last executing test programs: 3.583667373s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x0, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x19}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0) 3.306825241s ago: executing program 1: setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x33, 0x0, 0x0) syz_emit_vhci(0x0, 0x7) syz_emit_vhci(0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00'}, 0x10) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0x408c5333, &(0x7f0000000080)) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a0000050000000000fc00ff00d87a970000100010000037ab7d818c7880beaf95677040357bab7d7a05c1bb0aa6aebef67ce4b0c51100f43ed1ed9f97ec6a859d46f82853825b67c84a908adca22e7266dfd4f239a3abbb98f982f6e8d4d652b4cc9d5fdab730c023e7cf262d889069e79c3ea45584d799dfdd019bf9611c91a31edc45c2f064bf78d886991b"], 0x22) syz_emit_vhci(0x0, 0xf) socket$inet6(0xa, 0x0, 0x84) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x62}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty}, 0x0, @in=@empty}}, 0xe8) syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x2016}}}, 0x7) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xe, 0x0, &(0x7f0000000b80)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x400}, 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x90) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 2.937588507s ago: executing program 2: syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000180)='./file0\x00', 0x1600008, &(0x7f00000001c0)=ANY=[], 0x3, 0x632, &(0x7f0000000800)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000080)) 2.743103663s ago: executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000", @ANYRES32=r2, @ANYBLOB="0a00340002020202020200000400cc0004001e01090049"], 0x3c}}, 0x0) 1.976802888s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.898633463s ago: executing program 3: msgget$private(0x0, 0x0) msgsnd(0x0, &(0x7f0000000340)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f00000008c0)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffffffffffffff}) 1.837983947s ago: executing program 1: bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000f40)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x7}, @hci_rp_read_rssi}}, 0xa) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000f40)={0xffffffffffffffff, 0x0, 0x0}, 0x10) syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0xff, 0xc9, 0x1f}}}, 0x9) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) 1.685841574s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e800000000000000ea850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@remote, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0) 1.243907814s ago: executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWSET={0x34, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x60, 0xc, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xbc}}, 0x0) 1.129870088s ago: executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000e176000095"], &(0x7f0000000180)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}}, 0x0) 827.819487ms ago: executing program 0: open(0x0, 0x0, 0x0) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3000080, &(0x7f0000000200)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRES8], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3U1rE1scx/HfmaRteht6pw+XC3fZa0E3UutG3KRIXoS4ELWJUAwVbQV1YxVXIrp371vwLQhuFN+Arlz5AiIII+fMZJJJJzMxNDMNfj9gmMycM+d/Mg/n/AfsCMAf60rzy9uL3+w/I1VUkV5cljxJNakq6R/9W3uwf7h32Gm3MvbTDRxbyyisaY4V2t1vp9WtKaoR8e23quqD6zAdQRDsfJV0UHYgKJW7+lN40kJ0dbrttcIjy/Z0wnpHJxzHrDFddfVQy2XHAQAoVzT+e9E4X4/m754nbUbD/qkc/yfVLTuAqQsytw6M/y7LCow9vn+7Tf18z6VwdrvXyxLHaXlu6Pu8wjMrMcE0eVmli8VbvL3XaZ/fvdtpeXqmRmSg2Lr7bIWnbk9OtBspuWmGMfpu0meUS64Pc7YP2yPiX5uwxYmZD+aTuW58vVErnv9VA2MPkztS/tCRCuPfGr1H10vfllJ022g0Gl6iyIpr5L+ohUhOL2vpGYl6Z9SKkg8I/Lw4Xa3VoVph7y7k1FoLa+0sJmpt976NqLWeaMv2Jj6bR7c3beaVuWo29F3v1ByY/3s2vk1lXpn9q8ZshkOB+8XD/synN1d1+/SPjRxHulZProl/xYVRof/IvqdhyJOMbS91S5e0fPDo8Z1Kp9O+bxdupizcq8dr5p5LqWVKWPDUX6Oj/qYFhQ8ij9XqDUpFhnruRHdo7x+5he1VVkgHT82ZUMZC82OxJ1IZCwXdo1Cq/kHPLfq+kIBQNDfvCvO/gXxly0327IefMU/PnZBFewzsHDvOgGqJ+qtu6a/fyuCWRmdw4+Zc/5+VzsSrfgY5LfpRnLMhyJr6Waapz7rB838AAAAAAAAAAAAAAAAAAIBZU8R/Jyi7jwAAAAAAAAAAAAAAAAAAAAAAzLr4/b/qvf9X473/d/gvf1fCN7ycyPt/X++L9/8C0/crAAD//zZmik0=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000280), 0xfea7) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x7a05, 0x1700) 683.542071ms ago: executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000c00)={0x0, 0xd, &(0x7f0000000bc0)={&(0x7f0000000040)={0x3c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x20, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}]}, 0x3c}}, 0x0) 327.727703ms ago: executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CMP_OP={0x8}, @NFTA_CMP_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc0}}, 0x0) 299.171052ms ago: executing program 1: bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r0, 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000000400)) 0s ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.90' (ED25519) to the list of known hosts. 2024/06/14 03:24:17 fuzzer started 2024/06/14 03:24:18 dialing manager at 10.128.0.169:30026 [ 187.289963][ T5049] cgroup: Unknown subsys name 'net' [ 187.561518][ T5049] cgroup: Unknown subsys name 'rlimit' [ 229.542769][ T1224] ieee802154 phy0 wpan0: encryption failed: -22 [ 229.549641][ T1224] ieee802154 phy1 wpan1: encryption failed: -22 2024/06/14 03:25:15 starting 5 executor processes [ 242.095494][ T5048] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 245.585231][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 245.595351][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 245.606659][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 245.625213][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 245.637568][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 245.669195][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 245.760115][ T5075] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 245.772265][ T5081] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 245.782366][ T5081] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 245.796565][ T5081] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 245.820052][ T5081] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 245.828777][ T5081] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 245.839080][ T5081] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 245.853159][ T5084] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 245.863593][ T5084] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 245.881041][ T5081] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 245.893247][ T5081] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 245.912226][ T5081] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 246.128038][ T5081] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 246.209839][ T5081] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 246.220094][ T5081] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 246.235679][ T5081] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 246.248301][ T5081] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 246.258485][ T5081] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 246.362645][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 246.373243][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 246.440775][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 246.551617][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 246.586985][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 246.597856][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 247.035701][ T5079] chnl_net:caif_netlink_parms(): no params data found [ 247.772233][ T51] Bluetooth: hci0: command tx timeout [ 248.009336][ T51] Bluetooth: hci1: command tx timeout [ 248.087599][ T51] Bluetooth: hci2: command tx timeout [ 248.107520][ T5074] chnl_net:caif_netlink_parms(): no params data found [ 248.282446][ T5078] chnl_net:caif_netlink_parms(): no params data found [ 248.328472][ T51] Bluetooth: hci3: command tx timeout [ 248.572827][ T5086] chnl_net:caif_netlink_parms(): no params data found [ 248.633880][ T5089] chnl_net:caif_netlink_parms(): no params data found [ 248.652228][ T51] Bluetooth: hci4: command tx timeout [ 248.660529][ T5079] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.669767][ T5079] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.678099][ T5079] bridge_slave_0: entered allmulticast mode [ 248.688221][ T5079] bridge_slave_0: entered promiscuous mode [ 248.736669][ T5079] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.745705][ T5079] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.754135][ T5079] bridge_slave_1: entered allmulticast mode [ 248.764217][ T5079] bridge_slave_1: entered promiscuous mode [ 249.062495][ T5079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 249.144608][ T5079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 249.544375][ T5079] team0: Port device team_slave_0 added [ 249.556485][ T5074] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.564882][ T5074] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.574776][ T5074] bridge_slave_0: entered allmulticast mode [ 249.584408][ T5074] bridge_slave_0: entered promiscuous mode [ 249.757076][ T5074] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.767821][ T5074] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.775774][ T5074] bridge_slave_1: entered allmulticast mode [ 249.785624][ T5074] bridge_slave_1: entered promiscuous mode [ 249.844645][ T5079] team0: Port device team_slave_1 added [ 249.878499][ T51] Bluetooth: hci0: command tx timeout [ 249.894046][ T5078] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.902211][ T5078] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.910365][ T5078] bridge_slave_0: entered allmulticast mode [ 249.920182][ T5078] bridge_slave_0: entered promiscuous mode [ 249.977135][ T5078] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.985665][ T5078] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.993939][ T5078] bridge_slave_1: entered allmulticast mode [ 250.003820][ T5078] bridge_slave_1: entered promiscuous mode [ 250.073127][ T5074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 250.125432][ T51] Bluetooth: hci1: command tx timeout [ 250.167715][ T51] Bluetooth: hci2: command tx timeout [ 250.312143][ T5074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 250.359424][ T5089] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.367653][ T5089] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.375710][ T5089] bridge_slave_0: entered allmulticast mode [ 250.385307][ T5089] bridge_slave_0: entered promiscuous mode [ 250.434545][ T51] Bluetooth: hci3: command tx timeout [ 250.521411][ T5079] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 250.529630][ T5079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.556163][ T5079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 250.579802][ T5078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 250.598750][ T5089] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.606610][ T5089] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.614880][ T5089] bridge_slave_1: entered allmulticast mode [ 250.624186][ T5089] bridge_slave_1: entered promiscuous mode [ 250.643321][ T5078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 250.704124][ T5074] team0: Port device team_slave_0 added [ 250.737841][ T51] Bluetooth: hci4: command tx timeout [ 250.753236][ T5086] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.761341][ T5086] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.769338][ T5086] bridge_slave_0: entered allmulticast mode [ 250.778950][ T5086] bridge_slave_0: entered promiscuous mode [ 250.833851][ T5079] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 250.841481][ T5079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.868491][ T5079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 250.889591][ T5074] team0: Port device team_slave_1 added [ 250.908391][ T5078] team0: Port device team_slave_0 added [ 250.916408][ T5086] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.924497][ T5086] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.932548][ T5086] bridge_slave_1: entered allmulticast mode [ 250.941650][ T5086] bridge_slave_1: entered promiscuous mode [ 251.091852][ T5078] team0: Port device team_slave_1 added [ 251.181140][ T5089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 251.199036][ T5074] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 251.206249][ T5074] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.234368][ T5074] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 251.344418][ T5089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 251.365532][ T5086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 251.388939][ T5074] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 251.396144][ T5074] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.423173][ T5074] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 251.438876][ T5078] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 251.445995][ T5078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.472602][ T5078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 251.494756][ T5086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 251.600062][ T5078] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 251.609036][ T5078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.636829][ T5078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 251.730127][ T5089] team0: Port device team_slave_0 added [ 251.808820][ T5079] hsr_slave_0: entered promiscuous mode [ 251.821389][ T5079] hsr_slave_1: entered promiscuous mode [ 251.916128][ T5089] team0: Port device team_slave_1 added [ 251.939741][ T5081] Bluetooth: hci0: command tx timeout [ 251.981852][ T5074] hsr_slave_0: entered promiscuous mode [ 251.993144][ T5074] hsr_slave_1: entered promiscuous mode [ 252.004453][ T5074] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 252.012422][ T5074] Cannot create hsr debugfs directory [ 252.077880][ T5086] team0: Port device team_slave_0 added [ 252.171910][ T51] Bluetooth: hci1: command tx timeout [ 252.231494][ T5086] team0: Port device team_slave_1 added [ 252.273103][ T51] Bluetooth: hci2: command tx timeout [ 252.355746][ T5089] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.365404][ T5089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.391729][ T5089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.487777][ T51] Bluetooth: hci3: command tx timeout [ 252.523719][ T5078] hsr_slave_0: entered promiscuous mode [ 252.533637][ T5078] hsr_slave_1: entered promiscuous mode [ 252.542893][ T5078] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 252.550857][ T5078] Cannot create hsr debugfs directory [ 252.636203][ T5089] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.643654][ T5089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.671442][ T5089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 252.688047][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.695260][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.721967][ T5086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.821303][ T51] Bluetooth: hci4: command tx timeout [ 252.825322][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.834280][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.860858][ T5086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 253.234275][ T5089] hsr_slave_0: entered promiscuous mode [ 253.245068][ T5089] hsr_slave_1: entered promiscuous mode [ 253.254570][ T5089] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 253.262484][ T5089] Cannot create hsr debugfs directory [ 253.432851][ T5086] hsr_slave_0: entered promiscuous mode [ 253.443387][ T5086] hsr_slave_1: entered promiscuous mode [ 253.454815][ T5086] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 253.464329][ T5086] Cannot create hsr debugfs directory [ 254.014033][ T51] Bluetooth: hci0: command tx timeout [ 254.247776][ T51] Bluetooth: hci1: command tx timeout [ 254.335652][ T51] Bluetooth: hci2: command tx timeout [ 254.484831][ T5074] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 254.524483][ T5074] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 254.569819][ T51] Bluetooth: hci3: command tx timeout [ 254.582586][ T5074] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 254.646560][ T5074] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 254.750238][ T5078] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 254.805181][ T5078] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 254.858782][ T5078] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 254.887849][ T51] Bluetooth: hci4: command tx timeout [ 254.889679][ T5079] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 254.933783][ T5079] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 254.959598][ T5078] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 255.055792][ T5079] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 255.091712][ T5089] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 255.149265][ T5079] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 255.257024][ T5089] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 255.319568][ T5089] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 255.393240][ T5089] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 255.476694][ T5086] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 255.525065][ T5086] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 255.600607][ T5086] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 255.644460][ T5086] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 256.659241][ T5074] 8021q: adding VLAN 0 to HW filter on device bond0 [ 256.680817][ T5078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 256.874418][ T5079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 256.996028][ T5074] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.051551][ T5078] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.074453][ T5089] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.156625][ T5127] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.164768][ T5127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.261521][ T5079] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.302781][ T5127] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.310891][ T5127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.327514][ T5127] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.335326][ T5127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.520392][ T5089] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.552316][ T5127] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.560306][ T5127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.592755][ T5127] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.600845][ T5127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.617848][ T5127] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.626553][ T5127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.889512][ T5127] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.897577][ T5127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.061608][ T5086] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.074425][ T5074] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 258.124663][ T5127] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.132737][ T5127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 258.403441][ T5086] 8021q: adding VLAN 0 to HW filter on device team0 [ 258.674245][ T5089] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 258.918946][ T5127] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.926764][ T5127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.944009][ T5127] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.951956][ T5127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.451528][ T5086] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 260.533590][ T5079] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 260.616685][ T5074] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.217131][ T5078] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.334982][ T5089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.392640][ T5079] veth0_vlan: entered promiscuous mode [ 261.515899][ T5074] veth0_vlan: entered promiscuous mode [ 261.641037][ T5079] veth1_vlan: entered promiscuous mode [ 261.738431][ T5074] veth1_vlan: entered promiscuous mode [ 262.051573][ T5078] veth0_vlan: entered promiscuous mode [ 262.119919][ T5086] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.165436][ T5089] veth0_vlan: entered promiscuous mode [ 262.215784][ T5078] veth1_vlan: entered promiscuous mode [ 262.335698][ T5074] veth0_macvtap: entered promiscuous mode [ 262.384826][ T5079] veth0_macvtap: entered promiscuous mode [ 262.420875][ T5089] veth1_vlan: entered promiscuous mode [ 262.450022][ T5074] veth1_macvtap: entered promiscuous mode [ 262.496062][ T5079] veth1_macvtap: entered promiscuous mode [ 262.778173][ T5074] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.847106][ T5078] veth0_macvtap: entered promiscuous mode [ 262.920650][ T5074] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.945844][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.957875][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.977763][ T5079] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.995464][ T5078] veth1_macvtap: entered promiscuous mode [ 263.075351][ T5089] veth0_macvtap: entered promiscuous mode [ 263.101897][ T5074] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.112576][ T5074] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.122396][ T5074] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.132924][ T5074] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.185632][ T5089] veth1_macvtap: entered promiscuous mode [ 263.210968][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 263.221914][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.238119][ T5079] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.357193][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 263.370237][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.381016][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 263.391920][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.407934][ T5078] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 263.480506][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 263.491453][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.501771][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 263.512791][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.537760][ T5078] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.552059][ T5079] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.563270][ T5079] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.572777][ T5079] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.582100][ T5079] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.685177][ T5078] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.697735][ T5078] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.706845][ T5078] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.716372][ T5078] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.781808][ T5089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 263.792755][ T5089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.803441][ T5089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 263.814278][ T5089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.824680][ T5089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 263.835721][ T5089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.852258][ T5089] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 264.076322][ T5089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 264.092398][ T5089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.105421][ T5089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 264.116925][ T5089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.127143][ T5089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 264.138183][ T5089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.154445][ T5089] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 264.387692][ T5089] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.396843][ T5089] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.406370][ T5089] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.415753][ T5089] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.619931][ T5086] veth0_vlan: entered promiscuous mode [ 265.805397][ T5086] veth1_vlan: entered promiscuous mode [ 266.233332][ T5086] veth0_macvtap: entered promiscuous mode [ 266.337203][ T5086] veth1_macvtap: entered promiscuous mode [ 266.575907][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.587141][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.597455][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.610879][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.621136][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.632300][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.642591][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.653590][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.675959][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 266.927560][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.939964][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.950320][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.961405][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.971660][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.982550][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.992947][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.003968][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.019998][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 267.193808][ T5086] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.203532][ T5086] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.212859][ T5086] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.222208][ T5086] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 271.151287][ T3260] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.160773][ T3260] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.260474][ T5153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.268732][ T5153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.482655][ T3260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.490895][ T3260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.668996][ T3135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.677117][ T3135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.941142][ T5153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.949514][ T5153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.067510][ T3017] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.075732][ T3017] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.667578][ T3422] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.675819][ T3422] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 273.015890][ T5256] loop2: detected capacity change from 0 to 1024 [ 273.219462][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 273.227754][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.488634][ T5268] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 275.274013][ T5281] loop0: detected capacity change from 0 to 64 [ 275.598367][ T5284] ===================================================== [ 275.613157][ T5284] BUG: KMSAN: uninit-value in hfs_revalidate_dentry+0x30b/0x3f0 [ 275.627814][ T5284] hfs_revalidate_dentry+0x30b/0x3f0 [ 275.633501][ T5284] lookup_fast+0x418/0x8e0 [ 275.640637][ T5284] path_openat+0x950/0x5b00 [ 275.645415][ T5284] do_filp_open+0x20e/0x590 [ 275.650864][ T5284] do_sys_openat2+0x1bf/0x2f0 [ 275.655788][ T5284] __ia32_compat_sys_openat+0x298/0x300 [ 275.661765][ T5284] ia32_sys_call+0x38e1/0x40a0 [ 275.666818][ T5284] __do_fast_syscall_32+0xb4/0x120 [ 275.672360][ T5284] do_fast_syscall_32+0x38/0x80 [ 275.677590][ T5284] do_SYSENTER_32+0x1f/0x30 [ 275.682342][ T5284] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 275.691200][ T5284] [ 275.693671][ T5284] Uninit was created at: [ 275.699697][ T5284] __alloc_pages+0x9d6/0xe70 [ 275.710952][ T5284] new_slab+0x2de/0x1400 [ 275.715448][ T5284] ___slab_alloc+0x121d/0x34a0 [ 275.722920][ T5284] kmem_cache_alloc_lru+0x6da/0xc20 [ 275.728572][ T5284] hfs_alloc_inode+0x5a/0xd0 [ 275.733444][ T5284] alloc_inode+0x86/0x460 [ 275.738084][ T5284] iget_locked+0x2bf/0xee0 [ 275.742800][ T5284] hfs_btree_open+0x16c/0x1aa0 [ 275.747931][ T5284] hfs_mdb_get+0x1fe2/0x28b0 [ 275.752759][ T5284] hfs_fill_super+0x1cf6/0x23c0 [ 275.758000][ T5284] mount_bdev+0x397/0x520 [ 275.762621][ T5284] hfs_mount+0x4d/0x60 [ 275.766914][ T5284] legacy_get_tree+0x114/0x290 [ 275.772130][ T5284] vfs_get_tree+0xa7/0x570 [ 275.776817][ T5284] do_new_mount+0x71f/0x15e0 [ 275.781820][ T5284] path_mount+0x742/0x1f20 [ 275.786632][ T5284] __se_sys_mount+0x725/0x810 [ 275.791798][ T5284] __ia32_sys_mount+0xe3/0x150 [ 275.796879][ T5284] ia32_sys_call+0x3a9a/0x40a0 [ 275.802533][ T5284] __do_fast_syscall_32+0xb4/0x120 [ 275.814509][ T5284] do_fast_syscall_32+0x38/0x80 [ 275.821845][ T5284] do_SYSENTER_32+0x1f/0x30 [ 275.826608][ T5284] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 275.833399][ T5284] [ 275.835876][ T5284] CPU: 0 PID: 5284 Comm: syz-executor.0 Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 275.846327][ T5284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 275.856832][ T5284] ===================================================== [ 275.864083][ T5284] Disabling lock debugging due to kernel taint [ 275.870510][ T5284] Kernel panic - not syncing: kmsan.panic set ... [ 275.877098][ T5284] CPU: 0 PID: 5284 Comm: syz-executor.0 Tainted: G B 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 275.888806][ T5284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 275.899163][ T5284] Call Trace: [ 275.902587][ T5284] [ 275.905676][ T5284] dump_stack_lvl+0x216/0x2d0 [ 275.910629][ T5284] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 275.916683][ T5284] dump_stack+0x1e/0x30 [ 275.921198][ T5284] panic+0x4e2/0xcd0 [ 275.925436][ T5284] ? kmsan_get_metadata+0xf1/0x1d0 [ 275.930787][ T5284] kmsan_report+0x2d5/0x2e0 [ 275.935490][ T5284] ? kmsan_get_metadata+0x146/0x1d0 [ 275.940883][ T5284] ? kmsan_get_metadata+0x146/0x1d0 [ 275.946286][ T5284] ? __msan_warning+0x95/0x120 [ 275.951255][ T5284] ? hfs_revalidate_dentry+0x30b/0x3f0 [ 275.956949][ T5284] ? lookup_fast+0x418/0x8e0 [ 275.961736][ T5284] ? path_openat+0x950/0x5b00 [ 275.966750][ T5284] ? do_filp_open+0x20e/0x590 [ 275.971737][ T5284] ? do_sys_openat2+0x1bf/0x2f0 [ 275.976823][ T5284] ? __ia32_compat_sys_openat+0x298/0x300 [ 275.982797][ T5284] ? ia32_sys_call+0x38e1/0x40a0 [ 275.987987][ T5284] ? __do_fast_syscall_32+0xb4/0x120 [ 275.993609][ T5284] ? do_fast_syscall_32+0x38/0x80 [ 275.998958][ T5284] ? do_SYSENTER_32+0x1f/0x30 [ 276.003876][ T5284] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 276.010649][ T5284] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.016721][ T5284] ? kmsan_get_metadata+0x146/0x1d0 [ 276.022142][ T5284] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.028388][ T5284] ? __d_lookup_rcu_op_compare+0x673/0x6f0 [ 276.034524][ T5284] ? kmsan_get_metadata+0x146/0x1d0 [ 276.039924][ T5284] ? kmsan_get_metadata+0x146/0x1d0 [ 276.045529][ T5284] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 276.052029][ T5284] ? kmsan_get_metadata+0x146/0x1d0 [ 276.057431][ T5284] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.063541][ T5284] ? kmsan_get_metadata+0x146/0x1d0 [ 276.068946][ T5284] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.074977][ T5284] __msan_warning+0x95/0x120 [ 276.079752][ T5284] hfs_revalidate_dentry+0x30b/0x3f0 [ 276.085293][ T5284] ? __pfx_hfs_revalidate_dentry+0x10/0x10 [ 276.091348][ T5284] lookup_fast+0x418/0x8e0 [ 276.095991][ T5284] path_openat+0x950/0x5b00 [ 276.100732][ T5284] ? kmsan_get_metadata+0x146/0x1d0 [ 276.106177][ T5284] ? stack_depot_save_flags+0x2c/0x6e0 [ 276.111902][ T5284] do_filp_open+0x20e/0x590 [ 276.116716][ T5284] do_sys_openat2+0x1bf/0x2f0 [ 276.121651][ T5284] __ia32_compat_sys_openat+0x298/0x300 [ 276.127548][ T5284] ia32_sys_call+0x38e1/0x40a0 [ 276.132563][ T5284] __do_fast_syscall_32+0xb4/0x120 [ 276.137935][ T5284] ? switch_fpu_return+0x17/0x20 [ 276.143107][ T5284] do_fast_syscall_32+0x38/0x80 [ 276.148224][ T5284] do_SYSENTER_32+0x1f/0x30 [ 276.152988][ T5284] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 276.159612][ T5284] RIP: 0023:0xf742c579 [ 276.163833][ T5284] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 276.183862][ T5284] RSP: 002b:00000000f5e945ac EFLAGS: 00000206 ORIG_RAX: 0000000000000127 [ 276.192496][ T5284] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000000 [ 276.200669][ T5284] RDX: 0000000000007a05 RSI: 0000000000001700 RDI: 0000000000000000 [ 276.208808][ T5284] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 276.217027][ T5284] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 276.225197][ T5284] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 276.233433][ T5284] [ 276.236849][ T5284] Kernel Offset: disabled [ 276.241265][ T5284] Rebooting in 86400 seconds..