Starting System Logging Service... [ OK ] Started Permit User Sessions. [ OK ] Found device /dev/ttyS0. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Started System Logging Service. [ *** ] A start job is running for OpenBSD …Shell server (1min 18s / 2min 36s)[ *** ] A start job is running for OpenBSD …Shell server (1min 19s / 2min 36s)[ ***] A start job is running for OpenBSD …Shell server (1min 19s / 2min 36s)[ **] A start job is running for OpenBSD …Shell server (1min 21s / 2min 50s)[ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.127' (ECDSA) to the list of known hosts. 2021/06/08 10:16:51 fuzzer started 2021/06/08 10:16:52 dialing manager at 10.128.0.169:38171 2021/06/08 10:16:52 syscalls: 3546 2021/06/08 10:16:52 code coverage: enabled 2021/06/08 10:16:52 comparison tracing: enabled 2021/06/08 10:16:52 extra coverage: enabled 2021/06/08 10:16:52 setuid sandbox: enabled 2021/06/08 10:16:52 namespace sandbox: enabled 2021/06/08 10:16:52 Android sandbox: /sys/fs/selinux/policy does not exist 2021/06/08 10:16:52 fault injection: enabled 2021/06/08 10:16:52 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/06/08 10:16:52 net packet injection: enabled 2021/06/08 10:16:52 net device setup: enabled 2021/06/08 10:16:52 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/06/08 10:16:52 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/06/08 10:16:52 USB emulation: enabled 2021/06/08 10:16:52 hci packet injection: enabled 2021/06/08 10:16:52 wifi device emulation: enabled 2021/06/08 10:16:52 802.15.4 emulation: enabled 2021/06/08 10:16:52 fetching corpus: 0, signal 0/2000 (executing program) 2021/06/08 10:16:52 fetching corpus: 50, signal 12437/16343 (executing program) 2021/06/08 10:16:52 fetching corpus: 100, signal 16693/22509 (executing program) 2021/06/08 10:16:52 fetching corpus: 150, signal 26117/33733 (executing program) 2021/06/08 10:16:52 fetching corpus: 200, signal 32073/41502 (executing program) 2021/06/08 10:16:52 fetching corpus: 250, signal 34674/45912 (executing program) 2021/06/08 10:16:53 fetching corpus: 300, signal 39660/52620 (executing program) 2021/06/08 10:16:53 fetching corpus: 350, signal 44990/59647 (executing program) 2021/06/08 10:16:53 fetching corpus: 400, signal 50364/66656 (executing program) 2021/06/08 10:16:53 fetching corpus: 450, signal 57344/75171 (executing program) 2021/06/08 10:16:53 fetching corpus: 500, signal 61770/81171 (executing program) 2021/06/08 10:16:53 fetching corpus: 550, signal 64827/85831 (executing program) 2021/06/08 10:16:53 fetching corpus: 600, signal 68076/90654 (executing program) 2021/06/08 10:16:53 fetching corpus: 650, signal 70475/94649 (executing program) 2021/06/08 10:16:53 fetching corpus: 700, signal 74275/99958 (executing program) 2021/06/08 10:16:53 fetching corpus: 750, signal 76950/104223 (executing program) 2021/06/08 10:16:53 fetching corpus: 800, signal 82729/111314 (executing program) 2021/06/08 10:16:53 fetching corpus: 850, signal 84488/114640 (executing program) 2021/06/08 10:16:53 fetching corpus: 900, signal 89620/121078 (executing program) 2021/06/08 10:16:53 fetching corpus: 950, signal 92461/125352 (executing program) 2021/06/08 10:16:53 fetching corpus: 1000, signal 95229/129573 (executing program) 2021/06/08 10:16:53 fetching corpus: 1050, signal 98019/133773 (executing program) 2021/06/08 10:16:53 fetching corpus: 1100, signal 101294/138373 (executing program) 2021/06/08 10:16:53 fetching corpus: 1150, signal 103132/141660 (executing program) 2021/06/08 10:16:53 fetching corpus: 1200, signal 104810/144739 (executing program) 2021/06/08 10:16:54 fetching corpus: 1250, signal 106682/148047 (executing program) 2021/06/08 10:16:54 fetching corpus: 1300, signal 110162/152764 (executing program) 2021/06/08 10:16:54 fetching corpus: 1350, signal 111908/155885 (executing program) 2021/06/08 10:16:54 fetching corpus: 1400, signal 113553/158943 (executing program) 2021/06/08 10:16:54 fetching corpus: 1450, signal 114656/161496 (executing program) 2021/06/08 10:16:54 fetching corpus: 1500, signal 117312/165395 (executing program) 2021/06/08 10:16:54 fetching corpus: 1550, signal 118637/168081 (executing program) 2021/06/08 10:16:54 fetching corpus: 1600, signal 119887/170702 (executing program) 2021/06/08 10:16:54 fetching corpus: 1650, signal 122217/174222 (executing program) 2021/06/08 10:16:54 fetching corpus: 1700, signal 123990/177273 (executing program) 2021/06/08 10:16:54 fetching corpus: 1750, signal 126495/180926 (executing program) 2021/06/08 10:16:54 fetching corpus: 1800, signal 127839/183558 (executing program) 2021/06/08 10:16:54 fetching corpus: 1850, signal 128779/185889 (executing program) 2021/06/08 10:16:54 fetching corpus: 1900, signal 130863/189164 (executing program) 2021/06/08 10:16:54 fetching corpus: 1950, signal 132743/192244 (executing program) 2021/06/08 10:16:54 fetching corpus: 2000, signal 134271/195052 (executing program) 2021/06/08 10:16:54 fetching corpus: 2050, signal 136187/198166 (executing program) 2021/06/08 10:16:54 fetching corpus: 2100, signal 137928/201110 (executing program) 2021/06/08 10:16:54 fetching corpus: 2150, signal 139830/204144 (executing program) 2021/06/08 10:16:54 fetching corpus: 2200, signal 140915/206520 (executing program) 2021/06/08 10:16:54 fetching corpus: 2250, signal 141991/208889 (executing program) 2021/06/08 10:16:54 fetching corpus: 2300, signal 143094/211247 (executing program) 2021/06/08 10:16:55 fetching corpus: 2350, signal 144350/213703 (executing program) 2021/06/08 10:16:55 fetching corpus: 2400, signal 146002/216489 (executing program) 2021/06/08 10:16:55 fetching corpus: 2450, signal 147409/219081 (executing program) 2021/06/08 10:16:55 fetching corpus: 2500, signal 148605/221459 (executing program) 2021/06/08 10:16:55 fetching corpus: 2550, signal 149326/223428 (executing program) 2021/06/08 10:16:55 fetching corpus: 2600, signal 150439/225775 (executing program) 2021/06/08 10:16:55 fetching corpus: 2650, signal 152368/228717 (executing program) 2021/06/08 10:16:55 fetching corpus: 2700, signal 153546/231072 (executing program) 2021/06/08 10:16:55 fetching corpus: 2750, signal 154518/233203 (executing program) 2021/06/08 10:16:55 fetching corpus: 2800, signal 155819/235603 (executing program) 2021/06/08 10:16:55 fetching corpus: 2850, signal 156987/237858 (executing program) 2021/06/08 10:16:55 fetching corpus: 2900, signal 158444/240383 (executing program) 2021/06/08 10:16:55 fetching corpus: 2950, signal 159768/242788 (executing program) 2021/06/08 10:16:55 fetching corpus: 3000, signal 161067/245122 (executing program) 2021/06/08 10:16:55 fetching corpus: 3050, signal 162255/247369 (executing program) 2021/06/08 10:16:55 fetching corpus: 3100, signal 163478/249633 (executing program) 2021/06/08 10:16:55 fetching corpus: 3150, signal 166311/253168 (executing program) 2021/06/08 10:16:55 fetching corpus: 3200, signal 167247/255232 (executing program) 2021/06/08 10:16:55 fetching corpus: 3250, signal 168621/257598 (executing program) 2021/06/08 10:16:55 fetching corpus: 3300, signal 170132/260050 (executing program) 2021/06/08 10:16:56 fetching corpus: 3350, signal 172269/263016 (executing program) 2021/06/08 10:16:56 fetching corpus: 3400, signal 173384/265206 (executing program) 2021/06/08 10:16:56 fetching corpus: 3450, signal 174361/267301 (executing program) 2021/06/08 10:16:56 fetching corpus: 3500, signal 175190/269208 (executing program) 2021/06/08 10:16:56 fetching corpus: 3550, signal 176075/271154 (executing program) 2021/06/08 10:16:56 fetching corpus: 3600, signal 177574/273566 (executing program) 2021/06/08 10:16:56 fetching corpus: 3650, signal 178997/275909 (executing program) 2021/06/08 10:16:56 fetching corpus: 3700, signal 180252/278148 (executing program) 2021/06/08 10:16:56 fetching corpus: 3750, signal 181510/280343 (executing program) 2021/06/08 10:16:56 fetching corpus: 3800, signal 182858/282639 (executing program) 2021/06/08 10:16:56 fetching corpus: 3850, signal 183872/284623 (executing program) 2021/06/08 10:16:56 fetching corpus: 3900, signal 185217/286859 (executing program) 2021/06/08 10:16:56 fetching corpus: 3950, signal 186827/289257 (executing program) 2021/06/08 10:16:56 fetching corpus: 4000, signal 188052/291358 (executing program) 2021/06/08 10:16:56 fetching corpus: 4050, signal 188968/293213 (executing program) 2021/06/08 10:16:56 fetching corpus: 4100, signal 189868/295108 (executing program) 2021/06/08 10:16:56 fetching corpus: 4150, signal 190606/296887 (executing program) 2021/06/08 10:16:56 fetching corpus: 4200, signal 191845/299040 (executing program) 2021/06/08 10:16:57 fetching corpus: 4250, signal 194096/301804 (executing program) 2021/06/08 10:16:57 fetching corpus: 4300, signal 195154/303767 (executing program) 2021/06/08 10:16:57 fetching corpus: 4350, signal 196253/305768 (executing program) 2021/06/08 10:16:57 fetching corpus: 4400, signal 197340/307730 (executing program) 2021/06/08 10:16:57 fetching corpus: 4450, signal 198662/309843 (executing program) 2021/06/08 10:16:57 fetching corpus: 4500, signal 199470/311549 (executing program) 2021/06/08 10:16:57 fetching corpus: 4550, signal 200786/313639 (executing program) 2021/06/08 10:16:57 fetching corpus: 4600, signal 201396/315285 (executing program) 2021/06/08 10:16:57 fetching corpus: 4650, signal 201928/316848 (executing program) 2021/06/08 10:16:57 fetching corpus: 4700, signal 203336/318987 (executing program) 2021/06/08 10:16:57 fetching corpus: 4750, signal 204169/320751 (executing program) 2021/06/08 10:16:57 fetching corpus: 4800, signal 204972/322485 (executing program) 2021/06/08 10:16:57 fetching corpus: 4850, signal 205744/324143 (executing program) 2021/06/08 10:16:57 fetching corpus: 4900, signal 206514/325853 (executing program) 2021/06/08 10:16:57 fetching corpus: 4950, signal 208147/328050 (executing program) 2021/06/08 10:16:57 fetching corpus: 5000, signal 209289/329974 (executing program) 2021/06/08 10:16:57 fetching corpus: 5050, signal 210056/331611 (executing program) 2021/06/08 10:16:57 fetching corpus: 5100, signal 211059/333429 (executing program) 2021/06/08 10:16:57 fetching corpus: 5150, signal 211594/334931 (executing program) 2021/06/08 10:16:57 fetching corpus: 5200, signal 212175/336465 (executing program) 2021/06/08 10:16:58 fetching corpus: 5250, signal 212817/338006 (executing program) 2021/06/08 10:16:58 fetching corpus: 5300, signal 213769/339777 (executing program) 2021/06/08 10:16:58 fetching corpus: 5350, signal 215127/341812 (executing program) 2021/06/08 10:16:58 fetching corpus: 5400, signal 215653/343280 (executing program) 2021/06/08 10:16:58 fetching corpus: 5450, signal 216709/345082 (executing program) 2021/06/08 10:16:58 fetching corpus: 5500, signal 217978/346947 (executing program) syzkaller login: [ 141.092276][ T3124] ieee802154 phy0 wpan0: encryption failed: -22 [ 141.098881][ T3124] ieee802154 phy1 wpan1: encryption failed: -22 2021/06/08 10:16:58 fetching corpus: 5550, signal 218536/348438 (executing program) 2021/06/08 10:16:58 fetching corpus: 5600, signal 219378/350078 (executing program) 2021/06/08 10:16:58 fetching corpus: 5650, signal 220185/351674 (executing program) 2021/06/08 10:16:58 fetching corpus: 5700, signal 221464/353546 (executing program) 2021/06/08 10:16:58 fetching corpus: 5750, signal 222121/355053 (executing program) 2021/06/08 10:16:58 fetching corpus: 5800, signal 222880/356643 (executing program) 2021/06/08 10:16:58 fetching corpus: 5850, signal 223427/358069 (executing program) 2021/06/08 10:16:58 fetching corpus: 5900, signal 224040/359520 (executing program) 2021/06/08 10:16:58 fetching corpus: 5950, signal 224940/361110 (executing program) 2021/06/08 10:16:58 fetching corpus: 6000, signal 226244/362911 (executing program) 2021/06/08 10:16:58 fetching corpus: 6050, signal 227004/364494 (executing program) 2021/06/08 10:16:58 fetching corpus: 6100, signal 227711/366032 (executing program) 2021/06/08 10:16:58 fetching corpus: 6150, signal 228400/367516 (executing program) 2021/06/08 10:16:58 fetching corpus: 6200, signal 229959/369442 (executing program) 2021/06/08 10:16:59 fetching corpus: 6250, signal 230607/370843 (executing program) 2021/06/08 10:16:59 fetching corpus: 6300, signal 231624/372484 (executing program) 2021/06/08 10:16:59 fetching corpus: 6350, signal 232510/374052 (executing program) 2021/06/08 10:16:59 fetching corpus: 6400, signal 233075/375410 (executing program) 2021/06/08 10:16:59 fetching corpus: 6450, signal 233630/376792 (executing program) 2021/06/08 10:16:59 fetching corpus: 6500, signal 234120/378160 (executing program) 2021/06/08 10:16:59 fetching corpus: 6550, signal 234888/379620 (executing program) 2021/06/08 10:16:59 fetching corpus: 6600, signal 235335/380930 (executing program) 2021/06/08 10:16:59 fetching corpus: 6650, signal 236129/382418 (executing program) 2021/06/08 10:16:59 fetching corpus: 6700, signal 236692/383782 (executing program) 2021/06/08 10:16:59 fetching corpus: 6750, signal 237089/385062 (executing program) 2021/06/08 10:16:59 fetching corpus: 6800, signal 237711/386414 (executing program) 2021/06/08 10:16:59 fetching corpus: 6850, signal 238387/387808 (executing program) 2021/06/08 10:16:59 fetching corpus: 6900, signal 239137/389266 (executing program) 2021/06/08 10:16:59 fetching corpus: 6950, signal 239664/390578 (executing program) 2021/06/08 10:16:59 fetching corpus: 7000, signal 240220/391887 (executing program) 2021/06/08 10:17:00 fetching corpus: 7050, signal 240847/393278 (executing program) 2021/06/08 10:17:00 fetching corpus: 7100, signal 241489/394660 (executing program) 2021/06/08 10:17:00 fetching corpus: 7150, signal 242321/396076 (executing program) 2021/06/08 10:17:00 fetching corpus: 7200, signal 243310/397614 (executing program) 2021/06/08 10:17:00 fetching corpus: 7250, signal 244563/399221 (executing program) 2021/06/08 10:17:00 fetching corpus: 7300, signal 245335/400624 (executing program) 2021/06/08 10:17:00 fetching corpus: 7350, signal 246028/401967 (executing program) 2021/06/08 10:17:00 fetching corpus: 7400, signal 247145/403558 (executing program) 2021/06/08 10:17:00 fetching corpus: 7450, signal 248410/405164 (executing program) 2021/06/08 10:17:00 fetching corpus: 7500, signal 249264/406565 (executing program) 2021/06/08 10:17:00 fetching corpus: 7550, signal 249904/407888 (executing program) 2021/06/08 10:17:00 fetching corpus: 7600, signal 250271/409075 (executing program) 2021/06/08 10:17:00 fetching corpus: 7650, signal 250595/410259 (executing program) 2021/06/08 10:17:00 fetching corpus: 7700, signal 251334/411579 (executing program) 2021/06/08 10:17:00 fetching corpus: 7750, signal 252099/412953 (executing program) 2021/06/08 10:17:00 fetching corpus: 7800, signal 252813/414259 (executing program) 2021/06/08 10:17:00 fetching corpus: 7850, signal 253579/415585 (executing program) 2021/06/08 10:17:00 fetching corpus: 7900, signal 254737/417064 (executing program) 2021/06/08 10:17:01 fetching corpus: 7950, signal 255129/418214 (executing program) 2021/06/08 10:17:01 fetching corpus: 8000, signal 255659/419478 (executing program) 2021/06/08 10:17:01 fetching corpus: 8050, signal 256040/420690 (executing program) 2021/06/08 10:17:01 fetching corpus: 8100, signal 256930/422057 (executing program) 2021/06/08 10:17:01 fetching corpus: 8150, signal 257734/423390 (executing program) 2021/06/08 10:17:01 fetching corpus: 8200, signal 258286/424537 (executing program) 2021/06/08 10:17:01 fetching corpus: 8250, signal 258985/425821 (executing program) 2021/06/08 10:17:01 fetching corpus: 8300, signal 259667/427038 (executing program) 2021/06/08 10:17:01 fetching corpus: 8350, signal 260344/428322 (executing program) 2021/06/08 10:17:01 fetching corpus: 8400, signal 261176/429614 (executing program) 2021/06/08 10:17:01 fetching corpus: 8450, signal 261950/430856 (executing program) 2021/06/08 10:17:01 fetching corpus: 8500, signal 262449/432069 (executing program) 2021/06/08 10:17:01 fetching corpus: 8550, signal 262877/433233 (executing program) 2021/06/08 10:17:01 fetching corpus: 8600, signal 263667/434493 (executing program) 2021/06/08 10:17:01 fetching corpus: 8650, signal 264171/435622 (executing program) 2021/06/08 10:17:01 fetching corpus: 8700, signal 264929/436883 (executing program) 2021/06/08 10:17:02 fetching corpus: 8750, signal 265720/438088 (executing program) 2021/06/08 10:17:02 fetching corpus: 8800, signal 266417/439266 (executing program) 2021/06/08 10:17:02 fetching corpus: 8850, signal 267147/440470 (executing program) 2021/06/08 10:17:02 fetching corpus: 8900, signal 267505/441554 (executing program) 2021/06/08 10:17:02 fetching corpus: 8950, signal 268244/442733 (executing program) 2021/06/08 10:17:02 fetching corpus: 9000, signal 268739/443848 (executing program) 2021/06/08 10:17:02 fetching corpus: 9050, signal 269239/444981 (executing program) 2021/06/08 10:17:02 fetching corpus: 9100, signal 269825/446135 (executing program) 2021/06/08 10:17:02 fetching corpus: 9150, signal 270194/447225 (executing program) 2021/06/08 10:17:02 fetching corpus: 9200, signal 270873/448387 (executing program) 2021/06/08 10:17:02 fetching corpus: 9250, signal 271548/449547 (executing program) 2021/06/08 10:17:02 fetching corpus: 9300, signal 271957/450616 (executing program) 2021/06/08 10:17:02 fetching corpus: 9350, signal 272593/451812 (executing program) 2021/06/08 10:17:02 fetching corpus: 9400, signal 273092/452907 (executing program) 2021/06/08 10:17:02 fetching corpus: 9450, signal 273362/453897 (executing program) 2021/06/08 10:17:02 fetching corpus: 9500, signal 273700/454962 (executing program) 2021/06/08 10:17:02 fetching corpus: 9550, signal 274318/456098 (executing program) 2021/06/08 10:17:02 fetching corpus: 9600, signal 274850/457210 (executing program) 2021/06/08 10:17:03 fetching corpus: 9650, signal 275714/458398 (executing program) 2021/06/08 10:17:03 fetching corpus: 9700, signal 276150/459491 (executing program) 2021/06/08 10:17:03 fetching corpus: 9750, signal 276600/460552 (executing program) 2021/06/08 10:17:03 fetching corpus: 9800, signal 277076/461645 (executing program) 2021/06/08 10:17:03 fetching corpus: 9850, signal 277700/462757 (executing program) 2021/06/08 10:17:03 fetching corpus: 9900, signal 278170/463800 (executing program) 2021/06/08 10:17:03 fetching corpus: 9950, signal 278529/464788 (executing program) 2021/06/08 10:17:03 fetching corpus: 10000, signal 278901/465787 (executing program) 2021/06/08 10:17:03 fetching corpus: 10050, signal 279404/466852 (executing program) 2021/06/08 10:17:03 fetching corpus: 10100, signal 279766/467864 (executing program) 2021/06/08 10:17:03 fetching corpus: 10150, signal 280408/468908 (executing program) 2021/06/08 10:17:04 fetching corpus: 10200, signal 280798/469944 (executing program) 2021/06/08 10:17:04 fetching corpus: 10250, signal 281423/471034 (executing program) 2021/06/08 10:17:04 fetching corpus: 10300, signal 281937/472087 (executing program) 2021/06/08 10:17:04 fetching corpus: 10350, signal 282435/473077 (executing program) 2021/06/08 10:17:04 fetching corpus: 10400, signal 282787/474050 (executing program) 2021/06/08 10:17:04 fetching corpus: 10450, signal 283345/475083 (executing program) 2021/06/08 10:17:04 fetching corpus: 10500, signal 283762/476075 (executing program) 2021/06/08 10:17:04 fetching corpus: 10550, signal 284261/477047 (executing program) 2021/06/08 10:17:04 fetching corpus: 10600, signal 284660/478101 (executing program) 2021/06/08 10:17:04 fetching corpus: 10650, signal 285127/479070 (executing program) 2021/06/08 10:17:04 fetching corpus: 10700, signal 285862/480079 (executing program) 2021/06/08 10:17:04 fetching corpus: 10750, signal 286318/481067 (executing program) 2021/06/08 10:17:04 fetching corpus: 10800, signal 286703/482012 (executing program) 2021/06/08 10:17:05 fetching corpus: 10850, signal 287280/483047 (executing program) 2021/06/08 10:17:05 fetching corpus: 10900, signal 287746/484019 (executing program) 2021/06/08 10:17:05 fetching corpus: 10950, signal 288183/484956 (executing program) 2021/06/08 10:17:05 fetching corpus: 11000, signal 288866/485958 (executing program) 2021/06/08 10:17:05 fetching corpus: 11050, signal 289155/486898 (executing program) 2021/06/08 10:17:05 fetching corpus: 11100, signal 289696/487866 (executing program) 2021/06/08 10:17:05 fetching corpus: 11150, signal 290189/488818 (executing program) 2021/06/08 10:17:05 fetching corpus: 11200, signal 290667/489776 (executing program) 2021/06/08 10:17:05 fetching corpus: 11250, signal 291029/490743 (executing program) 2021/06/08 10:17:05 fetching corpus: 11300, signal 291325/491669 (executing program) 2021/06/08 10:17:05 fetching corpus: 11350, signal 291870/492642 (executing program) 2021/06/08 10:17:06 fetching corpus: 11400, signal 292567/493576 (executing program) 2021/06/08 10:17:06 fetching corpus: 11450, signal 293087/494546 (executing program) 2021/06/08 10:17:06 fetching corpus: 11500, signal 293606/495454 (executing program) 2021/06/08 10:17:06 fetching corpus: 11550, signal 294013/496403 (executing program) 2021/06/08 10:17:06 fetching corpus: 11600, signal 294501/497306 (executing program) 2021/06/08 10:17:06 fetching corpus: 11650, signal 295072/498269 (executing program) 2021/06/08 10:17:06 fetching corpus: 11700, signal 295555/499198 (executing program) 2021/06/08 10:17:06 fetching corpus: 11750, signal 296065/500106 (executing program) 2021/06/08 10:17:06 fetching corpus: 11800, signal 296472/501036 (executing program) 2021/06/08 10:17:06 fetching corpus: 11850, signal 296951/501952 (executing program) 2021/06/08 10:17:06 fetching corpus: 11900, signal 297338/502824 (executing program) 2021/06/08 10:17:06 fetching corpus: 11950, signal 297805/503717 (executing program) 2021/06/08 10:17:07 fetching corpus: 12000, signal 298277/504628 (executing program) 2021/06/08 10:17:07 fetching corpus: 12050, signal 298644/505503 (executing program) 2021/06/08 10:17:07 fetching corpus: 12100, signal 299104/506421 (executing program) 2021/06/08 10:17:07 fetching corpus: 12150, signal 299769/507307 (executing program) 2021/06/08 10:17:07 fetching corpus: 12200, signal 300137/508202 (executing program) 2021/06/08 10:17:07 fetching corpus: 12250, signal 300695/509066 (executing program) 2021/06/08 10:17:07 fetching corpus: 12300, signal 301083/509966 (executing program) 2021/06/08 10:17:07 fetching corpus: 12350, signal 301555/510832 (executing program) 2021/06/08 10:17:07 fetching corpus: 12400, signal 301936/511688 (executing program) 2021/06/08 10:17:07 fetching corpus: 12450, signal 302315/512554 (executing program) 2021/06/08 10:17:07 fetching corpus: 12500, signal 302793/513421 (executing program) 2021/06/08 10:17:07 fetching corpus: 12550, signal 303240/514278 (executing program) 2021/06/08 10:17:08 fetching corpus: 12600, signal 303641/515084 (executing program) 2021/06/08 10:17:08 fetching corpus: 12650, signal 304166/515942 (executing program) 2021/06/08 10:17:08 fetching corpus: 12700, signal 304874/516786 (executing program) 2021/06/08 10:17:08 fetching corpus: 12750, signal 305749/517639 (executing program) 2021/06/08 10:17:08 fetching corpus: 12800, signal 306129/518462 (executing program) 2021/06/08 10:17:08 fetching corpus: 12850, signal 306474/519297 (executing program) 2021/06/08 10:17:08 fetching corpus: 12900, signal 307050/520121 (executing program) 2021/06/08 10:17:08 fetching corpus: 12950, signal 307506/520968 (executing program) 2021/06/08 10:17:08 fetching corpus: 13000, signal 308220/521626 (executing program) 2021/06/08 10:17:08 fetching corpus: 13050, signal 308575/521626 (executing program) 2021/06/08 10:17:08 fetching corpus: 13100, signal 309051/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13150, signal 309522/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13200, signal 309874/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13250, signal 310413/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13300, signal 311602/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13350, signal 312140/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13400, signal 312548/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13450, signal 312862/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13500, signal 313418/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13550, signal 313895/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13600, signal 314291/521626 (executing program) 2021/06/08 10:17:09 fetching corpus: 13650, signal 314759/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 13700, signal 315126/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 13750, signal 315550/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 13800, signal 316065/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 13850, signal 316339/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 13900, signal 316644/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 13950, signal 317047/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 14000, signal 317638/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 14050, signal 317950/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 14100, signal 318341/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 14150, signal 319240/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 14200, signal 319818/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 14250, signal 320127/521626 (executing program) 2021/06/08 10:17:10 fetching corpus: 14300, signal 320393/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14350, signal 320738/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14400, signal 321504/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14450, signal 321784/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14500, signal 322112/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14550, signal 322327/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14600, signal 322606/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14650, signal 322923/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14700, signal 323442/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14750, signal 323786/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14800, signal 324060/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14850, signal 324493/521626 (executing program) 2021/06/08 10:17:11 fetching corpus: 14900, signal 324836/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 14950, signal 325226/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15000, signal 325524/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15050, signal 325884/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15100, signal 326439/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15150, signal 326749/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15200, signal 327037/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15250, signal 327260/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15300, signal 327516/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15350, signal 327888/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15400, signal 328270/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15450, signal 328558/521626 (executing program) 2021/06/08 10:17:12 fetching corpus: 15500, signal 328826/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15550, signal 329255/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15600, signal 329587/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15650, signal 329871/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15700, signal 330298/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15750, signal 330536/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15800, signal 331063/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15850, signal 331460/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15900, signal 331843/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 15950, signal 332521/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 16000, signal 332814/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 16050, signal 333624/521626 (executing program) 2021/06/08 10:17:13 fetching corpus: 16100, signal 333885/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16150, signal 334229/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16200, signal 334559/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16250, signal 335049/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16300, signal 337195/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16350, signal 337629/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16400, signal 338014/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16450, signal 338389/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16500, signal 338780/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16550, signal 339093/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16600, signal 339563/521626 (executing program) 2021/06/08 10:17:14 fetching corpus: 16650, signal 339787/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 16700, signal 340105/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 16750, signal 340432/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 16800, signal 340736/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 16850, signal 341310/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 16900, signal 341582/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 16950, signal 341928/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 17000, signal 342267/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 17050, signal 342537/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 17100, signal 342859/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 17150, signal 343203/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 17200, signal 343694/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 17250, signal 343883/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 17300, signal 344146/521626 (executing program) 2021/06/08 10:17:15 fetching corpus: 17350, signal 344404/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17400, signal 344721/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17450, signal 345124/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17500, signal 345357/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17550, signal 345632/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17600, signal 345951/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17650, signal 346427/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17700, signal 346718/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17750, signal 347722/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17800, signal 347997/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17850, signal 348286/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17900, signal 348571/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 17950, signal 348988/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 18000, signal 349379/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 18050, signal 349889/521626 (executing program) 2021/06/08 10:17:16 fetching corpus: 18100, signal 350225/521680 (executing program) 2021/06/08 10:17:17 fetching corpus: 18150, signal 350605/521680 (executing program) 2021/06/08 10:17:17 fetching corpus: 18200, signal 351026/521680 (executing program) 2021/06/08 10:17:17 fetching corpus: 18250, signal 351481/521680 (executing program) 2021/06/08 10:17:17 fetching corpus: 18300, signal 351663/521680 (executing program) 2021/06/08 10:17:17 fetching corpus: 18350, signal 352136/521680 (executing program) 2021/06/08 10:17:18 fetching corpus: 18400, signal 352453/521680 (executing program) 2021/06/08 10:17:18 fetching corpus: 18450, signal 352742/521680 (executing program) 2021/06/08 10:17:18 fetching corpus: 18500, signal 353002/521680 (executing program) 2021/06/08 10:17:18 fetching corpus: 18550, signal 353301/521683 (executing program) 2021/06/08 10:17:18 fetching corpus: 18600, signal 353547/521683 (executing program) 2021/06/08 10:17:18 fetching corpus: 18650, signal 353825/521683 (executing program) 2021/06/08 10:17:18 fetching corpus: 18700, signal 354233/521683 (executing program) 2021/06/08 10:17:18 fetching corpus: 18749, signal 354578/521719 (executing program) 2021/06/08 10:17:18 fetching corpus: 18799, signal 354779/521719 (executing program) 2021/06/08 10:17:18 fetching corpus: 18849, signal 355017/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 18899, signal 355600/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 18949, signal 355984/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 18999, signal 356271/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19049, signal 356774/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19099, signal 357023/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19149, signal 357242/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19199, signal 357513/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19249, signal 357870/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19299, signal 358216/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19349, signal 358505/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19399, signal 358885/521719 (executing program) 2021/06/08 10:17:19 fetching corpus: 19449, signal 359609/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19499, signal 359976/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19549, signal 360349/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19599, signal 360653/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19649, signal 361819/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19699, signal 362292/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19749, signal 362596/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19799, signal 362982/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19849, signal 363393/521719 (executing program) 2021/06/08 10:17:20 fetching corpus: 19898, signal 363639/521748 (executing program) 2021/06/08 10:17:20 fetching corpus: 19948, signal 364027/521748 (executing program) 2021/06/08 10:17:20 fetching corpus: 19998, signal 364492/521748 (executing program) 2021/06/08 10:17:21 fetching corpus: 20048, signal 364814/521748 (executing program) 2021/06/08 10:17:21 fetching corpus: 20098, signal 365107/521748 (executing program) 2021/06/08 10:17:21 fetching corpus: 20148, signal 365381/521748 (executing program) 2021/06/08 10:17:21 fetching corpus: 20198, signal 365773/521748 (executing program) 2021/06/08 10:17:21 fetching corpus: 20248, signal 366184/521748 (executing program) 2021/06/08 10:17:21 fetching corpus: 20298, signal 366391/521748 (executing program) 2021/06/08 10:17:21 fetching corpus: 20348, signal 366579/521753 (executing program) 2021/06/08 10:17:21 fetching corpus: 20398, signal 366822/521753 (executing program) 2021/06/08 10:17:21 fetching corpus: 20448, signal 367200/521753 (executing program) 2021/06/08 10:17:21 fetching corpus: 20498, signal 367489/521754 (executing program) 2021/06/08 10:17:21 fetching corpus: 20548, signal 367727/521754 (executing program) 2021/06/08 10:17:21 fetching corpus: 20598, signal 368225/521754 (executing program) 2021/06/08 10:17:21 fetching corpus: 20648, signal 368581/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 20698, signal 368788/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 20748, signal 369122/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 20798, signal 369475/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 20848, signal 369855/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 20898, signal 370038/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 20948, signal 370303/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 20998, signal 370527/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 21048, signal 370991/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 21098, signal 371361/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 21148, signal 371603/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 21198, signal 372065/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 21248, signal 372288/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 21298, signal 372690/521754 (executing program) 2021/06/08 10:17:22 fetching corpus: 21348, signal 372942/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21398, signal 373262/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21448, signal 373548/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21498, signal 373843/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21548, signal 374220/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21598, signal 374591/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21648, signal 374798/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21698, signal 375058/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21748, signal 375388/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21798, signal 375795/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21848, signal 376319/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21898, signal 376849/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21948, signal 377091/521754 (executing program) 2021/06/08 10:17:23 fetching corpus: 21998, signal 377281/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22048, signal 377491/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22098, signal 377789/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22148, signal 378132/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22198, signal 378467/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22248, signal 378694/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22298, signal 378975/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22348, signal 379423/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22398, signal 379828/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22448, signal 380183/521754 (executing program) 2021/06/08 10:17:24 fetching corpus: 22498, signal 380405/521756 (executing program) 2021/06/08 10:17:24 fetching corpus: 22548, signal 380733/521756 (executing program) 2021/06/08 10:17:24 fetching corpus: 22598, signal 380908/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 22648, signal 381205/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 22698, signal 381491/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 22748, signal 381780/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 22798, signal 382117/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 22848, signal 382409/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 22898, signal 382667/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 22948, signal 383072/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 22998, signal 383317/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 23048, signal 383667/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 23098, signal 384026/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 23148, signal 384337/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 23198, signal 384485/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 23248, signal 384819/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 23298, signal 385327/521756 (executing program) 2021/06/08 10:17:25 fetching corpus: 23348, signal 385521/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23398, signal 385828/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23448, signal 386202/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23498, signal 386674/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23548, signal 386964/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23598, signal 387583/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23648, signal 388085/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23698, signal 388408/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23748, signal 388801/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23798, signal 389055/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23848, signal 389262/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23898, signal 389796/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23948, signal 390332/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 23998, signal 390747/521756 (executing program) 2021/06/08 10:17:26 fetching corpus: 24048, signal 390978/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24098, signal 391337/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24148, signal 391534/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24198, signal 391769/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24248, signal 392308/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24298, signal 392583/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24348, signal 392874/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24398, signal 393113/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24448, signal 393292/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24498, signal 393607/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24548, signal 393814/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24598, signal 394058/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24648, signal 394343/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24698, signal 394609/521756 (executing program) 2021/06/08 10:17:27 fetching corpus: 24748, signal 394776/521756 (executing program) 2021/06/08 10:17:28 fetching corpus: 24798, signal 395081/521756 (executing program) 2021/06/08 10:17:28 fetching corpus: 24848, signal 395245/521756 (executing program) 2021/06/08 10:17:28 fetching corpus: 24898, signal 395404/521756 (executing program) 2021/06/08 10:17:28 fetching corpus: 24948, signal 395733/521756 (executing program) 2021/06/08 10:17:29 fetching corpus: 24998, signal 395918/521756 (executing program) 2021/06/08 10:17:29 fetching corpus: 25048, signal 396184/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25098, signal 396363/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25148, signal 396597/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25198, signal 396919/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25248, signal 397051/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25298, signal 397425/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25348, signal 397681/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25398, signal 397958/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25448, signal 398171/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25498, signal 398398/521758 (executing program) 2021/06/08 10:17:29 fetching corpus: 25548, signal 398685/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25598, signal 398903/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25648, signal 399122/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25698, signal 399321/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25748, signal 400078/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25798, signal 400376/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25848, signal 400860/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25898, signal 401052/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25948, signal 401312/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 25998, signal 401550/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 26048, signal 401866/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 26098, signal 402069/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 26148, signal 402340/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 26198, signal 402569/521758 (executing program) 2021/06/08 10:17:30 fetching corpus: 26248, signal 402864/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26298, signal 403056/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26348, signal 403304/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26398, signal 403558/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26448, signal 403846/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26498, signal 404145/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26548, signal 404832/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26598, signal 405197/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26648, signal 405471/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26698, signal 405668/521758 (executing program) 2021/06/08 10:17:31 fetching corpus: 26748, signal 405925/521766 (executing program) 2021/06/08 10:17:31 fetching corpus: 26798, signal 406207/521766 (executing program) 2021/06/08 10:17:31 fetching corpus: 26848, signal 406382/521766 (executing program) 2021/06/08 10:17:31 fetching corpus: 26898, signal 406567/521766 (executing program) 2021/06/08 10:17:31 fetching corpus: 26948, signal 406811/521766 (executing program) 2021/06/08 10:17:31 fetching corpus: 26998, signal 407011/521766 (executing program) 2021/06/08 10:17:31 fetching corpus: 27048, signal 407277/521766 (executing program) 2021/06/08 10:17:31 fetching corpus: 27098, signal 407652/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27148, signal 407899/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27198, signal 408080/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27248, signal 408276/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27298, signal 408495/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27348, signal 408703/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27398, signal 409160/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27448, signal 409678/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27498, signal 409833/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27548, signal 410038/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27598, signal 410246/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27648, signal 410432/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27698, signal 410729/521766 (executing program) 2021/06/08 10:17:32 fetching corpus: 27748, signal 410893/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 27798, signal 411124/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 27848, signal 411369/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 27897, signal 411634/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 27947, signal 411896/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 27997, signal 412241/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28047, signal 412447/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28097, signal 412806/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28147, signal 413163/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28197, signal 413364/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28247, signal 413575/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28297, signal 413860/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28347, signal 414046/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28397, signal 414195/521766 (executing program) 2021/06/08 10:17:33 fetching corpus: 28447, signal 414499/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28497, signal 414761/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28547, signal 414993/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28597, signal 415157/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28647, signal 415343/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28697, signal 415508/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28747, signal 415742/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28797, signal 416083/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28847, signal 416326/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28897, signal 416649/521766 (executing program) 2021/06/08 10:17:34 fetching corpus: 28947, signal 417063/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 28997, signal 417254/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29047, signal 417407/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29097, signal 417834/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29147, signal 418075/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29197, signal 418293/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29247, signal 418492/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29297, signal 418754/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29347, signal 418951/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29397, signal 419125/521766 (executing program) 2021/06/08 10:17:35 fetching corpus: 29447, signal 419352/521780 (executing program) 2021/06/08 10:17:35 fetching corpus: 29497, signal 419617/521780 (executing program) 2021/06/08 10:17:35 fetching corpus: 29547, signal 419806/521780 (executing program) 2021/06/08 10:17:35 fetching corpus: 29597, signal 420016/521780 (executing program) 2021/06/08 10:17:35 fetching corpus: 29647, signal 420257/521780 (executing program) 2021/06/08 10:17:35 fetching corpus: 29697, signal 420426/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 29747, signal 420769/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 29797, signal 420920/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 29847, signal 421157/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 29897, signal 421626/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 29947, signal 421805/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 29997, signal 421958/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30047, signal 422144/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30097, signal 422396/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30147, signal 422628/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30197, signal 422775/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30247, signal 422942/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30297, signal 423151/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30347, signal 423473/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30397, signal 423668/521780 (executing program) 2021/06/08 10:17:36 fetching corpus: 30447, signal 424143/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30497, signal 424335/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30547, signal 424706/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30597, signal 424921/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30647, signal 425217/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30697, signal 425383/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30747, signal 425545/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30797, signal 425729/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30847, signal 425908/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30897, signal 426125/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30947, signal 426318/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 30997, signal 426513/521780 (executing program) 2021/06/08 10:17:37 fetching corpus: 31047, signal 426715/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31097, signal 426939/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31147, signal 427186/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31197, signal 427332/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31247, signal 427633/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31297, signal 427854/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31347, signal 428032/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31397, signal 428181/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31447, signal 428391/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31497, signal 428626/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31547, signal 428881/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31597, signal 429105/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31647, signal 429328/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31697, signal 429794/521780 (executing program) 2021/06/08 10:17:38 fetching corpus: 31747, signal 430032/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 31797, signal 430307/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 31847, signal 430624/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 31897, signal 431649/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 31947, signal 431909/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 31997, signal 432105/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 32047, signal 432413/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 32097, signal 432727/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 32147, signal 433010/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 32197, signal 433232/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 32247, signal 433443/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 32297, signal 433649/521780 (executing program) 2021/06/08 10:17:39 fetching corpus: 32347, signal 433883/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32397, signal 434101/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32447, signal 434326/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32497, signal 434496/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32547, signal 434672/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32597, signal 435173/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32647, signal 435383/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32697, signal 435593/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32747, signal 435861/521780 (executing program) 2021/06/08 10:17:40 fetching corpus: 32797, signal 436052/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 32847, signal 436231/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 32897, signal 436383/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 32947, signal 436686/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 32997, signal 436985/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 33047, signal 437223/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 33097, signal 437369/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 33147, signal 437638/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 33197, signal 437934/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 33247, signal 438239/521780 (executing program) 2021/06/08 10:17:41 fetching corpus: 33297, signal 438552/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33347, signal 438779/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33397, signal 439034/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33447, signal 439335/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33497, signal 439492/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33547, signal 439682/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33597, signal 440014/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33647, signal 440147/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33697, signal 440321/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33747, signal 440462/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33797, signal 440750/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33847, signal 440923/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33897, signal 441112/521780 (executing program) 2021/06/08 10:17:42 fetching corpus: 33947, signal 441314/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 33997, signal 441524/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34047, signal 441940/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34097, signal 442174/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34147, signal 442428/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34197, signal 442656/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34247, signal 442919/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34297, signal 443304/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34347, signal 443471/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34397, signal 443666/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34447, signal 444013/521780 (executing program) 2021/06/08 10:17:43 fetching corpus: 34497, signal 444362/521780 (executing program) 2021/06/08 10:17:44 fetching corpus: 34547, signal 444684/521780 (executing program) 2021/06/08 10:17:44 fetching corpus: 34597, signal 444871/521780 (executing program) 2021/06/08 10:17:44 fetching corpus: 34647, signal 445051/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 34697, signal 445364/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 34747, signal 445649/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 34797, signal 445814/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 34847, signal 446208/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 34897, signal 446414/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 34947, signal 446628/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 34997, signal 446914/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 35047, signal 447299/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 35097, signal 447476/521782 (executing program) 2021/06/08 10:17:44 fetching corpus: 35147, signal 447666/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35197, signal 447914/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35247, signal 448386/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35297, signal 448553/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35347, signal 448806/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35397, signal 449019/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35447, signal 449224/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35497, signal 449511/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35547, signal 449675/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35597, signal 449908/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35647, signal 450080/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35697, signal 450253/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35747, signal 450393/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35797, signal 450635/521782 (executing program) 2021/06/08 10:17:45 fetching corpus: 35847, signal 450867/521782 (executing program) 2021/06/08 10:17:46 fetching corpus: 35897, signal 451035/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 35947, signal 451182/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 35997, signal 451410/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 36047, signal 451689/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 36097, signal 451889/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 36147, signal 452100/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 36197, signal 452365/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 36247, signal 452550/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 36297, signal 452780/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 36347, signal 453006/521783 (executing program) 2021/06/08 10:17:46 fetching corpus: 36397, signal 453249/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36447, signal 453355/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36497, signal 453496/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36547, signal 454473/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36597, signal 454626/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36647, signal 454809/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36697, signal 454946/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36747, signal 455122/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36797, signal 455307/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36847, signal 455469/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36897, signal 455666/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36947, signal 455888/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 36997, signal 456131/521783 (executing program) 2021/06/08 10:17:47 fetching corpus: 37047, signal 456296/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37097, signal 456583/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37147, signal 456736/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37197, signal 457004/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37247, signal 457211/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37297, signal 457403/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37347, signal 457625/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37397, signal 458156/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37447, signal 458353/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37497, signal 458582/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37547, signal 458995/521783 (executing program) 2021/06/08 10:17:48 fetching corpus: 37597, signal 459176/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 37647, signal 459352/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 37697, signal 459579/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 37747, signal 460040/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 37797, signal 460240/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 37847, signal 460422/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 37897, signal 460598/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 37947, signal 460774/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 37997, signal 460947/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 38047, signal 461134/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 38097, signal 461313/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 38147, signal 461521/521783 (executing program) 2021/06/08 10:17:49 fetching corpus: 38197, signal 461649/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38247, signal 462060/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38297, signal 462317/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38347, signal 462507/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38397, signal 462674/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38447, signal 462912/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38497, signal 463146/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38547, signal 463306/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38597, signal 463629/521783 (executing program) 2021/06/08 10:17:50 fetching corpus: 38647, signal 463805/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 38697, signal 463971/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 38747, signal 464082/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 38797, signal 464341/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 38847, signal 464571/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 38897, signal 464708/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 38947, signal 464891/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 38997, signal 465363/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 39047, signal 465571/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 39097, signal 465813/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 39147, signal 466008/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 39197, signal 466158/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 39247, signal 466371/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 39297, signal 466530/521783 (executing program) 2021/06/08 10:17:51 fetching corpus: 39347, signal 466679/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39397, signal 466875/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39447, signal 467100/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39497, signal 467522/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39547, signal 467682/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39597, signal 467870/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39647, signal 467996/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39697, signal 468147/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39747, signal 468361/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39797, signal 468691/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39847, signal 468939/521783 (executing program) 2021/06/08 10:17:52 fetching corpus: 39897, signal 469113/521783 (executing program) 2021/06/08 10:17:53 fetching corpus: 39947, signal 469272/521783 (executing program) 2021/06/08 10:17:53 fetching corpus: 39997, signal 469488/521783 (executing program) 2021/06/08 10:17:53 fetching corpus: 40047, signal 469700/521783 (executing program) 2021/06/08 10:17:53 fetching corpus: 40097, signal 469916/521783 (executing program) 2021/06/08 10:17:53 fetching corpus: 40147, signal 470143/521783 (executing program) 2021/06/08 10:17:53 fetching corpus: 40197, signal 470321/521784 (executing program) 2021/06/08 10:17:53 fetching corpus: 40247, signal 470527/521784 (executing program) 2021/06/08 10:17:53 fetching corpus: 40297, signal 470783/521784 (executing program) 2021/06/08 10:17:53 fetching corpus: 40347, signal 470952/521784 (executing program) 2021/06/08 10:17:53 fetching corpus: 40397, signal 471136/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40447, signal 471284/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40497, signal 471393/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40547, signal 471579/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40597, signal 471873/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40647, signal 472146/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40697, signal 472349/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40747, signal 472501/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40797, signal 472705/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40847, signal 472863/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40897, signal 473053/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40947, signal 473251/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 40997, signal 473396/521784 (executing program) 2021/06/08 10:17:54 fetching corpus: 41047, signal 473581/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41097, signal 473731/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41147, signal 473904/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41197, signal 474112/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41247, signal 474281/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41297, signal 474466/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41347, signal 474612/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41397, signal 474846/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41447, signal 475073/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41497, signal 475418/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41547, signal 475554/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41597, signal 475814/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41647, signal 476030/521784 (executing program) 2021/06/08 10:17:55 fetching corpus: 41697, signal 476172/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 41747, signal 476393/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 41797, signal 476536/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 41847, signal 476839/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 41897, signal 477137/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 41947, signal 477324/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 41997, signal 477468/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 42047, signal 477628/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 42097, signal 477924/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 42147, signal 478088/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 42197, signal 478310/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 42247, signal 478515/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 42297, signal 478826/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 42347, signal 479053/521784 (executing program) 2021/06/08 10:17:56 fetching corpus: 42397, signal 479232/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42447, signal 479371/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42497, signal 479597/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42547, signal 479786/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42597, signal 479994/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42647, signal 480149/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42697, signal 480276/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42747, signal 480435/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42797, signal 480599/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42847, signal 480778/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42897, signal 480995/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42947, signal 481156/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 42997, signal 481480/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 43047, signal 481666/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 43097, signal 481882/521784 (executing program) 2021/06/08 10:17:57 fetching corpus: 43147, signal 482198/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43197, signal 482384/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43247, signal 482571/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43297, signal 482710/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43347, signal 482919/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43397, signal 483094/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43447, signal 483312/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43497, signal 483575/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43547, signal 483866/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43597, signal 484087/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43647, signal 484223/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43697, signal 484361/521784 (executing program) 2021/06/08 10:17:58 fetching corpus: 43747, signal 484518/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 43797, signal 484705/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 43847, signal 484886/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 43897, signal 485086/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 43947, signal 485234/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 43997, signal 485390/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 44047, signal 485589/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 44097, signal 485867/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 44147, signal 486105/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 44197, signal 486266/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 44247, signal 486483/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 44297, signal 486658/521784 (executing program) [ 202.533185][ T3124] ieee802154 phy0 wpan0: encryption failed: -22 [ 202.554678][ T3124] ieee802154 phy1 wpan1: encryption failed: -22 2021/06/08 10:17:59 fetching corpus: 44347, signal 486773/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 44397, signal 486901/521784 (executing program) 2021/06/08 10:17:59 fetching corpus: 44447, signal 487081/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44497, signal 487269/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44547, signal 487873/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44597, signal 488031/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44647, signal 488290/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44697, signal 488494/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44747, signal 488638/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44797, signal 488859/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44847, signal 489065/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44897, signal 489415/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44947, signal 489562/521784 (executing program) 2021/06/08 10:18:00 fetching corpus: 44997, signal 489769/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45047, signal 490096/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45097, signal 490285/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45146, signal 490460/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45196, signal 490579/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45246, signal 490843/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45296, signal 490981/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45346, signal 491166/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45396, signal 491371/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45446, signal 491597/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45496, signal 491991/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45546, signal 492149/521784 (executing program) 2021/06/08 10:18:01 fetching corpus: 45596, signal 492347/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 45646, signal 492488/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 45696, signal 492644/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 45746, signal 492806/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 45796, signal 493042/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 45846, signal 493226/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 45896, signal 493563/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 45946, signal 493735/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 45996, signal 493968/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 46046, signal 494138/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 46096, signal 494282/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 46146, signal 494456/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 46196, signal 494637/521784 (executing program) 2021/06/08 10:18:02 fetching corpus: 46246, signal 494766/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46296, signal 494956/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46346, signal 495193/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46396, signal 495336/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46446, signal 495462/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46496, signal 495614/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46545, signal 495748/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46595, signal 495867/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46645, signal 495994/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46695, signal 496112/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46745, signal 496273/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46795, signal 496409/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46845, signal 496659/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46895, signal 496832/521784 (executing program) 2021/06/08 10:18:03 fetching corpus: 46945, signal 496956/521784 (executing program) 2021/06/08 10:18:04 fetching corpus: 46995, signal 497160/521784 (executing program) 2021/06/08 10:18:04 fetching corpus: 47045, signal 497330/521784 (executing program) 2021/06/08 10:18:04 fetching corpus: 47095, signal 497464/521784 (executing program) 2021/06/08 10:18:04 fetching corpus: 47145, signal 497589/521784 (executing program) 2021/06/08 10:18:04 fetching corpus: 47195, signal 497702/521784 (executing program) 2021/06/08 10:18:04 fetching corpus: 47245, signal 497817/521784 (executing program) 2021/06/08 10:18:04 fetching corpus: 47295, signal 498008/521784 (executing program) 2021/06/08 10:18:04 fetching corpus: 47345, signal 498139/521787 (executing program) 2021/06/08 10:18:04 fetching corpus: 47395, signal 498371/521787 (executing program) 2021/06/08 10:18:04 fetching corpus: 47445, signal 498528/521787 (executing program) 2021/06/08 10:18:04 fetching corpus: 47495, signal 498747/521787 (executing program) 2021/06/08 10:18:04 fetching corpus: 47545, signal 498918/521787 (executing program) 2021/06/08 10:18:04 fetching corpus: 47595, signal 499093/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 47645, signal 499343/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 47695, signal 499472/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 47745, signal 499587/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 47795, signal 499730/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 47845, signal 499848/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 47895, signal 499976/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 47945, signal 500140/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 47995, signal 500261/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 48045, signal 500469/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 48095, signal 500649/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 48145, signal 500912/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 48195, signal 501075/521787 (executing program) 2021/06/08 10:18:05 fetching corpus: 48245, signal 501190/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48295, signal 501372/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48345, signal 501555/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48395, signal 501728/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48445, signal 501904/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48495, signal 502073/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48545, signal 502410/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48595, signal 502651/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48645, signal 502803/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48695, signal 502966/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48745, signal 503106/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48795, signal 503565/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48845, signal 503754/521787 (executing program) 2021/06/08 10:18:06 fetching corpus: 48895, signal 503884/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 48945, signal 504214/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 48995, signal 504349/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49045, signal 504491/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49095, signal 504633/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49145, signal 504736/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49195, signal 504887/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49245, signal 504996/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49295, signal 505144/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49345, signal 505255/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49395, signal 505392/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49445, signal 505511/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49494, signal 505690/521787 (executing program) 2021/06/08 10:18:07 fetching corpus: 49544, signal 506063/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49594, signal 506217/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49644, signal 506329/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49694, signal 506450/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49744, signal 506670/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49794, signal 506826/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49844, signal 507031/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49894, signal 507220/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49944, signal 507471/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 49994, signal 507577/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 50044, signal 507682/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 50094, signal 507849/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 50144, signal 508218/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 50194, signal 508369/521787 (executing program) 2021/06/08 10:18:08 fetching corpus: 50244, signal 508536/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50294, signal 508660/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50344, signal 508918/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50394, signal 509057/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50444, signal 509411/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50494, signal 509552/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50544, signal 509767/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50594, signal 510124/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50644, signal 510310/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50694, signal 510574/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50744, signal 510729/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50794, signal 510908/521787 (executing program) 2021/06/08 10:18:09 fetching corpus: 50844, signal 511145/521787 (executing program) 2021/06/08 10:18:10 fetching corpus: 50880, signal 511243/521787 (executing program) 2021/06/08 10:18:10 fetching corpus: 50880, signal 511243/521787 (executing program) 2021/06/08 10:18:12 starting 6 fuzzer processes 10:18:16 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) [ 221.427895][ T8229] IPVS: ftp: loaded support on port[0] = 21 [ 221.796939][ T8229] chnl_net:caif_netlink_parms(): no params data found [ 222.071195][ T8229] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.078597][ T8229] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.088437][ T8229] device bridge_slave_0 entered promiscuous mode [ 222.106995][ T8229] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.114567][ T8229] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.124208][ T8229] device bridge_slave_1 entered promiscuous mode [ 222.182666][ T8229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 222.200934][ T8229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 222.251557][ T8229] team0: Port device team_slave_0 added [ 222.265066][ T8229] team0: Port device team_slave_1 added [ 222.310569][ T8229] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 222.317639][ T8229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.344720][ T8229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 222.363195][ T8229] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 222.370360][ T8229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.397375][ T8229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 222.456480][ T8229] device hsr_slave_0 entered promiscuous mode [ 222.466727][ T8229] device hsr_slave_1 entered promiscuous mode [ 222.742145][ T8229] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 222.762345][ T8229] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 222.804395][ T8229] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 222.839835][ T8229] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 223.125761][ T8229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.157105][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 223.166554][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 223.190234][ T8229] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.209445][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 223.219524][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 223.228969][ T1978] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.236655][ T1978] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.282621][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 223.291967][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 223.301841][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 223.311540][ T1978] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.318925][ T1978] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.327917][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 223.338969][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 223.360028][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 223.370632][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 223.403008][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 223.412999][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 223.420320][ T1978] Bluetooth: hci0: command 0x0409 tx timeout [ 223.423362][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 223.437945][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 223.447561][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 223.478639][ T8229] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.492411][ T8229] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 223.520773][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 223.530622][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 223.570232][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 223.578127][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 223.599896][ T8229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.660372][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 223.670531][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 223.723581][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 223.733694][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 223.754680][ T8229] device veth0_vlan entered promiscuous mode [ 223.770811][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 223.780342][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 223.804689][ T8229] device veth1_vlan entered promiscuous mode [ 223.815789][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 223.888671][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 223.899158][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 223.918495][ T8229] device veth0_macvtap entered promiscuous mode [ 223.939969][ T8229] device veth1_macvtap entered promiscuous mode [ 223.991135][ T8229] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.011339][ T8229] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 224.020063][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 224.029947][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 224.040165][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 224.050285][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 224.060410][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 224.070566][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 224.091675][ T8229] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.101105][ T8229] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.110302][ T8229] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.119327][ T8229] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.382498][ T845] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.391145][ T845] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.400735][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 224.500454][ T845] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.508524][ T845] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.517351][ T1978] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 10:18:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) 10:18:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) 10:18:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) [ 225.488970][ T8448] Bluetooth: hci0: command 0x041b tx timeout 10:18:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) 10:18:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 226.029198][ T8489] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 226.070597][ T1978] wlan1: authenticate with 08:02:11:00:00:00 [ 226.078243][ T1978] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 226.085913][ T860] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 226.099298][ T860] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) 10:18:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 226.120069][ T860] wlan1: authentication with 08:02:11:00:00:00 timed out [ 226.257201][ T8491] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 226.290033][ T1978] wlan1: authenticate with 08:02:11:00:00:00 [ 226.297501][ T1978] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) 10:18:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 226.305088][ T1385] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 226.315027][ T1385] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 226.330459][ T1385] wlan1: authentication with 08:02:11:00:00:00 timed out [ 226.454750][ T8495] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 226.500565][ T8448] wlan1: authenticate with 08:02:11:00:00:00 [ 226.508064][ T8448] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 226.515727][ T860] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 226.526430][ T860] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) 10:18:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 226.548362][ T860] wlan1: authentication with 08:02:11:00:00:00 timed out [ 226.659033][ T8497] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 226.693486][ T8448] wlan1: authenticate with 08:02:11:00:00:00 [ 226.701044][ T8448] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 226.708230][ T1385] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 226.721717][ T1385] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 226.738341][ T1385] wlan1: authentication with 08:02:11:00:00:00 timed out 10:18:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 226.884458][ T8500] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 226.919767][ T8448] wlan1: authenticate with 08:02:11:00:00:00 [ 226.927238][ T8448] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) 10:18:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 226.938067][ T860] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 226.959013][ T860] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 226.966403][ T860] wlan1: authentication with 08:02:11:00:00:00 timed out [ 227.175460][ T8504] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 227.210133][ T8448] wlan1: authenticate with 08:02:11:00:00:00 [ 227.217616][ T8448] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) 10:18:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 227.229070][ T1385] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 227.235889][ T1385] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 227.260443][ T1385] wlan1: authentication with 08:02:11:00:00:00 timed out [ 227.420885][ T8507] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 227.449838][ T1978] wlan1: authenticate with 08:02:11:00:00:00 [ 227.457299][ T1978] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) 10:18:24 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000000080), 0x0, 0x2) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x100}) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) r1 = syz_open_dev$binderN(&(0x7f0000000100), 0x0, 0x2) mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000180)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000200)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/10, 0xa}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f0000000300)}) [ 227.467435][ T860] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 227.500342][ T860] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 227.519542][ T860] wlan1: authentication with 08:02:11:00:00:00 timed out [ 227.580257][ T1978] Bluetooth: hci0: command 0x040f tx timeout [ 227.585206][ T8509] binder: BINDER_SET_CONTEXT_MGR already set [ 227.592772][ T8509] binder: 8508:8509 ioctl 4018620d 200000c0 returned -16 10:18:24 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 10:18:25 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 10:18:25 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 10:18:26 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 10:18:26 executing program 0: r0 = openat$tcp_congestion(0xffffff9c, &(0x7f0000000080), 0x1, 0x0) write$tcp_congestion(r0, &(0x7f00000000c0)='reno\x00', 0x5) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x78) r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000240)={@cgroup=r2, r1, 0x12, 0x0, 0x0}, 0x14) write$tcp_congestion(r0, &(0x7f0000000280)='reno\x00', 0x5) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@cgroup=r2, r1, 0x12}, 0x10) write$tcp_congestion(r0, &(0x7f0000000300)='reno\x00', 0x5) 10:18:28 executing program 0 (fault-call:7 fault-nth:0): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 231.602229][ T1978] Bluetooth: hci0: command 0x0419 tx timeout [ 231.777713][ T8549] FAULT_INJECTION: forcing a failure. [ 231.777713][ T8549] name failslab, interval 1, probability 0, space 0, times 1 [ 231.790870][ T8549] CPU: 1 PID: 8549 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 231.799801][ T8549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.810069][ T8549] Call Trace: [ 231.813479][ T8549] dump_stack+0x24c/0x2e0 [ 231.818051][ T8549] should_fail+0x8bd/0x9e0 [ 231.822752][ T8549] __should_failslab+0x1f1/0x290 [ 231.827862][ T8549] should_failslab+0x29/0x70 [ 231.832715][ T8549] kmem_cache_alloc+0xf6/0x1030 [ 231.837839][ T8549] ? kmsan_get_metadata+0x116/0x180 [ 231.843188][ T8549] ? getname_flags+0x154/0xbe0 [ 231.848125][ T8549] getname_flags+0x154/0xbe0 [ 231.852860][ T8549] ? kmsan_get_metadata+0x116/0x180 [ 231.858211][ T8549] ? kmsan_get_metadata+0x116/0x180 [ 231.863571][ T8549] __se_compat_sys_execveat+0xcc/0x180 [ 231.869247][ T8549] __ia32_compat_sys_execveat+0x62/0x80 [ 231.875018][ T8549] __do_fast_syscall_32+0x127/0x180 [ 231.880879][ T8549] do_fast_syscall_32+0x77/0xd0 [ 231.885924][ T8549] do_SYSENTER_32+0x73/0x90 [ 231.890598][ T8549] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 231.897100][ T8549] RIP: 0023:0xf7fe1549 [ 231.901292][ T8549] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 231.921818][ T8549] RSP: 002b:00000000f55db5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 231.930566][ T8549] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 231.938942][ T8549] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 231.947185][ T8549] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 231.955275][ T8549] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 231.963362][ T8549] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 10:18:29 executing program 1 (fault-call:4 fault-nth:0): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 10:18:29 executing program 0 (fault-call:7 fault-nth:1): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 232.405573][ T8557] FAULT_INJECTION: forcing a failure. [ 232.405573][ T8557] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 232.419147][ T8557] CPU: 1 PID: 8557 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 232.427988][ T8557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.438176][ T8557] Call Trace: [ 232.441977][ T8557] dump_stack+0x24c/0x2e0 [ 232.446514][ T8557] should_fail+0x8bd/0x9e0 [ 232.451111][ T8557] should_fail_usercopy+0x39/0x40 [ 232.456320][ T8557] strncpy_from_user+0x7d/0x830 [ 232.461605][ T8557] getname_flags+0x200/0xbe0 [ 232.466439][ T8557] ? kmsan_get_metadata+0x116/0x180 [ 232.471905][ T8557] __se_compat_sys_execveat+0xcc/0x180 [ 232.477671][ T8557] __ia32_compat_sys_execveat+0x62/0x80 [ 232.483416][ T8557] __do_fast_syscall_32+0x127/0x180 [ 232.488798][ T8557] do_fast_syscall_32+0x77/0xd0 [ 232.493813][ T8557] do_SYSENTER_32+0x73/0x90 [ 232.498489][ T8557] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 232.504991][ T8557] RIP: 0023:0xf7fe1549 [ 232.509171][ T8557] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 232.528932][ T8557] RSP: 002b:00000000f55db5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 232.537766][ T8557] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 232.545882][ T8557] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 232.553981][ T8557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 232.562068][ T8557] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 232.570151][ T8557] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 10:18:29 executing program 0 (fault-call:7 fault-nth:2): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 233.067771][ T8563] FAULT_INJECTION: forcing a failure. [ 233.067771][ T8563] name failslab, interval 1, probability 0, space 0, times 0 [ 233.080687][ T8563] CPU: 1 PID: 8563 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 233.089616][ T8563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.099876][ T8563] Call Trace: [ 233.103284][ T8563] dump_stack+0x24c/0x2e0 [ 233.107801][ T8563] should_fail+0x8bd/0x9e0 [ 233.112410][ T8563] __should_failslab+0x1f1/0x290 [ 233.117594][ T8563] should_failslab+0x29/0x70 [ 233.122370][ T8563] kmem_cache_alloc_trace+0x10e/0x1030 [ 233.128022][ T8563] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 233.134436][ T8563] ? kmsan_get_metadata+0x116/0x180 [ 233.139912][ T8563] ? alloc_bprm+0x90/0x7e0 [ 233.144528][ T8563] ? kmsan_get_metadata+0x116/0x180 [ 233.149894][ T8563] ? kmsan_get_metadata+0x116/0x180 [ 233.155275][ T8563] alloc_bprm+0x90/0x7e0 [ 233.159707][ T8563] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 233.165697][ T8563] do_execveat_common+0x316/0xc40 [ 233.170974][ T8563] __se_compat_sys_execveat+0x151/0x180 [ 233.176742][ T8563] __ia32_compat_sys_execveat+0x62/0x80 [ 233.182601][ T8563] __do_fast_syscall_32+0x127/0x180 [ 233.188005][ T8563] do_fast_syscall_32+0x77/0xd0 [ 233.193026][ T8563] do_SYSENTER_32+0x73/0x90 [ 233.197712][ T8563] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 233.204564][ T8563] RIP: 0023:0xf7fe1549 [ 233.208747][ T8563] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 233.228697][ T8563] RSP: 002b:00000000f55db5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 233.237365][ T8563] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 233.245464][ T8563] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 233.253556][ T8563] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 233.261648][ T8563] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 233.269739][ T8563] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 10:18:30 executing program 0 (fault-call:7 fault-nth:3): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 233.525375][ T8571] FAULT_INJECTION: forcing a failure. [ 233.525375][ T8571] name failslab, interval 1, probability 0, space 0, times 0 [ 233.538439][ T8571] CPU: 1 PID: 8571 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 233.547281][ T8571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.557456][ T8571] Call Trace: [ 233.560817][ T8571] dump_stack+0x24c/0x2e0 [ 233.565426][ T8571] should_fail+0x8bd/0x9e0 [ 233.570024][ T8571] __should_failslab+0x1f1/0x290 [ 233.575124][ T8571] should_failslab+0x29/0x70 [ 233.579884][ T8571] kmem_cache_alloc+0xf6/0x1030 [ 233.584912][ T8571] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 233.590885][ T8571] ? mm_alloc+0x5e/0x1a0 [ 233.595293][ T8571] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 233.601526][ T8571] ? kmem_cache_alloc_trace+0x9e5/0x1030 [ 233.607355][ T8571] mm_alloc+0x5e/0x1a0 [ 233.611591][ T8571] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 233.617565][ T8571] alloc_bprm+0x39e/0x7e0 [ 233.622078][ T8571] do_execveat_common+0x316/0xc40 [ 233.627402][ T8571] __se_compat_sys_execveat+0x151/0x180 [ 233.633158][ T8571] __ia32_compat_sys_execveat+0x62/0x80 [ 233.638904][ T8571] __do_fast_syscall_32+0x127/0x180 [ 233.644370][ T8571] do_fast_syscall_32+0x77/0xd0 [ 233.649395][ T8571] do_SYSENTER_32+0x73/0x90 [ 233.654068][ T8571] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 233.660578][ T8571] RIP: 0023:0xf7fe1549 [ 233.665036][ T8571] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 233.685163][ T8571] RSP: 002b:00000000f55db5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 233.693840][ T8571] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 233.701951][ T8571] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 233.710144][ T8571] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 233.718226][ T8571] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 233.726448][ T8571] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 10:18:31 executing program 0 (fault-call:7 fault-nth:4): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 234.114311][ T8583] FAULT_INJECTION: forcing a failure. [ 234.114311][ T8583] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 234.128246][ T8583] CPU: 0 PID: 8583 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 234.137178][ T8583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.147355][ T8583] Call Trace: [ 234.150823][ T8583] dump_stack+0x24c/0x2e0 [ 234.155523][ T8583] should_fail+0x8bd/0x9e0 [ 234.160198][ T8583] should_fail_alloc_page+0x1e3/0x260 [ 234.165887][ T8583] __alloc_pages_nodemask+0x32e/0xf90 [ 234.171087][ T8564] IPVS: ftp: loaded support on port[0] = 21 [ 234.171481][ T8583] alloc_pages_current+0x7b6/0xb60 [ 234.182544][ T8583] __get_free_pages+0x33/0xc0 [ 234.187425][ T8583] pgd_alloc+0x5c/0x550 [ 234.191836][ T8583] ? kmsan_get_metadata+0x116/0x180 [ 234.197269][ T8583] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 234.203234][ T8583] mm_init+0x776/0xc70 [ 234.207534][ T8583] mm_alloc+0x146/0x1a0 [ 234.211888][ T8583] alloc_bprm+0x39e/0x7e0 [ 234.216480][ T8583] do_execveat_common+0x316/0xc40 [ 234.221739][ T8583] __se_compat_sys_execveat+0x151/0x180 [ 234.227506][ T8583] __ia32_compat_sys_execveat+0x62/0x80 [ 234.233275][ T8583] __do_fast_syscall_32+0x127/0x180 [ 234.238753][ T8583] do_fast_syscall_32+0x77/0xd0 [ 234.243796][ T8583] do_SYSENTER_32+0x73/0x90 [ 234.248490][ T8583] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 234.255063][ T8583] RIP: 0023:0xf7fe1549 [ 234.259224][ T8583] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 234.278940][ T8583] RSP: 002b:00000000f55ba5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 234.287756][ T8583] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 234.296528][ T8583] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 234.304594][ T8583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 234.312661][ T8583] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 234.320907][ T8583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 10:18:32 executing program 0 (fault-call:7 fault-nth:5): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 234.933083][ T8564] chnl_net:caif_netlink_parms(): no params data found [ 235.191122][ T8710] FAULT_INJECTION: forcing a failure. [ 235.191122][ T8710] name failslab, interval 1, probability 0, space 0, times 0 [ 235.204166][ T8710] CPU: 1 PID: 8710 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 235.213108][ T8710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.223287][ T8710] Call Trace: [ 235.226665][ T8710] dump_stack+0x24c/0x2e0 [ 235.231190][ T8710] should_fail+0x8bd/0x9e0 [ 235.235809][ T8710] __should_failslab+0x1f1/0x290 [ 235.240961][ T8710] should_failslab+0x29/0x70 [ 235.245796][ T8710] kmem_cache_alloc+0xf6/0x1030 [ 235.250905][ T8710] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 235.253638][ T8564] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.257135][ T8710] ? vm_area_alloc+0x70/0x250 [ 235.264866][ T8564] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.269112][ T8710] ? __list_add_valid+0xb8/0x420 [ 235.269316][ T8710] ? kmsan_get_metadata+0x116/0x180 [ 235.278331][ T8564] device bridge_slave_0 entered promiscuous mode [ 235.281419][ T8710] ? kmsan_get_metadata+0x116/0x180 [ 235.281557][ T8710] vm_area_alloc+0x70/0x250 [ 235.302896][ T8710] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 235.308894][ T8710] __bprm_mm_init+0x74/0x6f0 [ 235.313693][ T8710] alloc_bprm+0x4cb/0x7e0 [ 235.318205][ T8710] do_execveat_common+0x316/0xc40 [ 235.323438][ T8710] __se_compat_sys_execveat+0x151/0x180 [ 235.329201][ T8710] __ia32_compat_sys_execveat+0x62/0x80 [ 235.334950][ T8710] __do_fast_syscall_32+0x127/0x180 [ 235.340351][ T8710] do_fast_syscall_32+0x77/0xd0 [ 235.345398][ T8710] do_SYSENTER_32+0x73/0x90 [ 235.350076][ T8710] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 235.353398][ T8564] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.356577][ T8710] RIP: 0023:0xf7fe1549 [ 235.356660][ T8710] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 235.363984][ T8564] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.367976][ T8710] RSP: 002b:00000000f55db5fc EFLAGS: 00000296 [ 235.390429][ T8564] device bridge_slave_1 entered promiscuous mode [ 235.394852][ T8710] ORIG_RAX: 0000000000000166 [ 235.394897][ T8710] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 235.420630][ T8710] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 235.428743][ T8710] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 235.436835][ T8710] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 235.445106][ T8710] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 235.511465][ T8564] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 235.531177][ T8564] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 235.586123][ T8564] team0: Port device team_slave_0 added [ 235.600877][ T8564] team0: Port device team_slave_1 added [ 235.666443][ T8564] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 235.673663][ T8564] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 235.700279][ T8564] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active 10:18:32 executing program 0 (fault-call:7 fault-nth:6): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 235.719958][ T8564] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 235.727042][ T8564] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 235.753359][ T8564] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 235.816219][ T8564] device hsr_slave_0 entered promiscuous mode [ 235.842459][ T8564] device hsr_slave_1 entered promiscuous mode [ 235.870029][ T8564] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 235.877900][ T8564] Cannot create hsr debugfs directory [ 236.083869][ T8767] FAULT_INJECTION: forcing a failure. [ 236.083869][ T8767] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 236.097731][ T8767] CPU: 0 PID: 8767 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 236.106577][ T8767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.117112][ T8767] Call Trace: [ 236.120487][ T8767] dump_stack+0x24c/0x2e0 [ 236.125005][ T8767] should_fail+0x8bd/0x9e0 [ 236.129600][ T8767] should_fail_alloc_page+0x1e3/0x260 [ 236.135171][ T8767] __alloc_pages_nodemask+0x32e/0xf90 [ 236.140740][ T8767] alloc_pages_current+0x7b6/0xb60 [ 236.146049][ T8767] get_zeroed_page+0x47/0xd0 [ 236.150827][ T8767] __pud_alloc+0xb3/0x4a0 [ 236.155380][ T8767] ? kmsan_get_metadata+0x116/0x180 [ 236.160933][ T8767] handle_mm_fault+0x231e/0x4ef0 [ 236.166150][ T8767] ? unwind_get_return_address+0x80/0x120 [ 236.172054][ T8767] ? kmsan_get_metadata+0x116/0x180 [ 236.177408][ T8767] ? kmsan_get_metadata+0x116/0x180 [ 236.182792][ T8767] __get_user_pages+0x1e96/0x2ee0 [ 236.188011][ T8767] __get_user_pages_remote+0x6fc/0x16d0 [ 236.193721][ T8767] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 236.199742][ T8767] ? kmsan_internal_set_origin+0x60/0xc0 [ 236.205546][ T8767] get_user_pages_remote+0x1f3/0x260 [ 236.211014][ T8767] copy_string_kernel+0x53b/0xdf0 [ 236.216400][ T8767] ? kmsan_internal_set_origin+0x85/0xc0 [ 236.222219][ T8767] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 236.228224][ T8767] do_execveat_common+0x78b/0xc40 [ 236.233474][ T8767] __se_compat_sys_execveat+0x151/0x180 [ 236.239249][ T8767] __ia32_compat_sys_execveat+0x62/0x80 [ 236.245105][ T8767] __do_fast_syscall_32+0x127/0x180 [ 236.250497][ T8767] do_fast_syscall_32+0x77/0xd0 [ 236.255542][ T8767] do_SYSENTER_32+0x73/0x90 [ 236.260193][ T8767] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 236.266652][ T8767] RIP: 0023:0xf7fe1549 [ 236.270841][ T8767] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 236.290565][ T8767] RSP: 002b:00000000f55db5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 236.299194][ T8767] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 236.307261][ T8767] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 236.315534][ T8767] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 236.323590][ T8767] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 236.331750][ T8767] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 236.476798][ T8564] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 236.548403][ T60] Bluetooth: hci1: command 0x0409 tx timeout [ 236.583304][ T8564] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 236.622308][ T8564] netdevsim netdevsim1 netdevsim2: renamed from eth2 10:18:33 executing program 0 (fault-call:7 fault-nth:7): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 236.669883][ T8564] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 237.061478][ T8813] FAULT_INJECTION: forcing a failure. [ 237.061478][ T8813] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 237.075309][ T8813] CPU: 0 PID: 8813 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 237.084229][ T8813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.094587][ T8813] Call Trace: [ 237.097956][ T8813] dump_stack+0x24c/0x2e0 [ 237.102681][ T8813] should_fail+0x8bd/0x9e0 [ 237.107284][ T8813] should_fail_alloc_page+0x1e3/0x260 [ 237.113068][ T8813] __alloc_pages_nodemask+0x32e/0xf90 [ 237.118833][ T8813] alloc_pages_current+0x7b6/0xb60 [ 237.124132][ T8813] __pmd_alloc+0xc2/0x8a0 [ 237.128613][ T8813] ? __pud_alloc+0x39f/0x4a0 [ 237.133368][ T8813] ? kmsan_get_metadata+0x116/0x180 [ 237.138754][ T8813] handle_mm_fault+0x1a27/0x4ef0 [ 237.144403][ T8813] ? unwind_get_return_address+0x51/0x120 [ 237.150368][ T8813] __get_user_pages+0x1e96/0x2ee0 [ 237.155601][ T8813] __get_user_pages_remote+0x6fc/0x16d0 [ 237.161324][ T8813] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 237.167434][ T8813] ? kmsan_internal_set_origin+0x60/0xc0 [ 237.173239][ T8813] get_user_pages_remote+0x1f3/0x260 [ 237.178711][ T8813] copy_string_kernel+0x53b/0xdf0 [ 237.183925][ T8813] ? kmsan_internal_set_origin+0x85/0xc0 [ 237.189732][ T8813] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 237.195722][ T8813] do_execveat_common+0x78b/0xc40 [ 237.200953][ T8813] __se_compat_sys_execveat+0x151/0x180 [ 237.206705][ T8813] __ia32_compat_sys_execveat+0x62/0x80 [ 237.212458][ T8813] __do_fast_syscall_32+0x127/0x180 [ 237.218366][ T8813] do_fast_syscall_32+0x77/0xd0 [ 237.223390][ T8813] do_SYSENTER_32+0x73/0x90 [ 237.228073][ T8813] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 237.234597][ T8813] RIP: 0023:0xf7fe1549 [ 237.238782][ T8813] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 237.258573][ T8813] RSP: 002b:00000000f55db5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 237.267142][ T8813] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 237.275238][ T8813] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 237.283323][ T8813] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 237.291408][ T8813] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 237.299575][ T8813] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 10:18:34 executing program 0 (fault-call:7 fault-nth:8): execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 237.398245][ T8564] 8021q: adding VLAN 0 to HW filter on device bond0 [ 237.442572][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 237.451607][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 237.474941][ T8564] 8021q: adding VLAN 0 to HW filter on device team0 [ 237.497737][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 237.507875][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 237.517924][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.525460][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 237.596457][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 237.605775][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 237.615938][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 237.625575][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.633069][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 237.642294][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 237.652917][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 237.663604][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 237.673975][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 237.684251][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 237.694522][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 237.743585][ T8564] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 237.760819][ T8564] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 237.815962][ T8820] FAULT_INJECTION: forcing a failure. [ 237.815962][ T8820] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 237.831123][ T8820] CPU: 1 PID: 8820 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 237.840079][ T8820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.845971][ T8564] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 237.850493][ T8820] Call Trace: [ 237.850530][ T8820] dump_stack+0x24c/0x2e0 [ 237.864649][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 237.865082][ T8820] should_fail+0x8bd/0x9e0 [ 237.874518][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 237.876842][ T8820] should_fail_alloc_page+0x1e3/0x260 [ 237.887156][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 237.890690][ T8820] __alloc_pages_nodemask+0x32e/0xf90 [ 237.890869][ T8820] alloc_pages_current+0x7b6/0xb60 [ 237.900815][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 237.904189][ T8820] pte_alloc_one+0x67/0x270 [ 237.910778][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 237.917305][ T8820] ? __msan_instrument_asm_store+0x22/0x130 [ 237.923375][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 237.929755][ T8820] __pte_alloc+0x75/0x5e0 [ 237.929863][ T8820] ? kmsan_get_metadata+0x116/0x180 [ 237.936113][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 237.943193][ T8820] ? kmsan_get_metadata+0x116/0x180 [ 237.943308][ T8820] do_anonymous_page+0x9d7/0x2700 [ 237.970669][ T8820] ? kmsan_get_metadata+0x116/0x180 [ 237.976038][ T8820] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 237.982028][ T8820] handle_mm_fault+0x3c31/0x4ef0 [ 237.987194][ T8820] __get_user_pages+0x1e96/0x2ee0 [ 237.992424][ T8820] __get_user_pages_remote+0x6fc/0x16d0 [ 237.998135][ T8820] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 238.004218][ T8820] ? kmsan_internal_set_origin+0x60/0xc0 [ 238.010195][ T8820] get_user_pages_remote+0x1f3/0x260 [ 238.015665][ T8820] copy_string_kernel+0x53b/0xdf0 [ 238.020979][ T8820] ? kmsan_internal_set_origin+0x85/0xc0 [ 238.026803][ T8820] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 238.033001][ T8820] do_execveat_common+0x78b/0xc40 [ 238.038349][ T8820] __se_compat_sys_execveat+0x151/0x180 [ 238.044123][ T8820] __ia32_compat_sys_execveat+0x62/0x80 [ 238.049981][ T8820] __do_fast_syscall_32+0x127/0x180 [ 238.055560][ T8820] do_fast_syscall_32+0x77/0xd0 [ 238.060594][ T8820] do_SYSENTER_32+0x73/0x90 [ 238.065324][ T8820] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 238.071839][ T8820] RIP: 0023:0xf7fe1549 [ 238.075842][ T8564] device veth0_vlan entered promiscuous mode [ 238.076016][ T8820] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 238.101677][ T8820] RSP: 002b:00000000f55db5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 238.110258][ T8820] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280 [ 238.118545][ T8820] RDX: 00000000200002c0 RSI: 0000000020000300 RDI: 0000000000000000 [ 238.122306][ T8564] device veth1_vlan entered promiscuous mode [ 238.126889][ T8820] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 238.140911][ T8820] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 238.148477][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 238.148990][ T8820] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 238.166016][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 238.176298][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 238.186132][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 238.195600][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 238.206005][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 238.310219][ T8564] device veth0_macvtap entered promiscuous mode [ 238.330543][ T8564] device veth1_macvtap entered promiscuous mode [ 238.344409][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 238.353498][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 238.362705][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 238.374890][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 238.384703][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 238.430519][ T8564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 238.441548][ T8564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.455522][ T8564] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 238.466134][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 238.475655][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 238.485875][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 238.524707][ T8564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 238.542668][ T8564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.555951][ T8564] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 238.569918][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 238.580479][ T2919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 238.609764][ T8564] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.621679][ T8564] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.626434][ T1978] Bluetooth: hci1: command 0x041b tx timeout [ 238.630767][ T8564] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.645775][ T8564] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 10:18:36 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 238.960691][ T328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.968962][ T328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.977511][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 239.074200][ T1270] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.082575][ T1270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 239.093257][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 239.340911][ T8847] FAULT_INJECTION: forcing a failure. [ 239.340911][ T8847] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 239.354644][ T8847] CPU: 1 PID: 8847 Comm: syz-executor.1 Not tainted 5.12.0-rc6-syzkaller #0 [ 239.363500][ T8847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.373679][ T8847] Call Trace: [ 239.377059][ T8847] dump_stack+0x24c/0x2e0 [ 239.381576][ T8847] should_fail+0x8bd/0x9e0 [ 239.386233][ T8847] should_fail_usercopy+0x39/0x40 [ 239.391563][ T8847] _copy_from_user+0x63/0x300 [ 239.396427][ T8847] __get_compat_msghdr+0x106/0x9d0 [ 239.401836][ T8847] ? kmsan_get_metadata+0x116/0x180 [ 239.407233][ T8847] ? kmsan_internal_set_origin+0x85/0xc0 [ 239.413103][ T8847] ? rcu_read_unlock_strict+0x9/0x10 [ 239.418806][ T8847] get_compat_msghdr+0x108/0x2b0 [ 239.424113][ T8847] __sys_sendmsg+0x4ac/0x830 [ 239.429198][ T8847] ? kmsan_get_metadata+0x116/0x180 [ 239.434771][ T8847] ? kmsan_get_metadata+0x116/0x180 [ 239.440155][ T8847] ? kmsan_internal_set_origin+0x85/0xc0 [ 239.446063][ T8847] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 239.452303][ T8847] ? __msan_instrument_asm_store+0x107/0x130 [ 239.458471][ T8847] ? fput+0x82/0x320 [ 239.462711][ T8847] ? kmsan_get_metadata+0x116/0x180 [ 239.468186][ T8847] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 239.474169][ T8847] ? kmsan_get_metadata+0x116/0x180 [ 239.479629][ T8847] ? kmsan_get_metadata+0x116/0x180 [ 239.485106][ T8847] __se_compat_sys_sendmsg+0xa7/0xc0 [ 239.490679][ T8847] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 239.496619][ T8847] __do_fast_syscall_32+0x127/0x180 [ 239.502111][ T8847] do_fast_syscall_32+0x77/0xd0 [ 239.507286][ T8847] do_SYSENTER_32+0x73/0x90 [ 239.512168][ T8847] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 239.518714][ T8847] RIP: 0023:0xf7f5e549 [ 239.523004][ T8847] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 239.542797][ T8847] RSP: 002b:00000000f55585fc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 239.551403][ T8847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 239.559519][ T8847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 239.567822][ T8847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 239.576114][ T8847] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 239.584222][ T8847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 239.627648][ T8851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 239.703945][ T8851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 239.792228][ T8852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:37 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 10:18:37 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 10:18:37 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 240.649094][ T8866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.661657][ T1978] wlan1: authenticate with 08:02:11:00:00:00 [ 240.669338][ T1978] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 240.689498][ T1978] Bluetooth: hci1: command 0x040f tx timeout [ 240.735088][ T860] wlan1: authenticated [ 240.743463][ T1978] mac80211_hwsim hwsim5 wlan1: disabling HT/VHT/HE as WMM/QoS is not supported by the AP [ 240.759788][ T328] wlan1: associate with 08:02:11:00:00:00 (try 1/3) [ 240.768031][ T8868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.834138][ T860] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1) [ 240.834431][ T8866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.843089][ T860] wlan1: associated 10:18:38 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 10:18:38 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 241.506572][ T8884] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:38 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x2, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 241.789058][ T8893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 241.890555][ C1] ===================================================== [ 241.897717][ C1] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 241.905639][ C1] CPU: 1 PID: 860 Comm: kworker/u4:12 Not tainted 5.12.0-rc6-syzkaller #0 [ 241.914573][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.925098][ C1] Workqueue: phy6 ieee80211_beacon_connection_loss_work [ 241.932079][ C1] Call Trace: [ 241.935386][ C1] [ 241.938247][ C1] dump_stack+0x24c/0x2e0 [ 241.942629][ C1] kmsan_report+0xfb/0x1e0 [ 241.947084][ C1] __msan_warning+0x5c/0xa0 [ 241.951660][ C1] ieee80211_sta_tx_notify+0x3b1/0x920 [ 241.957156][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 241.962988][ C1] ? kmsan_get_metadata+0x116/0x180 [ 241.968218][ C1] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 241.973972][ C1] ieee80211_tx_status+0x221/0x270 [ 241.979321][ C1] ieee80211_tasklet_handler+0x322/0x390 [ 241.984985][ C1] ? ieee80211_reconfig_filter+0x50/0x50 [ 241.990746][ C1] tasklet_action_common+0x3de/0x640 [ 241.996057][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 242.002490][ C1] ? tasklet_kill+0x210/0x210 [ 242.007190][ C1] tasklet_action+0x30/0x40 [ 242.011741][ C1] __do_softirq+0x1b9/0x715 [ 242.016349][ C1] ? idle_cpu+0x9a/0x1d0 [ 242.020707][ C1] ? __irq_exit_rcu+0x83/0x280 [ 242.025491][ C1] do_softirq+0x123/0x1c0 [ 242.029851][ C1] [ 242.032791][ C1] __local_bh_enable_ip+0xa1/0xb0 [ 242.037846][ C1] local_bh_enable+0x36/0x40 [ 242.042520][ C1] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 242.048352][ C1] ieee80211_send_nullfunc+0x59a/0x6e0 [ 242.054010][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 242.059850][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 242.065340][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 242.072155][ C1] ? ieee80211_chswitch_work+0x1470/0x1470 [ 242.077995][ C1] process_one_work+0x1219/0x1fe0 [ 242.083128][ C1] worker_thread+0x10ec/0x2340 [ 242.087938][ C1] kthread+0x521/0x560 [ 242.092019][ C1] ? process_one_work+0x1fe0/0x1fe0 [ 242.097269][ C1] ? kthread_blkcg+0x110/0x110 [ 242.102136][ C1] ret_from_fork+0x1f/0x30 [ 242.106582][ C1] [ 242.108902][ C1] Uninit was created at: [ 242.113132][ C1] kmsan_internal_poison_shadow+0x5c/0xf0 [ 242.118882][ C1] kmsan_slab_alloc+0x8e/0xe0 [ 242.123575][ C1] __kmalloc_node_track_caller+0xa4f/0x1470 [ 242.129490][ C1] __alloc_skb+0x4dd/0xe90 [ 242.133920][ C1] __netdev_alloc_skb+0x45d/0x810 [ 242.139098][ C1] ieee80211_nullfunc_get+0x2b6/0x820 [ 242.144507][ C1] ieee80211_send_nullfunc+0x216/0x6e0 [ 242.150082][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 242.155998][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 242.161477][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 242.168180][ C1] process_one_work+0x1219/0x1fe0 [ 242.173320][ C1] worker_thread+0x10ec/0x2340 [ 242.178110][ C1] kthread+0x521/0x560 [ 242.182207][ C1] ret_from_fork+0x1f/0x30 10:18:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x3, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 242.186740][ C1] ===================================================== [ 242.193663][ C1] Disabling lock debugging due to kernel taint 10:18:39 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x4) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 242.370127][ T8902] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x4, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 242.591051][ T8905] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x5, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 242.772375][ T8448] Bluetooth: hci1: command 0x0419 tx timeout [ 243.041766][ T8920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:40 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x5) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 10:18:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x6, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 243.462905][ T8927] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x7, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 243.853842][ T8938] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 243.893105][ C1] ===================================================== [ 243.900437][ C1] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 243.908300][ C1] CPU: 1 PID: 860 Comm: kworker/u4:12 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 243.918312][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.928476][ C1] Workqueue: phy6 ieee80211_beacon_connection_loss_work [ 243.935594][ C1] Call Trace: [ 243.938889][ C1] [ 243.941738][ C1] dump_stack+0x24c/0x2e0 [ 243.946092][ C1] kmsan_report+0xfb/0x1e0 [ 243.950522][ C1] __msan_warning+0x5c/0xa0 [ 243.955040][ C1] ieee80211_sta_tx_notify+0x3b1/0x920 [ 243.960526][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 243.966365][ C1] ? kmsan_get_metadata+0x116/0x180 [ 243.971608][ C1] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 243.977278][ C1] ieee80211_tx_status+0x221/0x270 [ 243.982675][ C1] ieee80211_tasklet_handler+0x322/0x390 [ 243.988686][ C1] ? ieee80211_reconfig_filter+0x50/0x50 [ 243.994346][ C1] tasklet_action_common+0x3de/0x640 [ 243.999653][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 244.005916][ C1] ? tasklet_kill+0x210/0x210 [ 244.010622][ C1] tasklet_action+0x30/0x40 [ 244.015162][ C1] __do_softirq+0x1b9/0x715 [ 244.019685][ C1] ? idle_cpu+0x9a/0x1d0 [ 244.023957][ C1] ? __irq_exit_rcu+0x83/0x280 [ 244.028769][ C1] do_softirq+0x123/0x1c0 [ 244.033209][ C1] [ 244.036157][ C1] __local_bh_enable_ip+0xa1/0xb0 [ 244.041377][ C1] local_bh_enable+0x36/0x40 [ 244.046001][ C1] __ieee80211_tx_skb_tid_band+0x28f/0x390 10:18:41 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x8, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 244.051859][ C1] ieee80211_send_nullfunc+0x59a/0x6e0 [ 244.057435][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 244.063271][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 244.068676][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 244.075384][ C1] ? ieee80211_chswitch_work+0x1470/0x1470 [ 244.081217][ C1] process_one_work+0x1219/0x1fe0 [ 244.086284][ C1] worker_thread+0x10ec/0x2340 [ 244.091093][ C1] kthread+0x521/0x560 [ 244.095199][ C1] ? process_one_work+0x1fe0/0x1fe0 [ 244.100424][ C1] ? kthread_blkcg+0x110/0x110 [ 244.105203][ C1] ret_from_fork+0x1f/0x30 [ 244.109636][ C1] [ 244.112075][ C1] Uninit was created at: [ 244.116393][ C1] kmsan_internal_poison_shadow+0x5c/0xf0 [ 244.122139][ C1] kmsan_slab_alloc+0x8e/0xe0 [ 244.126911][ C1] __kmalloc_node_track_caller+0xa4f/0x1470 [ 244.132825][ C1] __alloc_skb+0x4dd/0xe90 [ 244.137260][ C1] __netdev_alloc_skb+0x45d/0x810 [ 244.142299][ C1] ieee80211_nullfunc_get+0x2b6/0x820 [ 244.147701][ C1] ieee80211_send_nullfunc+0x216/0x6e0 [ 244.153189][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 244.159030][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 244.164428][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 244.171125][ C1] process_one_work+0x1219/0x1fe0 [ 244.176177][ C1] worker_thread+0x10ec/0x2340 [ 244.180966][ C1] kthread+0x521/0x560 [ 244.185056][ C1] ret_from_fork+0x1f/0x30 [ 244.189488][ C1] ===================================================== 10:18:41 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x6) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 244.555184][ T8944] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:41 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x9, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 244.950262][ T8953] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xa, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 245.222726][ T8961] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:42 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x7) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 10:18:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xb, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 245.603725][ T8968] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xc, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 245.889565][ C1] ===================================================== [ 245.896531][ C1] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 245.904382][ C1] CPU: 1 PID: 860 Comm: kworker/u4:12 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 245.914301][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 245.924373][ C1] Workqueue: phy6 ieee80211_beacon_connection_loss_work [ 245.931452][ C1] Call Trace: [ 245.934742][ C1] [ 245.937598][ C1] dump_stack+0x24c/0x2e0 [ 245.941958][ C1] kmsan_report+0xfb/0x1e0 [ 245.946400][ C1] __msan_warning+0x5c/0xa0 [ 245.950913][ C1] ieee80211_sta_tx_notify+0x3b1/0x920 [ 245.956397][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 245.962229][ C1] ? kmsan_get_metadata+0x116/0x180 [ 245.967451][ C1] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 245.973215][ C1] ieee80211_tx_status+0x221/0x270 [ 245.978353][ C1] ieee80211_tasklet_handler+0x322/0x390 [ 245.984063][ C1] ? ieee80211_reconfig_filter+0x50/0x50 [ 245.989723][ C1] tasklet_action_common+0x3de/0x640 [ 245.995032][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 246.001213][ C1] ? tasklet_kill+0x210/0x210 [ 246.005924][ C1] tasklet_action+0x30/0x40 [ 246.010452][ C1] __do_softirq+0x1b9/0x715 [ 246.015181][ C1] ? idle_cpu+0x9a/0x1d0 [ 246.019454][ C1] ? __irq_exit_rcu+0x83/0x280 [ 246.024239][ C1] do_softirq+0x123/0x1c0 [ 246.028684][ C1] [ 246.031626][ C1] __local_bh_enable_ip+0xa1/0xb0 [ 246.036757][ C1] local_bh_enable+0x36/0x40 [ 246.041464][ C1] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 246.047386][ C1] ieee80211_send_nullfunc+0x59a/0x6e0 [ 246.052869][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 246.058731][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 246.064131][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 246.070835][ C1] ? ieee80211_chswitch_work+0x1470/0x1470 [ 246.076663][ C1] process_one_work+0x1219/0x1fe0 [ 246.081725][ C1] worker_thread+0x10ec/0x2340 [ 246.086521][ C1] kthread+0x521/0x560 [ 246.090802][ C1] ? process_one_work+0x1fe0/0x1fe0 [ 246.096055][ C1] ? kthread_blkcg+0x110/0x110 [ 246.100844][ C1] ret_from_fork+0x1f/0x30 [ 246.105284][ C1] [ 246.107693][ C1] Uninit was created at: [ 246.111925][ C1] kmsan_internal_poison_shadow+0x5c/0xf0 [ 246.117692][ C1] kmsan_slab_alloc+0x8e/0xe0 [ 246.122385][ C1] __kmalloc_node_track_caller+0xa4f/0x1470 [ 246.128384][ C1] __alloc_skb+0x4dd/0xe90 [ 246.132811][ C1] __netdev_alloc_skb+0x45d/0x810 [ 246.137851][ C1] ieee80211_nullfunc_get+0x2b6/0x820 [ 246.143246][ C1] ieee80211_send_nullfunc+0x216/0x6e0 [ 246.148751][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 246.154686][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 246.160087][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 246.166786][ C1] process_one_work+0x1219/0x1fe0 [ 246.171855][ C1] worker_thread+0x10ec/0x2340 [ 246.176645][ C1] kthread+0x521/0x560 [ 246.180821][ C1] ret_from_fork+0x1f/0x30 [ 246.185277][ C1] ===================================================== [ 246.201880][ T8977] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:43 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 246.237169][ T8978] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:43 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 246.795561][ T8989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x60, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 10:18:44 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0x9) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 247.171374][ T8996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x88, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 247.575696][ T9004] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x300, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 10:18:45 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0xa) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 247.889399][ C0] ===================================================== [ 247.896366][ C0] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 247.904208][ C0] CPU: 0 PID: 860 Comm: kworker/u4:12 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 247.914402][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.924473][ C0] Workqueue: phy6 ieee80211_beacon_connection_loss_work [ 247.931572][ C0] Call Trace: [ 247.934900][ C0] [ 247.937751][ C0] dump_stack+0x24c/0x2e0 [ 247.942116][ C0] kmsan_report+0xfb/0x1e0 [ 247.946643][ C0] __msan_warning+0x5c/0xa0 [ 247.951255][ C0] ieee80211_sta_tx_notify+0x3b1/0x920 [ 247.956763][ C0] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 247.962594][ C0] ? kmsan_get_metadata+0x116/0x180 [ 247.967809][ C0] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 247.968904][ T9011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 247.973560][ C0] ieee80211_tx_status+0x221/0x270 [ 247.973600][ C0] ieee80211_tasklet_handler+0x322/0x390 [ 247.973633][ C0] ? ieee80211_reconfig_filter+0x50/0x50 [ 247.973666][ C0] tasklet_action_common+0x3de/0x640 [ 248.005310][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 248.011494][ C0] ? tasklet_kill+0x210/0x210 [ 248.016198][ C0] tasklet_action+0x30/0x40 [ 248.020804][ C0] __do_softirq+0x1b9/0x715 [ 248.025339][ C0] ? idle_cpu+0x9a/0x1d0 [ 248.029603][ C0] ? __irq_exit_rcu+0x83/0x280 [ 248.034406][ C0] do_softirq+0x123/0x1c0 [ 248.038754][ C0] [ 248.041691][ C0] __local_bh_enable_ip+0xa1/0xb0 [ 248.046823][ C0] local_bh_enable+0x36/0x40 [ 248.051432][ C0] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 248.055701][ T9011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 248.057453][ C0] ieee80211_send_nullfunc+0x59a/0x6e0 [ 248.057494][ C0] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 248.078561][ C0] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 248.083962][ C0] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 248.090668][ C0] ? ieee80211_chswitch_work+0x1470/0x1470 [ 248.096584][ C0] process_one_work+0x1219/0x1fe0 [ 248.101640][ C0] worker_thread+0x10ec/0x2340 [ 248.106437][ C0] kthread+0x521/0x560 [ 248.110535][ C0] ? process_one_work+0x1fe0/0x1fe0 [ 248.115760][ C0] ? kthread_blkcg+0x110/0x110 [ 248.120542][ C0] ret_from_fork+0x1f/0x30 [ 248.125413][ C0] [ 248.127733][ C0] Uninit was created at: [ 248.131965][ C0] kmsan_internal_poison_shadow+0x5c/0xf0 [ 248.137710][ C0] kmsan_slab_alloc+0x8e/0xe0 [ 248.142404][ C0] __kmalloc_node_track_caller+0xa4f/0x1470 [ 248.144413][ T9012] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 248.148312][ C0] __alloc_skb+0x4dd/0xe90 [ 248.148341][ C0] __netdev_alloc_skb+0x45d/0x810 [ 248.167667][ C0] ieee80211_nullfunc_get+0x2b6/0x820 [ 248.173070][ C0] ieee80211_send_nullfunc+0x216/0x6e0 [ 248.178546][ C0] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 248.184371][ C0] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 248.189787][ C0] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 248.196525][ C0] process_one_work+0x1219/0x1fe0 [ 248.201571][ C0] worker_thread+0x10ec/0x2340 [ 248.206354][ C0] kthread+0x521/0x560 [ 248.210435][ C0] ret_from_fork+0x1f/0x30 [ 248.214865][ C0] ===================================================== 10:18:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x3e7, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 248.707770][ T9024] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x500, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 10:18:46 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0xb) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 249.063071][ T9031] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x600, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 249.432181][ T9042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:46 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0xc) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) 10:18:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 249.770458][ T9049] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x900, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 249.891433][ C1] ===================================================== [ 249.898411][ C1] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 249.906259][ C1] CPU: 1 PID: 860 Comm: kworker/u4:12 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 249.916596][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.927200][ C1] Workqueue: phy6 ieee80211_beacon_connection_loss_work [ 249.934182][ C1] Call Trace: [ 249.937464][ C1] [ 249.940301][ C1] dump_stack+0x24c/0x2e0 [ 249.944773][ C1] kmsan_report+0xfb/0x1e0 [ 249.949280][ C1] __msan_warning+0x5c/0xa0 [ 249.953800][ C1] ieee80211_sta_tx_notify+0x3b1/0x920 [ 249.959262][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 249.965070][ C1] ? kmsan_get_metadata+0x116/0x180 [ 249.970289][ C1] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 249.976136][ C1] ieee80211_tx_status+0x221/0x270 [ 249.981350][ C1] ieee80211_tasklet_handler+0x322/0x390 [ 249.987001][ C1] ? ieee80211_reconfig_filter+0x50/0x50 [ 249.992650][ C1] tasklet_action_common+0x3de/0x640 [ 249.997971][ C1] ? tasklet_kill+0x210/0x210 [ 250.002648][ C1] tasklet_action+0x30/0x40 [ 250.007170][ C1] __do_softirq+0x1b9/0x715 [ 250.011697][ C1] ? idle_cpu+0x9a/0x1d0 [ 250.016117][ C1] ? __irq_exit_rcu+0x83/0x280 [ 250.020880][ C1] do_softirq+0x123/0x1c0 [ 250.025213][ C1] [ 250.028138][ C1] __local_bh_enable_ip+0xa1/0xb0 [ 250.033251][ C1] local_bh_enable+0x36/0x40 [ 250.037844][ C1] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 250.043860][ C1] ieee80211_send_nullfunc+0x59a/0x6e0 [ 250.049328][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 250.055406][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 250.060899][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 250.067578][ C1] ? ieee80211_chswitch_work+0x1470/0x1470 [ 250.073400][ C1] process_one_work+0x1219/0x1fe0 [ 250.078440][ C1] worker_thread+0x10ec/0x2340 [ 250.083230][ C1] kthread+0x521/0x560 [ 250.087299][ C1] ? process_one_work+0x1fe0/0x1fe0 [ 250.092509][ C1] ? kthread_blkcg+0x110/0x110 [ 250.097274][ C1] ret_from_fork+0x1f/0x30 [ 250.101693][ C1] [ 250.104031][ C1] Uninit was created at: [ 250.108269][ C1] kmsan_internal_poison_shadow+0x5c/0xf0 [ 250.114109][ C1] kmsan_slab_alloc+0x8e/0xe0 [ 250.118787][ C1] __kmalloc_node_track_caller+0xa4f/0x1470 [ 250.124683][ C1] __alloc_skb+0x4dd/0xe90 [ 250.129097][ C1] __netdev_alloc_skb+0x45d/0x810 [ 250.134120][ C1] ieee80211_nullfunc_get+0x2b6/0x820 [ 250.139491][ C1] ieee80211_send_nullfunc+0x216/0x6e0 [ 250.144953][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 250.150759][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 250.156131][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 250.162821][ C1] process_one_work+0x1219/0x1fe0 [ 250.167861][ C1] worker_thread+0x10ec/0x2340 [ 250.172649][ C1] kthread+0x521/0x560 [ 250.176755][ C1] ret_from_fork+0x1f/0x30 [ 250.181173][ C1] ===================================================== 10:18:47 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0xd) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 250.635879][ T9064] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xa00, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 250.968397][ T9072] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:48 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xb00, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 10:18:48 executing program 0: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0], 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0], 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) write(r1, &(0x7f0000000240)="01010101", 0x4) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0], 0xe) r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r2) execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)=[0x0], &(0x7f0000000400)=[0x0], 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0)=[0x0], &(0x7f0000000500)=[0x0], 0x0) [ 251.426331][ T9083] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:48 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xc00, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 251.712752][ T9090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 10:18:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf00, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)