Warning: Permanently added '[localhost]:32834' (ECDSA) to the list of known hosts. 2021/05/07 00:43:17 fuzzer started 2021/05/07 00:43:18 dialing manager at localhost:38105 2021/05/07 00:43:18 syscalls: 3639 2021/05/07 00:43:18 code coverage: enabled 2021/05/07 00:43:18 comparison tracing: enabled 2021/05/07 00:43:18 extra coverage: enabled 2021/05/07 00:43:18 setuid sandbox: enabled 2021/05/07 00:43:18 namespace sandbox: enabled 2021/05/07 00:43:18 Android sandbox: /sys/fs/selinux/policy does not exist 2021/05/07 00:43:18 fault injection: enabled 2021/05/07 00:43:18 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/05/07 00:43:18 net packet injection: enabled 2021/05/07 00:43:18 net device setup: enabled 2021/05/07 00:43:18 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/05/07 00:43:18 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/05/07 00:43:18 USB emulation: enabled 2021/05/07 00:43:18 hci packet injection: enabled 2021/05/07 00:43:18 wifi device emulation: enabled 2021/05/07 00:43:18 802.15.4 emulation: enabled 2021/05/07 00:43:18 fetching corpus: 0, signal 0/2000 (executing program) 2021/05/07 00:43:19 fetching corpus: 50, signal 57354/60836 (executing program) 2021/05/07 00:43:19 fetching corpus: 100, signal 73780/78773 (executing program) 2021/05/07 00:43:20 fetching corpus: 150, signal 90440/96823 (executing program) 2021/05/07 00:43:20 fetching corpus: 200, signal 99906/107689 (executing program) 2021/05/07 00:43:21 fetching corpus: 250, signal 108632/117707 (executing program) 2021/05/07 00:43:21 fetching corpus: 300, signal 117872/128167 (executing program) 2021/05/07 00:43:21 fetching corpus: 350, signal 130395/141687 (executing program) 2021/05/07 00:43:22 fetching corpus: 400, signal 140719/152979 (executing program) 2021/05/07 00:43:22 fetching corpus: 450, signal 148644/161897 (executing program) 2021/05/07 00:43:22 fetching corpus: 500, signal 159657/173661 (executing program) 2021/05/07 00:43:23 fetching corpus: 550, signal 168909/183656 (executing program) 2021/05/07 00:43:23 fetching corpus: 600, signal 172951/188693 (executing program) 2021/05/07 00:43:24 fetching corpus: 650, signal 177421/194098 (executing program) 2021/05/07 00:43:25 fetching corpus: 700, signal 181673/199261 (executing program) 2021/05/07 00:43:25 fetching corpus: 750, signal 186303/204735 (executing program) 2021/05/07 00:43:25 fetching corpus: 800, signal 193763/212783 (executing program) 2021/05/07 00:43:26 fetching corpus: 850, signal 198383/218109 (executing program) 2021/05/07 00:43:26 fetching corpus: 900, signal 201476/222074 (executing program) 2021/05/07 00:43:27 fetching corpus: 950, signal 204882/226230 (executing program) 2021/05/07 00:43:27 fetching corpus: 1000, signal 208606/230666 (executing program) 2021/05/07 00:43:27 fetching corpus: 1050, signal 214400/236878 (executing program) 2021/05/07 00:43:28 fetching corpus: 1100, signal 217758/240868 (executing program) 2021/05/07 00:43:28 fetching corpus: 1150, signal 221815/245487 (executing program) 2021/05/07 00:43:29 fetching corpus: 1200, signal 224962/249243 (executing program) 2021/05/07 00:43:29 fetching corpus: 1250, signal 229158/253839 (executing program) 2021/05/07 00:43:30 fetching corpus: 1300, signal 231515/256908 (executing program) 2021/05/07 00:43:30 fetching corpus: 1350, signal 233325/259477 (executing program) 2021/05/07 00:43:30 fetching corpus: 1400, signal 236736/263361 (executing program) 2021/05/07 00:43:31 fetching corpus: 1450, signal 238725/265971 (executing program) 2021/05/07 00:43:31 fetching corpus: 1500, signal 242071/269760 (executing program) 2021/05/07 00:43:32 fetching corpus: 1550, signal 244510/272749 (executing program) 2021/05/07 00:43:32 fetching corpus: 1600, signal 246725/275567 (executing program) 2021/05/07 00:43:32 fetching corpus: 1650, signal 248536/277966 (executing program) 2021/05/07 00:43:33 fetching corpus: 1700, signal 250825/280728 (executing program) 2021/05/07 00:43:33 fetching corpus: 1750, signal 255595/285625 (executing program) 2021/05/07 00:43:34 fetching corpus: 1800, signal 259060/289401 (executing program) 2021/05/07 00:43:34 fetching corpus: 1850, signal 261673/292392 (executing program) 2021/05/07 00:43:35 fetching corpus: 1900, signal 264331/295400 (executing program) 2021/05/07 00:43:35 fetching corpus: 1950, signal 267000/298374 (executing program) 2021/05/07 00:43:36 fetching corpus: 2000, signal 269699/301357 (executing program) 2021/05/07 00:43:36 fetching corpus: 2050, signal 274019/305571 (executing program) 2021/05/07 00:43:36 fetching corpus: 2100, signal 278250/309771 (executing program) 2021/05/07 00:43:37 fetching corpus: 2150, signal 280397/312260 (executing program) 2021/05/07 00:43:37 fetching corpus: 2200, signal 282118/314369 (executing program) 2021/05/07 00:43:37 fetching corpus: 2250, signal 283745/316423 (executing program) 2021/05/07 00:43:38 fetching corpus: 2300, signal 285596/318578 (executing program) 2021/05/07 00:43:38 fetching corpus: 2350, signal 288181/321280 (executing program) 2021/05/07 00:43:39 fetching corpus: 2400, signal 289879/323267 (executing program) 2021/05/07 00:43:39 fetching corpus: 2450, signal 293263/326588 (executing program) 2021/05/07 00:43:40 fetching corpus: 2500, signal 295823/329219 (executing program) 2021/05/07 00:43:40 fetching corpus: 2550, signal 297575/331205 (executing program) 2021/05/07 00:43:40 fetching corpus: 2600, signal 300964/334384 (executing program) 2021/05/07 00:43:41 fetching corpus: 2650, signal 302737/336380 (executing program) 2021/05/07 00:43:41 fetching corpus: 2700, signal 305221/338839 (executing program) 2021/05/07 00:43:41 fetching corpus: 2750, signal 307489/341119 (executing program) 2021/05/07 00:43:42 fetching corpus: 2800, signal 313018/345801 (executing program) 2021/05/07 00:43:42 fetching corpus: 2850, signal 315471/348239 (executing program) 2021/05/07 00:43:43 fetching corpus: 2900, signal 318014/350636 (executing program) 2021/05/07 00:43:43 fetching corpus: 2950, signal 322209/354268 (executing program) 2021/05/07 00:43:43 fetching corpus: 3000, signal 323799/355916 (executing program) 2021/05/07 00:43:44 fetching corpus: 3050, signal 325807/357890 (executing program) 2021/05/07 00:43:44 fetching corpus: 3100, signal 327201/359354 (executing program) 2021/05/07 00:43:45 fetching corpus: 3150, signal 329490/361471 (executing program) 2021/05/07 00:43:45 fetching corpus: 3200, signal 331268/363214 (executing program) 2021/05/07 00:43:45 fetching corpus: 3250, signal 332928/364843 (executing program) 2021/05/07 00:43:46 fetching corpus: 3300, signal 334482/366411 (executing program) 2021/05/07 00:43:46 fetching corpus: 3350, signal 336337/368163 (executing program) 2021/05/07 00:43:46 fetching corpus: 3400, signal 337553/369477 (executing program) 2021/05/07 00:43:47 fetching corpus: 3450, signal 340277/371861 (executing program) 2021/05/07 00:43:47 fetching corpus: 3500, signal 342162/373584 (executing program) 2021/05/07 00:43:47 fetching corpus: 3550, signal 343282/374767 (executing program) 2021/05/07 00:43:48 fetching corpus: 3600, signal 347034/377700 (executing program) 2021/05/07 00:43:48 fetching corpus: 3650, signal 348539/379095 (executing program) 2021/05/07 00:43:48 fetching corpus: 3700, signal 350704/380924 (executing program) 2021/05/07 00:43:49 fetching corpus: 3750, signal 353046/382908 (executing program) 2021/05/07 00:43:49 fetching corpus: 3799, signal 354234/384057 (executing program) 2021/05/07 00:43:50 fetching corpus: 3849, signal 355372/385168 (executing program) 2021/05/07 00:43:50 fetching corpus: 3899, signal 356590/386355 (executing program) 2021/05/07 00:43:51 fetching corpus: 3949, signal 357594/387368 (executing program) 2021/05/07 00:43:51 fetching corpus: 3999, signal 358725/388434 (executing program) 2021/05/07 00:43:51 fetching corpus: 4049, signal 360367/389854 (executing program) 2021/05/07 00:43:52 fetching corpus: 4099, signal 362785/391703 (executing program) 2021/05/07 00:43:52 fetching corpus: 4149, signal 365094/393474 (executing program) 2021/05/07 00:43:52 fetching corpus: 4199, signal 366811/394902 (executing program) 2021/05/07 00:43:53 fetching corpus: 4249, signal 367834/395846 (executing program) 2021/05/07 00:43:53 fetching corpus: 4299, signal 369360/397091 (executing program) 2021/05/07 00:43:53 fetching corpus: 4349, signal 372344/399171 (executing program) 2021/05/07 00:43:54 fetching corpus: 4399, signal 373251/400023 (executing program) 2021/05/07 00:43:54 fetching corpus: 4449, signal 374184/400881 (executing program) 2021/05/07 00:43:55 fetching corpus: 4499, signal 374893/401596 (executing program) 2021/05/07 00:43:55 fetching corpus: 4549, signal 376026/402527 (executing program) 2021/05/07 00:43:55 fetching corpus: 4599, signal 377178/403524 (executing program) 2021/05/07 00:43:56 fetching corpus: 4649, signal 378753/404653 (executing program) 2021/05/07 00:43:56 fetching corpus: 4699, signal 379639/405406 (executing program) 2021/05/07 00:43:56 fetching corpus: 4749, signal 380647/406234 (executing program) 2021/05/07 00:43:57 fetching corpus: 4799, signal 382035/407234 (executing program) 2021/05/07 00:43:57 fetching corpus: 4849, signal 382814/407940 (executing program) 2021/05/07 00:43:57 fetching corpus: 4899, signal 384402/409064 (executing program) 2021/05/07 00:43:58 fetching corpus: 4949, signal 386421/410422 (executing program) 2021/05/07 00:43:58 fetching corpus: 4999, signal 388143/411607 (executing program) 2021/05/07 00:43:59 fetching corpus: 5049, signal 390058/412884 (executing program) 2021/05/07 00:44:00 fetching corpus: 5099, signal 391141/413680 (executing program) 2021/05/07 00:44:00 fetching corpus: 5149, signal 392112/414421 (executing program) 2021/05/07 00:44:00 fetching corpus: 5199, signal 393513/415377 (executing program) 2021/05/07 00:44:01 fetching corpus: 5249, signal 394461/416060 (executing program) 2021/05/07 00:44:01 fetching corpus: 5299, signal 395310/416706 (executing program) 2021/05/07 00:44:02 fetching corpus: 5349, signal 396594/417564 (executing program) 2021/05/07 00:44:02 fetching corpus: 5399, signal 398069/418510 (executing program) 2021/05/07 00:44:03 fetching corpus: 5449, signal 399228/419281 (executing program) 2021/05/07 00:44:03 fetching corpus: 5496, signal 399884/419789 (executing program) 2021/05/07 00:44:03 fetching corpus: 5545, signal 401625/420836 (executing program) 2021/05/07 00:44:04 fetching corpus: 5595, signal 402380/421382 (executing program) 2021/05/07 00:44:04 fetching corpus: 5645, signal 403782/422204 (executing program) 2021/05/07 00:44:04 fetching corpus: 5695, signal 406042/423425 (executing program) 2021/05/07 00:44:05 fetching corpus: 5745, signal 407588/424304 (executing program) 2021/05/07 00:44:05 fetching corpus: 5794, signal 408507/424877 (executing program) 2021/05/07 00:44:06 fetching corpus: 5843, signal 409541/425530 (executing program) 2021/05/07 00:44:06 fetching corpus: 5893, signal 411322/426494 (executing program) 2021/05/07 00:44:07 fetching corpus: 5943, signal 412728/427304 (executing program) 2021/05/07 00:44:07 fetching corpus: 5993, signal 413902/427967 (executing program) 2021/05/07 00:44:07 fetching corpus: 6043, signal 415294/428726 (executing program) 2021/05/07 00:44:08 fetching corpus: 6093, signal 416363/429295 (executing program) 2021/05/07 00:44:08 fetching corpus: 6140, signal 416912/429654 (executing program) 2021/05/07 00:44:08 fetching corpus: 6190, signal 417545/430055 (executing program) 2021/05/07 00:44:09 fetching corpus: 6239, signal 419225/430931 (executing program) 2021/05/07 00:44:09 fetching corpus: 6288, signal 420474/431565 (executing program) 2021/05/07 00:44:10 fetching corpus: 6338, signal 421655/432167 (executing program) 2021/05/07 00:44:10 fetching corpus: 6387, signal 422141/432455 (executing program) 2021/05/07 00:44:11 fetching corpus: 6437, signal 423015/432895 (executing program) 2021/05/07 00:44:11 fetching corpus: 6487, signal 423533/433173 (executing program) 2021/05/07 00:44:12 fetching corpus: 6537, signal 424480/433639 (executing program) 2021/05/07 00:44:12 fetching corpus: 6587, signal 425413/434111 (executing program) 2021/05/07 00:44:12 fetching corpus: 6637, signal 426195/434519 (executing program) 2021/05/07 00:44:13 fetching corpus: 6687, signal 426826/434811 (executing program) 2021/05/07 00:44:13 fetching corpus: 6737, signal 429886/435969 (executing program) 2021/05/07 00:44:13 fetching corpus: 6787, signal 430631/436322 (executing program) 2021/05/07 00:44:14 fetching corpus: 6837, signal 431334/436642 (executing program) 2021/05/07 00:44:14 fetching corpus: 6887, signal 432501/437103 (executing program) 2021/05/07 00:44:15 fetching corpus: 6937, signal 434460/437883 (executing program) 2021/05/07 00:44:15 fetching corpus: 6987, signal 435307/438209 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438378 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438395 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438414 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438436 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438452 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438469 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438495 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438517 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438539 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438560 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438585 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438602 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438619 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438642 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438664 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438679 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438699 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438717 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438735 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438752 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438767 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438787 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438798 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438814 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438836 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438853 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438865 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438880 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438906 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438924 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438939 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438955 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438975 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/438989 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439007 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439026 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439034 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439061 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439076 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439093 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439119 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439143 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439151 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439162 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439185 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439200 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439220 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439234 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439256 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439278 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439293 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439316 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439338 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439350 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439373 (executing program) 2021/05/07 00:44:16 fetching corpus: 7028, signal 435760/439394 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439417 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439443 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439465 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439481 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439499 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439514 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439530 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439549 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439566 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439591 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439603 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439614 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439633 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439659 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439679 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439702 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439724 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439743 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439762 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439778 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439797 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439815 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439832 (executing program) 2021/05/07 00:44:17 fetching corpus: 7028, signal 435760/439832 (executing program) syzkaller login: [ 180.967034][ T3375] ieee802154 phy0 wpan0: encryption failed: -22 [ 180.986381][ T3375] ieee802154 phy1 wpan1: encryption failed: -22 2021/05/07 00:44:21 starting 4 fuzzer processes 00:44:21 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x40a45321, &(0x7f0000000300)={0xc680}) 00:44:22 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:22 executing program 2: r0 = syz_open_dev$midi(&(0x7f0000000200), 0xfa2, 0x103201) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0x40045730, &(0x7f0000000240)) 00:44:22 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3f, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x56595559, 0x0, @stepwise}) [ 186.033232][ T8642] IPVS: ftp: loaded support on port[0] = 21 [ 186.259347][ T8642] chnl_net:caif_netlink_parms(): no params data found [ 186.361676][ T8642] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.375558][ T8642] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.396452][ T8642] device bridge_slave_0 entered promiscuous mode [ 186.419705][ T8642] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.443189][ T8642] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.467411][ T8642] device bridge_slave_1 entered promiscuous mode [ 186.518870][ T8642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.551576][ T8642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.556650][ T8644] IPVS: ftp: loaded support on port[0] = 21 [ 186.614623][ T8642] team0: Port device team_slave_0 added [ 186.636907][ T8642] team0: Port device team_slave_1 added [ 186.685417][ T8642] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.705484][ T8642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.793859][ T8642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.858795][ T8642] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.883057][ T8642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.945575][ T8642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.986011][ T8646] IPVS: ftp: loaded support on port[0] = 21 [ 187.011195][ T8642] device hsr_slave_0 entered promiscuous mode [ 187.034852][ T8642] device hsr_slave_1 entered promiscuous mode [ 187.174957][ T8644] chnl_net:caif_netlink_parms(): no params data found [ 187.422610][ T8660] IPVS: ftp: loaded support on port[0] = 21 [ 187.470442][ T8644] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.486048][ T8644] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.503996][ T8644] device bridge_slave_0 entered promiscuous mode [ 187.523365][ T8644] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.541513][ T8644] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.563270][ T8644] device bridge_slave_1 entered promiscuous mode [ 187.588097][ T8646] chnl_net:caif_netlink_parms(): no params data found [ 187.659881][ T8644] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.699536][ T8644] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.791710][ T8644] team0: Port device team_slave_0 added [ 187.827177][ T8644] team0: Port device team_slave_1 added [ 187.883146][ T8642] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 187.912977][ T8644] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.939691][ T8644] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.024216][ T56] Bluetooth: hci0: command 0x0409 tx timeout [ 188.046386][ T8644] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.086503][ T8644] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.108086][ T8644] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.185029][ T8644] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.220267][ T8646] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.247332][ T8646] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.271253][ T8646] device bridge_slave_0 entered promiscuous mode [ 188.289193][ T8646] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.305881][ T8646] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.325068][ T8646] device bridge_slave_1 entered promiscuous mode [ 188.346224][ T8642] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 188.406735][ T8642] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 188.428736][ T8642] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 188.451014][ T8644] device hsr_slave_0 entered promiscuous mode [ 188.474045][ T8644] device hsr_slave_1 entered promiscuous mode [ 188.484432][ T3304] Bluetooth: hci1: command 0x0409 tx timeout [ 188.509874][ T8644] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 188.531332][ T8644] Cannot create hsr debugfs directory [ 188.544938][ T8646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.569283][ T8646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.641813][ T8646] team0: Port device team_slave_0 added [ 188.698620][ T8646] team0: Port device team_slave_1 added [ 188.755604][ T8660] chnl_net:caif_netlink_parms(): no params data found [ 188.787059][ T8646] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.802133][ T8646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.804582][ T5023] Bluetooth: hci2: command 0x0409 tx timeout [ 188.873935][ T8646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.917361][ T8646] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.937794][ T8646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.004264][ T8646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.112350][ T8646] device hsr_slave_0 entered promiscuous mode [ 189.132676][ T8646] device hsr_slave_1 entered promiscuous mode [ 189.170873][ T8646] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 189.191998][ T8646] Cannot create hsr debugfs directory [ 189.264658][ T8660] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.286124][ T8660] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.294529][ T37] Bluetooth: hci3: command 0x0409 tx timeout [ 189.305738][ T8660] device bridge_slave_0 entered promiscuous mode [ 189.353207][ T8660] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.373089][ T8660] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.391907][ T8660] device bridge_slave_1 entered promiscuous mode [ 189.431457][ T8660] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.472723][ T8660] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.542032][ T8660] team0: Port device team_slave_0 added [ 189.572805][ T8660] team0: Port device team_slave_1 added [ 189.625242][ T8660] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.649893][ T8660] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.747273][ T8660] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.788807][ T8644] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 189.810604][ T8660] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.832403][ T8660] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.899040][ T8660] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.931494][ T8644] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 189.956421][ T8644] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 189.979142][ T8644] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 190.036770][ T8660] device hsr_slave_0 entered promiscuous mode [ 190.054789][ T8660] device hsr_slave_1 entered promiscuous mode [ 190.071501][ T8660] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 190.094649][ T4999] Bluetooth: hci0: command 0x041b tx timeout [ 190.103842][ T8660] Cannot create hsr debugfs directory [ 190.181593][ T8642] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.253077][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.273879][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.300544][ T8646] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 190.324755][ T8642] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.352525][ T8646] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 190.381725][ T8646] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 190.410282][ T8646] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 190.442568][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 190.467808][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 190.488835][ T4998] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.507378][ T4998] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.539056][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 190.561745][ T5023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 190.584166][ T9455] Bluetooth: hci1: command 0x041b tx timeout [ 190.584883][ T5023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 190.627756][ T5023] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.647680][ T5023] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.693274][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 190.712161][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 190.735067][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 190.759421][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 190.778319][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 190.800016][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 190.833482][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 190.872076][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 190.896523][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 190.962947][ T8642] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 190.964490][ T37] Bluetooth: hci2: command 0x041b tx timeout [ 190.996269][ T8642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 191.040192][ T8660] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 191.067131][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 191.094119][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 191.122001][ T8644] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.147406][ T8660] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 191.168457][ T8660] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 191.191420][ T8660] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 191.241787][ T8644] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.266381][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.285070][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.310734][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 191.338545][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 191.363982][ T9455] Bluetooth: hci3: command 0x041b tx timeout [ 191.421402][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 191.447747][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 191.473132][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.495867][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.519516][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 191.555270][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 191.586159][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 191.617722][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.641421][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.690041][ T8642] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.710180][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 191.748111][ T8646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.780089][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.818820][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 191.845764][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 191.870499][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 191.899366][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.914162][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.932653][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 191.952137][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 191.975411][ T8646] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.006005][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 192.020788][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 192.038421][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 192.072518][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 192.098990][ T8660] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.119101][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.144948][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.163880][ T9455] Bluetooth: hci0: command 0x040f tx timeout [ 192.166311][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.199705][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.218588][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 192.244195][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 192.263011][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 192.288324][ T8644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 192.314798][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 192.341489][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.367181][ T4999] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.387528][ T4999] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.435204][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 192.454583][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 192.471467][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 192.498312][ T8642] device veth0_vlan entered promiscuous mode [ 192.520637][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 192.542443][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 192.590031][ T8660] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.607597][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.628715][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.651758][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 192.674447][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 192.691739][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 192.713037][ T4999] Bluetooth: hci1: command 0x040f tx timeout [ 192.718745][ T8642] device veth1_vlan entered promiscuous mode [ 192.764027][ T8644] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.802440][ T9430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 192.829296][ T9430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.849907][ T9430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.872517][ T9430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.898598][ T9430] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 192.927453][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.948169][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.971165][ T4999] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.989726][ T4999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.005638][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.054256][ T4999] Bluetooth: hci2: command 0x040f tx timeout [ 193.069347][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 193.089811][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 193.105584][ T4998] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.119522][ T4998] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.136180][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 193.155969][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 193.178295][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 193.199664][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.219440][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 193.241381][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 193.266907][ T8646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 193.303777][ T9508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.362192][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.400099][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 193.441533][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 193.464942][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 193.487005][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 193.509098][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.533010][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 193.556012][ T9455] Bluetooth: hci3: command 0x040f tx timeout [ 193.559978][ T8642] device veth0_macvtap entered promiscuous mode [ 193.592271][ T8644] device veth0_vlan entered promiscuous mode [ 193.617091][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 193.654323][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 193.676602][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 193.701219][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 193.734419][ T9508] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 193.762412][ T9508] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 193.794724][ T8642] device veth1_macvtap entered promiscuous mode [ 193.845240][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 193.870750][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 193.892099][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 193.920996][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 193.956333][ T8644] device veth1_vlan entered promiscuous mode [ 193.993356][ T8646] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.013377][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 194.037425][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 194.067474][ T8660] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 194.092265][ T8642] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 194.123973][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 194.150683][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 194.180931][ T8642] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 194.210563][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 194.238108][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 194.271419][ T9455] Bluetooth: hci0: command 0x0419 tx timeout [ 194.278588][ T8642] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.315925][ T8642] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.339780][ T8642] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.363131][ T8642] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.449616][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 194.470180][ T4998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 194.494307][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 194.516081][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 194.535830][ T8644] device veth0_macvtap entered promiscuous mode [ 194.565614][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 194.591712][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 194.617198][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 194.642152][ T8644] device veth1_macvtap entered promiscuous mode [ 194.682056][ T8660] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.732681][ T3304] Bluetooth: hci1: command 0x0419 tx timeout [ 194.768882][ T8617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 194.794690][ T8617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 194.819119][ T8646] device veth0_vlan entered promiscuous mode [ 194.842514][ T8617] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 194.862868][ T8617] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 194.892553][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 194.914790][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.917756][ T8644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 194.961877][ T8644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.992847][ T8644] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 195.018731][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 195.041457][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 195.062241][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 195.082083][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 195.104940][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 195.128125][ T3304] Bluetooth: hci2: command 0x0419 tx timeout [ 195.155033][ T8644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 195.183927][ T8644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.222345][ T8644] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 195.263018][ T8646] device veth1_vlan entered promiscuous mode [ 195.277595][ T2904] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 195.298310][ T2904] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 195.319038][ T2904] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 195.361218][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.361297][ T8644] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.387176][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.401949][ T8644] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.436363][ T8644] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.459019][ T8644] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.496943][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 195.516368][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 195.536691][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 195.565511][ T8660] device veth0_vlan entered promiscuous mode [ 195.596593][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 195.618237][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 195.634736][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 195.652538][ T37] Bluetooth: hci3: command 0x0419 tx timeout 00:44:32 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x40a45321, &(0x7f0000000300)={0xc680}) [ 195.684786][ T8660] device veth1_vlan entered promiscuous mode [ 195.708257][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready 00:44:33 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x40a45321, &(0x7f0000000300)={0xc680}) [ 195.769536][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 195.794223][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 195.818904][ T9189] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 00:44:33 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x40a45321, &(0x7f0000000300)={0xc680}) [ 195.819829][ T8646] device veth0_macvtap entered promiscuous mode [ 195.842434][ T9189] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 00:44:33 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, 0x0, 0x0) [ 195.911520][ T8646] device veth1_macvtap entered promiscuous mode [ 195.961422][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready 00:44:33 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, 0x0, 0x0) [ 195.990969][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 196.016369][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 196.078682][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.079725][ T8660] device veth0_macvtap entered promiscuous mode [ 196.105700][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 196.134006][ T8660] device veth1_macvtap entered promiscuous mode [ 196.177224][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 196.203728][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.236277][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 196.267961][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.304364][ T8646] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.332383][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 196.355213][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 196.375646][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 196.398690][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 196.418169][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 196.438846][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 196.460752][ T9455] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 196.494576][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 196.529088][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.556446][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 196.590077][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.618789][ T8646] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 196.650933][ T9519] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 196.679350][ T9519] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 196.715596][ T8660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 00:44:34 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) [ 196.744166][ T8660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.771736][ T8660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 196.794285][ T8660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.817048][ T8660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 196.843064][ T8660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.871535][ T8660] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.897399][ T8646] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.919191][ T8646] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.939446][ T8646] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.959396][ T8646] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.010221][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 197.042074][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 197.065438][ T8660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 197.087543][ T8660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.108478][ T8660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 197.126433][ T8660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.143709][ T8660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 197.163740][ T8660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.185772][ T8660] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.214689][ T9468] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 197.227839][ T9468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 197.251341][ T8660] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.268736][ T8660] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.287903][ T8660] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.308465][ T8660] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.378666][ T2890] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.399665][ T2890] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.429955][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 197.467593][ T8788] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.487736][ T8788] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.494359][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.519183][ T4999] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 197.531505][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.560096][ T9625] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.586376][ T9468] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 197.592038][ T9625] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.651667][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 00:44:35 executing program 2: r0 = syz_open_dev$midi(&(0x7f0000000200), 0xfa2, 0x103201) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0x40045730, &(0x7f0000000240)) 00:44:35 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, 0x0, 0x0) 00:44:35 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3f, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x56595559, 0x0, @stepwise}) 00:44:35 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3f, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x56595559, 0x0, @stepwise}) 00:44:35 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, 0x0, 0x0) 00:44:35 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3f, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x56595559, 0x0, @stepwise}) 00:44:35 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 2: r0 = syz_open_dev$midi(&(0x7f0000000200), 0xfa2, 0x103201) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0x40045730, &(0x7f0000000240)) 00:44:35 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 2: r0 = syz_open_dev$midi(&(0x7f0000000200), 0xfa2, 0x103201) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0x40045730, &(0x7f0000000240)) 00:44:35 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000180)=""/160, 0xa0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f0000000300)=""/157, 0x9d}, {&(0x7f00000003c0)=""/58, 0x3a}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/11, 0xb}], 0x7, &(0x7f0000000500)=""/57, 0x39}, 0x40) close(r0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001a80)='./cgroup.cpu/syz1\x00', 0x1ff) close(r0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002080)={&(0x7f0000001f40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000001fc0)=""/150, 0x26, 0x96, 0x8}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/126, 0x7e}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xc, 0x7, &(0x7f0000001d40)=ANY=[@ANYBLOB="18000000050000000000b8e8dd158e87d97fffffffff9500000000000000184d839320b9415b9f8c1459167aca1f002a000100000000000000126d7051b568ddd68100000000005ad959b1e1597d4f7656a86d0ec8af86a4cbe8644f6e5474c60ab03fc05a65a62c16635418dc4816ad2aa5870449880789662abaae97bfa25e3da667b7e95bfe363ba159f16866cbec121d0e93dbeeae9d86052a572d5d0e86d34214c21125fd75e7c6b2885cdc2e4b77f8a0ffcc9712b5890512eeb1fdc342775be689970000000000000000"], &(0x7f0000001ac0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0xf, r1, 0x8, &(0x7f0000001b00)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000001b40)={0x3, 0xb, 0xdc, 0x10000}, 0x10, 0xffffffffffffffff}, 0x78) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000580)={0x2, 0x70, 0xd8, 0x4, 0x81, 0x8, 0x0, 0x3, 0x82f7eeacda5bc51f, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7f, 0x2, 0x0, 0x40080, 0x9, 0x1f, 0x6, 0x0, 0x8169, 0x1}) mkdir(&(0x7f0000001a40)='./file0\x00', 0x1ea) recvmsg(0xffffffffffffffff, &(0x7f0000001a00)={&(0x7f0000000600)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/162, 0xa2}, {&(0x7f0000001740)=""/90, 0x5a}, {&(0x7f00000017c0)=""/118, 0x76}, {&(0x7f0000001840)=""/190, 0xbe}], 0x5, &(0x7f0000001980)=""/95, 0x5f}, 0xe0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000001c00)={r2}, 0xc) 00:44:35 executing program 0: syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018", 0x45, 0x1400}, {&(0x7f0000010900)='\x00\x00\x00\x00L', 0x5, 0x1a7d}], 0x0, &(0x7f0000014900)=ANY=[]) 00:44:35 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x9, 0x1, 0x60}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x23) 00:44:35 executing program 3: syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x1, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) [ 198.327217][ T9680] loop0: detected capacity change from 0 to 26 [ 198.357584][ T9680] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) 00:44:35 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xd, 0x3, &(0x7f0000000040)=@framed={{}, [], {0x95, 0x3}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x30, &(0x7f0000000200)={0x2}, 0x626f5}, 0x6d) [ 198.385159][ T9680] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 198.434220][ T9680] F2FS-fs (loop0): Insane cp_payload (19456 > 510) [ 198.466236][ T9680] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock 00:44:35 executing program 3: syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x1, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 00:44:35 executing program 3: syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x1, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) [ 198.614881][ T9680] loop0: detected capacity change from 0 to 26 [ 198.636597][ T9680] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 198.664193][ T9680] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 198.692612][ T9680] F2FS-fs (loop0): Insane cp_payload (19456 > 510) 00:44:36 executing program 3: syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x1, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) [ 198.713601][ T9680] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock 00:44:36 executing program 0: syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018", 0x45, 0x1400}, {&(0x7f0000010900)='\x00\x00\x00\x00L', 0x5, 0x1a7d}], 0x0, &(0x7f0000014900)=ANY=[]) 00:44:36 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=@ipv4_newnexthop={0x30, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @ip4=@empty}, @NHA_FDB={0x4}]}, 0x30}}, 0x0) [ 199.023927][ T9710] loop0: detected capacity change from 0 to 26 [ 199.054315][ T9710] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 199.082332][ T9710] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 199.135694][ T9710] F2FS-fs (loop0): Insane cp_payload (19456 > 510) [ 199.170397][ T9710] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock 00:44:36 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x9, 0x1, 0x60}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x23) 00:44:36 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=@ipv4_newnexthop={0x30, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @ip4=@empty}, @NHA_FDB={0x4}]}, 0x30}}, 0x0) 00:44:36 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xd, 0x3, &(0x7f0000000040)=@framed={{}, [], {0x95, 0x3}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x30, &(0x7f0000000200)={0x2}, 0x626f5}, 0x6d) 00:44:36 executing program 0: syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018", 0x45, 0x1400}, {&(0x7f0000010900)='\x00\x00\x00\x00L', 0x5, 0x1a7d}], 0x0, &(0x7f0000014900)=ANY=[]) 00:44:36 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=@ipv4_newnexthop={0x30, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @ip4=@empty}, @NHA_FDB={0x4}]}, 0x30}}, 0x0) [ 199.401461][ T9723] loop0: detected capacity change from 0 to 26 [ 199.467980][ T9723] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) 00:44:36 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x9, 0x1, 0x60}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x23) 00:44:36 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xd, 0x3, &(0x7f0000000040)=@framed={{}, [], {0x95, 0x3}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x30, &(0x7f0000000200)={0x2}, 0x626f5}, 0x6d) [ 199.493320][ T9723] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock 00:44:36 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=@ipv4_newnexthop={0x30, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GATEWAY={0x14, 0x6, @ip4=@empty}, @NHA_FDB={0x4}]}, 0x30}}, 0x0) [ 199.542680][ T9723] F2FS-fs (loop0): Insane cp_payload (19456 > 510) [ 199.571224][ T9723] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock 00:44:36 executing program 3: perf_event_open(&(0x7f0000000c40)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030029000505d25a80308c63940d0424fc60100002400a000a00053582c137153e37040c188000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 00:44:36 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xd, 0x3, &(0x7f0000000040)=@framed={{}, [], {0x95, 0x3}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x30, &(0x7f0000000200)={0x2}, 0x626f5}, 0x6d) 00:44:36 executing program 0: syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018", 0x45, 0x1400}, {&(0x7f0000010900)='\x00\x00\x00\x00L', 0x5, 0x1a7d}], 0x0, &(0x7f0000014900)=ANY=[]) 00:44:37 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x9, 0x1, 0x60}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x23) [ 199.745236][ T9741] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 199.777501][ T9741] netlink: 209336 bytes leftover after parsing attributes in process `syz-executor.3'. [ 199.803923][ T9746] loop0: detected capacity change from 0 to 26 00:44:37 executing program 1: r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0) ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000000)={0x0, "5942442cae9f42140aa6674f190aade43196f289b46b4afa0aff91718a603322"}) 00:44:37 executing program 2: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f0000000180)=0x20000000) [ 199.855046][ T9746] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 199.881587][ T9746] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 199.905808][ T9760] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 00:44:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5000000}, [@jmp={0x5, 0x0, 0x2}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 199.912934][ T9746] F2FS-fs (loop0): Insane cp_payload (19456 > 510) [ 199.937421][ T9760] netlink: 209336 bytes leftover after parsing attributes in process `syz-executor.3'. [ 199.953944][ T9746] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock 00:44:37 executing program 2: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f0000000180)=0x20000000) 00:44:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5000000}, [@jmp={0x5, 0x0, 0x2}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:44:37 executing program 3: perf_event_open(&(0x7f0000000c40)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030029000505d25a80308c63940d0424fc60100002400a000a00053582c137153e37040c188000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 00:44:37 executing program 2: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f0000000180)=0x20000000) [ 200.145837][ T9779] netlink: 'syz-executor.3': attribute type 11 has an invalid length. 00:44:37 executing program 2: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f0000000180)=0x20000000) [ 200.181786][ T9779] netlink: 209336 bytes leftover after parsing attributes in process `syz-executor.3'. 00:44:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5000000}, [@jmp={0x5, 0x0, 0x2}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:44:37 executing program 3: perf_event_open(&(0x7f0000000c40)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030029000505d25a80308c63940d0424fc60100002400a000a00053582c137153e37040c188000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 00:44:37 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x12, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) 00:44:37 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_3={0xc}, &(0x7f00000000c0), 0x0) 00:44:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5000000}, [@jmp={0x5, 0x0, 0x2}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 200.415626][ T9802] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 200.445359][ T9802] netlink: 209336 bytes leftover after parsing attributes in process `syz-executor.3'. 00:44:37 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_3={0xc}, &(0x7f00000000c0), 0x0) 00:44:37 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_3={0xc}, &(0x7f00000000c0), 0x0) 00:44:37 executing program 3: perf_event_open(&(0x7f0000000c40)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030029000505d25a80308c63940d0424fc60100002400a000a00053582c137153e37040c188000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 00:44:37 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x12, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) 00:44:37 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_3={0xc}, &(0x7f00000000c0), 0x0) 00:44:37 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_3={0xc}, &(0x7f00000000c0), 0x0) [ 200.676007][ T9828] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 200.699609][ T9828] netlink: 209336 bytes leftover after parsing attributes in process `syz-executor.3'. 00:44:38 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_3={0xc}, &(0x7f00000000c0), 0x0) 00:44:38 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x12, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) 00:44:38 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@reiserfs_3={0xc}, &(0x7f00000000c0), 0x0) 00:44:38 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x12, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) 00:44:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x20, 0x1, 0x7, 0x3, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 00:44:38 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x12, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) 00:44:38 executing program 1: perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f0000000000)={0x6, 0x4, 0x20000000007ffd, 0x2e, 0x0, 0x1}, 0x2c) 00:44:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x20, 0x1, 0x7, 0x3, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) [ 201.113344][ C0] hrtimer: interrupt took 42656 ns 00:44:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x20, 0x1, 0x7, 0x3, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 00:44:38 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x12, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) 00:44:38 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x20, 0x1, 0x7, 0x3, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 00:44:38 executing program 0: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0xc, r0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0) perf_event_open(&(0x7f0000000340)={0x0, 0x70, 0x7f, 0x6, 0x2a, 0x4, 0x0, 0x8, 0xa0080, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x40848, 0x9, 0x81, 0x0, 0x9, 0x0, 0xd9f}, 0xffffffffffffffff, 0x4, r1, 0xb) perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)="b154553a8bd9a41fe569652a9b949bc9") ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x8) ptrace$cont(0x18, 0x0, 0x3875, 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000300)=0x0) tkill(r4, 0x0) fallocate(0xffffffffffffffff, 0x34, 0x0, 0xf8) fallocate(r3, 0x0, 0x0, 0x801fffd) r5 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x0) tkill(0xffffffffffffffff, 0xa) ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}) 00:44:38 executing program 2: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfec8) r3 = socket$inet6(0xa, 0x200000000003, 0x87) connect$inet6(r3, &(0x7f00000002c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x10007, 0x5) 00:44:38 executing program 0: perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x80}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCGDEBUG(r0, 0x4010744d, &(0x7f0000000080)) 00:44:39 executing program 1: perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f0000000000)={0x6, 0x4, 0x20000000007ffd, 0x2e, 0x0, 0x1}, 0x2c) 00:44:39 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x12, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) [ 242.407155][ T3375] ieee802154 phy0 wpan0: encryption failed: -22 [ 242.416602][ T3375] ieee802154 phy1 wpan1: encryption failed: -22 [ 264.211996][ T9931] ================================================================================ [ 264.236923][ T9931] UBSAN: shift-out-of-bounds in kernel/sched/fair.c:7712:14 [ 264.253351][ T9931] shift exponent 408 is too large for 64-bit type 'long unsigned int' [ 264.278246][ T9931] CPU: 2 PID: 9931 Comm: kworker/u16:5 Not tainted 5.12.0-rc8-syzkaller #0 [ 264.297236][ T9931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 264.312321][ T9931] Call Trace: [ 264.320379][ T9931] dump_stack+0x141/0x1d7 [ 264.332318][ T9931] ubsan_epilogue+0xb/0x5a [ 264.346786][ T9931] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 264.357975][ T9931] ? can_migrate_task+0x1155/0x1680 [ 264.366165][ T9931] load_balance.cold+0x1d/0x2e [ 264.374664][ T9931] ? find_busiest_group+0x8c0/0x8c0 [ 264.383666][ T9931] ? kvm_sched_clock_read+0x14/0x40 [ 264.391176][ T9931] ? sched_clock+0x2a/0x40 [ 264.397127][ T9931] ? sched_clock_cpu+0x18/0x1f0 [ 264.405088][ T9931] newidle_balance+0x6b3/0xe50 [ 264.411503][ T9931] ? run_rebalance_domains+0x140/0x140 [ 264.419503][ T9931] pick_next_task_fair+0x94/0xce0 [ 264.427063][ T9931] __schedule+0x370/0x21b0 [ 264.432132][ T9931] ? io_schedule_timeout+0x140/0x140 [ 264.438630][ T9931] ? trace_hardirqs_on+0x38/0x1c0 [ 264.447394][ T9931] schedule+0xcf/0x270 [ 264.453625][ T9931] ? process_one_work+0x1600/0x1600 [ 264.461586][ T9931] schedule_preempt_disabled+0xf/0x20 [ 264.468831][ T9931] kthread+0x2a6/0x4a0 [ 264.473740][ T9931] ? __kthread_bind_mask+0xc0/0xc0 [ 264.479426][ T9931] ret_from_fork+0x1f/0x30 [ 264.484926][ T9931] ================================================================================ [ 264.495829][ T9931] Kernel panic - not syncing: panic_on_warn set ... [ 264.504320][ T9931] CPU: 2 PID: 9931 Comm: kworker/u16:5 Not tainted 5.12.0-rc8-syzkaller #0 [ 264.514090][ T9931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 264.525759][ T9931] Call Trace: [ 264.529597][ T9931] dump_stack+0x141/0x1d7 [ 264.534900][ T9931] panic+0x306/0x73d [ 264.541725][ T9931] ? __warn_printk+0xf3/0xf3 [ 264.547660][ T9931] ? ret_from_fork+0x1f/0x30 [ 264.552943][ T9931] ? ubsan_epilogue+0x3e/0x5a [ 264.558770][ T9931] ubsan_epilogue+0x54/0x5a [ 264.565109][ T9931] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 264.572594][ T9931] ? can_migrate_task+0x1155/0x1680 [ 264.578639][ T9931] load_balance.cold+0x1d/0x2e [ 264.585376][ T9931] ? find_busiest_group+0x8c0/0x8c0 [ 264.593773][ T9931] ? kvm_sched_clock_read+0x14/0x40 [ 264.602708][ T9931] ? sched_clock+0x2a/0x40 [ 264.609515][ T9931] ? sched_clock_cpu+0x18/0x1f0 [ 264.618230][ T9931] newidle_balance+0x6b3/0xe50 [ 264.625774][ T9931] ? run_rebalance_domains+0x140/0x140 [ 264.634968][ T9931] pick_next_task_fair+0x94/0xce0 [ 264.645487][ T9931] __schedule+0x370/0x21b0 [ 264.652281][ T9931] ? io_schedule_timeout+0x140/0x140 [ 264.659220][ T9931] ? trace_hardirqs_on+0x38/0x1c0 [ 264.667235][ T9931] schedule+0xcf/0x270 [ 264.674143][ T9931] ? process_one_work+0x1600/0x1600 [ 264.682553][ T9931] schedule_preempt_disabled+0xf/0x20 [ 264.693403][ T9931] kthread+0x2a6/0x4a0 [ 264.699709][ T9931] ? __kthread_bind_mask+0xc0/0xc0 [ 264.708888][ T9931] ret_from_fork+0x1f/0x30 [ 264.715222][ T9931] [ 264.715230][ T9931] ====================================================== [ 264.715245][ T9931] WARNING: possible circular locking dependency detected [ 264.715250][ T9931] 5.12.0-rc8-syzkaller #0 Not tainted [ 264.715255][ T9931] ------------------------------------------------------ [ 264.715261][ T9931] kworker/u16:5/9931 is trying to acquire lock: [ 264.715265][ T9931] ffffffff8bf63498 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0xe/0x60 [ 264.715284][ T9931] [ 264.715287][ T9931] but task is already holding lock: [ 264.715290][ T9931] ffff88802ca35198 (&rq->lock){-.-.}-{2:2}, at: load_balance+0x9f7/0x25d0 [ 264.715373][ T9931] [ 264.715377][ T9931] which lock already depends on the new lock. [ 264.715380][ T9931] [ 264.715382][ T9931] [ 264.715386][ T9931] the existing dependency chain (in reverse order) is: [ 264.715390][ T9931] [ 264.715392][ T9931] -> #2 (&rq->lock){-.-.}-{2:2}: [ 264.715406][ T9931] _raw_spin_lock+0x2a/0x40 [ 264.715410][ T9931] task_fork_fair+0x74/0x4d0 [ 264.715414][ T9931] sched_fork+0x3fc/0xbd0 [ 264.715438][ T9931] copy_process+0x1ee8/0x71a0 [ 264.715442][ T9931] kernel_clone+0xe7/0xab0 [ 264.715446][ T9931] kernel_thread+0xb5/0xf0 [ 264.715450][ T9931] rest_init+0x23/0x388 [ 264.715453][ T9931] start_kernel+0x475/0x496 [ 264.715458][ T9931] secondary_startup_64_no_verify+0xb0/0xbb [ 264.715461][ T9931] [ 264.715464][ T9931] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 264.715478][ T9931] _raw_spin_lock_irqsave+0x39/0x50 [ 264.715482][ T9931] try_to_wake_up+0x98/0x14a0 [ 264.715486][ T9931] up+0x75/0xb0 [ 264.715489][ T9931] __up_console_sem+0x47/0xc0 [ 264.715493][ T9931] console_unlock+0x58a/0xc80 [ 264.715497][ T9931] vga_remove_vgacon.cold+0x99/0x9e [ 264.715501][ T9931] bochs_pci_probe+0xf0/0x370 [ 264.715505][ T9931] local_pci_probe+0xdb/0x190 [ 264.715509][ T9931] pci_device_probe+0x3dd/0x6f0 [ 264.715513][ T9931] really_probe+0x291/0xe60 [ 264.715517][ T9931] driver_probe_device+0x26b/0x3d0 [ 264.715521][ T9931] device_driver_attach+0x228/0x290 [ 264.715525][ T9931] __driver_attach+0x15b/0x2f0 [ 264.715530][ T9931] bus_for_each_dev+0x147/0x1d0 [ 264.715534][ T9931] bus_add_driver+0x3a9/0x630 [ 264.715538][ T9931] driver_register+0x220/0x3a0 [ 264.715541][ T9931] bochs_init+0x78/0x86 [ 264.715545][ T9931] do_one_initcall+0x103/0x650 [ 264.715549][ T9931] kernel_init_freeable+0x63e/0x6c2 [ 264.715553][ T9931] kernel_init+0xd/0x1b8 [ 264.715566][ T9931] ret_from_fork+0x1f/0x30 [ 264.715569][ T9931] [ 264.715571][ T9931] -> #0 ((console_sem).lock){-.-.}-{2:2}: [ 264.715586][ T9931] __lock_acquire+0x2b14/0x54c0 [ 264.715590][ T9931] lock_acquire+0x1ab/0x740 [ 264.715594][ T9931] _raw_spin_lock_irqsave+0x39/0x50 [ 264.715598][ T9931] down_trylock+0xe/0x60 [ 264.715602][ T9931] __down_trylock_console_sem+0x40/0x120 [ 264.715606][ T9931] vprintk_emit+0x178/0x560 [ 264.715610][ T9931] vprintk_func+0x8d/0x1e0 [ 264.715614][ T9931] printk+0xba/0xed [ 264.715617][ T9931] ubsan_prologue+0x28/0x49 [ 264.715622][ T9931] __ubsan_handle_shift_out_of_bounds.cold+0x14/0x181 [ 264.715626][ T9931] load_balance.cold+0x1d/0x2e [ 264.715630][ T9931] newidle_balance+0x6b3/0xe50 [ 264.715634][ T9931] pick_next_task_fair+0x94/0xce0 [ 264.715638][ T9931] __schedule+0x370/0x21b0 [ 264.715642][ T9931] schedule+0xcf/0x270 [ 264.715646][ T9931] schedule_preempt_disabled+0xf/0x20 [ 264.715650][ T9931] kthread+0x2a6/0x4a0 [ 264.715654][ T9931] ret_from_fork+0x1f/0x30 [ 264.715657][ T9931] [ 264.715660][ T9931] other info that might help us debug this: [ 264.715663][ T9931] [ 264.715666][ T9931] Chain exists of: [ 264.715668][ T9931] (console_sem).lock --> &p->pi_lock --> &rq->lock [ 264.715688][ T9931] [ 264.715690][ T9931] Possible unsafe locking scenario: [ 264.715698][ T9931] [ 264.715701][ T9931] CPU0 CPU1 [ 264.715717][ T9931] ---- ---- [ 264.715721][ T9931] lock(&rq->lock); [ 264.715729][ T9931] lock(&p->pi_lock); [ 264.715739][ T9931] lock(&rq->lock); [ 264.715748][ T9931] lock((console_sem).lock); [ 264.715756][ T9931] [ 264.715758][ T9931] *** DEADLOCK *** [ 264.715761][ T9931] [ 264.715763][ T9931] 2 locks held by kworker/u16:5/9931: [ 264.715767][ T9931] #0: ffffffff8bf74360 (rcu_read_lock){....}-{1:2}, at: newidle_balance+0x462/0xe50 [ 264.715786][ T9931] #1: ffff88802ca35198 (&rq->lock){-.-.}-{2:2}, at: load_balance+0x9f7/0x25d0 [ 264.715805][ T9931] [ 264.715807][ T9931] stack backtrace: [ 264.715811][ T9931] CPU: 2 PID: 9931 Comm: kworker/u16:5 Not tainted 5.12.0-rc8-syzkaller #0 [ 264.715817][ T9931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 264.715823][ T9931] Call Trace: [ 264.715826][ T9931] dump_stack+0x141/0x1d7 [ 264.715837][ T9931] check_noncircular+0x25f/0x2e0 [ 264.715841][ T9931] ? print_circular_bug+0x480/0x480 [ 264.715845][ T9931] ? enable_ptr_key_workfn+0x30/0x30 [ 264.715849][ T9931] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 264.715853][ T9931] ? space_used+0x1a3/0x2a0 [ 264.715857][ T9931] ? format_decode+0x230/0xad0 [ 264.715861][ T9931] ? lockdep_lock+0xc6/0x200 [ 264.715864][ T9931] ? call_rcu_zapped+0xb0/0xb0 [ 264.715868][ T9931] __lock_acquire+0x2b14/0x54c0 [ 264.715872][ T9931] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 264.715876][ T9931] lock_acquire+0x1ab/0x740 [ 264.715879][ T9931] ? down_trylock+0xe/0x60 [ 264.715883][ T9931] ? lock_release+0x720/0x720 [ 264.715886][ T9931] ? vprintk_func+0x8d/0x1e0 [ 264.715890][ T9931] _raw_spin_lock_irqsave+0x39/0x50 [ 264.715894][ T9931] ? down_trylock+0xe/0x60 [ 264.715908][ T9931] down_trylock+0xe/0x60 [ 264.715912][ T9931] __down_trylock_console_sem+0x40/0x120 [ 264.715916][ T9931] vprintk_emit+0x178/0x560 [ 264.715919][ T9931] vprintk_func+0x8d/0x1e0 [ 264.715923][ T9931] printk+0xba/0xed [ 264.715926][ T9931] ? record_print_text.cold+0x16/0x16 [ 264.715930][ T9931] ? ubsan_prologue+0xd/0x49 [ 264.715933][ T9931] ubsan_prologue+0x28/0x49 [ 264.715937][ T9931] __ubsan_handle_shift_out_of_bounds.cold+0x14/0x181 [ 264.715942][ T9931] ? can_migrate_task+0x1155/0x1680 [ 264.715946][ T9931] load_balance.cold+0x1d/0x2e [ 264.715950][ T9931] ? find_busiest_group+0x8c0/0x8c0 [ 264.715954][ T9931] ? kvm_sched_clock_read+0x14/0x40 [ 264.715958][ T9931] ? sched_clock+0x2a/0x40 [ 264.715961][ T9931] ? sched_clock_cpu+0x18/0x1f0 [ 264.715965][ T9931] newidle_balance+0x6b3/0xe50 [ 264.715969][ T9931] ? run_rebalance_domains+0x140/0x140 [ 264.715973][ T9931] pick_next_task_fair+0x94/0xce0 [ 264.715977][ T9931] __schedule+0x370/0x21b0 [ 264.715980][ T9931] ? io_schedule_timeout+0x140/0x140 [ 264.715984][ T9931] ? trace_hardirqs_on+0x38/0x1c0 [ 264.715988][ T9931] schedule+0xcf/0x270 [ 264.715991][ T9931] ? process_one_work+0x1600/0x1600 [ 264.715995][ T9931] schedule_preempt_disabled+0xf/0x20 [ 264.715999][ T9931] kthread+0x2a6/0x4a0 [ 264.716002][ T9931] ? __kthread_bind_mask+0xc0/0xc0 [ 264.716006][ T9931] ret_from_fork+0x1f/0x30 [ 265.873652][ T9931] Shutting down cpus with NMI [ 267.084116][ T9931] Kernel Offset: disabled [ 267.090761][ T9931] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:45:42 Registers: info registers vcpu 0 RAX=0000000000000003 RBX=0000000000000000 RCX=dffffc0000000000 RDX=0000000000000000 RSI=0000000000000003 RDI=ffff88802ca35180 RBP=ffff88802ca35180 RSP=ffffc900000074b8 R8 =0000000000000001 R9 =ffff88802ca35180 R10=ffffed1005946a30 R11=00000000000029dd R12=0000000000000000 R13=ffffed1005946a30 R14=0000000000000001 R15=ffff88802ca35f40 RIP=ffffffff81321531 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802ca00000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000085a0004 CR3=000000006489d000 CR4=00150ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000002 XMM02=00000b58000000000000000200000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff815a03a4 RDX=ffffed1005946a31 RSI=0000000000000004 RDI=ffff88802ca35180 RBP=ffff88802ca35180 RSP=ffffc900004f8b18 R8 =0000000000000000 R9 =ffff88802ca35183 R10=ffffed1005946a30 R11=ffff88802ca352f8 R12=ffffed1005946a30 R13=0000000000000001 R14=0000000000000000 R15=ffff88802cb35f40 RIP=ffffffff815a0397 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055edf63b64f0 CR3=000000001c68f000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=29fed97ccccfe1cb933e257758d51c86 XMM02=984ea53f37ef49e477f77a82e4400291 XMM03=4894e41456f920b851f87a4ce469d8aa XMM04=74656e692474656b636f73203d203072 XMM05=3030303030663778302826202c633966 XMM06=65732f636f72702f273d293034343030 XMM07=307830202c273030785c6578652f666c XMM08=783028262870616d6d0a29307830202c XMM09=3878302f303030303030303030306637 XMM10=30387830202c6c696e3d293030303030 XMM11=2c333030303038317830202c30303030 XMM12=0a29307830202c3172202c3231783020 XMM13=6f74646e65730a2963317830202c7d79 XMM14=3778302826202c3072283674656e6924 XMM15=2758273d296666663734383030303066 info registers vcpu 2 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff8421d4ac RDI=ffffffff900f6620 RBP=ffffffff900f65e0 RSP=ffffc900021575c0 R8 =000000000000005b R9 =0000000000000000 R10=ffffffff8421d49d R11=000000000000001f R12=0000000000000000 R13=fffffbfff201ed0f R14=fffffbfff201ecc6 R15=dffffc0000000000 RIP=ffffffff8421d4d2 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000555556e03373 CR3=000000001c68f000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000bfe62e42fefa39ef XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000008fda61019d RBX=0000000000000000 RCX=00000000000006e0 RDX=000000000000008f RSI=ffff88802cd1f2c0 RDI=00000000000001fe RBP=ffff88802cd1f2c0 RSP=ffffc900005a8888 R8 =000000000000003f R9 =ffffffff8dc52b0f R10=ffffffff8166ecf7 R11=0000000000000000 R12=00000000000001fe R13=0000000000000019 R14=ffff88802cd26340 R15=7fffffffffffffff RIP=ffffffff81304991 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802cd00000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055de461c5160 CR3=000000006489d000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000008 XMM02=000000a8000000000000000300000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000