fOujWvr2rkX3AvuRfeie8m95F52Hd0rrpN71XV2r7ku7nX3unvDdXNvuu7uLdfDve16ul4u2SW7Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7IW6IG+aGueFuuBvhRriRbqQb7Ua7MW6MG+fGuQlugktxKW6Sm+Qmu8luipviprlpLtWlujSX5ma6mW62m+3muDlurpvr5rv5Lt2lu0VukctwGW6JW+IyXaZb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vldrk9bo/b5/a5A+6Ay3JZ7qA76A65Q+6w+94dcT+4o+5Hd8z95I67n90J94s76U650+6MO+t+defceXfBXXSX3G/usrvirjrvUiKfRCZFPo1MjnwWmRKZGpkWmR5JjcyIpEU+j8yMzIrMjnwRmRP5MjI3Mi8yP7Igkh5ZGFkUWRzJiHwVWRL5OpIZWRpZFlkeWRFZGfG+0LbQF/FFfdTf5Yv5u32CL+5L+JLe+VI+0d/jS/t7fRl/ny/r7/fl/AO+vK/gK/qmvplv7lv4lr6Vf8639s/7Nr6tb+df8O39i76Df8kn+Zd9R/+K7+Rf9Z39a76Lf9139W/4bv5N392/5Xv4t31P38sn+96+j3/H9/X9fH8/wA/07/pB/j0/2L/vh/ihfpj/wA/3H/oR/iM/0o/yo/3Hfowf68f58X6Cn+hT/Cd+kv/UT/af+Sl+qp/mp/tUP8On+c/9TD/Lz/Zf+Dn+Sz/Xz/Pz/QKf7hf6RX6xz/Bf+SX+a5/pl/plfrlf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t9/j9/p9fr8/4L/xWf5bf9D/xR/y3/nD/nt/xP/gj/of/TH/kz/uf/Yn/C/+pD/lT/sz/qz/1Z/z5/0Ff9Ff8r/5y/6Kv8r/s8YYY4wx9t+ibnC89z/5nvxjXNNHCHHr9gJH/rHmhrx/nfeT+zpGhBAv9+ra8G+jYcPk5OQ/XpupRFB0nhAicj0/h7geLxXtxIsiSbQVpf/p+vrJikA3qB+9X4jY/5QTI67H1+vf+1/Ub7rwhvXnCZFQ9HpOLnE9vl6/zH9Rf3f7G9TP9V2KEG3+U06cuB5fr58onheviKS/eyVjjDHGGGOMMfZX/eSlbje6v712f15QX8/JKa7HN7o/Z4wxxhhjjDHG2M332pvdX3ouKaltZ57whCc8+Y/Jzf7LxBhjjDHGGPt3u37Rf7NXwhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZV//Gx8ndrP3yBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjN1s/ycAAP//fMhn/w==") (rerun: 64) 02:38:19 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000650000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='scsi_dispatch_cmd_start\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c00000010000305000000000000ffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b0001006d616373656300001c000280050007000000000005000a0000000000050009000000000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}}, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = dup(r8) ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000017c0)=@bloom_filter={0x1e, 0x0, 0x880000, 0x3, 0x400, r0, 0x3, '\x00', 0x0, r0, 0x0, 0x2, 0x5, 0xc}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0xd, 0xd, &(0x7f00000015c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x8}, @alu={0x7, 0x0, 0xd, 0x3, 0x5, 0xfffffffffffffe40}, @jmp={0x5, 0x0, 0xd, 0xa, 0x9, 0x2, 0x1}, @generic={0x6, 0xb, 0x1, 0x0, 0x1}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0xe7, &(0x7f0000001640)=""/231, 0x40f00, 0x49, '\x00', r5, 0xd, 0xffffffffffffffff, 0x8, &(0x7f0000001740)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000001780)={0x2, 0xb, 0x6, 0x6}, 0x10, 0xffffffffffffffff, r2, 0x3, &(0x7f0000001840)=[r9, r0, r0, r10, r3, r3, r3], &(0x7f0000001880)=[{0x0, 0x5, 0x10, 0x2}, {0x3, 0x3, 0xf, 0x8}, {0x5, 0x1, 0x1, 0x5}], 0x10, 0x9}, 0x90) syz_emit_ethernet(0x26, &(0x7f00000000c0)={@link_local, @local, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x89, 0x0, @rand_addr=0x64010102, @local}, "7adc159d"}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x6, 0x0, 0xb}, {0x65}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xc, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x4}}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r3, 0x58, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0xfffffffb) r12 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r13 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@bloom_filter={0x1e, 0x4, 0xfffeffff, 0x5, 0x200, r3, 0x7ff, '\x00', r11, 0xffffffffffffffff, 0x5, 0x5, 0x5, 0xc}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r12}, {}, {}, {0x7, 0x0, 0xb, 0x0, 0x7}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0) bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0xa, 0x25, &(0x7f0000000a40)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r13}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @ldst={0x3, 0x0, 0x4, 0x9, 0x6, 0x8, 0xfffffffffffffffc}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f00000001c0)='GPL\x00', 0x200, 0x2d, &(0x7f0000000340)=""/45, 0x40f00, 0x6, '\x00', r11, 0x28, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000640)={0x4, 0x2, 0x4, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000001000)=[0xffffffffffffffff, r12], &(0x7f0000001040)=[{0x4, 0x3, 0x8, 0x6}, {}, {0x5, 0x1, 0x0, 0x9}, {0x2, 0x0, 0x0, 0x2}, {0x1, 0x4, 0x5, 0x8}, {0x3, 0x2, 0x9, 0x3}], 0x10, 0x8000}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x11, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x7fff}, [@exit, @alu={0x4, 0x1, 0x2, 0x8, 0x7, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb2df, 0x0, 0x0, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}]}, &(0x7f0000000000)='syzkaller\x00', 0x16, 0x1000, &(0x7f00000005c0)=""/4096, 0x40f00, 0x72, '\x00', r11, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100)={0x0, 0xc, 0x1, 0x8000}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000140)=[0x1], &(0x7f00000003c0)=[{0x5, 0x2, 0xc, 0x6}, {0x3, 0x3, 0x3, 0x1}, {0x3, 0x5, 0x5, 0x7}, {0x3, 0x4, 0x1, 0x9}, {0x4, 0x1, 0x4, 0x2}, {0x5, 0x4, 0x0, 0xd}, {0x2, 0x5, 0x2, 0xc}], 0x10, 0x5}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='scsi_dispatch_cmd_start\x00', r2}, 0x10) r14 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r14, &(0x7f0000000180), 0x40001) 02:38:20 executing program 0: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f00000010c0)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB='=\x00\x00\x00\x00\x00\x00', @ANYRESHEX=r2]) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/tcp6\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000002900)={0xb, 0x26, &(0x7f00000029c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, {}, {}, [@generic={0x8, 0x2, 0x9, 0x101}, @call={0x85, 0x0, 0x0, 0x83}, @generic={0x6, 0x1, 0xb, 0x6, 0xff}, @ringbuf_query, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @tail_call, @map_idx={0x18, 0x6, 0x5, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001180)='syzkaller\x00', 0x8001, 0x3a, &(0x7f00000011c0)=""/58, 0x41100, 0x39, '\x00', 0x0, 0x27, 0xffffffffffffffff, 0x8, &(0x7f00000027c0)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000002800)={0x5, 0xc, 0x8, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000002880), 0x10, 0x3}, 0x90) preadv(r3, &(0x7f0000000580)=[{&(0x7f0000000040)=""/34, 0x22}], 0x1, 0x79, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', 0x0}) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000140000000000000000000079102000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x4, 0xc4, &(0x7f00000002c0)=""/196}, 0x80) r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000a40), 0x8) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000d40)={0x1b, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x2}, 0x48) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e40)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000c00)=@raw=[@ringbuf_query], &(0x7f0000000c40)='syzkaller\x00', 0x4, 0x1000, &(0x7f00000017c0)=""/4096, 0x41000, 0x33, '\x00', r5, 0x1a, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000c80)={0x1, 0x4, 0x1, 0x6}, 0x10, 0x2aa17, r7, 0x4, &(0x7f0000000dc0)=[0xffffffffffffffff, r8, 0xffffffffffffffff, r9, 0xffffffffffffffff], &(0x7f0000000e00)=[{0x1, 0x3, 0xb, 0xb}, {0x5, 0x4, 0x5, 0x7}, {0x3, 0x2, 0x5, 0x2}, {0x1, 0x4, 0xd, 0x2}], 0x10, 0x80}, 0x90) ioctl$TIOCMGET(r8, 0x5415, &(0x7f0000000f00)) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b40)=@bpf_tracing={0x1a, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7ff}, [@cb_func, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @jmp={0x5, 0x1, 0xd, 0x6, 0x0, 0x1, 0x10}, @generic={0x2, 0x9, 0xd, 0x3, 0x8001}]}, &(0x7f00000005c0)='syzkaller\x00', 0x1, 0x2b, &(0x7f0000000780)=""/43, 0x41000, 0x58, '\x00', 0x0, 0x1c, r8, 0x8, &(0x7f00000007c0)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000800)={0x5, 0xd, 0x2, 0x3f}, 0x10, 0x16d67, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x47e}, 0x90) ioctl$sock_inet6_SIOCSIFADDR(r6, 0x8936, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x3f}, 0x78, r5}) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x4, 0x2, &(0x7f0000001300)=ANY=[@ANYBLOB="2faa17cd02db4900000000000000feffffff0000000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', r5, 0x16, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x2, 0xa, 0x9, 0x400}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)=[0x1]}, 0x80) 02:38:20 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="fc010000190001000000000000000000fe88000000000000000000000000000100000000000000000000ffffffffffff0000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="9d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044010500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000038000000000000000000000000000000000000000000000000000000e0000002000000000000000000000000000000006c000000000000000000000000000000000000000078439e4bfb7f728f"], 0x1fc}}, 0x0) [ 232.998709][ T5280] loop3: detected capacity change from 0 to 256 [ 233.126785][ T5286] 9pnet_fd: Insufficient options for proto=fd [ 233.182394][ T5289] netlink: 324 bytes leftover after parsing attributes in process `syz-executor.4'. 02:38:20 executing program 4: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'gretap0\x00', 0x0}) setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000200)=0x5, 0x4) sendto$packet(r1, &(0x7f00000000c0)="c298e19dd6c617dbc4041b9830e2", 0xe, 0x0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x3, 0x6, @remote}, 0x14) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x21}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80) syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x7, {[@local=@item_4={0x3, 0x2, 0x0, "75d4075f"}, @main=@item_012={0x1, 0x0, 0x8, "d5"}]}}, 0x0}, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 02:38:21 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="350400002f000511d25a80648c63940d0424fc60040005400c0004000200002037153e370c040180060410004500", 0x2e}, {&(0x7f0000000600)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc2261c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c78070974afc897fb738fbcfeac369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319129c48853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f329d71fe6e291fb2eaa59b9636cb6a74d0deb46a18c77f37abf0894a7083e0e4c237ff7c24872668ac40e307569a975b2765af8d3268d11b473d5d7544edd1ed0e507c319e128daf7e75c349c9b3de603580d52a6c118acf924216130364bfab8d59969e4dbee0a9208adb7bfa855556be06a666334a0612e4ff3fc6f4ddb9a0c209301081f34824496480d688ae9bd0c3c28ea8ecfe01a2b86dcb3750686a89891d9abf0d584c854b4bc6096293fbc8707312f424996361ef9261ef3ba7cd2ddffb0e3c81e6b962d680e02f7a672dc2643cc24ad64d86fb4780827ca784a8af3376c2567bfde74dc50e16c81b71450af026459e2c37d94b8461b56ff944edc1a8cd93d0258fcc2f094615c152be66884103", 0x3ff}], 0x2}, 0x0) 02:38:21 executing program 2: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing', 0x0, 0x0) getdents(r0, &(0x7f0000000000)=""/40, 0x28) getdents(r0, &(0x7f0000000280)=""/147, 0x93) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000340)={'erspan0\x00', &(0x7f00000001c0)={'gre0\x00', 0x0, 0x1, 0x7800, 0x6, 0x9, {{0x10, 0x4, 0x2, 0x31, 0x40, 0x68, 0x0, 0x40, 0x4, 0x0, @empty, @rand_addr=0x64010101, {[@generic={0x7, 0xf, "c8a1a8b67acfa752630e3aec03"}, @rr={0x7, 0x1b, 0xec, [@multicast2, @multicast1, @multicast2, @broadcast, @multicast2, @private=0xa010100]}]}}}}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x9, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000000c0)='GPL\x00', 0x9, 0x96, &(0x7f0000000100)=""/150, 0x41100, 0x4a, '\x00', r1, 0x0, r0, 0x8, &(0x7f0000000380)={0x100, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f00000003c0)=[{0x2, 0x4, 0x2, 0x2}, {0xa2cf, 0x1, 0x9, 0x3}, {0x2, 0x1, 0xd, 0x1}, {0x1, 0x5, 0x5, 0x7}, {0x2, 0x4, 0x3, 0x7}, {0x3, 0x5, 0x6, 0x4}, {0x1, 0x3, 0x0, 0x7}, {0x4, 0x1, 0x9, 0x8}, {0x1, 0x1, 0xa, 0x5}], 0x10, 0x40}, 0x90) 02:38:21 executing program 0: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x18, &(0x7f0000000340)={r3}, &(0x7f0000000240)=0x8) [ 234.054647][ T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd 02:38:21 executing program 1: openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000022c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB='\b\x00&'], 0x2c}}, 0x0) r4 = io_uring_setup(0x40, &(0x7f00000002c0)={0x0, 0x0, 0x80}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = socket(0x1, 0x3, 0x0) bind$unix(r6, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x2) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x0) io_uring_enter(r4, 0x6df6, 0x0, 0xb, &(0x7f0000000000), 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000061f8e400000000000000000000d3b0343c13d632ef0000000000202020941af8ff00000000bfa100010000000007010000f8ffffffb702000008000000b70300e8ffffff0085000000cf0000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0) [ 234.438252][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.450571][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.461960][ T24] usb 5-1: New USB device found, idVendor=056a, idProduct=00b7, bcdDevice= 0.00 [ 234.471490][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 02:38:21 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000000000f6d60000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000040)='syzkaller\x00', 0x5, 0xc0, &(0x7f00000020c0)=""/192}, 0x80) r1 = socket$inet_sctp(0x2, 0x5, 0x84) sendto$inet(r1, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) ioctl$int_in(r1, 0x5452, &(0x7f0000000640)=0x7) r2 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000040)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000000000f6d60000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000040)='syzkaller\x00', 0x5, 0xc0, &(0x7f00000020c0)=""/192}, 0x80) (async) socket$inet_sctp(0x2, 0x5, 0x84) (async) sendto$inet(r1, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) (async) ioctl$int_in(r1, 0x5452, &(0x7f0000000640)=0x7) (async) epoll_create(0x4) (async) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)) (async) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000040)) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10) (async) [ 234.579400][ T24] usb 5-1: config 0 descriptor?? [ 234.818178][ T5305] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 235.173899][ T24] wacom 0003:056A:00B7.0001: Unknown device_type for 'HID 056a:00b7'. Assuming pen. 02:38:22 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000001000050700000400000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=ANY=[@ANYBLOB="3000000024001d0f3a61aa51acb1d59e1a43ca38", @ANYRES32=r3, @ANYBLOB="00000000f1ffffff000000000b000100636c73616374"], 0x30}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000002a009fc900"/20, @ANYRES32=r3], 0x24}}, 0x0) 02:38:22 executing program 0: r0 = syz_open_dev$swradio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001bc0)=""/4114, 0x1012}], 0x1) syz_open_dev$ndb(&(0x7f0000000b40), 0x0, 0x88000) [ 235.258808][ T24] wacom 0003:056A:00B7.0001: hidraw0: USB HID v0.00 Device [HID 056a:00b7] on usb-dummy_hcd.4-1/input0 [ 235.274936][ T24] input: Wacom Intuos3 4x6 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:00B7.0001/input/input5 [ 235.468222][ T24] usb 5-1: USB disconnect, device number 2 02:38:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) (async) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000040), 0x4) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x68, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2e}], @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x68}}, 0x0) (async) syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) r5 = socket$inet_udplite(0x2, 0x2, 0x88) (async) r6 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f00000001c0)={@private1, 0x8000000, 0x2, 0x0, 0x8}, 0x20) (async) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000200)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x1, 0xff}, 0x20) (async) dup3(r5, r6, 0x0) (async) r7 = gettid() process_vm_writev(r7, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) (async) mremap(&(0x7f00004b6000/0x4000)=nil, 0x4000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) (async) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) (async) r8 = socket$inet_udp(0x2, 0x2, 0x0) (async) r9 = fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0) r10 = fsmount(r9, 0x0, 0x80) r11 = openat(r10, &(0x7f0000000040)='./file0\x00', 0x40440, 0x0) preadv(r11, &(0x7f0000001540)=[{&(0x7f0000000140)=""/28, 0x1c}], 0x1, 0x8003, 0x0) (async) setsockopt$inet_MCAST_LEAVE_GROUP(r8, 0x0, 0x2d, &(0x7f0000000080)={0x0, {{0x2, 0x0, @private}}}, 0x88) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) [ 235.716428][ T5314] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 02:38:23 executing program 1: r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x80086601, &(0x7f0000000480)=ANY=[@ANYBLOB="d348451ce2"]) 02:38:23 executing program 4: r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x0, "d2c492eb0165203dc6e4bec77202abb42c000000002231a11000", 0xffffffffffffffff}) r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000002c0)={0x3, "421ae3753785259249154c944122ad063ff40104000000000000c78a3ab4c981", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f00000000c0)={"e50d1af889b4ea0700000000000000f3c49e4906eddfecd83634e4a37ef94add", r3, 0xffffffffffffffff}) poll(&(0x7f00000001c0)=[{r4}, {r3}], 0x2, 0x0) ioctl$SW_SYNC_IOC_INC(r2, 0x40045701, &(0x7f0000000100)=0x3) 02:38:23 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x1b, &(0x7f0000000340)={r3}, &(0x7f0000000240)=0x8) 02:38:23 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x40000000, 0x4) recvmmsg(r0, 0x0, 0x0, 0x2020, 0x0) 02:38:23 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1802}, [@IFLA_VFINFO_LIST={0x38, 0x16, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xa, {0xfffffff8}}, @IFLA_VF_VLAN={0x10, 0x2, {0x4, 0x9d2, 0x6}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0x8, 0x800}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x5c}}, 0x34048080) 02:38:24 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x1c, &(0x7f0000000340)={r3}, &(0x7f0000000240)=0x8) 02:38:24 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="48000000100005070000040000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=ANY=[@ANYBLOB="3000000024001d0f3a61aa51acb1d59e1a43ca38", @ANYRES32=r3, @ANYBLOB="00000000f1ffffff000000000b000100636c73616374"], 0x30}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000002a009fc900"/20, @ANYRES32=r3], 0x24}}, 0x0) 02:38:24 executing program 0: openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='neigh_create\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cd0aa7b73340cc2160a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e10d859e8327ef03fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9bb759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563112f4b391aafe234870072858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5c768a40538be5f76e9c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5be5f6eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ff010000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a30280bc586e79a5dd8076c248e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5ffff000000000000c24411d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d54aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5f7d895de17a10b0a0ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5175d879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2e5a00d2f953a86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c56d0886eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366a9660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e959212181d4bf32ed89c96d421c8171698c49403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef310e10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e15a00adb976064a93e8d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeadc5cf218a6eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041814f60fbbcafa487ee96b368e8769da90b44190e569fe8b1d155d0765baaca5c5548b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751beed5f79de29a67a579150bfb31232d296b9d2977ed027ca90af7088d6466f1501d96a32bfa3cf9ab0dcd626ac9341833e92685af6917ae05473ae4768341426e244159b3c3e002b6f8ee80cbe6e26c816ab92658d956d849cd3a21ebf4b143d338035cd91f087633aa668e0644b05dc5a7937cd5fb62bd08242a858aeeda8c0cbb4fc2478a8155b859e88493f322702277939832bd4a1d8109f98c5a187564c9eb80acc63ac57459593c81ce8998e38ea231b81ebaa6b242ebdf382d70232f1d8e516a8eaf39d09ea40198cf1b72eb5ce5327d3a3861470be47a9a9dbf569e6f6f474fd1448adfd70c4f4a4487edaf193a00a808389a110a4286905ba81309735f6ac5d2ba7ab2be01fa25c11dbb3170258e9d9fed944fd85c03336a49f7016517a1988bc84ee301e167d3cf88c46c4eba6e2bfd099acd2eec5c624679aa7ebab76061a9ca792bffe3d6df4dbe70b5cab6299a51e63826fd0bda4846d06e322ebd745e73da718ba0c93e7567df9ed7ea8d2fdbde44e65a4cd01748b784d392645d013d1424c6e7f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x2}, 0x48) bpf$ITER_CREATE(0x21, &(0x7f0000000180), 0x8) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1}, &(0x7f00000001c0), &(0x7f0000000280)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x43400) r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x80) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='sched_process_wait\x00', r5}, 0x10) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) close(r7) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r4, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r7, r4, 0x0, r7}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000780)={{}, &(0x7f0000000700), &(0x7f0000000740)='%-5lx \x00'}, 0x20) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x14, 0x4, 0x4, 0x7}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000fc0)={{r8}, &(0x7f0000000c40), &(0x7f0000000f80), 0x700}, 0x20) 02:38:24 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000780)='sys_exit\x00', r0}, 0x10) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x242, 0x0) r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x1c9e01) ioctl$USBDEVFS_RELEASEINTERFACE(r3, 0x8004550f, &(0x7f0000000080)=0x1) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r2, 0xc0185879, &(0x7f0000000200)={@desc={0x44b3, 0x0, @desc1}, 0x40, 0x0, '\x00', @b}) r4 = socket(0x1e, 0x4, 0x0) r5 = socket(0x1e, 0x4, 0x0) r6 = dup3(r5, r4, 0x0) bind$unix(r6, &(0x7f0000000240)=@file={0x1e, './file0\x00'}, 0x6e) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x58, &(0x7f0000000180)}, 0x10) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r1}, 0x4) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='gretap0\x00', 0x10) [ 237.272207][ T5338] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. 02:38:24 executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000009e1bbe9c00000000000000350000000008000095"], &(0x7f0000000100)='syzkaller\x00'}, 0xbf) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f0000000040)=ANY=[], 0x1, 0x6c3, &(0x7f00000000c0)="$eJzs3U9sHFcdB/DvrNeON1TBaRMaoSKiRipIEYkTK4VwwSCEcqhQVQ6crcRprGySynFRWiHqAIITEgeOHAqSb5yQuAeFc7n16mMlJC4Rh6hCWjSzs/bau47X8d/Qzycavzf73rz57W/ezHjXWW2AL6xr59N8lCLXzr/1oFxfXZlpr67MHKub20nKeiNpdosUd5PicTJbthd9S/rKAX9YuPrOp09WP+uuNeul6t941nZDDOm7XC85m2SsLgeNj7qL5Tq8vJTkel1uNDHqWBs6lkk7V5dw6DoDlney+U7OW+CI6d2diu59c8BUcjzJZP17QOqrQ+PgItwfO7rKAQAAwAvqk3uHHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8eOrv/y/qpVGXOZui9/3/E73H6voRNDtyz0f7GgcAAAAAAAAAHIyvP83TPMiJ3nqnqP7m/3q1ciqfd5Iv5f3cz3wWcyEPMpelLGUxl5JM9Q008WBuaWnx0tqWpeFbXh665eXu7j86mKcNAAAAAAAAAP9vfpnW+t//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgKCiSsW5RLafqMlNpNLPeluXkn0kmDjveHSiGPfioWywfcCwAAADw3CafY5svP83TPMiJ3nqnqF7zf6V6vTyZ93M3S1nIUtqZz436NXT5qr+xujLTXl2ZuVMug+N+/987CqMasX5/Yfiez1Q9Wq1koXrkQq5XwdxIo9oy55IzvXiGx/WwjKn4Xm3EyJp1Wsud/X6rdxH2xKMd9p8qg0tys87IdB1bmY2T3QwU9TsbmzOx7dFpbt5TGhlf29OlNB723vk5tQ85P16X5fP5zb7mfKfWMtFIlYnLvdlXnjPPzkTyjb/95ae32ndv37p5//zReUrbGNvi8c1zYqYvE6++0Jlo7rD/dJWJ02vr1/Kj/CTnczZvZzEL+VnmspT5dOr2uXo+lz+nnp2p2Q1rb28XyUR9XLrHbJSYzuaHVa136ziRhRS5lxuZz5vVv8u5lG/nSq7kat8RPr1l3NVzq876xuazvnek/z40+HPfzH87nU7SSvLbdMuBHGyy1ezcK928lHk92ZfX7qx/stbrZN95MN2XpZd72RkfOnh9bSyrI18bm1+tK+U+flWXR8NUnYnyBKrvEmvRvdLNRLO6Fw3O8z91yu3Svnt78dbce1uMv/k9+jfqspxWK18bNcrhh2JvlfPl5UzWV5KNs6Nse2XtKnNyw111ov6LS7etMdB2umorijLX5Zn649yrJsDgmTpR/w43ONLlqu3VoW0zVduZvrbWWtuFXM+9tHPjAPIHwC5N5fhE61+tT1oft37dutV6a/IHx75z7LWJjP9j/LvN6bE3Gq8Vf83H+cX6638AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD53f/gw9tz7fb84vBKY+umbSrbjbypUtRf6PNc+zqClckkGx6pvufowMNobQ5joNL5KNnNLv74PFv1vkRweJ/flZVmRhlwdljTWN/ID/uaOp2R5vwXrFJma1jTYV6VgINwcenOexfvf/DhtxbuzL07/+783fErV65OX73y5szFmwvt+enuz8OOEtgP6zf9w44EAAAAAAAAAAAAGNWwDwa8/tJ2HxoZ6TMe/mchAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsCeunU/zUYpcmr4wXa6vrsy0y6VXX+/ZTNJoJMXPk+JxMpvukqm+4Yr8+XE6A3tpJLn6zqdPVj9bH6vZ7d9tLHb3LJbrJWeTjNXlXo13fdfjFf/pPcMyYZ93Op3Z3cUHe+N/AQAA////YPeL") 02:38:25 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x4) connect$inet6(r0, &(0x7f0000000b80)={0xa, 0x0, 0x0, @remote, 0x1ff}, 0x1c) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000280)="580000001400add4273200000000b45602117fffffff81000e220e227f000001000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000c335237676a8e5dc968b2bf8ec", 0x58}], 0x1) r2 = socket$inet6(0xa, 0x5, 0x0) listen(r2, 0x8) r3 = memfd_create(&(0x7f0000000100)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17\x01\x00I\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b\x00\x00\x00\x00\x00\x00', 0x0) write(r3, &(0x7f00000000c0)='i', 0x1) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e22, 0x4, @local, 0x80}], 0x1c) [ 237.802258][ T28] audit: type=1804 audit(1712284705.129:3): pid=5346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir170866022/syzkaller.Mvtl26/9/.log" dev="sda1" ino=1948 res=1 errno=0 [ 238.288773][ T5349] loop1: detected capacity change from 0 to 1024 02:38:25 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x1080000, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4800000010000104000000000000000000000000b3084fdba0ca5f5a1c5cb6245f37b4c54c6cb1547b1749b13768589b465715336aadcfa0a248167f89c4746d9bae4bcf4aee4c896fcef2f1b725cd0c661d42c9fd9e3d3c54a884f276d586516725402d6ff74bd545d809951d", @ANYRES32=0x0, @ANYBLOB="00000000129f091e554d6565746800000000180002801400000000000000000000000000a371782807fd1153dc9727e32cb104838233fe3c6767eae609aef38e950aacb5a9b66f0f9263125ebe36798a246903ddb67b1d2908ee0e4048d8f5e41847a43ee64851294684f26c7f4302eaeaf1209cbf244fcb42776c83a7a891bb46c703000000000000000c90b12cbf94cebcf027ab8ef61a4bfd18550ce4e34d1ddde6dbfc1c9f", @ANYRES32=0x0, @ANYBLOB="7fff000000000000"], 0x48}}, 0x0) [ 238.498169][ T5349] ===================================================== [ 238.505738][ T5349] BUG: KMSAN: uninit-value in hfsplus_cat_case_cmp_key+0xf1/0x190 [ 238.514360][ T5349] hfsplus_cat_case_cmp_key+0xf1/0x190 [ 238.520069][ T5349] hfs_find_rec_by_key+0xb1/0x240 [ 238.525498][ T5349] __hfsplus_brec_find+0x26f/0x7b0 [ 238.531078][ T5349] hfsplus_brec_find+0x445/0x970 [ 238.536771][ T5349] hfsplus_brec_read+0x46/0x1a0 [ 238.542567][ T5349] hfsplus_find_cat+0xdb/0x460 [ 238.547816][ T5349] hfsplus_iget+0x740/0xaf0 [ 238.553094][ T5349] hfsplus_fill_super+0x151b/0x2700 [ 238.559121][ T5349] mount_bdev+0x397/0x520 [ 238.563730][ T5349] hfsplus_mount+0x4d/0x60 [ 238.569529][ T5349] legacy_get_tree+0x114/0x290 [ 238.574809][ T5349] vfs_get_tree+0xa7/0x570 [ 238.579549][ T5349] do_new_mount+0x71f/0x15e0 [ 238.584875][ T5349] path_mount+0x742/0x1f20 [ 238.596998][ T5349] __se_sys_mount+0x725/0x810 [ 238.601952][ T5349] __x64_sys_mount+0xe4/0x150 [ 238.609324][ T5349] do_syscall_64+0xd5/0x1f0 [ 238.628879][ T5349] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 238.636711][ T5349] [ 238.639161][ T5349] Uninit was created at: [ 238.650009][ T5349] __kmalloc+0x6e4/0x1000 [ 238.656689][ T5349] hfsplus_find_init+0x91/0x250 [ 238.661818][ T5349] hfsplus_iget+0x3e1/0xaf0 [ 238.666929][ T5349] hfsplus_fill_super+0x151b/0x2700 [ 238.672528][ T5349] mount_bdev+0x397/0x520 [ 238.677263][ T5349] hfsplus_mount+0x4d/0x60 [ 238.682059][ T5349] legacy_get_tree+0x114/0x290 [ 238.687209][ T5349] vfs_get_tree+0xa7/0x570 02:38:26 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x212243, 0x0) write$vga_arbiter(r0, &(0x7f0000000100)=@target={'target ', {'PCI:', '7', ':', '3', ':', '4', '.', '15'}}, 0x14) syz_emit_ethernet(0x216, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd604dd30801e00600fe8000000000000000000000000000aafe8000000000000000000000000000aa841c000000000000050200050401ff04010905020fff0199142e0ff56461bff62e62e95a82f6ec528f92159af47d64d497bb9d54fe4439b7ffeccd87ec21683498c92612cf3d6bba29614f34197e520a8d8474983bda3dddf1ba4fee76d64e662fd324c66f6140dc9c7e32078094da0059963bd797962bf823f2ed88348f86400fce8373984f839b5c7162a0013d3eacf41f98894167dd74c17f47bcb9782f7f863a8dca50cbdb7ac7581657c28f5ca207261e952f352cda7fa45361e37ddc3291f71723fd64b8f610811bc3aaf4bcc6425a8545223a6eeec910fe8000000000000000000000000000bb0502000200880d04060210ff07fc000000000000000000000000000001ff020000000000000000000000000001fe8000000000000000000000000000bb20010000000000000000000000000000fe8000000000000000000000000000bb00000000000000000000000000000000840c000000000000c910fc000000000000000000000000000001c204fffffe4fc20400000edb0502000107280000000308ff0600e400000000000000040000000000000008000000000000000500000000000000c20400010001c910fe880000000000000000000000000101040120000000400100", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="4cc2000090780000fe04f989"], 0x0) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r1, 0x58, &(0x7f00000001c0)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000013c0)={r2}, 0xc) write$vga_arbiter(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="6c6f636b84f7b1a7002f63a03af40c2e475b56f84ea192d6131256007b56cb098a6421cc5d82583b8dad30283cf009dff6bc0f58fe528c0f489433d265cb458c39d060b83ef691885174e698e5630c5d0ca62b15e13f38af4ab879be0072edacbede3ab6b1ca30aa4d4d6209b91c92ddb962a53d742675169466540b0cf25b5895aca2f6cfb0013d93b12f9c3d8228e9bad427206f54ed495fff6736f90e0bf8b21a0b"], 0x9) write$vga_arbiter(r0, &(0x7f0000000980)=ANY=[@ANYRES32=r0, @ANYRES32=0x0, @ANYRESDEC=r0, @ANYRES32=r0, @ANYRES16=r0, @ANYRESOCT=r0, @ANYRESDEC=0x0, @ANYRES64=r0, @ANYRESOCT=r0, @ANYRES16], 0xa) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000002140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000002180)={'wlan1\x00'}) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r6 = open(0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syncfs(0xffffffffffffffff) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, 0x0) r7 = creat(&(0x7f0000000040)='./bus\x00', 0x0) pwritev2(r7, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="44000000dfe393547a4e080a562fb13c55d20a33bb95620b0c64d83a03ded5cda9ab255fb40edb5ad35b3b0e701b5fef043b6c624f7349455155d9acc003ee09b88baf341926063660805ecb83c6940fb985aca86092d1fbc9e5729974a7df", @ANYRES16=r4, @ANYBLOB="01000000000000000000340000000e000100dcff0000000000006d0000000f0002006e657464657673696d30000028007300000000000800030000000000"], 0x44}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000aa4000/0x1000)=nil, 0x1000, 0x2, 0x10010, r6, 0x0) r8 = userfaultfd(0x801) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000740)=ANY=[@ANYBLOB="01080002e99d00006d000000fed7e28ee21b8c6360601546f45ac4e44ebc65c1c1b3ac11e0a78eee30dd51f21207262d6a07a4c63db1c691245fc80a75cf26c442550dd278ecffffffffffffff7f5776c3c8a2b66277dde2156d17ba4f6020fcbf1b14fad5730f4c9d10629618c69aa1e9ef39658a41cddd9b20f1852fa02969c6d00f94a645c464c5078acbf736e1433dc432ee86c7dd19c68e859c5da435dd410ec8f0d7e7ae24822e4693fcae79c5571fbb8258df9667763c1ddc46", @ANYRES32=r8, @ANYBLOB="06000000000000802e2f66696c653000"]) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) [ 238.699735][ T5349] do_new_mount+0x71f/0x15e0 [ 238.707177][ T5349] path_mount+0x742/0x1f20 [ 238.712241][ T5349] __se_sys_mount+0x725/0x810 [ 238.717749][ T5349] __x64_sys_mount+0xe4/0x150 [ 238.722707][ T5349] do_syscall_64+0xd5/0x1f0 [ 238.727590][ T5349] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 238.733757][ T5349] [ 238.736459][ T5349] CPU: 1 PID: 5349 Comm: syz-executor.1 Not tainted 6.9.0-rc2-syzkaller-00080-gc85af715cac0 #0 [ 238.747140][ T5349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 238.758002][ T5349] ===================================================== [ 238.765236][ T5349] Disabling lock debugging due to kernel taint [ 238.772602][ T5349] Kernel panic - not syncing: kmsan.panic set ... [ 238.779446][ T5349] CPU: 1 PID: 5349 Comm: syz-executor.1 Tainted: G B 6.9.0-rc2-syzkaller-00080-gc85af715cac0 #0 [ 238.792016][ T5349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 238.802526][ T5349] Call Trace: [ 238.806029][ T5349] [ 238.809176][ T5349] dump_stack_lvl+0x216/0x2d0 [ 238.814092][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 238.820209][ T5349] dump_stack+0x1e/0x30 [ 238.825178][ T5349] panic+0x4e2/0xcd0 [ 238.829911][ T5349] ? kmsan_get_metadata+0x101/0x1d0 [ 238.835419][ T5349] kmsan_report+0x2d5/0x2e0 [ 238.840306][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 238.845719][ T5349] ? __msan_warning+0x95/0x120 [ 238.850914][ T5349] ? hfsplus_cat_case_cmp_key+0xf1/0x190 [ 238.856883][ T5349] ? hfs_find_rec_by_key+0xb1/0x240 [ 238.862363][ T5349] ? __hfsplus_brec_find+0x26f/0x7b0 [ 238.868039][ T5349] ? hfsplus_brec_find+0x445/0x970 [ 238.873436][ T5349] ? hfsplus_brec_read+0x46/0x1a0 [ 238.878820][ T5349] ? hfsplus_find_cat+0xdb/0x460 [ 238.884179][ T5349] ? hfsplus_iget+0x740/0xaf0 [ 238.889527][ T5349] ? hfsplus_fill_super+0x151b/0x2700 [ 238.895673][ T5349] ? mount_bdev+0x397/0x520 [ 238.900455][ T5349] ? hfsplus_mount+0x4d/0x60 [ 238.905297][ T5349] ? legacy_get_tree+0x114/0x290 [ 238.910561][ T5349] ? vfs_get_tree+0xa7/0x570 [ 238.915474][ T5349] ? do_new_mount+0x71f/0x15e0 [ 238.920482][ T5349] ? path_mount+0x742/0x1f20 [ 238.925744][ T5349] ? __se_sys_mount+0x725/0x810 [ 238.930831][ T5349] ? __x64_sys_mount+0xe4/0x150 [ 238.936182][ T5349] ? do_syscall_64+0xd5/0x1f0 [ 238.941108][ T5349] ? entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 238.947489][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 238.953080][ T5349] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 238.960032][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 238.965713][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 238.971887][ T5349] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 238.978526][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 238.985080][ T5349] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 238.992134][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 238.997731][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.003476][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 239.009584][ T5349] __msan_warning+0x95/0x120 [ 239.014401][ T5349] hfsplus_cat_case_cmp_key+0xf1/0x190 [ 239.020162][ T5349] hfs_find_rec_by_key+0xb1/0x240 [ 239.025402][ T5349] ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10 [ 239.032304][ T5349] __hfsplus_brec_find+0x26f/0x7b0 [ 239.037694][ T5349] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 239.043586][ T5349] hfsplus_brec_find+0x445/0x970 [ 239.048829][ T5349] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 239.054699][ T5349] hfsplus_brec_read+0x46/0x1a0 [ 239.059769][ T5349] hfsplus_find_cat+0xdb/0x460 [ 239.064715][ T5349] ? hfsplus_find_init+0x91/0x250 [ 239.070082][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 239.076669][ T5349] ? should_fail_ex+0x4a/0x800 [ 239.082019][ T5349] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 239.088275][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.093665][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.099068][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 239.105192][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.110561][ T5349] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 239.117059][ T5349] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 239.123447][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.128823][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 239.134896][ T5349] hfsplus_iget+0x740/0xaf0 [ 239.139758][ T5349] hfsplus_fill_super+0x151b/0x2700 [ 239.145124][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.150750][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 239.156743][ T5349] ? vsnprintf+0x2994/0x2a00 [ 239.161742][ T5349] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 239.168357][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.173900][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 239.179971][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.185706][ T5349] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 239.191720][ T5349] ? sb_set_blocksize+0x132/0x170 [ 239.197229][ T5349] mount_bdev+0x397/0x520 [ 239.201980][ T5349] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 239.207903][ T5349] hfsplus_mount+0x4d/0x60 [ 239.212942][ T5349] legacy_get_tree+0x114/0x290 [ 239.217979][ T5349] ? __pfx_hfsplus_mount+0x10/0x10 [ 239.223710][ T5349] ? __pfx_legacy_get_tree+0x10/0x10 [ 239.229301][ T5349] vfs_get_tree+0xa7/0x570 [ 239.234181][ T5349] ? mount_capable+0x97/0x120 [ 239.239128][ T5349] do_new_mount+0x71f/0x15e0 [ 239.243925][ T5349] ? kmsan_get_metadata+0x146/0x1d0 [ 239.249408][ T5349] path_mount+0x742/0x1f20 [ 239.254049][ T5349] ? user_path_at_empty+0x325/0x3a0 [ 239.259636][ T5349] __se_sys_mount+0x725/0x810 [ 239.264546][ T5349] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 239.271280][ T5349] __x64_sys_mount+0xe4/0x150 [ 239.276475][ T5349] do_syscall_64+0xd5/0x1f0 [ 239.281292][ T5349] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 239.287494][ T5349] RIP: 0033:0x7f950ac7f56a [ 239.292223][ T5349] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 239.312305][ T5349] RSP: 002b:00007f950b961ef8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 239.321073][ T5349] RAX: ffffffffffffffda RBX: 00007f950b961f80 RCX: 00007f950ac7f56a [ 239.329286][ T5349] RDX: 0000000020000000 RSI: 0000000020000080 RDI: 00007f950b961f40 [ 239.337585][ T5349] RBP: 0000000020000000 R08: 00007f950b961f80 R09: 0000000002000010 [ 239.346312][ T5349] R10: 0000000002000010 R11: 0000000000000202 R12: 0000000020000080 [ 239.354429][ T5349] R13: 00007f950b961f40 R14: 00000000000006c3 R15: 0000000020000040 [ 239.362593][ T5349] [ 239.366291][ T5349] Kernel Offset: disabled [ 239.370784][ T5349] Rebooting in 86400 seconds..