[ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.192' (ECDSA) to the list of known hosts. 2021/06/30 23:16:02 fuzzer started 2021/06/30 23:16:03 dialing manager at 10.128.0.169:39911 2021/06/30 23:16:04 syscalls: 3546 2021/06/30 23:16:04 code coverage: enabled 2021/06/30 23:16:04 comparison tracing: enabled 2021/06/30 23:16:04 extra coverage: enabled 2021/06/30 23:16:04 setuid sandbox: enabled 2021/06/30 23:16:04 namespace sandbox: enabled 2021/06/30 23:16:04 Android sandbox: /sys/fs/selinux/policy does not exist 2021/06/30 23:16:04 fault injection: enabled 2021/06/30 23:16:04 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/06/30 23:16:04 net packet injection: enabled 2021/06/30 23:16:04 net device setup: enabled 2021/06/30 23:16:04 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/06/30 23:16:04 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/06/30 23:16:04 USB emulation: enabled 2021/06/30 23:16:04 hci packet injection: enabled 2021/06/30 23:16:04 wifi device emulation: enabled 2021/06/30 23:16:04 802.15.4 emulation: enabled 2021/06/30 23:16:04 fetching corpus: 0, signal 0/2000 (executing program) 2021/06/30 23:16:04 fetching corpus: 50, signal 11461/15351 (executing program) 2021/06/30 23:16:04 fetching corpus: 100, signal 21647/27332 (executing program) 2021/06/30 23:16:04 fetching corpus: 150, signal 34084/41458 (executing program) 2021/06/30 23:16:04 fetching corpus: 200, signal 39441/48523 (executing program) 2021/06/30 23:16:04 fetching corpus: 250, signal 46039/56773 (executing program) 2021/06/30 23:16:04 fetching corpus: 300, signal 51486/63859 (executing program) 2021/06/30 23:16:05 fetching corpus: 350, signal 55780/69775 (executing program) 2021/06/30 23:16:05 fetching corpus: 400, signal 59139/74744 (executing program) 2021/06/30 23:16:05 fetching corpus: 450, signal 63027/80168 (executing program) 2021/06/30 23:16:05 fetching corpus: 500, signal 65273/84013 (executing program) 2021/06/30 23:16:05 fetching corpus: 550, signal 68349/88630 (executing program) 2021/06/30 23:16:05 fetching corpus: 600, signal 71698/93514 (executing program) 2021/06/30 23:16:05 fetching corpus: 650, signal 75751/98998 (executing program) 2021/06/30 23:16:05 fetching corpus: 700, signal 79001/103714 (executing program) 2021/06/30 23:16:05 fetching corpus: 750, signal 82207/108332 (executing program) 2021/06/30 23:16:05 fetching corpus: 800, signal 84842/112392 (executing program) 2021/06/30 23:16:05 fetching corpus: 850, signal 89816/118584 (executing program) 2021/06/30 23:16:05 fetching corpus: 900, signal 92423/122599 (executing program) 2021/06/30 23:16:05 fetching corpus: 950, signal 94077/125664 (executing program) 2021/06/30 23:16:05 fetching corpus: 1000, signal 97208/130074 (executing program) 2021/06/30 23:16:05 fetching corpus: 1050, signal 100179/134293 (executing program) 2021/06/30 23:16:05 fetching corpus: 1100, signal 103573/138879 (executing program) 2021/06/30 23:16:05 fetching corpus: 1150, signal 105458/142097 (executing program) 2021/06/30 23:16:06 fetching corpus: 1200, signal 106916/144905 (executing program) 2021/06/30 23:16:06 fetching corpus: 1250, signal 108807/148103 (executing program) 2021/06/30 23:16:06 fetching corpus: 1300, signal 110499/151069 (executing program) 2021/06/30 23:16:06 fetching corpus: 1350, signal 112186/154055 (executing program) 2021/06/30 23:16:06 fetching corpus: 1400, signal 114417/157497 (executing program) 2021/06/30 23:16:06 fetching corpus: 1450, signal 117933/162071 (executing program) syzkaller login: [ 140.878108][ T3128] ieee802154 phy0 wpan0: encryption failed: -22 [ 140.884567][ T3128] ieee802154 phy1 wpan1: encryption failed: -22 2021/06/30 23:16:06 fetching corpus: 1500, signal 119574/164945 (executing program) 2021/06/30 23:16:06 fetching corpus: 1550, signal 123652/169873 (executing program) 2021/06/30 23:16:06 fetching corpus: 1600, signal 125972/173314 (executing program) 2021/06/30 23:16:06 fetching corpus: 1650, signal 130353/178480 (executing program) 2021/06/30 23:16:06 fetching corpus: 1700, signal 132920/182038 (executing program) 2021/06/30 23:16:06 fetching corpus: 1750, signal 135132/185270 (executing program) 2021/06/30 23:16:06 fetching corpus: 1800, signal 136813/188106 (executing program) 2021/06/30 23:16:06 fetching corpus: 1850, signal 137968/190447 (executing program) 2021/06/30 23:16:06 fetching corpus: 1900, signal 140633/194020 (executing program) 2021/06/30 23:16:06 fetching corpus: 1950, signal 142375/196814 (executing program) 2021/06/30 23:16:06 fetching corpus: 2000, signal 144140/199625 (executing program) 2021/06/30 23:16:07 fetching corpus: 2050, signal 145209/201816 (executing program) 2021/06/30 23:16:07 fetching corpus: 2100, signal 146718/204412 (executing program) 2021/06/30 23:16:07 fetching corpus: 2150, signal 148072/206842 (executing program) 2021/06/30 23:16:07 fetching corpus: 2200, signal 149697/209479 (executing program) 2021/06/30 23:16:07 fetching corpus: 2250, signal 151246/212082 (executing program) 2021/06/30 23:16:07 fetching corpus: 2300, signal 153184/214927 (executing program) 2021/06/30 23:16:07 fetching corpus: 2350, signal 155060/217712 (executing program) 2021/06/30 23:16:07 fetching corpus: 2400, signal 156165/219829 (executing program) 2021/06/30 23:16:07 fetching corpus: 2450, signal 158824/223204 (executing program) 2021/06/30 23:16:07 fetching corpus: 2500, signal 160732/225953 (executing program) 2021/06/30 23:16:07 fetching corpus: 2550, signal 161683/227952 (executing program) 2021/06/30 23:16:07 fetching corpus: 2600, signal 163492/230589 (executing program) 2021/06/30 23:16:07 fetching corpus: 2650, signal 164229/232420 (executing program) 2021/06/30 23:16:07 fetching corpus: 2700, signal 166186/235112 (executing program) 2021/06/30 23:16:07 fetching corpus: 2750, signal 167716/237470 (executing program) 2021/06/30 23:16:07 fetching corpus: 2800, signal 168893/239592 (executing program) 2021/06/30 23:16:08 fetching corpus: 2850, signal 170015/241682 (executing program) 2021/06/30 23:16:08 fetching corpus: 2900, signal 170920/243614 (executing program) 2021/06/30 23:16:08 fetching corpus: 2950, signal 172280/245854 (executing program) 2021/06/30 23:16:08 fetching corpus: 3000, signal 173175/247750 (executing program) 2021/06/30 23:16:08 fetching corpus: 3050, signal 174716/250069 (executing program) 2021/06/30 23:16:08 fetching corpus: 3100, signal 176304/252414 (executing program) 2021/06/30 23:16:08 fetching corpus: 3150, signal 177711/254671 (executing program) 2021/06/30 23:16:08 fetching corpus: 3200, signal 178752/256604 (executing program) 2021/06/30 23:16:08 fetching corpus: 3250, signal 179538/258356 (executing program) 2021/06/30 23:16:08 fetching corpus: 3300, signal 180576/260306 (executing program) 2021/06/30 23:16:08 fetching corpus: 3350, signal 181839/262424 (executing program) 2021/06/30 23:16:08 fetching corpus: 3400, signal 182636/264121 (executing program) 2021/06/30 23:16:08 fetching corpus: 3450, signal 184788/266817 (executing program) 2021/06/30 23:16:08 fetching corpus: 3500, signal 185841/268681 (executing program) 2021/06/30 23:16:08 fetching corpus: 3550, signal 187196/270775 (executing program) 2021/06/30 23:16:08 fetching corpus: 3600, signal 187802/272380 (executing program) 2021/06/30 23:16:09 fetching corpus: 3650, signal 189280/274505 (executing program) 2021/06/30 23:16:09 fetching corpus: 3700, signal 190192/276199 (executing program) 2021/06/30 23:16:09 fetching corpus: 3750, signal 190854/277845 (executing program) 2021/06/30 23:16:09 fetching corpus: 3800, signal 192007/279821 (executing program) 2021/06/30 23:16:09 fetching corpus: 3850, signal 193340/281844 (executing program) 2021/06/30 23:16:09 fetching corpus: 3900, signal 194033/283390 (executing program) 2021/06/30 23:16:09 fetching corpus: 3950, signal 194725/285009 (executing program) 2021/06/30 23:16:09 fetching corpus: 4000, signal 195852/286851 (executing program) 2021/06/30 23:16:09 fetching corpus: 4050, signal 196536/288397 (executing program) 2021/06/30 23:16:09 fetching corpus: 4100, signal 197064/289809 (executing program) 2021/06/30 23:16:09 fetching corpus: 4150, signal 198602/291917 (executing program) 2021/06/30 23:16:09 fetching corpus: 4200, signal 199333/293483 (executing program) 2021/06/30 23:16:09 fetching corpus: 4250, signal 200921/295572 (executing program) 2021/06/30 23:16:09 fetching corpus: 4300, signal 202069/297370 (executing program) 2021/06/30 23:16:09 fetching corpus: 4350, signal 202930/298989 (executing program) 2021/06/30 23:16:09 fetching corpus: 4400, signal 203710/300545 (executing program) 2021/06/30 23:16:09 fetching corpus: 4450, signal 204637/302185 (executing program) 2021/06/30 23:16:09 fetching corpus: 4500, signal 205488/303747 (executing program) 2021/06/30 23:16:10 fetching corpus: 4550, signal 205948/305076 (executing program) 2021/06/30 23:16:10 fetching corpus: 4600, signal 206783/306688 (executing program) 2021/06/30 23:16:10 fetching corpus: 4650, signal 207373/308079 (executing program) 2021/06/30 23:16:10 fetching corpus: 4700, signal 208542/309830 (executing program) 2021/06/30 23:16:10 fetching corpus: 4750, signal 209420/311374 (executing program) 2021/06/30 23:16:10 fetching corpus: 4800, signal 210084/312825 (executing program) 2021/06/30 23:16:10 fetching corpus: 4850, signal 210762/314274 (executing program) 2021/06/30 23:16:10 fetching corpus: 4900, signal 211899/315944 (executing program) 2021/06/30 23:16:10 fetching corpus: 4950, signal 212629/317374 (executing program) 2021/06/30 23:16:10 fetching corpus: 5000, signal 213505/318877 (executing program) 2021/06/30 23:16:10 fetching corpus: 5050, signal 214160/320278 (executing program) 2021/06/30 23:16:11 fetching corpus: 5100, signal 216066/322341 (executing program) 2021/06/30 23:16:11 fetching corpus: 5150, signal 216995/323836 (executing program) 2021/06/30 23:16:11 fetching corpus: 5200, signal 217826/325297 (executing program) 2021/06/30 23:16:11 fetching corpus: 5250, signal 218472/326621 (executing program) 2021/06/30 23:16:11 fetching corpus: 5300, signal 219119/327950 (executing program) 2021/06/30 23:16:11 fetching corpus: 5350, signal 220047/329428 (executing program) 2021/06/30 23:16:11 fetching corpus: 5400, signal 221049/330955 (executing program) 2021/06/30 23:16:11 fetching corpus: 5450, signal 221970/332447 (executing program) 2021/06/30 23:16:11 fetching corpus: 5500, signal 222672/333792 (executing program) 2021/06/30 23:16:11 fetching corpus: 5550, signal 223869/335397 (executing program) 2021/06/30 23:16:11 fetching corpus: 5600, signal 224953/336920 (executing program) 2021/06/30 23:16:11 fetching corpus: 5650, signal 225757/338311 (executing program) 2021/06/30 23:16:11 fetching corpus: 5700, signal 226348/339590 (executing program) 2021/06/30 23:16:11 fetching corpus: 5750, signal 227186/340954 (executing program) 2021/06/30 23:16:11 fetching corpus: 5800, signal 228253/342478 (executing program) 2021/06/30 23:16:11 fetching corpus: 5850, signal 229191/343849 (executing program) 2021/06/30 23:16:11 fetching corpus: 5900, signal 230041/345279 (executing program) 2021/06/30 23:16:11 fetching corpus: 5950, signal 231460/346886 (executing program) 2021/06/30 23:16:11 fetching corpus: 6000, signal 232145/348179 (executing program) 2021/06/30 23:16:11 fetching corpus: 6050, signal 232734/349410 (executing program) 2021/06/30 23:16:11 fetching corpus: 6100, signal 233514/350721 (executing program) 2021/06/30 23:16:12 fetching corpus: 6150, signal 234297/352054 (executing program) 2021/06/30 23:16:12 fetching corpus: 6200, signal 235404/353487 (executing program) 2021/06/30 23:16:12 fetching corpus: 6250, signal 235842/354639 (executing program) 2021/06/30 23:16:12 fetching corpus: 6300, signal 236681/355980 (executing program) 2021/06/30 23:16:12 fetching corpus: 6350, signal 237204/357126 (executing program) 2021/06/30 23:16:12 fetching corpus: 6400, signal 237767/358279 (executing program) 2021/06/30 23:16:12 fetching corpus: 6450, signal 238261/359372 (executing program) 2021/06/30 23:16:12 fetching corpus: 6500, signal 238791/360527 (executing program) 2021/06/30 23:16:12 fetching corpus: 6550, signal 239343/361704 (executing program) 2021/06/30 23:16:12 fetching corpus: 6600, signal 240134/362946 (executing program) 2021/06/30 23:16:12 fetching corpus: 6650, signal 241050/364258 (executing program) 2021/06/30 23:16:12 fetching corpus: 6700, signal 241736/365474 (executing program) 2021/06/30 23:16:12 fetching corpus: 6750, signal 242203/366548 (executing program) 2021/06/30 23:16:12 fetching corpus: 6800, signal 242818/367715 (executing program) 2021/06/30 23:16:12 fetching corpus: 6850, signal 243323/368828 (executing program) 2021/06/30 23:16:12 fetching corpus: 6900, signal 243988/369985 (executing program) 2021/06/30 23:16:12 fetching corpus: 6950, signal 244958/371272 (executing program) 2021/06/30 23:16:12 fetching corpus: 7000, signal 245876/372520 (executing program) 2021/06/30 23:16:12 fetching corpus: 7050, signal 246398/373629 (executing program) 2021/06/30 23:16:12 fetching corpus: 7100, signal 247044/374790 (executing program) 2021/06/30 23:16:13 fetching corpus: 7150, signal 247800/375959 (executing program) 2021/06/30 23:16:13 fetching corpus: 7200, signal 248388/377068 (executing program) 2021/06/30 23:16:13 fetching corpus: 7250, signal 248991/378124 (executing program) 2021/06/30 23:16:13 fetching corpus: 7300, signal 249585/379235 (executing program) 2021/06/30 23:16:13 fetching corpus: 7350, signal 250039/380291 (executing program) 2021/06/30 23:16:13 fetching corpus: 7400, signal 250804/381455 (executing program) 2021/06/30 23:16:13 fetching corpus: 7450, signal 251290/382462 (executing program) 2021/06/30 23:16:13 fetching corpus: 7500, signal 251912/383540 (executing program) 2021/06/30 23:16:13 fetching corpus: 7550, signal 252303/384512 (executing program) 2021/06/30 23:16:13 fetching corpus: 7600, signal 252815/385544 (executing program) 2021/06/30 23:16:13 fetching corpus: 7650, signal 253901/386738 (executing program) 2021/06/30 23:16:13 fetching corpus: 7700, signal 254377/387731 (executing program) 2021/06/30 23:16:13 fetching corpus: 7750, signal 255003/388779 (executing program) 2021/06/30 23:16:13 fetching corpus: 7800, signal 255683/389853 (executing program) 2021/06/30 23:16:13 fetching corpus: 7850, signal 256347/390917 (executing program) 2021/06/30 23:16:13 fetching corpus: 7900, signal 257249/392034 (executing program) 2021/06/30 23:16:13 fetching corpus: 7950, signal 257868/393070 (executing program) 2021/06/30 23:16:13 fetching corpus: 8000, signal 258355/394037 (executing program) 2021/06/30 23:16:13 fetching corpus: 8050, signal 259030/395099 (executing program) 2021/06/30 23:16:14 fetching corpus: 8100, signal 259494/396078 (executing program) 2021/06/30 23:16:14 fetching corpus: 8150, signal 259986/397043 (executing program) 2021/06/30 23:16:14 fetching corpus: 8200, signal 260577/398002 (executing program) 2021/06/30 23:16:14 fetching corpus: 8250, signal 261126/398962 (executing program) 2021/06/30 23:16:14 fetching corpus: 8300, signal 261625/399905 (executing program) 2021/06/30 23:16:14 fetching corpus: 8350, signal 262959/401097 (executing program) 2021/06/30 23:16:14 fetching corpus: 8400, signal 263342/402006 (executing program) 2021/06/30 23:16:14 fetching corpus: 8450, signal 263925/402939 (executing program) 2021/06/30 23:16:14 fetching corpus: 8500, signal 264387/403818 (executing program) 2021/06/30 23:16:14 fetching corpus: 8550, signal 265251/404834 (executing program) 2021/06/30 23:16:14 fetching corpus: 8600, signal 266052/405891 (executing program) 2021/06/30 23:16:14 fetching corpus: 8650, signal 266828/406854 (executing program) 2021/06/30 23:16:14 fetching corpus: 8700, signal 267575/407843 (executing program) 2021/06/30 23:16:14 fetching corpus: 8750, signal 269035/408886 (executing program) 2021/06/30 23:16:14 fetching corpus: 8800, signal 269846/409832 (executing program) 2021/06/30 23:16:14 fetching corpus: 8850, signal 270235/410677 (executing program) 2021/06/30 23:16:14 fetching corpus: 8900, signal 270759/411584 (executing program) 2021/06/30 23:16:14 fetching corpus: 8950, signal 271400/412494 (executing program) 2021/06/30 23:16:14 fetching corpus: 9000, signal 271838/413396 (executing program) 2021/06/30 23:16:14 fetching corpus: 9050, signal 272296/414302 (executing program) 2021/06/30 23:16:14 fetching corpus: 9100, signal 273027/415208 (executing program) 2021/06/30 23:16:15 fetching corpus: 9150, signal 273685/416132 (executing program) 2021/06/30 23:16:15 fetching corpus: 9200, signal 274107/416974 (executing program) 2021/06/30 23:16:15 fetching corpus: 9250, signal 274998/417898 (executing program) 2021/06/30 23:16:15 fetching corpus: 9300, signal 275536/418801 (executing program) 2021/06/30 23:16:15 fetching corpus: 9350, signal 276015/419670 (executing program) 2021/06/30 23:16:15 fetching corpus: 9400, signal 276572/420506 (executing program) 2021/06/30 23:16:15 fetching corpus: 9450, signal 277121/421330 (executing program) 2021/06/30 23:16:15 fetching corpus: 9500, signal 277574/422167 (executing program) 2021/06/30 23:16:15 fetching corpus: 9550, signal 278108/423009 (executing program) 2021/06/30 23:16:15 fetching corpus: 9600, signal 278626/423853 (executing program) 2021/06/30 23:16:15 fetching corpus: 9650, signal 278997/424698 (executing program) 2021/06/30 23:16:15 fetching corpus: 9700, signal 279680/425533 (executing program) 2021/06/30 23:16:15 fetching corpus: 9750, signal 280119/426336 (executing program) 2021/06/30 23:16:15 fetching corpus: 9800, signal 280586/427156 (executing program) 2021/06/30 23:16:15 fetching corpus: 9850, signal 281094/427962 (executing program) 2021/06/30 23:16:15 fetching corpus: 9900, signal 281501/428776 (executing program) 2021/06/30 23:16:15 fetching corpus: 9950, signal 281869/429509 (executing program) 2021/06/30 23:16:15 fetching corpus: 10000, signal 282401/430293 (executing program) 2021/06/30 23:16:16 fetching corpus: 10050, signal 282922/431030 (executing program) 2021/06/30 23:16:16 fetching corpus: 10100, signal 283523/431785 (executing program) 2021/06/30 23:16:16 fetching corpus: 10150, signal 284092/432565 (executing program) 2021/06/30 23:16:16 fetching corpus: 10200, signal 284401/433360 (executing program) 2021/06/30 23:16:16 fetching corpus: 10250, signal 284794/434130 (executing program) 2021/06/30 23:16:16 fetching corpus: 10300, signal 285713/434928 (executing program) 2021/06/30 23:16:16 fetching corpus: 10350, signal 286027/435651 (executing program) 2021/06/30 23:16:16 fetching corpus: 10400, signal 286657/436375 (executing program) 2021/06/30 23:16:16 fetching corpus: 10450, signal 287190/437117 (executing program) 2021/06/30 23:16:16 fetching corpus: 10500, signal 287863/437872 (executing program) 2021/06/30 23:16:16 fetching corpus: 10550, signal 288202/438550 (executing program) 2021/06/30 23:16:16 fetching corpus: 10600, signal 288688/439282 (executing program) 2021/06/30 23:16:16 fetching corpus: 10650, signal 289523/440039 (executing program) 2021/06/30 23:16:16 fetching corpus: 10700, signal 290235/440791 (executing program) 2021/06/30 23:16:16 fetching corpus: 10750, signal 290659/441517 (executing program) 2021/06/30 23:16:16 fetching corpus: 10800, signal 291081/442183 (executing program) 2021/06/30 23:16:16 fetching corpus: 10850, signal 291551/442897 (executing program) 2021/06/30 23:16:16 fetching corpus: 10900, signal 291916/443639 (executing program) 2021/06/30 23:16:17 fetching corpus: 10950, signal 292369/444372 (executing program) 2021/06/30 23:16:17 fetching corpus: 11000, signal 292759/445085 (executing program) 2021/06/30 23:16:17 fetching corpus: 11050, signal 293331/445859 (executing program) 2021/06/30 23:16:17 fetching corpus: 11100, signal 293710/446804 (executing program) 2021/06/30 23:16:17 fetching corpus: 11150, signal 294132/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11200, signal 294814/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11250, signal 295604/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11300, signal 295876/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11350, signal 296363/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11400, signal 296842/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11450, signal 297157/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11500, signal 297403/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11550, signal 298393/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11600, signal 298702/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11650, signal 299346/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11700, signal 299902/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11750, signal 300516/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11800, signal 301037/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11850, signal 301444/447208 (executing program) 2021/06/30 23:16:17 fetching corpus: 11900, signal 301725/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 11950, signal 302107/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12000, signal 303014/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12050, signal 303315/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12100, signal 303928/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12150, signal 304269/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12200, signal 304661/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12250, signal 305313/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12300, signal 305592/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12350, signal 306110/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12400, signal 307157/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12450, signal 307817/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12500, signal 308460/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12550, signal 309143/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12600, signal 309729/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12650, signal 310107/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12700, signal 311175/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12750, signal 312902/447208 (executing program) 2021/06/30 23:16:18 fetching corpus: 12800, signal 313212/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 12850, signal 313661/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 12900, signal 314113/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 12950, signal 314672/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13000, signal 315010/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13050, signal 315465/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13100, signal 315800/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13150, signal 316164/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13200, signal 316597/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13250, signal 317041/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13300, signal 317440/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13350, signal 317802/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13400, signal 318267/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13450, signal 318703/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13500, signal 319406/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13550, signal 319733/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13600, signal 320024/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13650, signal 320472/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13700, signal 320866/447208 (executing program) 2021/06/30 23:16:19 fetching corpus: 13750, signal 321280/447208 (executing program) 2021/06/30 23:16:20 fetching corpus: 13800, signal 321572/447208 (executing program) 2021/06/30 23:16:20 fetching corpus: 13850, signal 321975/447208 (executing program) 2021/06/30 23:16:20 fetching corpus: 13900, signal 322376/447208 (executing program) 2021/06/30 23:16:20 fetching corpus: 13950, signal 322639/447208 (executing program) 2021/06/30 23:16:20 fetching corpus: 14000, signal 322956/447208 (executing program) 2021/06/30 23:16:20 fetching corpus: 14050, signal 323215/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14100, signal 323765/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14150, signal 324206/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14200, signal 324626/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14250, signal 324843/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14300, signal 325231/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14350, signal 325514/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14400, signal 325847/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14450, signal 326417/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14500, signal 327421/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14550, signal 327819/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14600, signal 328207/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14650, signal 328796/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14700, signal 329153/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14750, signal 329404/447223 (executing program) 2021/06/30 23:16:20 fetching corpus: 14800, signal 329763/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 14850, signal 330043/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 14900, signal 330470/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 14950, signal 330785/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15000, signal 331029/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15050, signal 331340/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15100, signal 331931/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15150, signal 332380/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15200, signal 332739/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15250, signal 333190/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15300, signal 333517/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15350, signal 333788/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15400, signal 334174/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15450, signal 334469/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15500, signal 334758/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15550, signal 335246/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15600, signal 335573/447223 (executing program) 2021/06/30 23:16:21 fetching corpus: 15650, signal 336043/447223 (executing program) 2021/06/30 23:16:22 fetching corpus: 15700, signal 336690/447223 (executing program) 2021/06/30 23:16:22 fetching corpus: 15750, signal 336954/447223 (executing program) 2021/06/30 23:16:22 fetching corpus: 15800, signal 337383/447223 (executing program) 2021/06/30 23:16:22 fetching corpus: 15850, signal 337682/447224 (executing program) 2021/06/30 23:16:22 fetching corpus: 15900, signal 337967/447224 (executing program) 2021/06/30 23:16:22 fetching corpus: 15950, signal 338236/447224 (executing program) 2021/06/30 23:16:22 fetching corpus: 16000, signal 338656/447224 (executing program) 2021/06/30 23:16:22 fetching corpus: 16050, signal 339221/447224 (executing program) 2021/06/30 23:16:22 fetching corpus: 16100, signal 339542/447224 (executing program) 2021/06/30 23:16:22 fetching corpus: 16150, signal 340043/447224 (executing program) 2021/06/30 23:16:22 fetching corpus: 16200, signal 340480/447224 (executing program) 2021/06/30 23:16:22 fetching corpus: 16250, signal 340721/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16300, signal 341182/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16350, signal 341584/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16400, signal 342175/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16450, signal 342746/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16500, signal 343059/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16550, signal 343460/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16599, signal 343860/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16649, signal 344398/447225 (executing program) 2021/06/30 23:16:22 fetching corpus: 16699, signal 344814/447225 (executing program) 2021/06/30 23:16:23 fetching corpus: 16749, signal 345151/447225 (executing program) 2021/06/30 23:16:23 fetching corpus: 16799, signal 345405/447225 (executing program) 2021/06/30 23:16:23 fetching corpus: 16849, signal 345673/447225 (executing program) 2021/06/30 23:16:23 fetching corpus: 16899, signal 346402/447225 (executing program) 2021/06/30 23:16:23 fetching corpus: 16949, signal 347110/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 16999, signal 347479/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17049, signal 347782/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17098, signal 348318/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17148, signal 348734/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17198, signal 349009/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17248, signal 349473/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17298, signal 349868/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17348, signal 350434/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17398, signal 350925/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17448, signal 351240/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17498, signal 351583/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17548, signal 351895/447229 (executing program) 2021/06/30 23:16:23 fetching corpus: 17598, signal 352327/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 17648, signal 352624/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 17698, signal 352936/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 17748, signal 353268/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 17798, signal 353457/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 17848, signal 354000/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 17898, signal 354694/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 17948, signal 355063/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 17998, signal 355458/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18048, signal 355708/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18098, signal 356036/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18148, signal 356341/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18198, signal 356710/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18248, signal 357041/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18298, signal 357629/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18348, signal 357892/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18398, signal 358466/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18448, signal 358733/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18498, signal 359101/447229 (executing program) 2021/06/30 23:16:24 fetching corpus: 18548, signal 359391/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18598, signal 359667/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18648, signal 359973/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18698, signal 360328/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18748, signal 360597/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18798, signal 361296/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18848, signal 361808/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18898, signal 362076/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18948, signal 362841/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 18998, signal 363348/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19048, signal 364026/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19098, signal 364502/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19148, signal 364865/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19198, signal 365164/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19248, signal 365445/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19298, signal 365652/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19348, signal 366045/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19398, signal 366338/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19448, signal 367874/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19498, signal 368335/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19548, signal 368869/447235 (executing program) 2021/06/30 23:16:25 fetching corpus: 19598, signal 369413/447235 (executing program) 2021/06/30 23:16:26 fetching corpus: 19648, signal 369932/447235 (executing program) 2021/06/30 23:16:26 fetching corpus: 19698, signal 370290/447235 (executing program) 2021/06/30 23:16:26 fetching corpus: 19748, signal 370516/447235 (executing program) 2021/06/30 23:16:26 fetching corpus: 19798, signal 371055/447235 (executing program) 2021/06/30 23:16:26 fetching corpus: 19848, signal 371413/447254 (executing program) 2021/06/30 23:16:26 fetching corpus: 19898, signal 371676/447254 (executing program) 2021/06/30 23:16:26 fetching corpus: 19948, signal 372041/447254 (executing program) 2021/06/30 23:16:26 fetching corpus: 19998, signal 372380/447254 (executing program) 2021/06/30 23:16:26 fetching corpus: 20048, signal 372656/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20098, signal 372847/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20148, signal 373135/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20198, signal 373564/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20248, signal 373941/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20298, signal 374385/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20348, signal 374644/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20398, signal 374936/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20448, signal 375188/447255 (executing program) 2021/06/30 23:16:26 fetching corpus: 20498, signal 375649/447255 (executing program) 2021/06/30 23:16:27 fetching corpus: 20548, signal 376132/447255 (executing program) 2021/06/30 23:16:27 fetching corpus: 20598, signal 376572/447258 (executing program) 2021/06/30 23:16:27 fetching corpus: 20648, signal 377222/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 20698, signal 377497/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 20748, signal 377824/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 20798, signal 378126/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 20848, signal 378429/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 20898, signal 378756/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 20948, signal 378948/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 20998, signal 379406/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21048, signal 379772/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21098, signal 379991/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21148, signal 380390/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21198, signal 380662/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21248, signal 380986/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21298, signal 381201/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21348, signal 381526/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21398, signal 381732/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21448, signal 382305/447261 (executing program) 2021/06/30 23:16:27 fetching corpus: 21498, signal 382632/447261 (executing program) 2021/06/30 23:16:28 fetching corpus: 21548, signal 382882/447261 (executing program) 2021/06/30 23:16:28 fetching corpus: 21598, signal 383257/447261 (executing program) 2021/06/30 23:16:28 fetching corpus: 21648, signal 383569/447261 (executing program) 2021/06/30 23:16:28 fetching corpus: 21698, signal 383800/447261 (executing program) 2021/06/30 23:16:28 fetching corpus: 21748, signal 384136/447261 (executing program) 2021/06/30 23:16:28 fetching corpus: 21798, signal 384341/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 21848, signal 384544/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 21898, signal 385023/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 21948, signal 385301/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 21998, signal 385656/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22048, signal 385930/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22098, signal 386233/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22148, signal 386547/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22198, signal 386784/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22248, signal 387223/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22298, signal 387461/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22348, signal 387668/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22398, signal 387999/447263 (executing program) 2021/06/30 23:16:28 fetching corpus: 22448, signal 388260/447263 (executing program) 2021/06/30 23:16:29 fetching corpus: 22498, signal 388434/447263 (executing program) 2021/06/30 23:16:29 fetching corpus: 22548, signal 388764/447263 (executing program) 2021/06/30 23:16:29 fetching corpus: 22598, signal 388943/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 22648, signal 389145/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 22698, signal 389518/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 22748, signal 389812/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 22798, signal 390088/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 22848, signal 390405/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 22898, signal 390650/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 22948, signal 390890/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 22998, signal 391139/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 23048, signal 391542/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 23098, signal 391741/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 23148, signal 392017/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 23198, signal 392396/447265 (executing program) 2021/06/30 23:16:29 fetching corpus: 23248, signal 392968/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23298, signal 393488/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23348, signal 393837/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23398, signal 394144/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23448, signal 394393/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23498, signal 394599/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23548, signal 394935/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23598, signal 395323/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23648, signal 395557/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23698, signal 395938/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23748, signal 396468/447265 (executing program) 2021/06/30 23:16:30 fetching corpus: 23798, signal 396723/447266 (executing program) 2021/06/30 23:16:30 fetching corpus: 23848, signal 396925/447266 (executing program) 2021/06/30 23:16:30 fetching corpus: 23898, signal 397293/447266 (executing program) 2021/06/30 23:16:30 fetching corpus: 23948, signal 397581/447266 (executing program) 2021/06/30 23:16:30 fetching corpus: 23998, signal 397866/447266 (executing program) 2021/06/30 23:16:30 fetching corpus: 24048, signal 398155/447266 (executing program) 2021/06/30 23:16:30 fetching corpus: 24098, signal 398425/447266 (executing program) 2021/06/30 23:16:30 fetching corpus: 24148, signal 398759/447266 (executing program) 2021/06/30 23:16:30 fetching corpus: 24198, signal 399129/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24248, signal 399406/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24298, signal 399744/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24348, signal 399941/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24398, signal 400243/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24448, signal 400517/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24498, signal 400779/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24548, signal 400998/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24598, signal 401200/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24648, signal 401398/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24698, signal 401655/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24748, signal 401958/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24798, signal 402247/447266 (executing program) 2021/06/30 23:16:31 fetching corpus: 24848, signal 402478/447270 (executing program) 2021/06/30 23:16:31 fetching corpus: 24898, signal 402769/447270 (executing program) 2021/06/30 23:16:31 fetching corpus: 24948, signal 403131/447270 (executing program) 2021/06/30 23:16:31 fetching corpus: 24998, signal 403384/447273 (executing program) 2021/06/30 23:16:31 fetching corpus: 25048, signal 403713/447273 (executing program) 2021/06/30 23:16:31 fetching corpus: 25097, signal 403957/447273 (executing program) 2021/06/30 23:16:31 fetching corpus: 25147, signal 404171/447273 (executing program) 2021/06/30 23:16:31 fetching corpus: 25196, signal 404397/447273 (executing program) 2021/06/30 23:16:31 fetching corpus: 25246, signal 404652/447276 (executing program) 2021/06/30 23:16:31 fetching corpus: 25296, signal 404962/447276 (executing program) 2021/06/30 23:16:31 fetching corpus: 25346, signal 405324/447276 (executing program) 2021/06/30 23:16:32 fetching corpus: 25396, signal 405537/447276 (executing program) 2021/06/30 23:16:32 fetching corpus: 25446, signal 405866/447276 (executing program) 2021/06/30 23:16:32 fetching corpus: 25496, signal 406054/447276 (executing program) 2021/06/30 23:16:32 fetching corpus: 25546, signal 406303/447276 (executing program) 2021/06/30 23:16:32 fetching corpus: 25596, signal 406735/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 25646, signal 406956/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 25696, signal 407159/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 25746, signal 407347/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 25796, signal 407544/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 25846, signal 407753/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 25896, signal 407984/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 25946, signal 408267/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 25996, signal 409048/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 26046, signal 409262/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 26096, signal 409496/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 26146, signal 409771/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 26196, signal 410011/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 26246, signal 410180/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 26296, signal 410445/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 26346, signal 410871/447278 (executing program) 2021/06/30 23:16:32 fetching corpus: 26396, signal 411332/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26446, signal 411540/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26496, signal 411915/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26546, signal 412217/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26596, signal 412447/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26646, signal 412811/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26696, signal 413122/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26746, signal 413332/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26796, signal 413578/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26846, signal 413911/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26896, signal 414272/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26946, signal 414526/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 26996, signal 414760/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 27046, signal 415191/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 27096, signal 415943/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 27146, signal 416172/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 27196, signal 416370/447278 (executing program) 2021/06/30 23:16:33 fetching corpus: 27246, signal 416633/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27296, signal 416787/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27346, signal 416991/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27396, signal 417213/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27446, signal 417912/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27496, signal 418455/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27546, signal 418696/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27596, signal 419043/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27646, signal 419402/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27696, signal 419744/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27746, signal 419994/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27796, signal 420208/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27846, signal 420473/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27896, signal 420744/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27946, signal 420872/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 27996, signal 421121/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 28046, signal 421465/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 28096, signal 421758/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 28146, signal 421996/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 28196, signal 422321/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 28246, signal 422514/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 28296, signal 422961/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 28346, signal 423219/447278 (executing program) 2021/06/30 23:16:34 fetching corpus: 28396, signal 423374/447278 (executing program) 2021/06/30 23:16:35 fetching corpus: 28446, signal 423579/447278 (executing program) 2021/06/30 23:16:35 fetching corpus: 28496, signal 423734/447278 (executing program) 2021/06/30 23:16:35 fetching corpus: 28546, signal 424006/447288 (executing program) 2021/06/30 23:16:35 fetching corpus: 28596, signal 424345/447288 (executing program) 2021/06/30 23:16:35 fetching corpus: 28646, signal 424529/447288 (executing program) 2021/06/30 23:16:35 fetching corpus: 28696, signal 424863/447288 (executing program) 2021/06/30 23:16:35 fetching corpus: 28746, signal 425120/447288 (executing program) 2021/06/30 23:16:35 fetching corpus: 28796, signal 425515/447288 (executing program) 2021/06/30 23:16:35 fetching corpus: 28846, signal 425809/447288 (executing program) 2021/06/30 23:16:35 fetching corpus: 28896, signal 426044/447288 (executing program) 2021/06/30 23:16:35 fetching corpus: 28946, signal 426228/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 28995, signal 426494/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29045, signal 426683/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29095, signal 427089/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29145, signal 427497/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29194, signal 427679/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29244, signal 427859/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29294, signal 428151/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29344, signal 428385/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29394, signal 428655/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29444, signal 428945/447288 (executing program) 2021/06/30 23:16:36 fetching corpus: 29494, signal 429150/447289 (executing program) 2021/06/30 23:16:36 fetching corpus: 29544, signal 429355/447289 (executing program) 2021/06/30 23:16:36 fetching corpus: 29594, signal 429601/447289 (executing program) 2021/06/30 23:16:36 fetching corpus: 29644, signal 429870/447289 (executing program) 2021/06/30 23:16:36 fetching corpus: 29694, signal 430143/447289 (executing program) 2021/06/30 23:16:36 fetching corpus: 29744, signal 430407/447291 (executing program) 2021/06/30 23:16:36 fetching corpus: 29794, signal 430665/447291 (executing program) 2021/06/30 23:16:36 fetching corpus: 29844, signal 430939/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 29894, signal 431207/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 29944, signal 431574/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 29994, signal 431852/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30044, signal 432076/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30094, signal 432286/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30144, signal 432654/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30194, signal 432935/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30244, signal 433077/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30294, signal 433274/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30344, signal 433644/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30394, signal 433922/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30444, signal 434461/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30494, signal 434869/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30544, signal 435042/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30594, signal 435208/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30644, signal 435446/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30694, signal 435708/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30744, signal 435979/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30794, signal 436192/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30844, signal 436340/447291 (executing program) 2021/06/30 23:16:37 fetching corpus: 30894, signal 436559/447291 (executing program) 2021/06/30 23:16:38 fetching corpus: 30944, signal 436751/447291 (executing program) 2021/06/30 23:16:38 fetching corpus: 30994, signal 437011/447291 (executing program) 2021/06/30 23:16:38 fetching corpus: 31015, signal 437070/447315 (executing program) 2021/06/30 23:16:38 fetching corpus: 31015, signal 437070/447315 (executing program) 2021/06/30 23:16:40 starting 6 fuzzer processes 23:16:45 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x1ff) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) fallocate(r0, 0x5fdd9e86c619552f, 0x800, 0x3) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffffffb, 0x0, @perf_config_ext={0x0, 0xf772}, 0x0, 0x8, 0xbb0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) [ 181.476278][ T8227] IPVS: ftp: loaded support on port[0] = 21 [ 181.991615][ T8227] chnl_net:caif_netlink_parms(): no params data found [ 182.111303][ T8227] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.118809][ T8227] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.128254][ T8227] device bridge_slave_0 entered promiscuous mode [ 182.144963][ T8227] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.152805][ T8227] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.162503][ T8227] device bridge_slave_1 entered promiscuous mode [ 182.215031][ T8227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 182.234670][ T8227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 182.287183][ T8227] team0: Port device team_slave_0 added [ 182.302587][ T8227] team0: Port device team_slave_1 added [ 182.349176][ T8227] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 182.356211][ T8227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 182.383324][ T8227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 182.401259][ T8227] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 182.408395][ T8227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 182.434732][ T8227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 182.496715][ T8227] device hsr_slave_0 entered promiscuous mode [ 182.508418][ T8227] device hsr_slave_1 entered promiscuous mode [ 182.789966][ T8227] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 182.808740][ T8227] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 182.828861][ T8227] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 182.864742][ T8227] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 183.188648][ T8227] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.218931][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 183.228427][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 183.248937][ T8227] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.271696][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 183.281552][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 183.292062][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.299541][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.347029][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 183.356136][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 183.365910][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 183.375552][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.383025][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.392300][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 183.403415][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 183.421313][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 183.432108][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 183.444483][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 183.446557][ T1980] Bluetooth: hci0: command 0x0409 tx timeout [ 183.467605][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 183.477742][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 183.507896][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 183.517444][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 183.527277][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 183.536835][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 183.555576][ T8227] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 183.603695][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 183.613256][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 183.644917][ T8227] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 183.698797][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 183.708857][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 183.761050][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 183.771043][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 183.793224][ T8227] device veth0_vlan entered promiscuous mode [ 183.807094][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 183.815860][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 183.845523][ T8227] device veth1_vlan entered promiscuous mode [ 183.917777][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 183.927227][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 183.936679][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 183.946554][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 183.966916][ T8227] device veth0_macvtap entered promiscuous mode [ 183.987389][ T8227] device veth1_macvtap entered promiscuous mode [ 183.998820][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 184.008485][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 184.062247][ T8227] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 184.070221][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 184.080235][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 184.106072][ T8227] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.115653][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 184.126215][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 184.150905][ T8227] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.159942][ T8227] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.170810][ T8227] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.179815][ T8227] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.528258][ T888] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.536252][ T888] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.545706][ T1980] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 184.662593][ T197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.670681][ T197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.681481][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 184.917986][ C0] hrtimer: interrupt took 53372 ns 23:16:50 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x1ff) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) fallocate(r0, 0x5fdd9e86c619552f, 0x800, 0x3) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffffffb, 0x0, @perf_config_ext={0x0, 0xf772}, 0x0, 0x8, 0xbb0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) [ 185.529306][ T5] Bluetooth: hci0: command 0x041b tx timeout 23:16:51 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x1ff) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) fallocate(r0, 0x5fdd9e86c619552f, 0x800, 0x3) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffffffb, 0x0, @perf_config_ext={0x0, 0xf772}, 0x0, 0x8, 0xbb0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) 23:16:51 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x1ff) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) fallocate(r0, 0x5fdd9e86c619552f, 0x800, 0x3) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffffffb, 0x0, @perf_config_ext={0x0, 0xf772}, 0x0, 0x8, 0xbb0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) 23:16:51 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x1ff) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) fallocate(r0, 0x5fdd9e86c619552f, 0x800, 0x3) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffffffb, 0x0, @perf_config_ext={0x0, 0xf772}, 0x0, 0x8, 0xbb0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) 23:16:51 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x1ff) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) fallocate(r0, 0x5fdd9e86c619552f, 0x800, 0x3) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffffffb, 0x0, @perf_config_ext={0x0, 0xf772}, 0x0, 0x8, 0xbb0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) 23:16:52 executing program 0: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x1ff) r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) fallocate(r0, 0x5fdd9e86c619552f, 0x800, 0x3) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffffffb, 0x0, @perf_config_ext={0x0, 0xf772}, 0x0, 0x8, 0xbb0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) 23:16:52 executing program 0: syz_emit_ethernet(0x76, &(0x7f0000001540)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a0f009", 0x40, 0x3a, 0x0, @dev, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "e9941a", 0x0, 0x11, 0x0, @empty, @local, [@hopopts={0x0, 0x0, '\x00', [@padn={0x1, 0x3a}]}]}}}}}}}, 0x0) 23:16:52 executing program 0: syz_emit_ethernet(0x76, &(0x7f0000001540)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a0f009", 0x40, 0x3a, 0x0, @dev, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "e9941a", 0x0, 0x11, 0x0, @empty, @local, [@hopopts={0x0, 0x0, '\x00', [@padn={0x1, 0x3a}]}]}}}}}}}, 0x0) [ 187.596490][ T1980] Bluetooth: hci0: command 0x040f tx timeout 23:16:53 executing program 0: syz_emit_ethernet(0x76, &(0x7f0000001540)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a0f009", 0x40, 0x3a, 0x0, @dev, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "e9941a", 0x0, 0x11, 0x0, @empty, @local, [@hopopts={0x0, 0x0, '\x00', [@padn={0x1, 0x3a}]}]}}}}}}}, 0x0) 23:16:53 executing program 0: syz_emit_ethernet(0x76, &(0x7f0000001540)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a0f009", 0x40, 0x3a, 0x0, @dev, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "e9941a", 0x0, 0x11, 0x0, @empty, @local, [@hopopts={0x0, 0x0, '\x00', [@padn={0x1, 0x3a}]}]}}}}}}}, 0x0) 23:16:53 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000080)=0x100, 0x4) 23:16:53 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000080)=0x100, 0x4) 23:16:53 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000080)=0x100, 0x4) 23:16:54 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000080)=0x100, 0x4) 23:16:54 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet(0x2, 0x3, 0xff) r2 = socket$inet6_udp(0xa, 0x2, 0x0) dup3(r2, r1, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, {{0x8, 0x1, r1}, {0x8}}}}}, @IFLA_OPERSTATE={0x5, 0x3, 0x2f}]}, 0x48}}, 0x0) 23:16:54 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet(0x2, 0x3, 0xff) r2 = socket$inet6_udp(0xa, 0x2, 0x0) dup3(r2, r1, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, {{0x8, 0x1, r1}, {0x8}}}}}, @IFLA_OPERSTATE={0x5, 0x3, 0x2f}]}, 0x48}}, 0x0) 23:16:54 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet(0x2, 0x3, 0xff) r2 = socket$inet6_udp(0xa, 0x2, 0x0) dup3(r2, r1, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, {{0x8, 0x1, r1}, {0x8}}}}}, @IFLA_OPERSTATE={0x5, 0x3, 0x2f}]}, 0x48}}, 0x0) 23:16:54 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet(0x2, 0x3, 0xff) r2 = socket$inet6_udp(0xa, 0x2, 0x0) dup3(r2, r1, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, {{0x8, 0x1, r1}, {0x8}}}}}, @IFLA_OPERSTATE={0x5, 0x3, 0x2f}]}, 0x48}}, 0x0) [ 189.677635][ T5] Bluetooth: hci0: command 0x0419 tx timeout 23:16:55 executing program 0: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r2}, &(0x7f0000000100)=0x8) 23:16:56 executing program 0: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r2}, &(0x7f0000000100)=0x8) 23:16:56 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x5, 0x9, 0x1, 0x0, 0x1}, 0x40) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x6, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB="0000000000000000790800000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 23:16:57 executing program 0: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r2}, &(0x7f0000000100)=0x8) 23:16:58 executing program 0: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r2}, &(0x7f0000000100)=0x8) [ 193.124165][ T8546] IPVS: ftp: loaded support on port[0] = 21 [ 193.545831][ T8546] chnl_net:caif_netlink_parms(): no params data found [ 193.925627][ T8546] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.933137][ T8546] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.942932][ T8546] device bridge_slave_0 entered promiscuous mode [ 193.961868][ T8546] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.969995][ T8546] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.979631][ T8546] device bridge_slave_1 entered promiscuous mode [ 194.035433][ T8546] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.057536][ T8546] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.112520][ T8546] team0: Port device team_slave_0 added [ 194.125724][ T8546] team0: Port device team_slave_1 added [ 194.175293][ T8546] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.182803][ T8546] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.209190][ T8546] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active 23:16:59 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r2, &(0x7f0000000900)={0x2c, 0x0, r4}, 0x10) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, 0x5, 0x101, 0x3, 0x400, 0x5, 0x80088, r4}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(0xffffffffffffffff, &(0x7f0000000900)={0x2c, 0x0, r5}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000, r5}) socket$inet6(0xa, 0x806, 0xffffffff) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) [ 194.232403][ T8546] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.239602][ T8546] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.266650][ T8546] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.348528][ T8546] device hsr_slave_0 entered promiscuous mode [ 194.370183][ T8546] device hsr_slave_1 entered promiscuous mode [ 194.386996][ T8546] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 194.394662][ T8546] Cannot create hsr debugfs directory 23:17:00 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r2, &(0x7f0000000900)={0x2c, 0x0, r4}, 0x10) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, 0x5, 0x101, 0x3, 0x400, 0x5, 0x80088, r4}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(0xffffffffffffffff, &(0x7f0000000900)={0x2c, 0x0, r5}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000, r5}) socket$inet6(0xa, 0x806, 0xffffffff) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) [ 194.836854][ T8546] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 194.868423][ T8546] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 194.908484][ T8546] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 194.930532][ T8546] netdevsim netdevsim1 netdevsim3: renamed from eth3 23:17:00 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r2, &(0x7f0000000900)={0x2c, 0x0, r4}, 0x10) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, 0x5, 0x101, 0x3, 0x400, 0x5, 0x80088, r4}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(0xffffffffffffffff, &(0x7f0000000900)={0x2c, 0x0, r5}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000, r5}) socket$inet6(0xa, 0x806, 0xffffffff) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) [ 195.117750][ T5] Bluetooth: hci1: command 0x0409 tx timeout [ 195.298216][ T8546] 8021q: adding VLAN 0 to HW filter on device bond0 23:17:00 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r2, &(0x7f0000000900)={0x2c, 0x0, r4}, 0x10) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, 0x5, 0x101, 0x3, 0x400, 0x5, 0x80088, r4}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(0xffffffffffffffff, &(0x7f0000000900)={0x2c, 0x0, r5}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000, r5}) socket$inet6(0xa, 0x806, 0xffffffff) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) [ 195.383809][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 195.392893][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 195.423156][ T8546] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.455563][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 195.466695][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 195.475896][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.483340][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.567677][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 195.576770][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 195.586758][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 195.595958][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.603400][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.612538][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 195.623212][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 195.712731][ T8546] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 195.723330][ T8546] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 195.742790][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 195.753635][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 195.763818][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 195.773950][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 195.784168][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 195.793480][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 195.803541][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 195.813090][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 195.840272][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 195.850094][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 195.929398][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 195.937414][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 23:17:01 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r2, &(0x7f0000000900)={0x2c, 0x0, r4}, 0x10) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, 0x5, 0x101, 0x3, 0x400, 0x5, 0x80088, r4}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(0xffffffffffffffff, &(0x7f0000000900)={0x2c, 0x0, r5}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000, r5}) socket$inet6(0xa, 0x806, 0xffffffff) [ 196.026737][ T8546] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.139376][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 196.149666][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 196.249027][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 196.258724][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 196.299273][ T8546] device veth0_vlan entered promiscuous mode [ 196.315038][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 196.324438][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready 23:17:01 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r2, &(0x7f0000000900)={0x2c, 0x0, r4}, 0x10) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, 0x5, 0x101, 0x3, 0x400, 0x5, 0x80088, r4}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(0xffffffffffffffff, &(0x7f0000000900)={0x2c, 0x0, r5}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000, r5}) [ 196.384175][ T8546] device veth1_vlan entered promiscuous mode [ 196.533041][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 196.543049][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 196.580907][ T8546] device veth0_macvtap entered promiscuous mode [ 196.650671][ T8546] device veth1_macvtap entered promiscuous mode [ 196.741327][ T8546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 196.752457][ T8546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.766025][ T8546] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.774524][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 196.783939][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 196.793749][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 196.803609][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 196.897557][ T8546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 196.908275][ T8546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.921840][ T8546] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 196.933081][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready 23:17:02 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r2, &(0x7f0000000900)={0x2c, 0x0, r4}, 0x10) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, 0x5, 0x101, 0x3, 0x400, 0x5, 0x80088, r4}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000, r5}) [ 196.943206][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 197.042429][ T8546] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.053016][ T8546] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.062163][ T8546] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.071172][ T8546] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.215203][ T5] Bluetooth: hci1: command 0x041b tx timeout 23:17:02 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r2, &(0x7f0000000900)={0x2c, 0x0, r4}, 0x10) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, 0x5, 0x101, 0x3, 0x400, 0x5, 0x80088, r4}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) [ 197.588254][ T197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.596589][ T197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.605545][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 197.777070][ T197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.785010][ T197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.798179][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 23:17:03 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r2 = socket(0x100000000011, 0x2, 0x0) bind(r2, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r1, &(0x7f0000000900)={0x2c, 0x0, r3}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) [ 200.078455][ C0] clocksource: timekeeping watchdog on CPU0: Marking clocksource 'tsc' as unstable because the skew is too large: [ 200.090712][ C0] clocksource: 'acpi_pm' wd_now: 31909c wd_last: ae5f0c mask: ffffff [ 200.101127][ C0] clocksource: 'tsc' cs_now: 6e5d27b0e4 cs_last: 6d13de5f55 mask: ffffffffffffffff [ 200.112662][ C0] tsc: Marking TSC unstable due to clocksource watchdog [ 200.139345][ T5] TSC found unstable after boot, most likely due to broken BIOS. Use 'tsc=unstable'. [ 200.149085][ T5] sched_clock: Marking unstable (200533347579, -393946706)<-(200143844053, -4505969) [ 200.149400][ T8446] Bluetooth: hci1: command 0x040f tx timeout [ 200.174603][ T8829] clocksource: Switched to clocksource acpi_pm 23:17:05 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x5, 0x9, 0x1, 0x0, 0x1}, 0x40) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x6, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB="0000000000000000790800000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 23:17:05 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r2 = socket(0x100000000011, 0x2, 0x0) bind(r2, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) bind$xdp(r1, &(0x7f0000000900)={0x2c, 0x0, r3}, 0x10) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:05 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x5, 0x9, 0x1, 0x0, 0x1}, 0x40) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x6, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB="0000000000000000790800000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 23:17:06 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r2 = socket(0x100000000011, 0x2, 0x0) bind(r2, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) getsockname$packet(r2, &(0x7f0000000400), &(0x7f0000000100)=0x14) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:06 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x5, 0x9, 0x1, 0x0, 0x1}, 0x40) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x6, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB="0000000000000000790800000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 23:17:06 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) r2 = socket(0x100000000011, 0x2, 0x0) bind(r2, &(0x7f0000000380)=@generic={0x11, "0000010000000000080044944eeba71a4976e2526f0c0900000036005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000001000101013c5811039e17775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c0001000000f3ffff2f43740000000000000006ad8e5ecc326d3a0000c2c65400"}, 0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:06 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) ioctl$I2C_SLAVE(r0, 0x703, 0x0) 23:17:06 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) socket(0x100000000011, 0x2, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:06 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) ioctl$I2C_SLAVE(r0, 0x703, 0x0) 23:17:07 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:07 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) ioctl$I2C_SLAVE(r0, 0x703, 0x0) 23:17:07 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:07 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) ioctl$I2C_SLAVE(r0, 0x703, 0x0) [ 202.236418][ T5] Bluetooth: hci1: command 0x0419 tx timeout [ 202.320622][ T3128] ieee802154 phy0 wpan0: encryption failed: -22 [ 202.327358][ T3128] ieee802154 phy1 wpan1: encryption failed: -22 23:17:07 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:08 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:08 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:08 executing program 1: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:08 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:08 executing program 1: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:08 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000100)={0x7}, 0x4) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:09 executing program 1: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:09 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80000003) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:09 executing program 1: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:09 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:09 executing program 1: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:10 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:10 executing program 1: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:10 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:10 executing program 1: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:10 executing program 1: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:10 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:11 executing program 1: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:11 executing program 0: ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0xc5a, 0x6, 0x3ff, 0x0, 0x4], 0x5, 0x2d526542, 0x8, 0x5, 0x40, 0x57ad, 0x1, {0x200, 0x6, 0x40, 0x2, 0x5, 0xbd2, 0x8, 0x3f, 0xf9e8, 0x8001, 0x7f, 0x4, 0x3, 0x7, "8dff4d364ffe59d737258c55b71ec559215e6d215117f03911f07d4d4f75a2d9"}}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:11 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:11 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:11 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:11 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:12 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:12 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:12 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) [ 207.191811][ T8935] ------------[ cut here ]------------ [ 207.197553][ T8935] WARNING: CPU: 1 PID: 8935 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 207.208159][ T8935] Modules linked in: [ 207.212178][ T8935] CPU: 1 PID: 8935 Comm: syz-executor.1 Not tainted 5.12.0-rc6-syzkaller #0 [ 207.221241][ T8935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.231683][ T8935] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 207.238478][ T8935] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 207.258978][ T8935] RSP: 0018:ffff888070ef3a58 EFLAGS: 00010283 [ 207.265218][ T8935] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 207.273466][ T8935] RDX: ffffc900088c7000 RSI: 00000000000005c1 RDI: 00000000000005c2 [ 207.281702][ T8935] RBP: ffff888070ef3b58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 207.289980][ T8935] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 207.298204][ T8935] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 207.306500][ T8935] FS: 0000000000000000(0000) GS:ffff88813fd00000(0063) knlGS:00000000f554eb40 [ 207.315603][ T8935] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 207.322476][ T8935] CR2: 0000000008194e0c CR3: 0000000070e63000 CR4: 00000000001506e0 [ 207.330780][ T8935] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 207.339110][ T8935] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 207.347407][ T8935] Call Trace: [ 207.350777][ T8935] ? kmsan_set_origin_checked+0xa2/0x100 [ 207.356796][ T8935] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 207.363061][ T8935] ? rt_mutex_lock+0x20/0xd0 [ 207.368086][ T8935] ? __process_new_adapter+0x90/0x90 [ 207.373606][ T8935] i2c_transfer+0x30d/0x620 [ 207.378534][ T8935] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 207.383736][ T8935] ? _copy_from_user+0x1fd/0x300 [ 207.389026][ T8935] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 207.395031][ T8935] compat_i2cdev_ioctl+0xa91/0xaa0 [ 207.400518][ T8935] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 207.406948][ T8935] ? i2cdev_ioctl+0x1020/0x1020 [ 207.411968][ T8935] __se_compat_sys_ioctl+0x53d/0x1100 [ 207.417800][ T8935] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 207.424038][ T8935] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 207.430861][ T8935] __ia32_compat_sys_ioctl+0x4a/0x70 [ 207.436545][ T8935] __do_fast_syscall_32+0x127/0x180 [ 207.441936][ T8935] do_fast_syscall_32+0x77/0xd0 [ 207.447204][ T8935] do_SYSENTER_32+0x73/0x90 [ 207.451881][ T8935] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 207.458662][ T8935] RIP: 0023:0xf7f54549 [ 207.462844][ T8935] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 207.482837][ T8935] RSP: 002b:00000000f554e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 207.491590][ T8935] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 207.499858][ T8935] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 207.508144][ T8935] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 207.516466][ T8935] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 207.524569][ T8935] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 207.532845][ T8935] ---[ end trace 4221989c492b788d ]--- 23:17:13 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:13 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) [ 207.888415][ T8943] ------------[ cut here ]------------ [ 207.893999][ T8943] WARNING: CPU: 1 PID: 8943 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 207.904587][ T8943] Modules linked in: [ 207.908764][ T8943] CPU: 1 PID: 8943 Comm: syz-executor.1 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 207.919221][ T8943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.929812][ T8943] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 207.935614][ T8943] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 207.956492][ T8943] RSP: 0018:ffff888070ef3a58 EFLAGS: 00010283 [ 207.962708][ T8943] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 207.971159][ T8943] RDX: ffffc900088c7000 RSI: 00000000000005c1 RDI: 00000000000005c2 [ 207.979383][ T8943] RBP: ffff888070ef3b58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 207.987609][ T8943] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 207.995697][ T8943] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 208.003902][ T8943] FS: 0000000000000000(0000) GS:ffff88813fd00000(0063) knlGS:00000000f554eb40 [ 208.013120][ T8943] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 208.019968][ T8943] CR2: 00000000090d52c5 CR3: 0000000127cd2000 CR4: 00000000001506e0 [ 208.028245][ T8943] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 208.036435][ T8943] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 208.044517][ T8943] Call Trace: [ 208.048032][ T8943] ? kmsan_set_origin_checked+0xa2/0x100 [ 208.053883][ T8943] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 208.060300][ T8943] ? rt_mutex_lock+0x20/0xd0 [ 208.065071][ T8943] ? __process_new_adapter+0x90/0x90 [ 208.070674][ T8943] i2c_transfer+0x30d/0x620 [ 208.075396][ T8943] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 208.080724][ T8943] ? _copy_from_user+0x1fd/0x300 [ 208.085839][ T8943] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 208.091972][ T8943] compat_i2cdev_ioctl+0xa91/0xaa0 [ 208.097446][ T8943] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 208.103693][ T8943] ? i2cdev_ioctl+0x1020/0x1020 [ 208.108874][ T8943] __se_compat_sys_ioctl+0x53d/0x1100 [ 208.114480][ T8943] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 208.120897][ T8943] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 208.127714][ T8943] __ia32_compat_sys_ioctl+0x4a/0x70 [ 208.133199][ T8943] __do_fast_syscall_32+0x127/0x180 [ 208.138730][ T8943] do_fast_syscall_32+0x77/0xd0 [ 208.143768][ T8943] do_SYSENTER_32+0x73/0x90 [ 208.148600][ T8943] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 208.155106][ T8943] RIP: 0023:0xf7f54549 [ 208.159457][ T8943] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 208.179388][ T8943] RSP: 002b:00000000f554e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 208.188124][ T8943] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 208.196440][ T8943] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 208.204533][ T8943] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 208.212751][ T8943] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 208.221056][ T8943] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 208.229330][ T8943] ---[ end trace 4221989c492b788e ]--- 23:17:13 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:13 executing program 0: socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) [ 208.660184][ T8954] ------------[ cut here ]------------ [ 208.665748][ T8954] WARNING: CPU: 0 PID: 8954 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 208.677238][ T8954] Modules linked in: [ 208.681239][ T8954] CPU: 0 PID: 8954 Comm: syz-executor.1 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 208.691701][ T8954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.702040][ T8954] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 208.707942][ T8954] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 208.727845][ T8954] RSP: 0018:ffff888070f47a58 EFLAGS: 00010283 [ 208.734051][ T8954] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 208.742314][ T8954] RDX: ffffc900088c7000 RSI: 00000000000005c1 RDI: 00000000000005c2 [ 208.750598][ T8954] RBP: ffff888070f47b58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 208.758903][ T8954] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 208.767180][ T8954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 208.775322][ T8954] FS: 0000000000000000(0000) GS:ffff88813fc00000(0063) knlGS:00000000f554eb40 [ 208.784653][ T8954] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 208.791530][ T8954] CR2: 00000000090d52c5 CR3: 0000000070ebb000 CR4: 00000000001506f0 [ 208.799867][ T8954] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 208.808127][ T8954] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 208.816379][ T8954] Call Trace: [ 208.819747][ T8954] ? kmsan_set_origin_checked+0xa2/0x100 [ 208.825539][ T8954] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 208.831926][ T8954] ? rt_mutex_lock+0x20/0xd0 [ 208.836910][ T8954] ? __process_new_adapter+0x90/0x90 [ 208.842740][ T8954] i2c_transfer+0x30d/0x620 [ 208.847606][ T8954] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 208.852746][ T8954] ? _copy_from_user+0x1fd/0x300 [ 208.858015][ T8954] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 208.864002][ T8954] compat_i2cdev_ioctl+0xa91/0xaa0 [ 208.869492][ T8954] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 208.875723][ T8954] ? i2cdev_ioctl+0x1020/0x1020 [ 208.880862][ T8954] __se_compat_sys_ioctl+0x53d/0x1100 [ 208.886591][ T8954] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 208.892827][ T8954] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 208.899594][ T8954] __ia32_compat_sys_ioctl+0x4a/0x70 [ 208.905067][ T8954] __do_fast_syscall_32+0x127/0x180 [ 208.910634][ T8954] do_fast_syscall_32+0x77/0xd0 [ 208.915686][ T8954] do_SYSENTER_32+0x73/0x90 [ 208.920614][ T8954] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 208.927287][ T8954] RIP: 0023:0xf7f54549 [ 208.931492][ T8954] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 208.951402][ T8954] RSP: 002b:00000000f554e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 208.960130][ T8954] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 208.968386][ T8954] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 208.976608][ T8954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 208.984698][ T8954] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 208.992936][ T8954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 209.001191][ T8954] ---[ end trace 4221989c492b788f ]--- 23:17:14 executing program 0: socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:14 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)}) 23:17:14 executing program 0: socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:14 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)}) [ 209.716810][ T8967] ------------[ cut here ]------------ [ 209.722367][ T8967] WARNING: CPU: 0 PID: 8967 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 209.732916][ T8967] Modules linked in: [ 209.737140][ T8967] CPU: 0 PID: 8967 Comm: syz-executor.1 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 209.747503][ T8967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.757898][ T8967] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 209.763604][ T8967] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 209.783611][ T8967] RSP: 0018:ffff888070f47a58 EFLAGS: 00010283 [ 209.790178][ T8967] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 209.799323][ T8967] RDX: ffffc900088c7000 RSI: 00000000000005c1 RDI: 00000000000005c2 [ 209.807701][ T8967] RBP: ffff888070f47b58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 209.815845][ T8967] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 209.824126][ T8967] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 209.832384][ T8967] FS: 0000000000000000(0000) GS:ffff88813fc00000(0063) knlGS:00000000f554eb40 [ 209.841651][ T8967] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 209.848606][ T8967] CR2: 0000000008194e0c CR3: 000000006f42f000 CR4: 00000000001506f0 [ 209.856872][ T8967] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 209.864946][ T8967] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 209.873176][ T8967] Call Trace: [ 209.876709][ T8967] ? kmsan_set_origin_checked+0xa2/0x100 [ 209.882500][ T8967] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 209.888894][ T8967] ? rt_mutex_lock+0x20/0xd0 [ 209.893757][ T8967] ? __process_new_adapter+0x90/0x90 [ 209.899365][ T8967] i2c_transfer+0x30d/0x620 [ 209.904111][ T8967] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 209.909437][ T8967] ? _copy_from_user+0x1fd/0x300 23:17:15 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0) [ 209.914523][ T8967] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 209.920677][ T8967] compat_i2cdev_ioctl+0xa91/0xaa0 [ 209.926014][ T8967] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 209.932450][ T8967] ? i2cdev_ioctl+0x1020/0x1020 [ 209.937638][ T8967] __se_compat_sys_ioctl+0x53d/0x1100 [ 209.943275][ T8967] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 209.949718][ T8967] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 209.956460][ T8967] __ia32_compat_sys_ioctl+0x4a/0x70 [ 209.961962][ T8967] __do_fast_syscall_32+0x127/0x180 [ 209.967491][ T8967] do_fast_syscall_32+0x77/0xd0 [ 209.972539][ T8967] do_SYSENTER_32+0x73/0x90 [ 209.977421][ T8967] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 209.983925][ T8967] RIP: 0023:0xf7f54549 [ 209.988318][ T8967] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 210.008206][ T8967] RSP: 002b:00000000f554e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 210.016959][ T8967] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 210.025103][ T8967] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 210.033291][ T8967] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 210.041920][ T8967] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 210.050220][ T8967] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 210.058485][ T8967] ---[ end trace 4221989c492b7890 ]--- 23:17:15 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)}) 23:17:15 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0) [ 210.484710][ T8973] ------------[ cut here ]------------ [ 210.490494][ T8973] WARNING: CPU: 1 PID: 8973 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 210.501086][ T8973] Modules linked in: [ 210.505061][ T8973] CPU: 1 PID: 8973 Comm: syz-executor.1 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 210.516448][ T8973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.526950][ T8973] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 210.532744][ T8973] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 210.552684][ T8973] RSP: 0018:ffff888070f47a58 EFLAGS: 00010283 [ 210.559046][ T8973] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 210.567295][ T8973] RDX: ffffc900088c7000 RSI: 00000000000005c1 RDI: 00000000000005c2 [ 210.575401][ T8973] RBP: ffff888070f47b58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 210.583651][ T8973] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 210.591933][ T8973] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 210.600200][ T8973] FS: 0000000000000000(0000) GS:ffff88813fd00000(0063) knlGS:00000000f554eb40 [ 210.609448][ T8973] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 210.616351][ T8973] CR2: 0000000008194e0c CR3: 0000000070c51000 CR4: 00000000001506e0 [ 210.624459][ T8973] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 210.632699][ T8973] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 210.640952][ T8973] Call Trace: [ 210.644310][ T8973] ? kmsan_set_origin_checked+0xa2/0x100 [ 210.650259][ T8973] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 210.656652][ T8973] ? rt_mutex_lock+0x20/0xd0 [ 210.661425][ T8973] ? __process_new_adapter+0x90/0x90 [ 210.667027][ T8973] i2c_transfer+0x30d/0x620 [ 210.671693][ T8973] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 210.676962][ T8973] ? _copy_from_user+0x1fd/0x300 [ 210.682055][ T8973] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 210.688235][ T8973] compat_i2cdev_ioctl+0xa91/0xaa0 [ 210.693586][ T8973] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 210.699980][ T8973] ? i2cdev_ioctl+0x1020/0x1020 [ 210.705003][ T8973] __se_compat_sys_ioctl+0x53d/0x1100 [ 210.710742][ T8973] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 210.717181][ T8973] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 210.723794][ T8973] __ia32_compat_sys_ioctl+0x4a/0x70 [ 210.729463][ T8973] __do_fast_syscall_32+0x127/0x180 [ 210.734874][ T8973] do_fast_syscall_32+0x77/0xd0 [ 210.740077][ T8973] do_SYSENTER_32+0x73/0x90 [ 210.744828][ T8973] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 210.751477][ T8973] RIP: 0023:0xf7f54549 [ 210.755675][ T8973] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 210.775708][ T8973] RSP: 002b:00000000f554e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 23:17:16 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0) [ 210.784418][ T8973] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 210.792686][ T8973] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 210.800973][ T8973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 210.809231][ T8973] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 210.817502][ T8973] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 210.825609][ T8973] ---[ end trace 4221989c492b7891 ]--- 23:17:16 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x2200, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:16 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0xd233, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:16 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x86, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960200848184a969c2f7e24d899132ed1f0fd113d35665471716da068df3790ce5f14b2c23e3ac551749cc7b352c3169e8722dfec4f8065524828c018f7ba74c759353eb8"}], 0x1}) 23:17:16 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0x0, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:17 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0}], 0x1}) 23:17:17 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0x0, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:17 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0}], 0x1}) 23:17:17 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0x0, 0xff7f, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:17 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0xd233, 0x0, 0xfcb, 0x400, 0x4, 0x20000}) 23:17:17 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0}], 0x1}) 23:17:17 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:18 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) 23:17:18 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0xd233, 0x0, 0x0, 0x400, 0x4, 0x20000}) 23:17:18 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0xd233, 0x0, 0x0, 0x0, 0x4, 0x20000}) 23:17:18 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) 23:17:18 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0xd233, 0x0, 0x0, 0x0, 0x0, 0x20000}) 23:17:18 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) 23:17:19 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@mcast2, @private0, @local, 0xd233}) 23:17:19 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x43, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1d28c977b075e013f27342c24e054e079ff17168d1c70704ef4a05da278e8ae7960"}], 0x1}) 23:17:19 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:19 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) 23:17:19 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) [ 214.968176][ T9019] IPVS: ftp: loaded support on port[0] = 21 [ 215.561637][ T9019] chnl_net:caif_netlink_parms(): no params data found [ 215.767283][ T9019] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.774666][ T9019] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.784981][ T9019] device bridge_slave_0 entered promiscuous mode [ 215.801073][ T9019] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.808860][ T9019] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.818393][ T9019] device bridge_slave_1 entered promiscuous mode [ 215.868439][ T9019] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.885759][ T9019] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.933802][ T9019] team0: Port device team_slave_0 added [ 215.950248][ T9019] team0: Port device team_slave_1 added [ 215.993935][ T9019] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 216.001292][ T9019] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.028228][ T9019] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 216.048050][ T9019] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 216.055069][ T9019] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.081373][ T9019] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.147673][ T9019] device hsr_slave_0 entered promiscuous mode [ 216.160014][ T9019] device hsr_slave_1 entered promiscuous mode [ 216.169293][ T9019] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 216.177944][ T9019] Cannot create hsr debugfs directory [ 216.483881][ T9019] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 216.519428][ T9019] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 216.561497][ T9019] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 216.580833][ T9019] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 216.904228][ T9019] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.944522][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 216.953748][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 216.967599][ T8446] Bluetooth: hci2: command 0x0409 tx timeout [ 216.979311][ T9019] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.001558][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.011687][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 217.021053][ T2061] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.028554][ T2061] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.078363][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 217.088063][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 217.097806][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.107178][ T2061] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.114469][ T2061] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.123688][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 217.134453][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.156609][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 217.168218][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 217.181342][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 217.199648][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.210046][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.238258][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 217.247748][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 217.278361][ T9019] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 217.291967][ T9019] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 217.309074][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 217.318714][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 217.377429][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 217.385123][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 217.421061][ T9019] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.484011][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 217.494208][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 217.556807][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 217.566677][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 217.589991][ T9019] device veth0_vlan entered promiscuous mode [ 217.598795][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 217.607811][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 217.647992][ T9019] device veth1_vlan entered promiscuous mode [ 217.723728][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 217.733302][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 217.743817][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 217.754048][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 217.777281][ T9019] device veth0_macvtap entered promiscuous mode [ 217.797937][ T9019] device veth1_macvtap entered promiscuous mode [ 217.859297][ T9019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 217.871073][ T9019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.881396][ T9019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 217.893514][ T9019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.908910][ T9019] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 217.919237][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 217.928993][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 217.938527][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 217.948488][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 217.975972][ T9019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 217.988488][ T9019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.999657][ T9019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 218.010377][ T9019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.024163][ T9019] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.032945][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 218.043217][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 218.074267][ T9019] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.084556][ T9019] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.093620][ T9019] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.102706][ T9019] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.500369][ T350] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.508611][ T350] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.521711][ T8446] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 218.615112][ T350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.624109][ T350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.634922][ T8446] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 218.851486][ T9270] ------------[ cut here ]------------ [ 218.857252][ T9270] WARNING: CPU: 1 PID: 9270 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 218.867815][ T9270] Modules linked in: [ 218.871854][ T9270] CPU: 1 PID: 9270 Comm: syz-executor.2 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 218.882778][ T9270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 218.893154][ T9270] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 218.899124][ T9270] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 218.919225][ T9270] RSP: 0018:ffff88807b793a58 EFLAGS: 00010287 [ 218.925465][ T9270] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 218.933763][ T9270] RDX: ffffc9000c1ea000 RSI: 0000000000001741 RDI: 0000000000001742 [ 218.942165][ T9270] RBP: ffff88807b793b58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 218.950478][ T9270] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 218.958858][ T9270] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 218.967209][ T9270] FS: 0000000000000000(0000) GS:ffff88813fd00000(0063) knlGS:00000000f555ab40 [ 218.976463][ T9270] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 218.976548][ T9270] CR2: 000000002e721000 CR3: 0000000070eda000 CR4: 00000000001506e0 [ 218.976632][ T9270] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 218.976700][ T9270] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 218.976773][ T9270] Call Trace: [ 219.011137][ T9270] ? kmsan_set_origin_checked+0xa2/0x100 [ 219.017138][ T9270] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 219.023375][ T9270] ? rt_mutex_lock+0x20/0xd0 [ 219.028386][ T9270] ? __process_new_adapter+0x90/0x90 [ 219.033905][ T9270] i2c_transfer+0x30d/0x620 [ 219.038769][ T9270] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 219.043911][ T9270] ? _copy_from_user+0x1fd/0x300 [ 219.049230][ T9270] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 219.055203][ T9270] compat_i2cdev_ioctl+0xa91/0xaa0 [ 219.060784][ T9270] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 219.067385][ T9270] ? i2cdev_ioctl+0x1020/0x1020 [ 219.072462][ T9270] __se_compat_sys_ioctl+0x53d/0x1100 [ 219.078265][ T9270] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 219.084518][ T9270] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 219.091381][ T9270] __ia32_compat_sys_ioctl+0x4a/0x70 [ 219.097102][ T9270] __do_fast_syscall_32+0x127/0x180 [ 219.102554][ T9270] do_fast_syscall_32+0x77/0xd0 [ 219.107802][ T9270] do_SYSENTER_32+0x73/0x90 [ 219.112478][ T9270] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 219.119319][ T9270] RIP: 0023:0xf7f60549 [ 219.123504][ T9270] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 219.143477][ T9270] RSP: 002b:00000000f555a5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 219.152307][ T9270] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 219.160703][ T9270] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 219.168998][ T9270] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 219.177333][ T9270] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 219.185416][ T9270] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 219.193736][ T9270] ---[ end trace 4221989c492b7892 ]--- [ 219.218355][ T4694] Bluetooth: hci2: command 0x041b tx timeout 23:17:24 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:24 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) 23:17:24 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:25 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) [ 219.644144][ T9278] ------------[ cut here ]------------ [ 219.649932][ T9278] WARNING: CPU: 0 PID: 9278 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 219.660548][ T9278] Modules linked in: [ 219.664565][ T9278] CPU: 0 PID: 9278 Comm: syz-executor.2 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 219.674885][ T9278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 219.685219][ T9278] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 219.691200][ T9278] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 219.711081][ T9278] RSP: 0018:ffff88807b793a58 EFLAGS: 00010283 [ 219.717443][ T9278] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 219.725565][ T9278] RDX: ffffc9000c1ea000 RSI: 0000000000000579 RDI: 000000000000057a [ 219.735425][ T9278] RBP: ffff88807b793b58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 219.743868][ T9278] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 219.752060][ T9278] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 219.760259][ T9278] FS: 0000000000000000(0000) GS:ffff88813fc00000(0063) knlGS:00000000f555ab40 [ 219.769422][ T9278] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 219.776224][ T9278] CR2: 0000000008194e0c CR3: 000000007b6e5000 CR4: 00000000001506f0 [ 219.784339][ T9278] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 219.792593][ T9278] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 219.800892][ T9278] Call Trace: [ 219.804263][ T9278] ? kmsan_set_origin_checked+0xa2/0x100 [ 219.810221][ T9278] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 219.816629][ T9278] ? rt_mutex_lock+0x20/0xd0 [ 219.821535][ T9278] ? __process_new_adapter+0x90/0x90 [ 219.827190][ T9278] i2c_transfer+0x30d/0x620 [ 219.832001][ T9278] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 219.837254][ T9278] ? _copy_from_user+0x1fd/0x300 [ 219.842363][ T9278] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 219.848506][ T9278] compat_i2cdev_ioctl+0xa91/0xaa0 [ 219.853801][ T9278] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 219.860177][ T9278] ? i2cdev_ioctl+0x1020/0x1020 [ 219.865185][ T9278] __se_compat_sys_ioctl+0x53d/0x1100 [ 219.870986][ T9278] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 219.877343][ T9278] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 219.883970][ T9278] __ia32_compat_sys_ioctl+0x4a/0x70 [ 219.889599][ T9278] __do_fast_syscall_32+0x127/0x180 23:17:25 executing program 0: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, 0x0) [ 219.895030][ T9278] do_fast_syscall_32+0x77/0xd0 [ 219.900284][ T9278] do_SYSENTER_32+0x73/0x90 [ 219.904978][ T9278] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 219.911608][ T9278] RIP: 0023:0xf7f60549 [ 219.915802][ T9278] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 219.935831][ T9278] RSP: 002b:00000000f555a5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 219.944548][ T9278] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 219.952771][ T9278] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 219.961019][ T9278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 219.969251][ T9278] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 219.977520][ T9278] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 219.985618][ T9278] ---[ end trace 4221989c492b7893 ]--- 23:17:25 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:25 executing program 0: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, 0x0) 23:17:25 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x22, &(0x7f0000000000)="b4bde9432357e8fbcdc0d206d9b138e3ed4f0832bc774cdf0710cc7b104af5490ec1"}], 0x1}) [ 220.441713][ T9286] ------------[ cut here ]------------ [ 220.449421][ T9286] WARNING: CPU: 0 PID: 9286 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 220.460261][ T9286] Modules linked in: [ 220.464254][ T9286] CPU: 0 PID: 9286 Comm: syz-executor.2 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 220.474639][ T9286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 220.484994][ T9286] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 220.490891][ T9286] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 220.510788][ T9286] RSP: 0018:ffff88807b7dba58 EFLAGS: 00010283 [ 220.517178][ T9286] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 220.525280][ T9286] RDX: ffffc9000c1ea000 RSI: 0000000000000579 RDI: 000000000000057a [ 220.533535][ T9286] RBP: ffff88807b7dbb58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 220.541776][ T9286] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 220.550006][ T9286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 220.558289][ T9286] FS: 0000000000000000(0000) GS:ffff88813fc00000(0063) knlGS:00000000f555ab40 [ 220.567523][ T9286] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 220.574233][ T9286] CR2: 0000000008194e0c CR3: 000000007b789000 CR4: 00000000001506f0 [ 220.582466][ T9286] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 220.590806][ T9286] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 220.599070][ T9286] Call Trace: [ 220.602486][ T9286] ? kmsan_set_origin_checked+0xa2/0x100 [ 220.608426][ T9286] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 220.614686][ T9286] ? rt_mutex_lock+0x20/0xd0 [ 220.619655][ T9286] ? __process_new_adapter+0x90/0x90 [ 220.625125][ T9286] i2c_transfer+0x30d/0x620 [ 220.629971][ T9286] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 220.635230][ T9286] ? _copy_from_user+0x1fd/0x300 [ 220.640521][ T9286] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 220.646624][ T9286] compat_i2cdev_ioctl+0xa91/0xaa0 [ 220.651909][ T9286] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 220.658272][ T9286] ? i2cdev_ioctl+0x1020/0x1020 [ 220.663288][ T9286] __se_compat_sys_ioctl+0x53d/0x1100 [ 220.669002][ T9286] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 220.675242][ T9286] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 220.681998][ T9286] __ia32_compat_sys_ioctl+0x4a/0x70 [ 220.687593][ T9286] __do_fast_syscall_32+0x127/0x180 [ 220.692977][ T9286] do_fast_syscall_32+0x77/0xd0 [ 220.698202][ T9286] do_SYSENTER_32+0x73/0x90 [ 220.702896][ T9286] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 220.709582][ T9286] RIP: 0023:0xf7f60549 [ 220.713814][ T9286] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 220.733815][ T9286] RSP: 002b:00000000f555a5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 220.742501][ T9286] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 220.750672][ T9286] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 220.758882][ T9286] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 220.767267][ T9286] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 220.775393][ T9286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 220.783668][ T9286] ---[ end trace 4221989c492b7894 ]--- 23:17:26 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={0x0}) 23:17:26 executing program 0: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, 0x0) 23:17:26 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 221.276351][ T18] Bluetooth: hci2: command 0x040f tx timeout 23:17:26 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={0x0}) 23:17:26 executing program 0: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:27 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) 23:17:27 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={0x0}) 23:17:27 executing program 0: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:27 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:27 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) 23:17:27 executing program 0: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:27 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:27 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{}], 0x1}) 23:17:28 executing program 0: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, 0x0) 23:17:28 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:17:28 executing program 1 (fault-call:1 fault-nth:0): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:28 executing program 0: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, 0x0) 23:17:28 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={0x0}) [ 223.304275][ T9331] FAULT_INJECTION: forcing a failure. [ 223.304275][ T9331] name failslab, interval 1, probability 0, space 0, times 1 [ 223.318253][ T9331] CPU: 1 PID: 9331 Comm: syz-executor.1 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 223.327194][ T9331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.333610][ T9331] Call Trace: [ 223.333610][ T9331] dump_stack+0x24c/0x2e0 [ 223.333610][ T9331] should_fail+0x8bd/0x9e0 [ 223.333610][ T9331] __should_failslab+0x1f1/0x290 [ 223.333610][ T9331] should_failslab+0x29/0x70 [ 223.333610][ T9331] __kmalloc+0xbd/0x550 [ 223.333610][ T9331] ? tomoyo_realpath_from_path+0x142/0xc20 [ 223.333610][ T9331] ? kmsan_get_metadata+0x116/0x180 [ 223.333610][ T9331] tomoyo_realpath_from_path+0x142/0xc20 [ 223.333610][ T9331] ? __msan_instrument_asm_store+0x22/0x130 [ 223.333610][ T9331] tomoyo_path_number_perm+0x2a3/0xaf0 [ 223.333610][ T9331] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 223.333610][ T9331] ? __msan_get_context_state+0x9/0x20 [ 223.333610][ T9331] tomoyo_file_ioctl+0x74/0x90 [ 223.333610][ T9331] ? tomoyo_inode_getattr+0x60/0x60 [ 223.333610][ T9331] security_file_ioctl+0x10a/0x210 [ 223.333610][ T9331] __se_compat_sys_ioctl+0x182/0x1100 [ 223.333610][ T9331] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 223.333610][ T9331] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 223.333610][ T9331] __ia32_compat_sys_ioctl+0x4a/0x70 [ 223.333610][ T9331] __do_fast_syscall_32+0x127/0x180 [ 223.333610][ T9331] do_fast_syscall_32+0x77/0xd0 [ 223.333610][ T9331] do_SYSENTER_32+0x73/0x90 [ 223.333610][ T9331] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 223.333610][ T9331] RIP: 0023:0xf7f54549 [ 223.333610][ T9331] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 223.333610][ T9331] RSP: 002b:00000000f554e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 223.333610][ T9331] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 223.333610][ T9331] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 223.333610][ T9331] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 223.333610][ T9331] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 223.333610][ T9331] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 223.541427][ T9331] ERROR: Out of memory at tomoyo_realpath_from_path. [ 223.562698][ T4694] Bluetooth: hci2: command 0x0419 tx timeout 23:17:29 executing program 0: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, 0x0) 23:17:29 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:29 executing program 0 (fault-call:1 fault-nth:0): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:29 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={0x0}) 23:17:30 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x2, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 224.732434][ T9346] FAULT_INJECTION: forcing a failure. [ 224.732434][ T9346] name failslab, interval 1, probability 0, space 0, times 0 [ 224.746303][ T9346] CPU: 1 PID: 9346 Comm: syz-executor.0 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 224.756111][ T9346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.756111][ T9346] Call Trace: [ 224.756111][ T9346] dump_stack+0x24c/0x2e0 [ 224.756111][ T9346] should_fail+0x8bd/0x9e0 [ 224.756111][ T9346] __should_failslab+0x1f1/0x290 [ 224.756111][ T9346] should_failslab+0x29/0x70 [ 224.756111][ T9346] __kmalloc+0xbd/0x550 [ 224.791473][ T9346] ? tomoyo_realpath_from_path+0x142/0xc20 [ 224.791473][ T9346] ? kmsan_get_metadata+0x116/0x180 [ 224.791473][ T9346] tomoyo_realpath_from_path+0x142/0xc20 [ 224.791473][ T9346] ? __msan_instrument_asm_store+0x22/0x130 [ 224.791473][ T9346] tomoyo_path_number_perm+0x2a3/0xaf0 [ 224.791473][ T9346] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 224.791473][ T9346] ? __msan_get_context_state+0x9/0x20 [ 224.791473][ T9346] tomoyo_file_ioctl+0x74/0x90 [ 224.791473][ T9346] ? tomoyo_inode_getattr+0x60/0x60 [ 224.791473][ T9346] security_file_ioctl+0x10a/0x210 [ 224.791473][ T9346] __se_compat_sys_ioctl+0x182/0x1100 [ 224.791473][ T9346] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 224.791473][ T9346] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 224.791473][ T9346] __ia32_compat_sys_ioctl+0x4a/0x70 [ 224.791473][ T9346] __do_fast_syscall_32+0x127/0x180 [ 224.791473][ T9346] do_fast_syscall_32+0x77/0xd0 [ 224.791473][ T9346] do_SYSENTER_32+0x73/0x90 [ 224.791473][ T9346] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 224.791473][ T9346] RIP: 0023:0xf7ff8549 [ 224.791473][ T9346] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 224.791473][ T9346] RSP: 002b:00000000f55f25fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 23:17:30 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000100)={0x0}) [ 224.791473][ T9346] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 224.791473][ T9346] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 224.791473][ T9346] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 224.791473][ T9346] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 224.791473][ T9346] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 224.969154][ T9346] ERROR: Out of memory at tomoyo_realpath_from_path. 23:17:30 executing program 0 (fault-call:1 fault-nth:1): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) [ 225.350757][ T9352] FAULT_INJECTION: forcing a failure. [ 225.350757][ T9352] name failslab, interval 1, probability 0, space 0, times 0 [ 225.365617][ T9352] CPU: 1 PID: 9352 Comm: syz-executor.0 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 225.373619][ T9352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.373619][ T9352] Call Trace: [ 225.373619][ T9352] dump_stack+0x24c/0x2e0 [ 225.373619][ T9352] should_fail+0x8bd/0x9e0 [ 225.373619][ T9352] __should_failslab+0x1f1/0x290 [ 225.373619][ T9352] should_failslab+0x29/0x70 [ 225.373619][ T9352] __kmalloc+0xbd/0x550 [ 225.373619][ T9352] ? tomoyo_encode2+0x608/0xa50 [ 225.373619][ T9352] ? kmsan_get_metadata+0x116/0x180 [ 225.373619][ T9352] tomoyo_encode2+0x608/0xa50 [ 225.373619][ T9352] tomoyo_realpath_from_path+0xb05/0xc20 [ 225.373619][ T9352] tomoyo_path_number_perm+0x2a3/0xaf0 [ 225.373619][ T9352] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 225.373619][ T9352] ? __msan_get_context_state+0x9/0x20 [ 225.373619][ T9352] tomoyo_file_ioctl+0x74/0x90 [ 225.373619][ T9352] ? tomoyo_inode_getattr+0x60/0x60 [ 225.373619][ T9352] security_file_ioctl+0x10a/0x210 [ 225.373619][ T9352] __se_compat_sys_ioctl+0x182/0x1100 [ 225.373619][ T9352] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 225.373619][ T9352] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 225.373619][ T9352] __ia32_compat_sys_ioctl+0x4a/0x70 [ 225.373619][ T9352] __do_fast_syscall_32+0x127/0x180 [ 225.373619][ T9352] do_fast_syscall_32+0x77/0xd0 [ 225.373619][ T9352] do_SYSENTER_32+0x73/0x90 [ 225.373619][ T9352] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 225.373619][ T9352] RIP: 0023:0xf7ff8549 [ 225.373619][ T9352] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 225.517475][ T9352] RSP: 002b:00000000f55f25fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 23:17:30 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x10, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 225.517475][ T9352] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 225.517475][ T9352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 225.517475][ T9352] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 225.517475][ T9352] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 225.517475][ T9352] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 225.588833][ T9352] ERROR: Out of memory at tomoyo_realpath_from_path. 23:17:31 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x14c, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:31 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:31 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x507, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:31 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:31 executing program 0 (fault-call:1 fault-nth:2): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:31 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 226.476010][ T9367] FAULT_INJECTION: forcing a failure. [ 226.476010][ T9367] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 226.490328][ T9367] CPU: 1 PID: 9367 Comm: syz-executor.0 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 226.499422][ T9367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.499422][ T9367] Call Trace: [ 226.499422][ T9367] dump_stack+0x24c/0x2e0 [ 226.499422][ T9367] should_fail+0x8bd/0x9e0 [ 226.499422][ T9367] should_fail_usercopy+0x39/0x40 [ 226.499422][ T9367] _copy_from_user+0x63/0x300 [ 226.499422][ T9367] ? __msan_poison_alloca+0xec/0x110 [ 226.499422][ T9367] compat_i2cdev_ioctl+0x270/0xaa0 [ 226.539985][ T9367] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 226.539985][ T9367] ? i2cdev_ioctl+0x1020/0x1020 [ 226.539985][ T9367] __se_compat_sys_ioctl+0x53d/0x1100 [ 226.539985][ T9367] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 226.539985][ T9367] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 226.539985][ T9367] __ia32_compat_sys_ioctl+0x4a/0x70 [ 226.539985][ T9367] __do_fast_syscall_32+0x127/0x180 [ 226.539985][ T9367] do_fast_syscall_32+0x77/0xd0 [ 226.539985][ T9367] do_SYSENTER_32+0x73/0x90 [ 226.539985][ T9367] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 226.539985][ T9367] RIP: 0023:0xf7ff8549 [ 226.539985][ T9367] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 23:17:32 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) [ 226.539985][ T9367] RSP: 002b:00000000f55f25fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 226.539985][ T9367] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 226.539985][ T9367] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 226.539985][ T9367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 226.539985][ T9367] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 226.539985][ T9367] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 23:17:32 executing program 0 (fault-call:1 fault-nth:3): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:32 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:32 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 227.137848][ T9375] FAULT_INJECTION: forcing a failure. [ 227.137848][ T9375] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.151350][ T9375] CPU: 1 PID: 9375 Comm: syz-executor.0 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 227.161152][ T9375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.161152][ T9375] Call Trace: [ 227.161152][ T9375] dump_stack+0x24c/0x2e0 [ 227.161152][ T9375] should_fail+0x8bd/0x9e0 [ 227.161152][ T9375] should_fail_usercopy+0x39/0x40 [ 227.161152][ T9375] _copy_to_user+0x61/0x270 [ 227.161152][ T9375] ? kmsan_get_metadata+0x116/0x180 [ 227.161152][ T9375] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 227.161152][ T9375] simple_read_from_buffer+0x2ec/0x490 [ 227.161152][ T9375] proc_fail_nth_read+0x323/0x400 [ 227.161152][ T9375] ? proc_fault_inject_write+0x5e0/0x5e0 [ 227.161152][ T9375] vfs_read+0x533/0x15a0 [ 227.161152][ T9375] ? kmsan_set_origin_checked+0xa2/0x100 [ 227.161152][ T9375] ? kmsan_internal_set_origin+0x82/0xc0 [ 227.161152][ T9375] ? kmsan_get_metadata+0x116/0x180 [ 227.161152][ T9375] ksys_read+0x275/0x500 [ 227.161152][ T9375] __se_sys_read+0x92/0xb0 [ 227.161152][ T9375] __ia32_sys_read+0x4a/0x70 [ 227.161152][ T9375] __do_fast_syscall_32+0x127/0x180 [ 227.161152][ T9375] do_fast_syscall_32+0x77/0xd0 [ 227.161152][ T9375] do_SYSENTER_32+0x73/0x90 [ 227.161152][ T9375] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 227.161152][ T9375] RIP: 0023:0xf7ff8549 [ 227.161152][ T9375] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 227.161152][ T9375] RSP: 002b:00000000f55f2600 EFLAGS: 00000282 ORIG_RAX: 0000000000000003 [ 227.161152][ T9375] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f55f2690 [ 227.161152][ T9375] RDX: 000000000000000f RSI: 000000000816c000 RDI: 0000000000000000 [ 227.161152][ T9375] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 227.161152][ T9375] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 227.161152][ T9375] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 23:17:32 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:33 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:33 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x1389, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:33 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:33 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x2, 0x0) 23:17:33 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:33 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x1489, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:33 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x10, 0x0) 23:17:34 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:34 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x1b54, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:34 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4c, 0x0) 23:17:34 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:34 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x14c, 0x0) 23:17:34 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x2007, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:34 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:35 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x507, 0x0) 23:17:35 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x2154, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:35 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:35 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, 0x0) 23:17:35 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x3389, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:35 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:35 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x703, 0x0) 23:17:35 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4c01, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:36 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:36 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5054, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:36 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, 0x0) 23:17:36 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:36 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5154, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:36 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x706, 0x0) 23:17:36 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:36 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5254, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:37 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x708, 0x0) 23:17:37 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x702, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:37 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x541b, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:37 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:37 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, 0x0) 23:17:37 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5421, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:37 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x94c, 0x0) 23:17:38 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5450, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:38 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:38 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xb89, 0x0) 23:17:38 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5451, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:38 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:38 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x1389, 0x0) 23:17:38 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5452, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:38 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:39 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x1489, 0x0) 23:17:39 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5460, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:39 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x720, 0x0) 23:17:39 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x1b54, 0x0) 23:17:39 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x720, 0x0) 23:17:39 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x6054, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:39 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x2007, 0x0) 23:17:40 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x6364, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:40 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x720, 0x0) 23:17:40 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x2154, 0x0) 23:17:40 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x6463, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:40 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:40 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x3389, 0x0) 23:17:40 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8913, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:41 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:41 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4c00, 0x0) 23:17:41 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8914, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:41 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4c01, 0x0) 23:17:41 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:41 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8933, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:41 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4c09, 0x0) 23:17:41 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x720, 0x0) 23:17:41 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x400448c9, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:42 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5054, 0x0) 23:17:42 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x720, 0x0) 23:17:42 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x400448dd, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:42 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5154, 0x0) 23:17:42 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x400454ca, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:42 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x720, 0x0) 23:17:42 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5254, 0x0) 23:17:43 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x40049409, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:43 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x507, 0x0) 23:17:43 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x541b, 0x0) 23:17:43 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x40186366, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:43 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:43 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5421, 0x0) 23:17:43 executing program 3 (fault-call:1 fault-nth:0): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:44 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4020940d, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:44 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:44 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5450, 0x0) 23:17:44 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c5828, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:44 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:44 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5451, 0x0) 23:17:45 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c5829, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:45 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:45 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5452, 0x0) 23:17:45 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c582a, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:45 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 241.840939][ T9597] IPVS: ftp: loaded support on port[0] = 21 [ 242.299319][ T9597] chnl_net:caif_netlink_parms(): no params data found [ 242.469284][ T9597] bridge0: port 1(bridge_slave_0) entered blocking state [ 242.476718][ T9597] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.486371][ T9597] device bridge_slave_0 entered promiscuous mode [ 242.500346][ T9597] bridge0: port 2(bridge_slave_1) entered blocking state [ 242.507789][ T9597] bridge0: port 2(bridge_slave_1) entered disabled state [ 242.517361][ T9597] device bridge_slave_1 entered promiscuous mode [ 242.567896][ T9597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 242.587412][ T9597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 242.639944][ T9597] team0: Port device team_slave_0 added [ 242.659363][ T9597] team0: Port device team_slave_1 added [ 242.711459][ T9597] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 242.718773][ T9597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.745083][ T9597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 242.765623][ T9597] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 242.773566][ T9597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.800648][ T9597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 242.866422][ T9597] device hsr_slave_0 entered promiscuous mode [ 242.880645][ T9597] device hsr_slave_1 entered promiscuous mode [ 242.889921][ T9597] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 242.898309][ T9597] Cannot create hsr debugfs directory [ 243.237842][ T9597] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 243.253599][ T9597] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 243.321340][ T9597] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 243.343030][ T9597] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 243.649283][ T9597] 8021q: adding VLAN 0 to HW filter on device bond0 [ 243.687446][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 243.696706][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 243.718179][ T9597] 8021q: adding VLAN 0 to HW filter on device team0 [ 243.741382][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 243.751198][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 243.762924][ T2061] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.770470][ T2061] bridge0: port 1(bridge_slave_0) entered forwarding state [ 243.817422][ T2061] Bluetooth: hci3: command 0x0409 tx timeout [ 243.837753][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 243.847529][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 243.857550][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 243.867061][ T2061] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.874393][ T2061] bridge0: port 2(bridge_slave_1) entered forwarding state [ 243.883503][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 243.894327][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 243.905291][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 243.915617][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 243.940181][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 243.957595][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 243.968238][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 243.993901][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 244.005247][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 244.047823][ T9597] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 244.060999][ T9597] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 244.073084][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 244.082941][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 244.149876][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 244.158157][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 244.192071][ T9597] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 244.251419][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 244.261897][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 244.334374][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 244.344094][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 244.365271][ T9597] device veth0_vlan entered promiscuous mode [ 244.377702][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 244.386722][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 244.424682][ T9597] device veth1_vlan entered promiscuous mode [ 244.514315][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 244.523850][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 244.533511][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 244.543779][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 244.570198][ T9597] device veth0_macvtap entered promiscuous mode [ 244.590327][ T9597] device veth1_macvtap entered promiscuous mode [ 244.652071][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 244.662863][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.673430][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 244.684186][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.694240][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 244.704903][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.719061][ T9597] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 244.729838][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 244.739310][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 244.748911][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 244.758720][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 244.792372][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 244.803471][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.813577][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 244.824360][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.834469][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 244.845170][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.859200][ T9597] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 244.867792][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 244.877867][ T2061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 244.917702][ T9597] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.926741][ T9597] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.935631][ T9597] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.944681][ T9597] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.332614][ T513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 245.341249][ T513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.349211][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 245.420229][ T350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 245.428861][ T350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.440540][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 245.629075][ T9841] FAULT_INJECTION: forcing a failure. [ 245.629075][ T9841] name failslab, interval 1, probability 0, space 0, times 0 [ 245.644884][ T9841] CPU: 0 PID: 9841 Comm: syz-executor.3 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 245.651883][ T9841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 245.651883][ T9841] Call Trace: [ 245.651883][ T9841] dump_stack+0x24c/0x2e0 [ 245.651883][ T9841] should_fail+0x8bd/0x9e0 [ 245.676506][ T9841] __should_failslab+0x1f1/0x290 [ 245.676506][ T9841] should_failslab+0x29/0x70 [ 245.676506][ T9841] __kmalloc+0xbd/0x550 [ 245.676506][ T9841] ? tomoyo_realpath_from_path+0x142/0xc20 [ 245.676506][ T9841] ? kmsan_get_metadata+0x116/0x180 [ 245.676506][ T9841] tomoyo_realpath_from_path+0x142/0xc20 [ 245.706330][ T9841] ? __msan_instrument_asm_store+0x22/0x130 [ 245.706330][ T9841] tomoyo_path_number_perm+0x2a3/0xaf0 [ 245.706330][ T9841] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 245.706330][ T9841] ? __msan_get_context_state+0x9/0x20 [ 245.706330][ T9841] tomoyo_file_ioctl+0x74/0x90 [ 245.737805][ T9841] ? tomoyo_inode_getattr+0x60/0x60 [ 245.737805][ T9841] security_file_ioctl+0x10a/0x210 [ 245.737805][ T9841] __se_compat_sys_ioctl+0x182/0x1100 [ 245.737805][ T9841] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 245.737805][ T9841] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 245.737805][ T9841] __ia32_compat_sys_ioctl+0x4a/0x70 [ 245.737805][ T9841] __do_fast_syscall_32+0x127/0x180 [ 245.737805][ T9841] do_fast_syscall_32+0x77/0xd0 [ 245.737805][ T9841] do_SYSENTER_32+0x73/0x90 [ 245.737805][ T9841] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 245.792945][ T9841] RIP: 0023:0xf7fb2549 [ 245.792945][ T9841] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 245.792945][ T9841] RSP: 002b:00000000f55ac5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 245.792945][ T9841] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000720 [ 245.792945][ T9841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 245.838413][ T56] Bluetooth: hci3: command 0x041b tx timeout [ 245.792945][ T9841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 245.792945][ T9841] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 245.856220][ T9841] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 245.882184][ T9841] ERROR: Out of memory at tomoyo_realpath_from_path. 23:17:51 executing program 3 (fault-call:1 fault-nth:1): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:51 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5460, 0x0) 23:17:51 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c582b, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:51 executing program 2: ioctl$I2C_RDWR(0xffffffffffffffff, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:51 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x6054, 0x0) 23:17:51 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c5839, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:51 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 246.465505][ T9850] FAULT_INJECTION: forcing a failure. [ 246.465505][ T9850] name failslab, interval 1, probability 0, space 0, times 0 [ 246.481417][ T9850] CPU: 1 PID: 9850 Comm: syz-executor.3 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 246.488359][ T9850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.488359][ T9850] Call Trace: [ 246.488359][ T9850] dump_stack+0x24c/0x2e0 [ 246.488359][ T9850] should_fail+0x8bd/0x9e0 [ 246.488359][ T9850] __should_failslab+0x1f1/0x290 [ 246.488359][ T9850] should_failslab+0x29/0x70 [ 246.488359][ T9850] __kmalloc+0xbd/0x550 [ 246.488359][ T9850] ? tomoyo_encode2+0x608/0xa50 [ 246.488359][ T9850] ? kmsan_get_metadata+0x116/0x180 [ 246.488359][ T9850] tomoyo_encode2+0x608/0xa50 [ 246.488359][ T9850] tomoyo_realpath_from_path+0xb05/0xc20 [ 246.488359][ T9850] tomoyo_path_number_perm+0x2a3/0xaf0 [ 246.488359][ T9850] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 246.488359][ T9850] ? __msan_get_context_state+0x9/0x20 [ 246.488359][ T9850] tomoyo_file_ioctl+0x74/0x90 [ 246.488359][ T9850] ? tomoyo_inode_getattr+0x60/0x60 [ 246.488359][ T9850] security_file_ioctl+0x10a/0x210 [ 246.488359][ T9850] __se_compat_sys_ioctl+0x182/0x1100 [ 246.488359][ T9850] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 246.488359][ T9850] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 246.488359][ T9850] __ia32_compat_sys_ioctl+0x4a/0x70 [ 246.488359][ T9850] __do_fast_syscall_32+0x127/0x180 [ 246.488359][ T9850] do_fast_syscall_32+0x77/0xd0 [ 246.488359][ T9850] do_SYSENTER_32+0x73/0x90 [ 246.488359][ T9850] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 246.488359][ T9850] RIP: 0023:0xf7fb2549 [ 246.488359][ T9850] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 246.488359][ T9850] RSP: 002b:00000000f55ac5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 246.488359][ T9850] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000720 [ 246.488359][ T9850] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 246.488359][ T9850] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 246.488359][ T9850] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 246.488359][ T9850] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 246.701418][ T9850] ERROR: Out of memory at tomoyo_realpath_from_path. 23:17:52 executing program 3 (fault-call:1 fault-nth:2): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:52 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x80086301, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:53 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:53 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x6364, 0x0) [ 247.744947][ T9864] FAULT_INJECTION: forcing a failure. [ 247.744947][ T9864] name failslab, interval 1, probability 0, space 0, times 0 [ 247.761432][ T9864] CPU: 1 PID: 9864 Comm: syz-executor.3 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 247.767812][ T9864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.767812][ T9864] Call Trace: [ 247.767812][ T9864] dump_stack+0x24c/0x2e0 [ 247.767812][ T9864] should_fail+0x8bd/0x9e0 [ 247.767812][ T9864] __should_failslab+0x1f1/0x290 [ 247.767812][ T9864] should_failslab+0x29/0x70 [ 247.767812][ T9864] kmem_cache_alloc_trace+0x10e/0x1030 [ 247.767812][ T9864] ? kmsan_get_shadow_origin_ptr+0x29/0xb0 [ 247.767812][ T9864] ? tomoyo_init_log+0x1cb/0x3970 [ 247.767812][ T9864] ? kmsan_internal_set_origin+0x82/0xc0 [ 247.767812][ T9864] ? kmsan_get_metadata+0x116/0x180 [ 247.767812][ T9864] tomoyo_init_log+0x1cb/0x3970 [ 247.767812][ T9864] ? kmsan_internal_set_origin+0x82/0xc0 [ 247.767812][ T9864] ? kmsan_get_metadata+0x116/0x180 [ 247.767812][ T9864] ? kmsan_get_metadata+0x116/0x180 [ 247.767812][ T9864] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 247.767812][ T9864] ? kmsan_get_metadata+0x116/0x180 [ 247.767812][ T9864] ? kmsan_get_metadata+0x116/0x180 [ 247.767812][ T9864] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 247.767812][ T9864] ? kmsan_get_metadata+0x116/0x180 [ 247.767812][ T9864] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 247.767812][ T9864] tomoyo_supervisor+0x8b9/0x2730 [ 247.767812][ T9864] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 247.767812][ T9864] ? kmsan_get_metadata+0x116/0x180 [ 247.767812][ T9864] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 247.767812][ T9864] tomoyo_path_number_perm+0x88b/0xaf0 [ 247.767812][ T9864] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 247.767812][ T9864] ? __msan_get_context_state+0x9/0x20 [ 247.767812][ T9864] tomoyo_file_ioctl+0x74/0x90 [ 247.767812][ T9864] ? tomoyo_inode_getattr+0x60/0x60 [ 247.767812][ T9864] security_file_ioctl+0x10a/0x210 [ 247.767812][ T9864] __se_compat_sys_ioctl+0x182/0x1100 [ 247.767812][ T9864] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 247.767812][ T9864] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 247.767812][ T9864] __ia32_compat_sys_ioctl+0x4a/0x70 [ 247.767812][ T9864] __do_fast_syscall_32+0x127/0x180 [ 247.767812][ T9864] do_fast_syscall_32+0x77/0xd0 [ 247.767812][ T9864] do_SYSENTER_32+0x73/0x90 [ 247.767812][ T9864] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 247.767812][ T9864] RIP: 0023:0xf7fb2549 [ 247.767812][ T9864] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 247.767812][ T9864] RSP: 002b:00000000f55ac5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 247.767812][ T9864] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000720 [ 247.767812][ T9864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 247.767812][ T9864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 247.767812][ T9864] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 247.767812][ T9864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 248.086700][ T2061] Bluetooth: hci3: command 0x040f tx timeout 23:17:53 executing program 3 (fault-call:1 fault-nth:3): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:53 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xc0045878, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:53 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x6463, 0x0) [ 248.562259][ T9872] FAULT_INJECTION: forcing a failure. [ 248.562259][ T9872] name failslab, interval 1, probability 0, space 0, times 0 [ 248.575367][ T9872] CPU: 1 PID: 9872 Comm: syz-executor.3 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 248.585214][ T9872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.585214][ T9872] Call Trace: [ 248.585214][ T9872] dump_stack+0x24c/0x2e0 [ 248.585214][ T9872] should_fail+0x8bd/0x9e0 [ 248.585214][ T9872] __should_failslab+0x1f1/0x290 [ 248.585214][ T9872] should_failslab+0x29/0x70 [ 248.585214][ T9872] __kmalloc+0xbd/0x550 [ 248.585214][ T9872] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 248.585214][ T9872] ? tomoyo_init_log+0x31bf/0x3970 [ 248.585214][ T9872] ? kmsan_get_metadata+0x116/0x180 [ 248.585214][ T9872] tomoyo_init_log+0x31bf/0x3970 [ 248.585214][ T9872] tomoyo_supervisor+0x8b9/0x2730 [ 248.585214][ T9872] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 248.585214][ T9872] ? kmsan_get_metadata+0x116/0x180 [ 248.585214][ T9872] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 248.585214][ T9872] tomoyo_path_number_perm+0x88b/0xaf0 [ 248.585214][ T9872] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 248.585214][ T9872] ? __msan_get_context_state+0x9/0x20 [ 248.585214][ T9872] tomoyo_file_ioctl+0x74/0x90 [ 248.585214][ T9872] ? tomoyo_inode_getattr+0x60/0x60 [ 248.585214][ T9872] security_file_ioctl+0x10a/0x210 [ 248.585214][ T9872] __se_compat_sys_ioctl+0x182/0x1100 [ 248.585214][ T9872] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 248.585214][ T9872] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 248.585214][ T9872] __ia32_compat_sys_ioctl+0x4a/0x70 [ 248.585214][ T9872] __do_fast_syscall_32+0x127/0x180 [ 248.585214][ T9872] do_fast_syscall_32+0x77/0xd0 [ 248.585214][ T9872] do_SYSENTER_32+0x73/0x90 [ 248.585214][ T9872] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 248.585214][ T9872] RIP: 0023:0xf7fb2549 [ 248.585214][ T9872] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 248.585214][ T9872] RSP: 002b:00000000f55ac5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 248.585214][ T9872] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000720 [ 248.585214][ T9872] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 248.585214][ T9872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 248.585214][ T9872] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 23:17:54 executing program 2: r0 = syz_open_dev$I2C(0x0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 248.585214][ T9872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 23:17:54 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xc0045878, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:54 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x890b, 0x0) 23:17:54 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:54 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, 0x0) 23:17:54 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xc0189436, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:55 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8913, 0x0) 23:17:55 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:55 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x2, 0x0) 23:17:55 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xc020660b, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 250.157065][ T2061] Bluetooth: hci3: command 0x0419 tx timeout 23:17:55 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8914, 0x0) 23:17:55 executing program 2: syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(0xffffffffffffffff, 0x705, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:56 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x10, 0x0) 23:17:56 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x0, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:56 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8933, 0x0) 23:17:56 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, 0x0) 23:17:56 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x2, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:56 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, 0x0) 23:17:57 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x400448c9, 0x0) 23:17:57 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x3, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:57 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, 0x0) 23:17:57 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) 23:17:57 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x4, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:57 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x400448dd, 0x0) 23:17:57 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, 0x0) 23:17:57 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x725, 0x0) 23:17:57 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x400454ca, 0x0) 23:17:58 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x5, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:58 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={0x0}) 23:17:58 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x729, 0x0) 23:17:58 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x40049409, 0x0) 23:17:58 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x6, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:17:58 executing program 2 (fault-call:1 fault-nth:0): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={0x0}) 23:17:58 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4c01, 0x0) 23:17:59 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x40186366, 0x0) 23:17:59 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x7, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 253.780580][ T9954] FAULT_INJECTION: forcing a failure. [ 253.780580][ T9954] name failslab, interval 1, probability 0, space 0, times 0 [ 253.793707][ T9954] CPU: 1 PID: 9954 Comm: syz-executor.2 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 253.803379][ T9954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.803379][ T9954] Call Trace: [ 253.803379][ T9954] dump_stack+0x24c/0x2e0 [ 253.803379][ T9954] should_fail+0x8bd/0x9e0 [ 253.803379][ T9954] __should_failslab+0x1f1/0x290 [ 253.803379][ T9954] should_failslab+0x29/0x70 [ 253.803379][ T9954] __kmalloc+0xbd/0x550 [ 253.803379][ T9954] ? tomoyo_realpath_from_path+0x142/0xc20 [ 253.803379][ T9954] ? kmsan_get_metadata+0x116/0x180 [ 253.803379][ T9954] tomoyo_realpath_from_path+0x142/0xc20 [ 253.803379][ T9954] ? __msan_instrument_asm_store+0x22/0x130 [ 253.803379][ T9954] tomoyo_path_number_perm+0x2a3/0xaf0 [ 253.803379][ T9954] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 253.803379][ T9954] ? __msan_get_context_state+0x9/0x20 [ 253.803379][ T9954] tomoyo_file_ioctl+0x74/0x90 [ 253.803379][ T9954] ? tomoyo_inode_getattr+0x60/0x60 [ 253.803379][ T9954] security_file_ioctl+0x10a/0x210 [ 253.803379][ T9954] __se_compat_sys_ioctl+0x182/0x1100 [ 253.803379][ T9954] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 253.803379][ T9954] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 253.803379][ T9954] __ia32_compat_sys_ioctl+0x4a/0x70 [ 253.803379][ T9954] __do_fast_syscall_32+0x127/0x180 [ 253.803379][ T9954] do_fast_syscall_32+0x77/0xd0 [ 253.803379][ T9954] do_SYSENTER_32+0x73/0x90 [ 253.803379][ T9954] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 253.803379][ T9954] RIP: 0023:0xf7f60549 [ 253.803379][ T9954] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 253.803379][ T9954] RSP: 002b:00000000f555a5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 253.803379][ T9954] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000705 [ 253.803379][ T9954] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 253.803379][ T9954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 253.803379][ T9954] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 253.803379][ T9954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 254.017380][ T9954] ERROR: Out of memory at tomoyo_realpath_from_path. 23:17:59 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x541b, 0x0) 23:17:59 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4020940d, 0x0) 23:18:00 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x705, &(0x7f0000000100)={0x0}) 23:18:00 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5421, 0x0) 23:18:00 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x8, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:00 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c5828, 0x0) 23:18:00 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x2, &(0x7f0000000100)={0x0}) 23:18:00 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x9, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:00 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5450, 0x0) 23:18:01 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c5829, 0x0) 23:18:01 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x10, &(0x7f0000000100)={0x0}) 23:18:01 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0xa, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:01 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5451, 0x0) 23:18:01 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c582a, 0x0) 23:18:01 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x507, &(0x7f0000000100)={0x0}) 23:18:01 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0xb, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:02 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c582b, 0x0) 23:18:02 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5452, 0x0) 23:18:02 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0xc, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:02 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, &(0x7f0000000100)={0x0}) 23:18:02 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x402c5839, 0x0) 23:18:02 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x5460, 0x0) 23:18:02 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0xd, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:02 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={0x0}) 23:18:03 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x80086301, 0x0) [ 257.745400][T10017] ------------[ cut here ]------------ [ 257.751249][T10017] WARNING: CPU: 0 PID: 10017 at drivers/i2c/i2c-core-base.c:2021 __i2c_transfer+0x29c/0x3230 [ 257.762046][T10017] Modules linked in: [ 257.766048][T10017] CPU: 0 PID: 10017 Comm: syz-executor.2 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 257.776605][T10017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.787221][T10017] RIP: 0010:__i2c_transfer+0x29c/0x3230 [ 257.792932][T10017] Code: 45 89 f7 44 8b 75 a0 e9 65 03 00 00 83 7d 90 00 8b 7d c4 0f 45 7d 8c e8 82 18 6d f8 45 84 ff 0f 84 5e fe ff ff e8 74 27 ea f7 <0f> 0b 41 be ea ff ff ff e9 62 04 00 00 44 89 ff e8 5f 18 6d f8 4d [ 257.812992][T10017] RSP: 0018:ffff8881296cba58 EFLAGS: 00010283 [ 257.822031][T10017] RAX: ffffffff89d20c7c RBX: 0000000000000000 RCX: 0000000000040000 [ 257.830600][T10017] RDX: ffffc9000c1ea000 RSI: 0000000000000579 RDI: 000000000000057a 23:18:03 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x6364, 0x0) [ 257.838840][T10017] RBP: ffff8881296cbb58 R08: ffffffff89d20aa8 R09: ffff88813fffa000 [ 257.847117][T10017] R10: 00000000744f59eb R11: 0000000000000000 R12: 0000000000000001 [ 257.855207][T10017] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 257.863486][T10017] FS: 0000000000000000(0000) GS:ffff88813fc00000(0063) knlGS:00000000f555ab40 [ 257.872712][T10017] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 257.879544][T10017] CR2: 0000000008194e0c CR3: 000000007b7bf000 CR4: 00000000001506f0 [ 257.887776][T10017] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 257.895865][T10017] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 257.904125][T10017] Call Trace: [ 257.907549][T10017] ? kmsan_set_origin_checked+0xa2/0x100 [ 257.913355][T10017] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 257.919662][T10017] ? rt_mutex_lock+0x20/0xd0 [ 257.924479][T10017] ? __process_new_adapter+0x90/0x90 [ 257.930023][T10017] i2c_transfer+0x30d/0x620 [ 257.934703][T10017] i2cdev_ioctl_rdwr+0x82a/0xd70 [ 257.939904][T10017] ? _copy_from_user+0x1fd/0x300 23:18:03 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0xe, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 257.945114][T10017] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 257.951173][T10017] compat_i2cdev_ioctl+0xa91/0xaa0 [ 257.956572][T10017] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 257.962818][T10017] ? i2cdev_ioctl+0x1020/0x1020 [ 257.967926][T10017] __se_compat_sys_ioctl+0x53d/0x1100 [ 257.973500][T10017] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 257.979830][T10017] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 257.986548][T10017] __ia32_compat_sys_ioctl+0x4a/0x70 [ 257.992006][T10017] __do_fast_syscall_32+0x127/0x180 [ 257.997474][T10017] do_fast_syscall_32+0x77/0xd0 [ 258.002541][T10017] do_SYSENTER_32+0x73/0x90 [ 258.007317][T10017] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 258.013853][T10017] RIP: 0023:0xf7f60549 [ 258.018151][T10017] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 258.038015][T10017] RSP: 002b:00000000f555a5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 258.046683][T10017] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707 [ 258.054768][T10017] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 258.062950][T10017] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 258.071165][T10017] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 258.079348][T10017] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 258.087649][T10017] ---[ end trace 4221989c492b7895 ]--- 23:18:03 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xc0045878, 0x0) 23:18:03 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x10, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:04 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8913, 0x0) 23:18:04 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xc0045878, 0x0) 23:18:04 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x11, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:04 executing program 4 (fault-call:1 fault-nth:0): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x702, 0x0) 23:18:04 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xc0189436, 0x0) 23:18:04 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8914, 0x0) 23:18:05 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x720, &(0x7f0000000100)={0x0}) 23:18:05 executing program 0: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0xc020660b, 0x0) 23:18:05 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x12, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) 23:18:05 executing program 2: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x4c01, &(0x7f0000000100)={0x0}) 23:18:05 executing program 3: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x8933, 0x0) 23:18:05 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=@gettfilter={0xfffffffffffffc9b, 0x2e, 0x501, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x6, 0x4}, {0x9, 0x4}, {0x7, 0x6}}}, 0x34}, 0x1, 0x0, 0x0, 0x2404c030}, 0x2400c084) r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, 0x0) preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000000)=""/13, 0xd}, {0xfffffffffffffffe}], 0x2, 0x7fffffff, 0x1) 23:18:05 executing program 1: r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f00000000c0)=[{0x25, 0x0, 0x1, &(0x7f0000000000)="b4"}], 0x1}) [ 260.580020][T10058] ===================================================== [ 260.586143][T10058] BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x9c/0xb0 [ 260.586143][T10058] CPU: 1 PID: 10058 Comm: syz-executor.0 Tainted: G W 5.12.0-rc6-syzkaller #0 [ 260.586143][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.586143][T10058] Call Trace: [ 260.586143][T10058] dump_stack+0x24c/0x2e0 [ 260.586143][T10058] kmsan_report+0xfb/0x1e0 [ 260.586143][T10058] kmsan_internal_check_memory+0x469/0x500 [ 260.586143][T10058] ? i2c_transfer+0x370/0x620 [ 260.586143][T10058] kmsan_copy_to_user+0x9c/0xb0 [ 260.586143][T10058] _copy_to_user+0x1ac/0x270 [ 260.586143][T10058] i2cdev_read+0x23d/0x350 [ 260.586143][T10058] do_iter_read+0x6a7/0x1100 [ 260.586143][T10058] ? put_i2c_dev+0x2c0/0x2c0 [ 260.586143][T10058] do_preadv+0x454/0x6a0 [ 260.586143][T10058] ? kmsan_get_metadata+0x116/0x180 [ 260.586143][T10058] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 260.586143][T10058] ? kmsan_get_metadata+0x116/0x180 [ 260.586143][T10058] __se_compat_sys_preadv+0xef/0x100 [ 260.586143][T10058] __ia32_compat_sys_preadv+0x62/0x80 [ 260.586143][T10058] __do_fast_syscall_32+0x127/0x180 [ 260.586143][T10058] do_fast_syscall_32+0x77/0xd0 [ 260.586143][T10058] do_SYSENTER_32+0x73/0x90 [ 260.586143][T10058] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 260.586143][T10058] RIP: 0023:0xf7ff8549 [ 260.586143][T10058] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 260.586143][T10058] RSP: 002b:00000000f55f25fc EFLAGS: 00000296 ORIG_RAX: 000000000000014d [ 260.586143][T10058] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040 [ 260.586143][T10058] RDX: 0000000000000002 RSI: 000000007fffffff RDI: 0000000000000001 [ 260.586143][T10058] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 260.586143][T10058] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 260.586143][T10058] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 260.586143][T10058] [ 260.586143][T10058] Uninit was created at: [ 260.586143][T10058] kmsan_internal_poison_shadow+0x66/0xd0 [ 260.586143][T10058] kmsan_slab_alloc+0x8e/0xe0 [ 260.586143][T10058] __kmalloc+0x387/0x550 [ 260.586143][T10058] i2cdev_read+0x128/0x350 [ 260.586143][T10058] do_iter_read+0x6a7/0x1100 [ 260.586143][T10058] do_preadv+0x454/0x6a0 [ 260.586143][T10058] __se_compat_sys_preadv+0xef/0x100 [ 260.586143][T10058] __ia32_compat_sys_preadv+0x62/0x80 [ 260.586143][T10058] __do_fast_syscall_32+0x127/0x180 [ 260.586143][T10058] do_fast_syscall_32+0x77/0xd0 [ 260.586143][T10058] do_SYSENTER_32+0x73/0x90 [ 260.586143][T10058] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 260.586143][T10058] [ 260.586143][T10058] Bytes 0-12 of 13 are uninitialized [ 260.586143][T10058] Memory access of size 13 starts at ffff8880876c49a0 [ 260.586143][T10058] Data copied to user address 0000000020000000 [ 260.586143][T10058] ===================================================== [ 260.586143][T10058] Disabling lock debugging due to kernel taint [ 260.586143][T10058] Kernel panic - not syncing: panic_on_kmsan set ... [ 260.586143][T10058] CPU: 1 PID: 10058 Comm: syz-executor.0 Tainted: G B W 5.12.0-rc6-syzkaller #0 [ 260.586143][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.586143][T10058] Call Trace: [ 260.586143][T10058] dump_stack+0x24c/0x2e0 [ 260.586143][T10058] panic+0x4c6/0xea7 [ 260.586143][T10058] ? add_taint+0x17c/0x210 [ 260.586143][T10058] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 260.586143][T10058] kmsan_report+0x1de/0x1e0 [ 260.586143][T10058] kmsan_internal_check_memory+0x469/0x500 [ 260.586143][T10058] ? i2c_transfer+0x370/0x620 [ 260.586143][T10058] kmsan_copy_to_user+0x9c/0xb0 [ 260.586143][T10058] _copy_to_user+0x1ac/0x270 [ 260.586143][T10058] i2cdev_read+0x23d/0x350 [ 260.586143][T10058] do_iter_read+0x6a7/0x1100 [ 260.586143][T10058] ? put_i2c_dev+0x2c0/0x2c0 [ 260.586143][T10058] do_preadv+0x454/0x6a0 [ 260.586143][T10058] ? kmsan_get_metadata+0x116/0x180 [ 260.586143][T10058] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 260.586143][T10058] ? kmsan_get_metadata+0x116/0x180 [ 260.586143][T10058] __se_compat_sys_preadv+0xef/0x100 [ 260.586143][T10058] __ia32_compat_sys_preadv+0x62/0x80 [ 260.586143][T10058] __do_fast_syscall_32+0x127/0x180 [ 260.586143][T10058] do_fast_syscall_32+0x77/0xd0 [ 260.586143][T10058] do_SYSENTER_32+0x73/0x90 [ 260.586143][T10058] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 260.586143][T10058] RIP: 0023:0xf7ff8549 [ 260.586143][T10058] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 260.586143][T10058] RSP: 002b:00000000f55f25fc EFLAGS: 00000296 ORIG_RAX: 000000000000014d [ 260.586143][T10058] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040 [ 260.586143][T10058] RDX: 0000000000000002 RSI: 000000007fffffff RDI: 0000000000000001 [ 260.586143][T10058] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 260.586143][T10058] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 260.586143][T10058] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 260.586143][T10058] Kernel Offset: disabled [ 260.586143][T10058] Rebooting in 86400 seconds..