CGPTPEER(0xffffffffffffffff, 0x5441, 0x20) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x480000, 0x0) r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r4, 0xc0045520, &(0x7f0000000200)=0x6) ioctl$KDDISABIO(r3, 0x4b37) [ 2916.387561][T13728] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:23 executing program 3: r0 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r0, &(0x7f0000000180), 0x18) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000340)=""/211) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000440)=""/38) socketpair(0x1d, 0x0, 0x1, &(0x7f0000000000)) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) r3 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r3, 0x400443c8, &(0x7f0000000000)) socketpair(0x21, 0xa, 0x1, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$BATADV_CMD_GET_ORIGINATORS(r4, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4f63279a6e35a94f}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x14, r2, 0x4, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20008804}, 0x40000) 21:13:23 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) r0 = syz_open_dev$media(&(0x7f0000000000), 0xfb19, 0x16b402) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x6, &(0x7f00000000c0)=[{0xb7d, 0x80, 0x40, 0xfc9d}, {0x7, 0x2, 0x6, 0xfffffd22}, {0x0, 0x40, 0x85, 0x2}, {0x7, 0x7f, 0x5, 0x6}, {0x2, 0xc0, 0x28, 0x7}, {0x5, 0x1, 0x2, 0x6}]}) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000080)) pipe2$9p(&(0x7f0000000040), 0x0) [ 2916.435552][ T37] audit: type=1326 audit(1625346803.665:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13730 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 2916.498680][ T37] audit: type=1326 audit(1625346803.725:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13730 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:13:23 executing program 2: prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x2, 0x0, 0x1, 0x5}]}) sched_getscheduler(0x0) 21:13:24 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x4c}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:24 executing program 0: ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000000)={0x1, 0x18, [0x100, 0x6, 0x80, 0x3, 0x3, 0x5]}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)={0xe, 0x7, 0x1, {0x5, 'syz1\x00'}}, 0xe) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:24 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, 0x0) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000000)={0x1, 0x2, 0x4, 0x20, 0x4, {0x0, 0xea60}, {0x1, 0xc, 0x40, 0x81, 0x4, 0x5, "41167fc4"}, 0x3, 0x3, @fd, 0x6e, 0x0, 0xffffffffffffffff}) ioctl$vim2m_VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f00000001c0)={0x9, 0x0, 0x4, 0x8, 0xffffffff, {}, {0x4, 0x0, 0x38, 0xba, 0x80, 0x21, "77a2df08"}, 0x3, 0x3, @fd, 0x1ff, 0x0, r2}) 21:13:24 executing program 5: prctl$PR_MCE_KILL_GET(0x22) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000300)={0x400, 0x1, 0x4, 0x4, 0x0, {0x77359400}, {0x1, 0xc, 0x40, 0x0, 0xbf, 0x0, "cdf73992"}, 0x80000000, 0x1, @planes=&(0x7f00000002c0)={0xb5c5, 0x40, @fd=0xffffffffffffffff, 0x7}}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000380)={0x9, 0x1, 0x4, 0x1000, 0x8, {}, {0x5, 0x0, 0x2, 0x6, 0x9e, 0x20, "8f2d7847"}, 0x1, 0x0, @fd=r1, 0x80000001}) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000140)={0x8, 0x0, 0x4, 0x70000, 0x1, {r4, r5/1000+60000}, {0x1, 0x1, 0x8, 0x5, 0x0, 0x1, "72cf0d7d"}, 0x0, 0x2, @userptr=0x2, 0x553, 0x0, 0xffffffffffffffff}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000001c0)={0xbca, 0x1, 0x4, 0x100000, 0x4ebe, {}, {0x3, 0xb09ed4d3e2a318c9, 0x87, 0xb7, 0x40, 0xb9, "1ef866f0"}, 0xfff, 0x2, @offset=0x4, 0x1000, 0x0, r6}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000080)={0xfe, 0x2, 0x4, 0x10, 0x2, {r2, r3/1000+10000}, {0x2, 0x8, 0x6, 0x1, 0x3f, 0x3, "bdf0cdd3"}, 0xdd06, 0x2, @offset=0x7, 0x1ff}) 21:13:24 executing program 2: prctl$PR_SET_SECCOMP(0x2f, 0x1, 0x0) [ 2916.737533][T13717] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2916.759900][T13711] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2916.848815][T13774] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:24 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x2000100, 0x4}, 0x4, 0x30, 0x0, 0x0, 0xfffffffffffffe50, 0x1, 'syz0\x00', 0x0, 0x0, '\x00', [0x0, 0x0, 0x0, 0x1001]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f0000000000)={0x7, &(0x7f00000001c0)=[{}, {@fixed}, {}, {@fixed}, {@none}, {@fixed}, {@fixed}]}) [ 2916.896193][T13767] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2917.213654][T13774] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2917.224439][T13767] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2917.265945][ T37] audit: type=1326 audit(1625346804.495:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13730 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 2917.316812][ T37] audit: type=1326 audit(1625346804.545:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13730 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:13:24 executing program 4: prctl$PR_SET_SECCOMP(0x2f, 0x4, 0x0) getuid() r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000000)={{{@in6=@mcast1, @in=@dev}}, {{@in6=@empty}}}, &(0x7f0000000100)=0xe8) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREADLINK(r1, &(0x7f0000000140)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) 21:13:24 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) pipe2$9p(&(0x7f0000000040), 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLINK(r0, &(0x7f0000000000)={0x7, 0x47, 0x1}, 0x7) 21:13:24 executing program 2: prctl$PR_SET_SECCOMP(0x2f, 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(0xffffffffffffffff, 0xc008551c, &(0x7f0000000000)={0xff, 0x20, [0x31a4, 0x80, 0x5, 0x15, 0x3, 0x2, 0x1, 0x0]}) 21:13:24 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = syz_open_dev$sndctrl(&(0x7f00000002c0), 0x6, 0x30101) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f0000000340)=0x2cf6) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r2, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000200)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r2, 0xc01064c5, &(0x7f0000000280)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, r3], 0x5}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) setitimer(0x2, &(0x7f0000000040)={{r4, r5/1000+10000}}, &(0x7f00000001c0)) 21:13:24 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0xa, 0x0, 0x3, 0x9, 'syz0\x00'}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000000000)={0x0, 0x3, 0x8d86, 0x6, 0x9}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:24 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x60}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2917.417523][T13811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:24 executing program 5: r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_SEND_PRIO(r0, 0x6b, 0x3, &(0x7f0000000040)=0x6, 0x4) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RGETLOCK(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="1e00000037010000020000000000000000000000000000f0", @ANYRES32=0x0, @ANYBLOB="00200314963ea47717793e1f2c159533f37546d41e2333f58c37f735979a8126a662122deccd8e88cb459691f99ce3a9268969b5bd4e990ef660deac890518bf3159b00a2b3a04578f213f6f59517d242f617b3a87b8deeb2cc7e02ea081d3ba69a1ffff84053d3e597bc9ae9ababe441d3718d64d25f02c14dc25e42631f708ba6fafb3137d885d3e"], 0x1e) r2 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000200)={0x780, 0x258, 0xa00, 0x10, 0x2, 0xc737, 0x8, 0x0, {0x5, 0x1}, {0x4, 0x2}, {0x5b0, 0xce9, 0x1}, {0x0, 0x9, 0x1}, 0x2, 0x100, 0x2, 0x10000, 0x0, 0x20, 0x0, 0x6, 0x2, 0x400, 0x7, 0x273, 0x24, 0x4, 0x3, 0xa}) connect$can_j1939(r2, &(0x7f0000000180), 0x18) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) setsockopt$SO_J1939_ERRQUEUE(r2, 0x6b, 0x4, &(0x7f0000000080)=0x1, 0x4) 21:13:24 executing program 2: sched_getattr(0xffffffffffffffff, &(0x7f0000000000)={0x38}, 0x38, 0x0) prctl$PR_SET_SECCOMP(0x2f, 0x1, 0x0) [ 2917.465525][T13806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:24 executing program 3: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLOPEN(r0, &(0x7f0000000000)={0x18, 0xd, 0x2, {{0x19, 0x2, 0x2}, 0x1}}, 0x18) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:24 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x2}, 0x7) 21:13:24 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x8, 0x0, 0x0, 0x913, '\x00', 0x2}, 0x2, 0x0, 0xcaf, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x347c02, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000000)={0x0, 0x0, 0xffffffffffffffff}) socket$inet_sctp(0x2, 0x5, 0x84) r3 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r3, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000200)={0x0, 0x0, r2}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(r3, 0xc01064c2, &(0x7f0000000240)={r4, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(0xffffffffffffffff, 0xc01064c5, &(0x7f00000001c0)={&(0x7f0000000040)=[0x0, 0x0, r1, 0x0, 0x0, 0x0], 0x6}) 21:13:24 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) pipe2$9p(&(0x7f0000000040), 0x0) 21:13:24 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0xa, 0x0, 0x3, 0x9, 'syz0\x00'}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000000000)={0x0, 0x3, 0x8d86, 0x6, 0x9}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:24 executing program 4: prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) 21:13:24 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x7, 0x2, 0x0, 0x0, 'syz1\x00'}, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:25 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f0000000000)) 21:13:25 executing program 4: prctl$PR_SET_SECCOMP(0x2f, 0x4, 0x0) prctl$PR_GET_THP_DISABLE(0x2a) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x4, &(0x7f0000000000)=[{0x3ff, 0x8, 0x6, 0x80000000}, {0x8001, 0xf7, 0x94, 0x3f}, {0xc2, 0x7, 0x0, 0xfffffff7}, {0x8, 0x9, 0x5, 0x7}]}) prctl$PR_MCE_KILL_GET(0x22) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000000c0)={0x6, &(0x7f0000000040)=[{0xab, 0x40, 0x7, 0x4}, {0x7, 0x1, 0xec, 0x3ff}, {0xffff, 0x7, 0xf6}, {0xffff, 0x3, 0xfa, 0x6}, {0x6, 0x7f, 0x1, 0x2}, {0x1, 0x5, 0xa5, 0x6}]}) [ 2917.792368][T13811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2917.832103][T13806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:25 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x68}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:25 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x2000100, 0x4}, 0x4, 0x30, 0x0, 0x0, 0xfffffffffffffe50, 0x1, 'syz0\x00', 0x0, 0x0, '\x00', [0x0, 0x0, 0x0, 0x1001]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f0000000000)={0x7, &(0x7f00000001c0)=[{}, {@fixed}, {}, {@fixed}, {@none}, {@fixed}, {@fixed}]}) 21:13:25 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000001c0)={{0x7, 0x6, 0x6, 0x7, 'syz0\x00', 0x4}, 0x3, 0x404, 0x7fff, 0xffffffffffffffff, 0x5, 0x7f, 'syz0\x00', &(0x7f0000000040)=[']]\x00', '\x00', 'syz1\x00', '^\x00', 'syz1\x00'], 0x10, '\x00', [0x0, 0x5c, 0x6, 0x101]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f0000000000)=""/52) r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000000300)={0x2, 0x0, @empty}, &(0x7f0000000340)=0x10, 0x800) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000380)={r1, 0x301}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2917.873771][ T37] audit: type=1326 audit(1625346805.105:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13856 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:13:25 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x3, 0x623, 0x0, 'syz1\x00'}, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x3, 0x50000) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000001c0)={0x1, 0x7, 0x2, 0xfffffff7, '\x00', '\x00', '\x00', 0x9, 0x1, 0x4, 0x6, "a152e0f3f3c6c54c0e90a2baf102259a"}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000040)=0x6) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x84000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000340)=ANY=[@ANYBLOB="07f0ff00100020f03cb17702cf7c00030000000000000000"]) [ 2917.955776][T13868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2917.971658][ T37] audit: type=1326 audit(1625346805.165:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13856 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:13:25 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x60}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2918.020128][T13864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:25 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x9, 0x40c02) ioctl$DRM_IOCTL_SYNCOBJ_RESET(r0, 0xc01064c4, &(0x7f00000001c0)={&(0x7f0000000040)=[0x0], 0x1}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r3 = fork() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000240)={{0x7, 0x5, 0x9, 0x0, 'syz1\x00', 0x6}, 0x0, 0x1, 0x2, r3, 0x7, 0x7, 'syz0\x00', &(0x7f0000000200)=['#-:}\x00', '(^\x00', '/&-,\x00', '\x00', '\x00', '/dev/kvm\x00', 'syz1\x00'], 0x1d, '\x00', [0x602, 0x2, 0x8001, 0x8]}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) [ 2918.066533][ T37] audit: type=1326 audit(1625346805.285:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13840 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2918.114732][T13883] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2918.146891][T13882] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:25 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) pipe2$9p(&(0x7f0000000000), 0x800) 21:13:25 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) pipe2$9p(&(0x7f0000000040), 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x5, &(0x7f0000000000)=[{0x1ff, 0xff, 0x1f, 0xffff}, {0xffff, 0x3, 0x5, 0x4}, {0x61, 0x1, 0x6, 0x3f}, {0x2, 0x6, 0x0, 0x7ff}, {0x3, 0x9, 0x3f, 0x9}]}) [ 2918.189945][ T37] audit: type=1326 audit(1625346805.355:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13840 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:25 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2918.275607][ T37] audit: type=1326 audit(1625346805.505:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13899 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:13:25 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000000)=0x80000001) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2918.349977][T13868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:25 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x6c}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2918.406516][T13864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2918.512311][T13912] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2918.547840][T13911] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:25 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x68}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:25 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x68}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:25 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x145500, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RUNLINKAT(r1, &(0x7f00000001c0)={0x7, 0x4d, 0x2}, 0x7) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) 21:13:25 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000040)={0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SYNCOBJ_RESET(0xffffffffffffffff, 0xc01064c4, &(0x7f0000000200)={&(0x7f00000001c0)=[r0, 0x0], 0x2}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000000)=0x3ff) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/48) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000240)={0x0, 0x800, 0x3f, 0x2, 0x5, "d5b625e4536eb8b24f2376a40daee8f324e222"}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000280)={r0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000002c0)={r0, 0x0, r1}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000300)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(0xffffffffffffffff, 0xc01064c5, &(0x7f00000003c0)={&(0x7f0000000340)=[r0, r0, r0, 0x0, r3, 0x0, r0, r4], 0x8}) [ 2918.742774][T13922] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:26 executing program 3: sched_rr_get_interval(0x0, &(0x7f0000000000)) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x1ff}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0x0, 0xfffe, 0x20]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:26 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f00000001c0)=""/211) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2918.797268][T13932] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2918.799071][T13920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2918.831833][T13928] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2918.873418][T13912] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2918.902957][T13911] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:26 executing program 3: connect$can_j1939(0xffffffffffffffff, &(0x7f0000000200)={0x1d, 0x0, 0x3, {0x1, 0x1, 0x3}}, 0x18) sched_yield() pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_ROPEN(r0, &(0x7f00000001c0)={0x18, 0x71, 0x1, {{0x2c, 0x3, 0x5}, 0x9}}, 0x18) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x80]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x21c6c1, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000000)=""/7) 21:13:26 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x74}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2918.989792][T13945] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2919.004263][T13943] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:26 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) pipe2$9p(&(0x7f0000000040), 0x104800) getpriority(0x3, 0xffffffffffffffff) 21:13:26 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0xfffffffc, 0xfffffffc}, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:26 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000001c0)=""/170) [ 2919.121498][ T37] audit: type=1326 audit(1625346806.355:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13899 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:13:26 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x6c}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:26 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x400}, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0x0, 0x0, 0x7ff]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x22200, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x4, 0x60) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000001c0)={0xfc2a, 0x0, 0x2, 0x200, '\x00', '\x00', '\x00', 0x80000001, 0x7, 0x7, 0x4, "d912c507a2a8b997cb249f9552356630"}) prctl$PR_MCE_KILL_GET(0x22) 21:13:26 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) pipe2$9p(&(0x7f0000000040), 0x0) 21:13:26 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x8000, 0x81) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000040)={0x48, 0x8, [0x8001, 0x5]}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f00000001c0)={0x0, 0x8, [0x3, 0x2]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2919.293628][T13967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2919.313806][T13966] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2919.316597][T13945] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:26 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) membarrier(0x0, 0x0) pipe2$9p(&(0x7f0000000040), 0x4800) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000000)=0x7ff) r0 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r0, &(0x7f0000000180), 0x18) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'}) 21:13:26 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0xfffffffc}, 0x6, 0x0, 0x0, 0x0, 0x0, 0x10000000, 'syz1\x00', 0x0, 0x2a, '\x00', [0x0, 0x0, 0x10]}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2919.371821][T13943] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2919.393453][ T37] audit: type=1326 audit(1625346806.625:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13970 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:26 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) 21:13:26 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x7a}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:26 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000000)) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:26 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000040), 0x0) [ 2919.542744][T13999] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:26 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) ioctl$FBIOPUT_CON2FBMAP(r1, 0x4610, &(0x7f0000000240)={0x26, 0x1}) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000000000)={0x8000, 0x20, [0x8, 0xfffffffe, 0x5, 0x8, 0x0, 0x7, 0x9, 0x9]}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2919.590461][T14002] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:26 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x8000, 0x81) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000040)={0x48, 0x8, [0x8001, 0x5]}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f00000001c0)={0x0, 0x8, [0x3, 0x2]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:26 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x1ff, 0x1, 0xc8}, {0x7f, 0x81, 0x0, 0x4}, {0x6, 0x68, 0x1, 0x1}]}) pipe2$9p(&(0x7f0000000040), 0x0) clock_nanosleep(0x4, 0x0, &(0x7f0000000000)={0x77359400}, &(0x7f0000000080)) r0 = syz_open_dev$sndctrl(&(0x7f0000000140), 0x7fdf, 0x4100) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000180)=0x8) 21:13:26 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4085c29"}, 0x0, 0x0, @planes=0x0}) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f0000000000)=""/18) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2919.907992][T13999] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2919.920490][T13998] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:27 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) pipe2$9p(&(0x7f0000000040), 0x0) 21:13:27 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0xa}, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)) connect$can_j1939(r1, &(0x7f0000000180), 0x18) setsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, &(0x7f0000000000)=0x1, 0x4) membarrier(0x8, 0x0) 21:13:27 executing program 4: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) r0 = syz_open_dev$media(&(0x7f0000000000), 0xfb19, 0x16b402) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x6, &(0x7f00000000c0)=[{0xb7d, 0x80, 0x40, 0xfc9d}, {0x7, 0x2, 0x6, 0xfffffd22}, {0x0, 0x40, 0x85, 0x2}, {0x7, 0x7f, 0x5, 0x6}, {0x2, 0xc0, 0x28, 0x7}, {0x5, 0x1, 0x2, 0x6}]}) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000080)) pipe2$9p(&(0x7f0000000040), 0x0) 21:13:27 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x4, &(0x7f0000000000)=[{0x80, 0x8, 0x3, 0x40}, {0x9, 0x2, 0xc4, 0x4}, {0x9, 0x4, 0x7, 0x7ff}, {0xfe01, 0x0, 0x4e, 0x3}]}) pipe2$9p(&(0x7f0000000040), 0x0) 21:13:27 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000000)={0x27, 0x37, 0x1, {0x1, 0x3316, 0x400, 0x0, 0x9, '/dev/kvm\x00'}}, 0x27) 21:13:27 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0xc0}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2920.220254][T14039] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2920.230205][ T37] audit: type=1326 audit(1625346807.455:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14034 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 2920.271021][T14047] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:27 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000000)={0x81, 0x8, [0x8, 0x80000000]}) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0xb86) r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x6) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x37) 21:13:27 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x7, 0x7f, 0x1}, 0x7) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:27 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000000)=""/21) [ 2920.342666][ T37] audit: type=1326 audit(1625346807.545:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14038 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:27 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f00000001c0)=""/210) write$P9_RLOPEN(r1, &(0x7f0000000040)={0x18, 0xd, 0x2, {{0x0, 0x3, 0x3}, 0x7ab}}, 0x18) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 21:13:27 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:27 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2920.635045][T14039] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2920.663351][T14035] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2921.041431][ T37] audit: type=1326 audit(1625346808.275:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14034 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:13:28 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) pipe2$9p(&(0x7f0000000040), 0x0) 21:13:28 executing program 4: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) pipe2$9p(&(0x7f0000000040), 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000000)={0x1ff}) 21:13:28 executing program 3: fork() r0 = fork() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x200, 0x5, 0x0, 0x0, '\x00', 0x4}, 0x4, 0x0, 0x0, r0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x8, 0xffff, 0x0, 0x200]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:28 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f00000001c0)=""/185) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:28 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:28 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x4, 0x3, 0x7, 0x3}, {0x5, 0x3, 0x9, 0x4}, {0x4, 0xa4, 0xfd, 0x8}]}) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000040), 0x0) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) r1 = socket$inet(0x2, 0x800, 0x795db921) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)={r1, 0x50a}) 21:13:28 executing program 5: r0 = fork() getpriority(0x0, r0) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) pipe2$9p(&(0x7f0000000040), 0x0) 21:13:28 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x27}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2921.189087][T14094] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:28 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x5, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000040)=""/59) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:28 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RREAD(r0, &(0x7f0000000080)={0x92, 0x75, 0x1, {0x87, "6ea20bbade74aba12ea053b176b0926e95df7d117c4eb238325c8223a9f3c3928fa6072dcc6f4dc66d69b1eaee007e7035505ff56b47a92b53d75dee8b4ee781cb1adaccf5a666852eb1da3a655a9dc1c5f92963e6f3439874142761045546d658a374925072202636cf8b9a5cb4d27a76ba9fb75cfbe613b4000a30065f11d1e576d103b8c18f"}}, 0x92) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000140)={0x7, &(0x7f0000000000)=[{0x5, 0x40, 0x80, 0x3}, {0x743, 0x80, 0x0, 0x3}, {0x8, 0x3, 0xcb, 0xfff}, {0x100, 0xff, 0x7, 0x8}, {0x4, 0x3f, 0x5, 0x80}, {0x7, 0x81, 0x3, 0xfffffff7}, {0x55, 0x40, 0xdb, 0x9}]}) [ 2921.289438][T14117] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2921.325774][T14112] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:28 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0x0, 0xfffc]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:28 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x4}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000240)={{0x5, 0x2, 0x3ff, 0x6, '\x00', 0x2}, 0x4, 0x20000000, 0x80000001, 0x0, 0x3, 0x6, 'syz0\x00', &(0x7f0000000200)=['\x00', '*)\x00', '/dev/snd/controlC#\x00'], 0x17, '\x00', [0x6, 0x400, 0x8, 0x2]}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000000000)={0x9, 0x14, [0x9, 0x9, 0x5, 0x36, 0x7]}) [ 2921.530906][T14094] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:29 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:29 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r2, 0x4606, 0x0) ioctl$FBIOBLANK(r2, 0x4611, 0x4) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r1, 0xc01064c5, &(0x7f00000001c0)={&(0x7f0000000040)=[0x0], 0x1}) 21:13:29 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x3}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x861, 0x6, 0x0, 0x5]}) r0 = syz_open_pts(0xffffffffffffffff, 0x414000) ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000000)=""/53) 21:13:29 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:29 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDMKTONE(r1, 0x4b30, 0x4) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x15) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f00000000c0)={0x0, 0x0, {0x3b, 0x14, 0x14, 0x12, 0x7, 0x8, 0x4, 0xa0, 0x1}}) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x608002, 0x0) prctl$PR_SET_SECCOMP(0x29, 0x3, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0xc000) write$P9_RFLUSH(r2, &(0x7f0000000040)={0x7, 0x6d, 0x1}, 0x7) [ 2922.062181][T14164] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:29 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xfe9d, 0x42a000) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000040)={0x8, 0x24, [0x1, 0x6, 0x100, 0x7ff, 0x4, 0x2, 0xce3, 0x10001, 0x1]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:29 executing program 3: r0 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r0, 0xc01064c5, &(0x7f0000000040)) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:29 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) syz_open_dev$rtc(&(0x7f0000000000), 0x6, 0x10001) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:29 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x6, 0x3, 0x0, '\x00', 0xfffffffe}, 0x4, 0x20, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0, 0x0, '\x00', [0x0, 0xa, 0x4]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:29 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:29 executing program 5: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) pipe2$9p(&(0x7f00000000c0), 0x4000) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) [ 2922.416279][T14164] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:29 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2922.562502][T14392] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2922.885542][T14392] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:30 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:30 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0xfffffffc, 0x4, 0x57de, 0x0, 'syz0\x00'}, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x4]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/35) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 21:13:30 executing program 4: select(0x40, &(0x7f0000000000)={0x7, 0x34, 0x1, 0x3, 0xffffffffffffff80, 0x10000, 0x3, 0x1}, &(0x7f0000000040)={0x5, 0x6, 0xaded3ec, 0x0, 0x8000, 0x5, 0x9, 0x54d84b14}, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:30 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x5, 0x40) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000280)=0x2acc8370) r2 = getuid() write$P9_RGETATTR(r0, &(0x7f00000001c0)={0xa0, 0x19, 0x1, {0x8, {0x40, 0x2, 0x1}, 0x90, r2, 0xee01, 0x2b, 0x5, 0x4, 0x8, 0x2, 0x1, 0x9, 0x3, 0xffffffff, 0x80, 0x10001, 0xffff, 0x1, 0x80000001, 0x9}}, 0xa0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000040)=""/62) 21:13:30 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x4, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x0, 0x3f, 0x6, 0x1f}, {0x7, 0x80, 0x3, 0x6}]}) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x3f, 0xc7, 0x0, 0x20}]}) 21:13:30 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x5) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2922.997315][T14414] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2923.024744][ T37] kauditd_printk_skb: 3 callbacks suppressed 21:13:30 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000000)={0x0, 0x7ff, 0xfff, 0x6, 0x1, "dafb8264874bdc7f12639ee1d6bc50f3afae2f"}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:30 executing program 4: select(0x40, &(0x7f0000000000)={0x7, 0x34, 0x1, 0x3, 0xffffffffffffff80, 0x10000, 0x3, 0x1}, &(0x7f0000000040)={0x5, 0x6, 0xaded3ec, 0x0, 0x8000, 0x5, 0x9, 0x54d84b14}, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:30 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000040)) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r2, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLCREATE(r2, &(0x7f00000001c0)={0x18, 0xf, 0x1, {{0x80, 0x3, 0x3}, 0xffffffff}}, 0x18) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r3, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREAD(r3, &(0x7f0000000280)={0x55, 0x75, 0x1, {0x4a, "1288aa8c5a77538966fc7fd44271aec7266a8c41b8d367f1db9471adb7a319bcccb9470b1f63ad05d453f944c866e1aee899e4d7486c0fe819282d734a42cc85d0df0af29ac684d2a72a"}}, 0x55) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000000)={0xff, 0x8, [0x1, 0x6]}) [ 2923.024762][ T37] audit: type=1326 audit(1625346810.255:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14417 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 2923.100243][ T37] audit: type=1326 audit(1625346810.315:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14417 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:13:30 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) [ 2923.199716][ T37] audit: type=1326 audit(1625346810.395:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14426 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:30 executing program 4: select(0x40, &(0x7f0000000000)={0x7, 0x34, 0x1, 0x3, 0xffffffffffffff80, 0x10000, 0x3, 0x1}, &(0x7f0000000040)={0x5, 0x6, 0xaded3ec, 0x0, 0x8000, 0x5, 0x9, 0x54d84b14}, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:30 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x10000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/56) 21:13:30 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = fork() getpriority(0x0, r1) r2 = syz_open_dev$tty1(0xc, 0x4, 0x4) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_logical_link_complete={{0x45, 0x5}, {0x3, 0xc8, 0xc8, 0x2}}}, 0x8) ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2923.313297][ T37] audit: type=1326 audit(1625346810.545:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14440 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:30 executing program 4: select(0x40, &(0x7f0000000000)={0x7, 0x34, 0x1, 0x3, 0xffffffffffffff80, 0x10000, 0x3, 0x1}, &(0x7f0000000040)={0x5, 0x6, 0xaded3ec, 0x0, 0x8000, 0x5, 0x9, 0x54d84b14}, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 21:13:30 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:30 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(0xffffffffffffffff, 0xc008551c, &(0x7f0000000000)={0x665d, 0x14, [0x8, 0xe9, 0x7, 0x7, 0xb332]}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2923.389106][T14414] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2923.527747][ T37] audit: type=1326 audit(1625346810.755:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14457 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:31 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:31 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:31 executing program 0: prctl$PR_SET_SECCOMP(0x29, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:31 executing program 4: select(0x40, &(0x7f0000000000)={0x7, 0x34, 0x1, 0x3, 0xffffffffffffff80, 0x10000, 0x3, 0x1}, &(0x7f0000000040)={0x5, 0x6, 0xaded3ec, 0x0, 0x8000, 0x5, 0x9, 0x54d84b14}, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) 21:13:31 executing program 3: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = fork() getpriority(0x0, r0) r1 = fork() getpriority(0x0, r1) rt_sigqueueinfo(r1, 0x23, &(0x7f0000000000)={0x12, 0x0, 0x7f}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) rt_sigqueueinfo(r1, 0x23, &(0x7f00000001c0)={0x40, 0x100, 0x6}) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:31 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:31 executing program 4: select(0x40, &(0x7f0000000000)={0x7, 0x34, 0x1, 0x3, 0xffffffffffffff80, 0x10000, 0x3, 0x1}, &(0x7f0000000040)={0x5, 0x6, 0xaded3ec, 0x0, 0x8000, 0x5, 0x9, 0x54d84b14}, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) [ 2923.901784][T14470] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2923.917800][ T37] audit: type=1326 audit(1625346811.145:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14472 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:31 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x200}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000000)={0x0, 0x1}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:31 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) [ 2924.019456][ T37] audit: type=1326 audit(1625346811.235:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14481 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:31 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:31 executing program 4: select(0x0, 0x0, &(0x7f0000000040)={0x5, 0x6, 0xaded3ec, 0x0, 0x8000, 0x5, 0x9, 0x54d84b14}, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) 21:13:31 executing program 3: syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) r0 = syz_open_pts(0xffffffffffffffff, 0x80001) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000400)={0x2, 0x6, 0x5, 0x27ec00, 0x18, "5f140132e3950e1a81f81cd47482bb2e05dc9b"}) r1 = fork() getpriority(0x0, r1) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0xb}, 0x4, 0x10000000, 0x0, r1, 0x0, 0x400, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0xfffd]}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) rt_sigqueueinfo(0x0, 0x3c, &(0x7f0000000380)={0x1d, 0x585, 0x6}) r3 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @remote}, &(0x7f00000002c0)=0x10, 0x80000) accept4$inet(r3, &(0x7f0000000300)={0x2, 0x0, @local}, &(0x7f0000000340)=0x10, 0x800) r4 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x2, 0x4000) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r4, 0x800455d1, &(0x7f0000000480)) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f00000001c0)=""/233) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2924.115595][ T37] audit: type=1326 audit(1625346811.335:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14494 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:31 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) [ 2924.225517][ T37] audit: type=1326 audit(1625346811.435:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14501 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2924.270502][T14470] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:31 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:31 executing program 0: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, 0x0) write$fb(r0, &(0x7f00000001c0)="4444c2c3a8db7002c567b784023a1939a98e40c4217feea99e597debe1341cf767b295343bff83a9983b9125fca2662084319d3fd7c82e45707a7ec9122b29", 0x3f) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000040)=""/51) 21:13:31 executing program 4: select(0x0, 0x0, 0x0, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) 21:13:31 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:31 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:31 executing program 3: syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) r0 = syz_open_pts(0xffffffffffffffff, 0x80001) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000400)={0x2, 0x6, 0x5, 0x27ec00, 0x18, "5f140132e3950e1a81f81cd47482bb2e05dc9b"}) r1 = fork() getpriority(0x0, r1) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0xb}, 0x4, 0x10000000, 0x0, r1, 0x0, 0x400, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0xfffd]}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) rt_sigqueueinfo(0x0, 0x3c, &(0x7f0000000380)={0x1d, 0x585, 0x6}) r3 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @remote}, &(0x7f00000002c0)=0x10, 0x80000) accept4$inet(r3, &(0x7f0000000300)={0x2, 0x0, @local}, &(0x7f0000000340)=0x10, 0x800) r4 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x2, 0x4000) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r4, 0x800455d1, &(0x7f0000000480)) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f00000001c0)=""/233) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2924.305103][ T37] audit: type=1326 audit(1625346811.495:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14506 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:31 executing program 4: select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x2710}) [ 2924.405365][T14523] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:31 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:31 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000001c0)=""/185) 21:13:31 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:31 executing program 4: select(0x0, 0x0, 0x0, 0x0, 0x0) 21:13:31 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x8) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:32 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000000)={0x6, 0x4, 0x7fffffff, 0x200, 'syz1\x00', 0x7}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:32 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) [ 2924.722990][T14523] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:32 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) [ 2924.828486][T14557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:32 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 0: exit(0x7) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:32 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) [ 2925.160299][T14557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:32 executing program 4: select(0x0, 0x0, 0x0, 0x0, 0x0) 21:13:32 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x9) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:32 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) [ 2925.515342][T14595] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:32 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:32 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) [ 2925.832319][T14595] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:33 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_VL_READ(r2, 0x80047013, &(0x7f00000001c0)) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$RTC_UIE_ON(r3, 0x7003) 21:13:33 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:33 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:33 executing program 4: select(0x0, 0x0, 0x0, 0x0, 0x0) 21:13:33 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:33 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:33 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xe) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:33 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x7f, 0x1}, 0x7) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000000)) 21:13:33 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) [ 2926.404574][T14647] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:33 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:33 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x5}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_open_dev$rtc(&(0x7f0000000000), 0x200, 0x80c0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:33 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:33 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:33 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:34 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2926.752160][T14647] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2926.810860][T14680] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2927.125298][T14680] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:34 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x11) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:34 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:34 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xbd, 0x4282) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0xfffffffe}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0x1000, 0x3]}) r1 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x525, 0x480000) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000240)={0xc8, 0x8, [0x1, 0x7]}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RREADLINK(r3, &(0x7f00000001c0)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:34 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:34 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:34 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:34 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) [ 2927.336674][T14707] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:34 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000001c0)={{0x2, 0x4}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000000, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0x0, 0x0, 0xfffd]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000000)=""/19) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:34 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:34 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:34 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:34 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:34 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x12) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:34 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0xfffffffe, 0x0, 0x1000}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x94000, 0x0) ioctl$FBIOGET_FSCREENINFO(r1, 0x4602, &(0x7f00000001c0)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:34 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:34 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:34 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:34 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) [ 2927.705948][T14707] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:35 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) [ 2927.778776][T14746] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:35 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:35 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:35 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:35 executing program 0: r0 = fork() getpriority(0x1, r0) r1 = fork() getpriority(0x0, r1) process_vm_readv(r1, &(0x7f0000000540)=[{&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000280)=""/254, 0xfe}, {&(0x7f0000000380)=""/246, 0xf6}, {&(0x7f0000000480)=""/186, 0xba}], 0x4, &(0x7f0000000a00)=[{&(0x7f0000000580)=""/52, 0x34}, {&(0x7f00000005c0)=""/35, 0x23}, {&(0x7f0000000600)=""/91, 0x5b}, {&(0x7f0000000680)=""/36, 0x24}, {&(0x7f00000006c0)=""/95, 0x5f}, {&(0x7f0000000740)=""/147, 0x93}, {&(0x7f0000000800)=""/200, 0xc8}, {&(0x7f0000000900)=""/202, 0xca}], 0x8, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400001, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f00000001c0)) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000040)=""/37) set_tid_address(&(0x7f0000000a80)) 21:13:35 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:35 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x14) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:35 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:35 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:35 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) 21:13:35 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:35 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(0xffffffffffffffff, 0xc0045520, &(0x7f0000000000)=0x7) [ 2928.128323][T14746] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2928.217888][ T37] kauditd_printk_skb: 12 callbacks suppressed [ 2928.217904][ T37] audit: type=1326 audit(1625346815.445:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14785 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2928.261818][T14788] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:35 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:35 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:35 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:35 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) 21:13:35 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x3e8, '\x00', 0xfffffffd}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000000)) 21:13:35 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) [ 2928.397729][ T37] audit: type=1326 audit(1625346815.625:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14801 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:35 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x15) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:35 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:35 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:35 executing program 2: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x12) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:35 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:35 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000000)=""/73) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) [ 2928.607905][T14788] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2928.691815][T14824] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2928.692379][T14822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:35 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000001c0)={0x4, 0x1, 0xfd, 0x3f, 'syz1\x00', 0x81}) write$P9_RLERRORu(r1, &(0x7f0000000040)={0xd, 0x7, 0x2}, 0xd) 21:13:36 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:36 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:36 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:36 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:36 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:36 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x16) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:36 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:36 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) [ 2929.046863][T14824] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:36 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000001c0)={0x4, 0x1, 0xfd, 0x3f, 'syz1\x00', 0x81}) write$P9_RLERRORu(r1, &(0x7f0000000040)={0xd, 0x7, 0x2}, 0xd) 21:13:36 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x189a03, 0x0) 21:13:36 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:36 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) [ 2929.122885][T14859] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2929.141059][ T37] audit: type=1326 audit(1625346816.375:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14856 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:36 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) 21:13:36 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:36 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) 21:13:36 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x509a00, 0x0) [ 2929.270927][ T37] audit: type=1326 audit(1625346816.505:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14874 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:36 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) [ 2929.332747][ T37] audit: type=1326 audit(1625346816.525:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14875 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2929.423472][ T37] audit: type=1326 audit(1625346816.555:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14878 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2929.454877][ T37] audit: type=1326 audit(1625346816.655:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14886 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:36 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x17) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:36 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) 21:13:36 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:36 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) 21:13:36 executing program 0: socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f0000000200)={0x1, &(0x7f00000001c0)=[{}]}) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x7, 0x1, {0x1, '\x00'}}, 0xa) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000000)=""/60) 21:13:36 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xbd, 0x4282) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0xfffffffe}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0x1000, 0x3]}) r1 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x525, 0x480000) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000240)={0xc8, 0x8, [0x1, 0x7]}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RREADLINK(r3, &(0x7f00000001c0)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2929.511404][T14859] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2929.554500][ T37] audit: type=1326 audit(1625346816.785:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14892 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:36 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) [ 2929.628218][T14899] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:36 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) 21:13:36 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) 21:13:36 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2929.675903][ T37] audit: type=1326 audit(1625346816.875:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14896 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2929.755147][ T37] audit: type=1326 audit(1625346816.945:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=14906 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:37 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:37 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x18) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:37 executing program 3: select(0x0, 0x0, &(0x7f0000000040)={0x5, 0x6, 0xaded3ec, 0x0, 0x8000, 0x5, 0x9, 0x54d84b14}, &(0x7f00000001c0)={0x2, 0x80, 0x9, 0x1000, 0x4, 0x3ff, 0x8000, 0x2}, &(0x7f0000000200)={0x0, 0x2710}) 21:13:37 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RSETATTR(r0, &(0x7f0000000040)={0x7, 0x1b, 0x1}, 0x7) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f0000000200)=0x401) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000001c0)={0x8, 0x2, 0x7, 0xdd6f, '\x00', 0x40}) 21:13:37 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) 21:13:37 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) [ 2929.974136][T14899] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:37 executing program 3: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x17) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2930.062828][T14927] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) 21:13:37 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:37 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:37 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) [ 2930.241945][T14949] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:37 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x19) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:37 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:37 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000040)) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r2, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLCREATE(r2, &(0x7f00000001c0)={0x18, 0xf, 0x1, {{0x80, 0x3, 0x3}, 0xffffffff}}, 0x18) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r3, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREAD(r3, &(0x7f0000000280)={0x55, 0x75, 0x1, {0x4a, "1288aa8c5a77538966fc7fd44271aec7266a8c41b8d367f1db9471adb7a319bcccb9470b1f63ad05d453f944c866e1aee899e4d7486c0fe819282d734a42cc85d0df0af29ac684d2a72a"}}, 0x55) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000000)={0xff, 0x8, [0x1, 0x6]}) 21:13:37 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) 21:13:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) [ 2930.414336][T14927] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) [ 2930.516245][T14976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:37 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:37 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 21:13:37 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:37 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) [ 2930.684040][T14991] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:38 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1a) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:38 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) 21:13:38 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) [ 2930.838185][T14976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:38 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) 21:13:38 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) [ 2930.918472][T15006] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:38 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) [ 2931.252034][T15006] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:38 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:38 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:38 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:38 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) 21:13:38 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1b) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:38 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2931.574416][T15033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2931.589402][T15034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:38 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) 21:13:38 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1a) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:38 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1}]}) 21:13:38 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1}]}) [ 2931.719446][T15050] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:39 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1}]}) 21:13:39 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) [ 2931.915391][T15034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:39 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:39 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:39 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1c) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:39 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x1b}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:39 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1a) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:39 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2932.523915][T15085] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2932.537852][T15087] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2932.570411][T15088] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2932.582991][T15098] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2932.603757][T15099] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:40 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:40 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1d) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2932.870464][T15085] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:40 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1a) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:40 executing program 2: prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) clock_nanosleep(0x1, 0x0, &(0x7f0000000040)={r0, r1+60000000}, &(0x7f00000001c0)) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x3}, 0x800004, 0x0, 0x0, 0x0, 0x0, 0xfb, 'syz1\x00', 0x0, 0x0, '\x00', [0x40]}) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2932.994416][T15113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2933.012316][T15112] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2933.013951][T15114] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:40 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1a) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:40 executing program 0: syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2933.339777][T15112] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:40 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:40 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:40 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1e) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2933.458802][T15133] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2933.459747][T15136] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2933.489227][ T37] kauditd_printk_skb: 16 callbacks suppressed [ 2933.489243][ T37] audit: type=1326 audit(1625346820.715:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15134 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2933.510274][T15141] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2933.545618][ T37] audit: type=1326 audit(1625346820.775:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15140 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:41 executing program 4: syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:41 executing program 0: syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:41 executing program 2: r0 = fork() getpriority(0x0, r0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, r0, 0x0, 0x0, 'syz1\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2933.858006][T15141] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:41 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x21) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2933.924361][T15153] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2933.964804][T15157] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:41 executing program 2: r0 = fork() getpriority(0x0, r0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, r0, 0x0, 0x0, 'syz1\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2934.006533][T15160] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:41 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) r1 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000000)) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f00000001c0)={'broute\x00', 0x0, 0x0, 0x0, [0x80000000, 0xb18, 0x0, 0x7fff, 0x8, 0x9], 0xa, &(0x7f0000000000)=[{}, {}, {}, {}, {}], 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x118) 21:13:41 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x19}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:41 executing program 4: syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:41 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:41 executing program 0: syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2934.297809][T15176] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:41 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2934.346746][T15160] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2934.362034][T15180] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2934.399295][T15184] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:41 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x22) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:41 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2934.428239][ T37] audit: type=1326 audit(1625346821.655:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15183 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2934.499692][T15187] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:41 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2934.564278][T15192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:41 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:41 executing program 4: syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2934.703908][ T37] audit: type=1326 audit(1625346821.935:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15199 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:42 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2934.744607][T15202] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:42 executing program 0: syz_80211_inject_frame(0x0, 0x0, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:42 executing program 2: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x21) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2934.900584][T15192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2934.921749][T15213] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:42 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x23) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2934.968475][T15216] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2935.000612][T15219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:42 executing program 4: syz_80211_inject_frame(0x0, 0x0, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:42 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x22) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:42 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2935.292678][T15227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2935.332265][T15219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:42 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x24) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2935.347249][ T37] audit: type=1326 audit(1625346822.575:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15231 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2935.364122][T15229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2935.425520][ T37] audit: type=1326 audit(1625346822.645:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15235 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2935.442712][T15237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2935.574574][ T37] audit: type=1326 audit(1625346822.805:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15242 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2935.716974][ T37] audit: type=1326 audit(1625346822.945:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15246 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2935.767875][T15237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:43 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x25) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2935.825388][ T37] audit: type=1326 audit(1625346823.055:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15249 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2935.930237][T15254] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:43 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:43 executing program 2: syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2936.242431][ T37] audit: type=1326 audit(1625346823.475:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15262 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2936.272170][T15254] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:43 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x26) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2936.374420][T15266] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:43 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2936.486338][T15272] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:43 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:43 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:43 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(0xffffffffffffffff, 0xc008551c, &(0x7f0000000000)={0x8, 0x4, [0xa00000]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:44 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000080)=0x80000000) syz_open_dev$media(&(0x7f0000000000), 0x2de7, 0x400840) prctl$PR_SET_SECCOMP(0x29, 0x0, 0x0) 21:13:44 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x27) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2936.853826][T15272] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:44 executing program 2: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x26) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2936.979800][T15295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2937.009541][T15297] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:44 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:44 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0x0, 0x0, 0xff01]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:44 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x28) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2937.300351][T15295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:44 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:44 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x14}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2937.422267][T15313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:44 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2937.520893][T15323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:44 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x1}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) [ 2937.561830][T15321] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:44 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x1}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:44 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x1}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:13:45 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x1}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) 21:13:45 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x29) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2937.742758][T15313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:45 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x1}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) [ 2937.866119][T15337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:45 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:45 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x1}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) 21:13:45 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x40, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4a, &(0x7f00000001c0)=""/253) [ 2938.201810][T15337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:45 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:45 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x1}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) 21:13:45 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:45 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x11}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:45 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x48) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) [ 2938.427384][T15366] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2938.443886][T15373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:45 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) connect$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) [ 2938.485723][T15365] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:45 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2938.770343][T15366] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:46 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) connect$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) 21:13:46 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:46 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{0x0, 0x3, 0x0, 0xffffff32, 'syz0\x00'}, 0x4, 0x100, 0x0, 0x0, 0x1e, 0x8, 'syz1\x00', 0x0, 0x0, '\x00', [0x0, 0x0, 0x0, 0x3]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) getgroups(0x6, &(0x7f0000000040)=[0x0, 0xee00, 0xee00, 0xee00, 0x0, 0xee00]) write$P9_RGETATTR(r1, &(0x7f00000001c0)={0xa0, 0x19, 0x1, {0x2084, {0x1, 0x3, 0x6}, 0xad, 0xffffffffffffffff, r2, 0x8, 0xfb53, 0xffeb, 0x400, 0xffffffffffff5625, 0x1000, 0xcbb3, 0x1, 0x3, 0x1, 0x400, 0x7, 0x364b, 0xfffffffffffff801, 0x4a3}}, 0xa0) 21:13:46 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4c) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2938.924247][ T37] kauditd_printk_skb: 8 callbacks suppressed [ 2938.924264][ T37] audit: type=1326 audit(1625346826.155:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15398 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2938.987804][T15397] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:46 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) connect$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) 21:13:46 executing program 2: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x80, 0x3f, 0x5, 0x5}, {0x200, 0x0, 0xff, 0x641}, {0x9, 0x1, 0x7, 0x5}]}) pipe2$9p(&(0x7f0000000040), 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0x7, 0x4d, 0x1}, 0x7) 21:13:46 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) [ 2939.318099][T15397] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:46 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0xf}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:46 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2939.480417][T15427] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2939.520882][T15424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:47 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:47 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x60) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:47 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:47 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) 21:13:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x20, 0x16b681) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2939.824145][T15436] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:47 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, 0x0, 0x1, {0x2, 0xff}, 0xfd}, 0x18) 21:13:47 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2939.875533][ T37] audit: type=1326 audit(1625346827.105:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15443 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2939.983341][ T37] audit: type=1326 audit(1625346827.215:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15453 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) connect$can_j1939(r0, 0x0, 0x0) 21:13:47 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2940.024332][ T37] audit: type=1326 audit(1625346827.245:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15457 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2940.198417][T15436] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:47 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:47 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:47 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:47 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x68) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2940.720983][ T37] audit: type=1326 audit(1625346827.955:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15489 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:48 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:48 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2940.762383][ T37] audit: type=1326 audit(1625346827.985:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15492 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2940.772179][T15488] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:48 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2940.862127][ T37] audit: type=1326 audit(1625346828.095:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15496 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:48 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2940.929961][ T37] audit: type=1326 audit(1625346828.145:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15502 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:48 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:48 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:48 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:48 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6c) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2941.166788][T15488] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2941.276049][T15526] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:48 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:48 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:48 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:48 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x74) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2941.600437][T15526] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2941.661294][ T37] audit: type=1326 audit(1625346828.895:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15536 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:48 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:49 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2941.795753][T15541] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2941.798808][ T37] audit: type=1326 audit(1625346828.965:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15539 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:49 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7a) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2942.112443][T15541] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2942.205906][T15565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:49 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:49 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:49 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2942.529291][T15565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:49 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xc0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:49 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2942.667320][T15580] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:50 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2943.020364][T15580] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2943.088557][T15600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:50 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) 21:13:50 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x300) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2943.434734][T15600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:50 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:50 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2943.508582][T15613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:50 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:51 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x500) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2943.825354][T15613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:51 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2943.899377][T15636] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2943.952708][ T37] kauditd_printk_skb: 12 callbacks suppressed [ 2943.952724][ T37] audit: type=1326 audit(1625346831.185:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15640 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x600) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2944.220587][T15636] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:51 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) [ 2944.349075][T15649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2944.395555][ T37] audit: type=1326 audit(1625346831.625:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15651 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:51 executing program 3: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:51 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:51 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) 21:13:51 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2944.568530][ T37] audit: type=1326 audit(1625346831.795:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:51 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2944.614389][ T37] audit: type=1326 audit(1625346831.825:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15659 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:51 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2944.686267][T15649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:51 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:52 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x700) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:52 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2944.855563][T15675] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2944.868517][ T37] audit: type=1326 audit(1625346832.095:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15678 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2945.175497][T15675] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:52 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 2945.262515][ T37] audit: type=1326 audit(1625346832.495:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15692 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:52 executing program 3: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:52 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:52 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x900) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2945.479129][T15698] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2945.513331][ T37] audit: type=1326 audit(1625346832.745:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15700 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2945.627027][ T37] audit: type=1326 audit(1625346832.835:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15703 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:52 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:53 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2945.769221][ T37] audit: type=1326 audit(1625346832.995:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15719 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:53 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xe00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2945.809617][T15698] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2945.965345][T15726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:53 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 2946.136548][ T37] audit: type=1326 audit(1625346833.365:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15733 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2946.287847][T15726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:53 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:53 executing program 3: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:53 executing program 0: prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:53 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:53 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:53 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:53 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2946.693624][T15742] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:54 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:54 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:54 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:54 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:54 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1100) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:54 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2947.018000][T15742] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2947.113399][T15771] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:54 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2947.436263][T15771] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:54 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:54 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:54 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1200) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:54 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:54 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2947.675775][T15792] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:55 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:55 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:55 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:55 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:55 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:55 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1400) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2948.006752][T15792] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2948.098062][T15815] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:55 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2948.442767][T15815] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:55 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x1) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:55 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:55 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:55 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1500) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:55 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:56 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2948.717597][T15833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:56 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:56 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:56 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:56 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1600) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2949.049897][T15833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2949.115328][T15864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:56 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2949.243435][ T37] kauditd_printk_skb: 13 callbacks suppressed [ 2949.243451][ T37] audit: type=1326 audit(1625346836.475:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15868 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2949.436347][T15864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:56 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1700) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:56 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) 21:13:56 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:56 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:57 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) [ 2949.706455][T15875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2949.733140][ T37] audit: type=1326 audit(1625346836.965:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15879 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:57 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xc0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2949.793973][ T37] audit: type=1326 audit(1625346837.005:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15886 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2949.890883][T15891] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2949.910817][ T37] audit: type=1326 audit(1625346837.075:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15889 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:57 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1800) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2950.038321][T15875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:57 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2950.148723][T15898] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2950.168320][ T37] audit: type=1326 audit(1625346837.395:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15900 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:57 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xc0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2950.304546][T15905] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:57 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) 21:13:57 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) 21:13:57 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1900) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:13:57 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000100)=0x7) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:57 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) [ 2950.712438][ T37] audit: type=1326 audit(1625346837.945:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15911 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2950.753427][T15912] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2950.783517][ T37] audit: type=1326 audit(1625346837.965:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15914 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2950.829918][ T37] audit: type=1326 audit(1625346838.065:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:58 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) [ 2950.883849][ T37] audit: type=1326 audit(1625346838.105:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15921 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:58 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2950.972519][ T37] audit: type=1326 audit(1625346838.205:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=15928 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:13:58 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1a00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2951.103309][T15912] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2951.172085][T15937] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2951.508577][T15940] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:13:58 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:58 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:13:58 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) 21:13:59 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:13:59 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:59 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:13:59 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) 21:13:59 executing program 0: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000380), 0x101040, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, &(0x7f00000001c0)={0x0, 0x400, 0x780, 0x80, 0x0, 0x0, 0x2, 0x1, {0x1, 0x80, 0x1}, {0x9, 0xfffffe01}, {0x8, 0x401}, {0x800, 0x3}, 0x1, 0x0, 0x2, 0x4, 0x1, 0x40, 0xff, 0x80000001, 0x17, 0x7, 0x4, 0x8, 0xc, 0x6, 0x1, 0x7}) r2 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_SEND_PRIO(r2, 0x6b, 0x3, &(0x7f0000000340)=0x2, 0x4) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$FBIOGET_VSCREENINFO(r3, 0x4600, &(0x7f0000000280)) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) write$P9_ROPEN(r0, &(0x7f00000003c0)={0x18, 0x71, 0x2, {{0x40, 0x2, 0x4}, 0xa6}}, 0x18) 21:13:59 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0xe}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:00 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2952.802734][T15980] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2952.834064][T15975] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:00 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2953.310343][ C1] vkms_vblank_simulate: vblank timer overrun [ 2954.142195][T28691] device hsr_slave_0 left promiscuous mode [ 2954.161479][T28691] device hsr_slave_1 left promiscuous mode [ 2954.174088][T28691] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2954.189003][T28691] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2954.200347][T28691] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2954.207767][T28691] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2954.221568][T28691] device bridge_slave_1 left promiscuous mode [ 2954.248740][T28691] bridge0: port 2(bridge_slave_1) entered disabled state [ 2954.267081][T28691] device bridge_slave_0 left promiscuous mode [ 2954.285295][T28691] bridge0: port 1(bridge_slave_0) entered disabled state [ 2954.332657][T28691] device veth1_macvtap left promiscuous mode [ 2954.338719][T28691] device veth0_macvtap left promiscuous mode [ 2954.349525][T28691] device veth1_vlan left promiscuous mode [ 2954.355359][T28691] device veth0_vlan left promiscuous mode [ 2956.859666][T25586] Bluetooth: hci4: command 0x0409 tx timeout [ 2958.630568][ T3277] ieee802154 phy0 wpan0: encryption failed: -22 [ 2958.636872][ T3277] ieee802154 phy1 wpan1: encryption failed: -22 [ 2958.966560][T25586] Bluetooth: hci4: command 0x041b tx timeout [ 2960.675983][T28691] team0 (unregistering): Port device team_slave_1 removed [ 2960.730111][T28691] team0 (unregistering): Port device team_slave_0 removed [ 2960.772816][T28691] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2960.808650][T28691] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2961.019650][ T9772] Bluetooth: hci4: command 0x040f tx timeout [ 2961.032091][T28691] bond0 (unregistering): Released all slaves [ 2961.363077][T16006] chnl_net:caif_netlink_parms(): no params data found [ 2961.531508][T16006] bridge0: port 1(bridge_slave_0) entered blocking state [ 2961.542389][T16006] bridge0: port 1(bridge_slave_0) entered disabled state [ 2961.672875][T16006] device bridge_slave_0 entered promiscuous mode [ 2961.700848][T16006] bridge0: port 2(bridge_slave_1) entered blocking state [ 2961.711467][T16006] bridge0: port 2(bridge_slave_1) entered disabled state [ 2961.731585][T16006] device bridge_slave_1 entered promiscuous mode [ 2961.817285][T16006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2961.873008][T16006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2961.982897][T16006] team0: Port device team_slave_0 added [ 2961.991817][T16006] team0: Port device team_slave_1 added [ 2962.014437][T16006] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2962.059804][T16006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2962.093131][T16006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2962.106370][T16006] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2962.164332][T16006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2962.231506][T16006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2962.344840][T16006] device hsr_slave_0 entered promiscuous mode [ 2962.372680][T16006] device hsr_slave_1 entered promiscuous mode [ 2962.392551][T16006] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2962.456029][T16006] Cannot create hsr debugfs directory [ 2962.928276][T16006] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2962.989230][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2963.035383][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2963.078989][T16006] 8021q: adding VLAN 0 to HW filter on device team0 [ 2963.099642][T25586] Bluetooth: hci4: command 0x0419 tx timeout [ 2963.120592][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 2963.130793][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2963.180083][ T9772] bridge0: port 1(bridge_slave_0) entered blocking state [ 2963.187166][ T9772] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2963.221231][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 2963.243462][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2963.270823][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2963.282478][ T9772] bridge0: port 2(bridge_slave_1) entered blocking state [ 2963.289567][ T9772] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2963.298105][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 2963.314514][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 2963.324073][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 2963.334876][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2963.376571][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2963.401227][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 2963.420394][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2963.430516][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2963.451275][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2963.461232][T16006] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2963.596607][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 2963.616926][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 2963.706353][T16006] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2963.768717][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 2963.784411][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 2963.838125][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 2963.862203][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 2963.880783][T16006] device veth0_vlan entered promiscuous mode [ 2963.889117][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 2963.905381][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 2963.935028][T16006] device veth1_vlan entered promiscuous mode [ 2964.004707][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 2964.017740][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 2964.039906][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 2964.051574][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 2964.092159][T16006] device veth0_macvtap entered promiscuous mode [ 2964.121713][T16006] device veth1_macvtap entered promiscuous mode [ 2964.204242][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2964.248961][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.288835][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2964.314518][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.334180][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2964.381812][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.417773][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2964.447793][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.499265][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2964.534389][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.555961][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2964.592133][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.621130][T16006] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2964.634426][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 2964.650565][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 2964.658453][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 2964.670248][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 2964.712036][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2964.729240][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.752181][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2964.772669][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.783207][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2964.801066][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.821914][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2964.855136][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.921784][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2964.943080][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2964.959184][T16006] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2964.983809][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 2965.017057][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 2965.232990][ T472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2965.275163][ T472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2965.333770][T22176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2965.335696][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2965.348060][T22176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2965.393446][T23063] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2965.513620][T16274] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2965.833416][T16274] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:13 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1b00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:13 executing program 0: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x9}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:13 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:13 executing program 2: prctl$PR_SET_SECCOMP(0x2f, 0x1, 0x0) syz_80211_inject_frame(&(0x7f00000000c0)=@broadcast, &(0x7f0000000100)=@ctrl_frame=@bar={{}, {0x4}, @device_a, @broadcast, @compressed={{0x1, 0x0, 0x1, 0x0, 0x9}, {0x0, 0xff}}}, 0x14) r0 = socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00'}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x3f, 0x7f, 0x4, 0x81}, {0x3, 0x40, 0x4f, 0x7}]}) 21:14:13 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x6}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:13 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) r0 = fork() prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sched_rr_get_interval(r0, &(0x7f00000000c0)) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x20400, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffff76, 0x4d, 0x2}, 0x4b) [ 2965.998708][T16287] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2966.013894][T16296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2966.019918][T16295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2966.029850][T16288] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:13 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2966.048756][T16297] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2966.064503][T16301] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:13 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) r0 = fork() prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sched_rr_get_interval(r0, &(0x7f00000000c0)) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x20400, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffff76, 0x4d, 0x2}, 0x4b) 21:14:13 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:13 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:13 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) r0 = fork() prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sched_rr_get_interval(r0, &(0x7f00000000c0)) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x20400, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffff76, 0x4d, 0x2}, 0x4b) 21:14:13 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2966.425648][T16288] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:13 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1c00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:13 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x0, 0x5}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:13 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:13 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:13 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:13 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) r0 = fork() prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pipe2$9p(&(0x7f0000000000), 0x84800) sched_rr_get_interval(r0, &(0x7f00000000c0)) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x20400, 0x0) [ 2966.564602][T16342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2966.583181][T16331] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:13 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:13 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f00000000c0)=""/56) [ 2966.624707][T16349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:13 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:13 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) r0 = fork() prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pipe2$9p(&(0x7f0000000000), 0x84800) sched_rr_get_interval(r0, &(0x7f00000000c0)) 21:14:14 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:14 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:14 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1d00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2966.925299][T16331] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2966.971145][T16376] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:14 executing program 4: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) r0 = fork() prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pipe2$9p(&(0x7f0000000000), 0x84800) sched_rr_get_interval(r0, &(0x7f00000000c0)) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x20400, 0x0) 21:14:14 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:14 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) fork() prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) pipe2$9p(&(0x7f0000000000), 0x84800) 21:14:14 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:14 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:14 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:14 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:14 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:14 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) fork() prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) 21:14:14 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:14 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:14 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1e00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:14 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:14 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:14 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) fork() [ 2967.311829][T16376] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:14 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:14 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:14 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, &(0x7f00000000c0)=""/56) [ 2967.444422][T16417] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:14 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x3, 0x0) 21:14:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:14 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1f00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:15 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x0, 0x20, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:15 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) 21:14:15 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f00000000c0)=""/56) [ 2967.792752][T16417] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f00000000c0)=""/56) [ 2967.853612][T16458] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:15 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:15 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:15 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:15 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) 21:14:15 executing program 5: prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) [ 2968.074467][ T37] kauditd_printk_skb: 8 callbacks suppressed [ 2968.074485][ T37] audit: type=1326 audit(1625346855.305:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16479 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:15 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:15 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) [ 2968.206289][T16458] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:15 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:15 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) [ 2968.304485][T16499] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2968.637466][T16499] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:16 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:16 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:16 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2100) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:16 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, &(0x7f00000000c0)=""/56) 21:14:16 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) [ 2968.932277][T16538] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) [ 2968.984283][ T37] audit: type=1326 audit(1625346856.215:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16548 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:16 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:16 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) [ 2969.273825][T16538] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:17 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:14:17 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:17 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:17 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:17 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2200) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:17 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) [ 2969.882435][T16602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2969.898742][ T37] audit: type=1326 audit(1625346857.125:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16606 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:17 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:17 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) [ 2970.220261][T16602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:17 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:17 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:17 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:14:17 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2300) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:14:18 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) [ 2970.826583][T16659] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2970.853274][ T37] audit: type=1326 audit(1625346858.085:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16668 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:18 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:14:18 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) [ 2971.183336][T16659] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:18 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:18 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:18 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:18 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, 0x0) 21:14:18 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:18 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2400) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2971.737766][T16714] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:19 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, 0x0) 21:14:19 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:19 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:19 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) [ 2971.791552][ T37] audit: type=1326 audit(1625346859.025:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16719 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:19 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:19 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, 0x0) [ 2972.085203][T16714] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:19 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:19 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)=""/56) 21:14:19 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:19 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:14:19 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2500) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:19 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) [ 2972.664821][T16762] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2972.685912][ T37] audit: type=1326 audit(1625346859.915:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16767 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:14:20 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:20 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) [ 2972.925604][ T37] audit: type=1326 audit(1625346860.155:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16791 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2973.035493][T16762] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:20 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:20 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:14:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:20 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2600) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2973.596917][T16815] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:20 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, 0x0) [ 2973.702562][ T37] audit: type=1326 audit(1625346860.935:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16817 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:21 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:21 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:21 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f00000000c0)=""/56) 21:14:21 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, 0x0) 21:14:21 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2973.986030][T16815] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2974.044778][ T37] audit: type=1326 audit(1625346861.275:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16845 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:21 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:21 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:21 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, 0x0) 21:14:21 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2700) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:21 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, 0x0) [ 2974.624089][T16865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:21 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) [ 2974.673245][ T37] audit: type=1326 audit(1625346861.905:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16875 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:21 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, 0x0) 21:14:21 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:22 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0) 21:14:22 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0) 21:14:22 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, 0x0, 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:22 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, 0x0) [ 2974.856626][ T37] audit: type=1326 audit(1625346862.085:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16883 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2975.007907][ T37] audit: type=1326 audit(1625346862.235:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16896 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2975.054211][T16865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:22 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:22 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0) 21:14:22 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2600) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:22 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2800) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2975.566987][T16917] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2975.629782][ T37] audit: type=1326 audit(1625346862.865:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16919 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2975.637789][T16914] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:22 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:23 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, &(0x7f00000000c0)=""/56) [ 2975.812082][ T37] audit: type=1326 audit(1625346863.045:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16928 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:23 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:23 executing program 5: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1d00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) [ 2976.022503][ T37] audit: type=1326 audit(1625346863.255:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16939 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2976.029343][T16944] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:23 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2900) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2976.065656][T16914] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2976.122960][T16952] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:23 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:14:23 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f00000000c0)=""/56) [ 2976.450036][T16952] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:23 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3d8c) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:23 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0) [ 2976.559348][ T37] audit: type=1326 audit(1625346863.785:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=16971 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:23 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:23 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f00000000c0)=""/56) [ 2976.626683][T16975] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:23 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0) 21:14:24 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r2, 0x40405514, &(0x7f0000000740)={0x4, 0x1, 0x6793, 0x19653711, '\x00', 0x101}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000080)=0x4400) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x380) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r3, 0xc1105518, &(0x7f0000000480)={{0x3, 0x0, 0x40, 0x3, '\x00', 0x7}, 0x2, 0x0, 0xf7a0, 0xffffffffffffffff, 0x3, 0x1ff, 'syz1\x00', &(0x7f0000000440)=['\x00', '/dev/fb1\x00', ']\x00'], 0xc, '\x00', [0x21f1, 0x2, 0x4, 0x200]}) r4 = syz_open_dev$sndctrl(&(0x7f00000002c0), 0x1, 0x10b500) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r4, 0xc0045520, &(0x7f0000000300)=0x9a) openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RREAD(r5, &(0x7f0000000240)=ANY=[@ANYBLOB="580000007502004d0000004a0c792f18a84b7777ce09b5d0222c173a6d5a64997bd22f65f5c776c977490881f96b84a8fc1e30955faf77b34f85e077a446ed48bf880a3088d8f9cd9a2a54a9091fb0f01651ff5dc874e297"], 0x58) r6 = fork() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f0000000600)={{0x5, 0x5, 0x5, 0x0, 'syz1\x00', 0x5}, 0x2, 0x3, 0x144, r6, 0x9, 0x101, 'syz0\x00', &(0x7f00000005c0)=['\x00', '/dev/snd/controlC#\x00', 'syz1\x00', '@\x97\x00', '\x00', '/dev/fb1\x00', '//\x14&\x00', '\x00', '#a${}*@}$\x00'], 0x36, '\x00', [0x81, 0x20, 0x6, 0x2]}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000340)=""/196) 21:14:24 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:24 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae88, 0x0) 21:14:24 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f00000000c0)=""/56) [ 2976.974157][T16975] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:24 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:24 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:24 executing program 2: socket$inet_sctp(0x2, 0x5, 0x84) prctl$PR_SET_SECCOMP(0x2f, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x1, 0x9, 0xff, 0xfff}, {0x7ff, 0x8, 0x66, 0x7ff}, {0x7f, 0x1, 0x2, 0x9}, {0x1000, 0x2, 0x9, 0xdd8}, {0x3, 0x7, 0x6, 0x82}, {0xc, 0x80, 0x9, 0x1e9c}, {0x1f, 0x4, 0x20, 0x101}, {0x2, 0x2, 0x81, 0x2}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x7, &(0x7f0000000100)=[{0x1, 0x80, 0x7, 0x1}, {0x4, 0xc6, 0x1, 0x80}, {0xaae, 0x0, 0xf4, 0xa669}, {0x4, 0x81, 0x3, 0xffff}, {0x7bc, 0x8, 0xff, 0x101}, {0x0, 0x9, 0x0, 0x9}, {0x8, 0x4, 0x3e, 0x4}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x1f, 0x27, 0x1, 0x3a94}, {0xff, 0x7, 0x3f, 0x5}, {0xfff, 0x1f, 0x1f, 0x9}]}) 21:14:24 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:24 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3f00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:24 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r2, 0x40405514, &(0x7f0000000740)={0x4, 0x1, 0x6793, 0x19653711, '\x00', 0x101}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000080)=0x4400) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x380) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r3, 0xc1105518, &(0x7f0000000480)={{0x3, 0x0, 0x40, 0x3, '\x00', 0x7}, 0x2, 0x0, 0xf7a0, 0xffffffffffffffff, 0x3, 0x1ff, 'syz1\x00', &(0x7f0000000440)=['\x00', '/dev/fb1\x00', ']\x00'], 0xc, '\x00', [0x21f1, 0x2, 0x4, 0x200]}) r4 = syz_open_dev$sndctrl(&(0x7f00000002c0), 0x1, 0x10b500) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r4, 0xc0045520, &(0x7f0000000300)=0x9a) openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RREAD(r5, &(0x7f0000000240)=ANY=[@ANYBLOB="580000007502004d0000004a0c792f18a84b7777ce09b5d0222c173a6d5a64997bd22f65f5c776c977490881f96b84a8fc1e30955faf77b34f85e077a446ed48bf880a3088d8f9cd9a2a54a9091fb0f01651ff5dc874e297"], 0x58) r6 = fork() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f0000000600)={{0x5, 0x5, 0x5, 0x0, 'syz1\x00', 0x5}, 0x2, 0x3, 0x144, r6, 0x9, 0x101, 'syz0\x00', &(0x7f00000005c0)=['\x00', '/dev/snd/controlC#\x00', 'syz1\x00', '@\x97\x00', '\x00', '/dev/fb1\x00', '//\x14&\x00', '\x00', '#a${}*@}$\x00'], 0x36, '\x00', [0x81, 0x20, 0x6, 0x2]}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000340)=""/196) 21:14:24 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2977.455878][T17030] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:24 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:24 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae02, &(0x7f00000000c0)=""/56) [ 2977.530958][ T37] audit: type=1326 audit(1625346864.765:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17040 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:24 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:24 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r2, 0x40405514, &(0x7f0000000740)={0x4, 0x1, 0x6793, 0x19653711, '\x00', 0x101}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000080)=0x4400) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x380) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r3, 0xc1105518, &(0x7f0000000480)={{0x3, 0x0, 0x40, 0x3, '\x00', 0x7}, 0x2, 0x0, 0xf7a0, 0xffffffffffffffff, 0x3, 0x1ff, 'syz1\x00', &(0x7f0000000440)=['\x00', '/dev/fb1\x00', ']\x00'], 0xc, '\x00', [0x21f1, 0x2, 0x4, 0x200]}) r4 = syz_open_dev$sndctrl(&(0x7f00000002c0), 0x1, 0x10b500) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r4, 0xc0045520, &(0x7f0000000300)=0x9a) openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RREAD(r5, &(0x7f0000000240)=ANY=[@ANYBLOB="580000007502004d0000004a0c792f18a84b7777ce09b5d0222c173a6d5a64997bd22f65f5c776c977490881f96b84a8fc1e30955faf77b34f85e077a446ed48bf880a3088d8f9cd9a2a54a9091fb0f01651ff5dc874e297"], 0x58) r6 = fork() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f0000000600)={{0x5, 0x5, 0x5, 0x0, 'syz1\x00', 0x5}, 0x2, 0x3, 0x144, r6, 0x9, 0x101, 'syz0\x00', &(0x7f00000005c0)=['\x00', '/dev/snd/controlC#\x00', 'syz1\x00', '@\x97\x00', '\x00', '/dev/fb1\x00', '//\x14&\x00', '\x00', '#a${}*@}$\x00'], 0x36, '\x00', [0x81, 0x20, 0x6, 0x2]}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000340)=""/196) 21:14:24 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae02, &(0x7f00000000c0)=""/56) [ 2977.811248][T17030] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:25 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:25 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:25 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:25 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2978.422734][T17086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:25 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:25 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:25 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, &(0x7f00000000c0)=""/56) [ 2978.873199][T17086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:26 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:26 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:26 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4800) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2979.404360][T17135] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:26 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:26 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x8008ae9d, &(0x7f00000000c0)=""/56) [ 2979.554964][ T37] kauditd_printk_skb: 3 callbacks suppressed [ 2979.554982][ T37] audit: type=1326 audit(1625346866.785:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17146 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:26 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x8008ae9d, &(0x7f00000000c0)=""/56) [ 2979.648330][ T37] audit: type=1326 audit(1625346866.865:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17148 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:26 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae0a, &(0x7f00000000c0)=""/56) [ 2979.854289][T17135] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:27 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000180)={0x0, 0x360, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:27 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae0a, &(0x7f00000000c0)=""/56) 21:14:27 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae02, &(0x7f00000000c0)=""/56) 21:14:27 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4c00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2980.467586][T17191] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:27 executing program 2: prctl$PR_SET_SECCOMP(0x2f, 0x0, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000180)=""/23) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000140)) wait4(0xffffffffffffffff, &(0x7f0000000040), 0x0, &(0x7f0000000080)) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000000)) 21:14:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, 0x0) 21:14:27 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc004ae02, &(0x7f00000000c0)=""/56) [ 2980.627289][ T37] audit: type=1326 audit(1625346867.855:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, 0x0) 21:14:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:28 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x60}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2980.851468][T17191] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2980.898810][T17223] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2980.930569][T17220] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:28 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) 21:14:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, 0x0) 21:14:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, 0x0) 21:14:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:28 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:28 executing program 2: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) clock_nanosleep(0x6, 0x0, &(0x7f0000000040)={r0, r1+10000000}, &(0x7f0000000080)) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f00000000c0)={0x80, 0x300, 0x40, 0x800, 0x80, 0x7f, 0x2, 0x2, {0x5, 0x3}, {0x2, 0x8001}, {0x1, 0x6, 0x9}, {0x8, 0x1000, 0x1}, 0x1, 0x40, 0x7, 0x48ebeee6, 0x1, 0xf0b, 0x9, 0x2, 0x4, 0x6a, 0x8000, 0x9, 0x4, 0x4, 0x3, 0xc}) prctl$PR_SET_SECCOMP(0x2f, 0x1, 0x0) 21:14:28 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, &(0x7f00000000c0)=""/56) 21:14:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, 0x0) [ 2981.635212][T17245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:28 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:28 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, &(0x7f00000000c0)=""/56) [ 2981.672669][ T37] audit: type=1326 audit(1625346868.905:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17256 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:28 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, &(0x7f00000000c0)=""/56) 21:14:29 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x8008ae9d, &(0x7f00000000c0)=""/56) [ 2982.004771][T17245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:29 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, &(0x7f00000000c0)=""/56) 21:14:29 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, &(0x7f00000000c0)=""/56) 21:14:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, 0x0) 21:14:29 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x8008ae9d, &(0x7f00000000c0)=""/56) 21:14:29 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) 21:14:29 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6800) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2982.660697][T17302] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:29 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae07, &(0x7f00000000c0)=""/56) [ 2982.698875][ T37] audit: type=1326 audit(1625346869.925:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17309 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:30 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, &(0x7f00000000c0)=""/56) 21:14:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, 0x0) 21:14:30 executing program 0: r0 = fork() getpriority(0x0, r0) waitid(0x2, r0, &(0x7f0000000000), 0x40000000, &(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x2f, 0x1, 0x0) 21:14:30 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, &(0x7f00000000c0)=""/56) 21:14:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, 0x0) 21:14:30 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae07, &(0x7f00000000c0)=""/56) 21:14:30 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, &(0x7f00000000c0)=""/56) 21:14:30 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae07, &(0x7f00000000c0)=""/56) 21:14:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, 0x0) [ 2983.118233][T17302] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:30 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) 21:14:30 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, &(0x7f00000000c0)=""/56) 21:14:30 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, &(0x7f00000000c0)=""/56) 21:14:30 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x28}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, &(0x7f00000000c0)=""/56) 21:14:30 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6c00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:30 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, &(0x7f00000000c0)=""/56) [ 2983.563914][T17363] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2983.564908][T17373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:30 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, &(0x7f00000000c0)=""/56) 21:14:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, &(0x7f00000000c0)=""/56) [ 2983.613196][T17380] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2983.637285][ T37] audit: type=1326 audit(1625346870.865:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17375 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, &(0x7f00000000c0)=""/56) 21:14:31 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae03, &(0x7f00000000c0)=""/56) 21:14:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, &(0x7f00000000c0)=""/56) [ 2983.924100][T17363] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:31 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, &(0x7f00000000c0)=""/56) 21:14:31 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae03, &(0x7f00000000c0)=""/56) 21:14:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, &(0x7f00000000c0)=""/56) 21:14:31 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7400) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:31 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) [ 2984.583938][T17422] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2984.610232][ T37] audit: type=1326 audit(1625346871.845:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17423 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:31 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae03, &(0x7f00000000c0)=""/56) 21:14:31 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae07, &(0x7f00000000c0)=""/56) 21:14:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, &(0x7f00000000c0)=""/56) 21:14:32 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:32 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae07, &(0x7f00000000c0)=""/56) [ 2984.807847][ T37] audit: type=1326 audit(1625346871.995:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17431 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, &(0x7f00000000c0)=""/56) 21:14:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, &(0x7f00000000c0)=""/56) [ 2984.899682][ T37] audit: type=1326 audit(1625346872.135:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:32 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae07, &(0x7f00000000c0)=""/56) 21:14:32 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, &(0x7f00000000c0)=""/56) 21:14:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, &(0x7f00000000c0)=""/56) [ 2985.031412][T17422] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7a00) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2985.209183][T17475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:32 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, 0x0) 21:14:32 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, &(0x7f00000000c0)=""/56) 21:14:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, &(0x7f00000000c0)=""/56) [ 2985.536262][T17475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:32 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, &(0x7f00000000c0)=""/56) 21:14:32 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, &(0x7f00000000c0)=""/56) 21:14:32 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, &(0x7f00000000c0)=""/56) 21:14:32 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x8c3d) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2985.767504][T17514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:33 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae03, &(0x7f00000000c0)=""/56) 21:14:33 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) [ 2985.823866][ T37] audit: type=1326 audit(1625346873.055:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17524 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:33 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, &(0x7f00000000c0)=""/56) 21:14:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) 21:14:33 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:33 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, &(0x7f00000000c0)=""/56) [ 2986.114526][T17514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:33 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x598, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:33 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae03, &(0x7f00000000c0)=""/56) 21:14:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) 21:14:33 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:33 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, &(0x7f00000000c0)=""/56) 21:14:33 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xc000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:33 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) [ 2986.698827][T17575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2986.711579][ T37] audit: type=1326 audit(1625346873.945:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17572 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:34 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, &(0x7f00000000c0)=""/56) 21:14:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) 21:14:34 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae03, &(0x7f00000000c0)=""/56) 21:14:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:34 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, &(0x7f00000000c0)=""/56) [ 2987.024700][T17575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:34 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x0, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, 0x0) 21:14:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) 21:14:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, &(0x7f00000000c0)=""/56) 21:14:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:34 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2987.662444][T17626] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2987.686697][ T37] audit: type=1326 audit(1625346874.915:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17633 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:35 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, 0x0) 21:14:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, &(0x7f00000000c0)=""/56) 21:14:35 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, 0x0) 21:14:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) [ 2988.090578][T17626] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:35 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x0, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:35 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, 0x0) 21:14:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, &(0x7f00000000c0)=""/56) 21:14:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:35 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:35 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x30000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:35 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, &(0x7f00000000c0)=""/56) 21:14:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) [ 2988.593434][T17685] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2988.604518][ T37] audit: type=1326 audit(1625346875.835:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17682 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:35 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, &(0x7f00000000c0)=""/56) 21:14:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) 21:14:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) [ 2989.023115][T17685] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:36 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x0, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:36 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) 21:14:36 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, &(0x7f00000000c0)=""/56) 21:14:36 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:36 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x34000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2989.596893][T17735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:36 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:36 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, 0x0) 21:14:36 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, &(0x7f00000000c0)=""/56) 21:14:37 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 2989.718827][ T37] audit: type=1326 audit(1625346876.945:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17743 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:37 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) [ 2989.851493][T17757] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 2989.994672][T17735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:37 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:37 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, 0x0) 21:14:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) 21:14:37 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:37 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x90000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2990.638773][T17795] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2990.695449][ T37] audit: type=1326 audit(1625346877.925:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17791 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) 21:14:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:38 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae04, 0x0) 21:14:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) 21:14:38 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f00000000c0)=""/56) [ 2990.947989][ T37] audit: type=1326 audit(1625346878.175:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17810 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) 21:14:38 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) [ 2991.081248][T17795] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:38 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x200000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:38 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, 0x0) 21:14:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:38 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) [ 2991.235608][T17849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:38 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 2991.573806][T17849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:39 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:39 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, 0x0) 21:14:39 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, &(0x7f00000000c0)=""/56) 21:14:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:39 executing program 4: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:39 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x400300) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2991.807422][T17887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:39 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, 0x0) 21:14:39 executing program 4: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) [ 2991.876214][ T37] audit: type=1326 audit(1625346879.105:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17894 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:39 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:39 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) [ 2992.125226][T17887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:39 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x0, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:39 executing program 4: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:39 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) 21:14:39 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf0ffff) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2992.758550][T17946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:40 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) [ 2992.790828][ T37] audit: type=1326 audit(1625346880.025:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=17950 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:40 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, 0x0) 21:14:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 2993.121870][T17946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:40 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x0, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:40 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:40 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, 0x0) 21:14:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:40 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2993.734826][T17998] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 2993.768318][ T37] audit: type=1326 audit(1625346880.995:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18002 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:41 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:41 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae00, 0x0) 21:14:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:41 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:41 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) [ 2994.160649][T17998] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:41 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:41 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x0, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:41 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:41 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x0, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:41 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2994.735948][ T37] audit: type=1326 audit(1625346881.965:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18050 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2994.809164][T18052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:42 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:42 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 2994.932321][ T37] audit: type=1326 audit(1625346882.085:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18061 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:42 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:14:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 2995.177297][T18052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:42 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:42 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) [ 2995.548481][T18121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:42 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x0, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:42 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x0, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:42 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x0, 0x2, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 2995.702001][ T37] audit: type=1326 audit(1625346882.935:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18138 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 2995.751494][ T37] audit: type=1326 audit(1625346882.955:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18135 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:43 executing program 4: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x26}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2995.814432][ T37] audit: type=1326 audit(1625346882.965:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18144 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:43 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) [ 2995.891128][T18121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2995.905356][T18166] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:43 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2995.933280][T18162] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:43 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) [ 2996.050120][T18172] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:43 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) [ 2996.377063][T18172] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:43 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x0, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:43 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:43 executing program 4: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:43 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x5000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:43 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, &(0x7f00000000c0)=""/56) 21:14:43 executing program 2: syz_80211_inject_frame(&(0x7f0000000000)=@device_a={0x8, 0x2, 0x11, 0x0, 0x23}, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 2996.644517][T18202] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2996.657669][T18198] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2996.674477][T18195] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:43 executing program 4: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:43 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, &(0x7f00000000c0)=""/56) [ 2996.708962][ T37] audit: type=1326 audit(1625346883.935:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18204 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 2996.734764][T18197] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:44 executing program 4: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:44 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, &(0x7f00000000c0)=""/56) 21:14:44 executing program 4: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:14:44 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x541b, &(0x7f00000000c0)=""/56) [ 2997.001600][T18198] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:44 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x0, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:44 executing program 4: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:14:44 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x541b, &(0x7f00000000c0)=""/56) 21:14:44 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:14:44 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:44 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x4, 0x0) [ 2997.598499][T18252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:44 executing program 5: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x541b, &(0x7f00000000c0)=""/56) 21:14:44 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x0, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:44 executing program 4: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:14:44 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x4, 0x0) [ 2997.678471][ T37] audit: type=1326 audit(1625346884.905:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18266 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, &(0x7f00000000c0)=""/56) [ 2997.785414][ T37] audit: type=1326 audit(1625346885.015:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18273 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:45 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f00000000c0)=""/56) [ 2997.945863][T18252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:45 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x0, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:45 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x4, 0x0) 21:14:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, &(0x7f00000000c0)=""/56) 21:14:45 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f00000000c0)=""/56) 21:14:45 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:45 executing program 0 (fault-call:0 fault-nth:0): prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) [ 2998.662750][T18310] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:46 executing program 2 (fault-call:1 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, &(0x7f00000000c0)=""/56) 21:14:46 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f00000000c0)=""/56) [ 2998.754555][ T37] audit: type=1326 audit(1625346885.985:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18319 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:46 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, &(0x7f00000000c0)=""/56) [ 2998.843288][T18327] FAULT_INJECTION: forcing a failure. [ 2998.843288][T18327] name failslab, interval 1, probability 0, space 0, times 0 [ 2998.870553][T18331] FAULT_INJECTION: forcing a failure. [ 2998.870553][T18331] name failslab, interval 1, probability 0, space 0, times 0 [ 2998.950500][T18327] CPU: 1 PID: 18327 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2998.960350][T18327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2998.970414][T18327] Call Trace: [ 2998.973706][T18327] dump_stack_lvl+0xcd/0x134 [ 2998.978325][T18327] should_fail.cold+0x5/0xa [ 2998.982845][T18327] ? tomoyo_realpath_from_path+0xc3/0x620 [ 2998.988575][T18327] should_failslab+0x5/0x10 [ 2998.993094][T18327] __kmalloc+0x72/0x330 [ 2998.997264][T18327] tomoyo_realpath_from_path+0xc3/0x620 [ 2999.002824][T18327] ? tomoyo_profile+0x42/0x50 [ 2999.007547][T18327] tomoyo_path_number_perm+0x1d5/0x590 [ 2999.013031][T18327] ? tomoyo_path_number_perm+0x18d/0x590 [ 2999.018683][T18327] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 2999.024527][T18327] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2999.030782][T18327] ? lock_acquire+0x442/0x510 [ 2999.035471][T18327] ? lock_release+0x522/0x720 [ 2999.040159][T18327] ? lock_downgrade+0x6e0/0x6e0 [ 2999.045002][T18327] ? lock_acquire+0x442/0x510 [ 2999.049667][T18327] ? lock_release+0x522/0x720 [ 2999.054333][T18327] ? __context_tracking_exit+0xb8/0xe0 [ 2999.059785][T18327] ? __fget_files+0x288/0x3d0 [ 2999.064452][T18327] security_file_ioctl+0x50/0xb0 [ 2999.069380][T18327] __x64_sys_ioctl+0xb3/0x200 [ 2999.075096][T18327] do_syscall_64+0x35/0xb0 [ 2999.079506][T18327] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2999.085395][T18327] RIP: 0033:0x4665d9 [ 2999.089276][T18327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2999.109390][T18327] RSP: 002b:00007fd78ebc3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2999.117801][T18327] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2999.125758][T18327] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 2999.133742][T18327] RBP: 00007fd78ebc31d0 R08: 0000000000000000 R09: 0000000000000000 [ 2999.141698][T18327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2999.149745][T18327] R13: 0000000000a9fb1f R14: 00007fd78ebc3300 R15: 0000000000022000 [ 2999.166109][T18331] CPU: 1 PID: 18331 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2999.175928][T18331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2999.185985][T18331] Call Trace: [ 2999.189254][T18331] dump_stack_lvl+0xcd/0x134 [ 2999.193844][T18331] should_fail.cold+0x5/0xa [ 2999.198348][T18331] ? yama_ptracer_add+0x48/0x550 [ 2999.203284][T18331] should_failslab+0x5/0x10 [ 2999.207778][T18331] kmem_cache_alloc_trace+0x55/0x3c0 [ 2999.213053][T18331] yama_ptracer_add+0x48/0x550 [ 2999.217909][T18331] yama_task_prctl+0x206/0x4e0 [ 2999.222666][T18331] security_task_prctl+0x6d/0xf0 [ 2999.227595][T18331] __do_sys_prctl+0x94/0x1040 [ 2999.232264][T18331] ? __ia32_sys_umask+0xb0/0xb0 [ 2999.237105][T18331] ? syscall_enter_from_user_mode+0x21/0x70 [ 2999.242989][T18331] do_syscall_64+0x35/0xb0 [ 2999.247393][T18331] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2999.253280][T18331] RIP: 0033:0x4665d9 [ 2999.257161][T18331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2999.276757][T18331] RSP: 002b:00007fb2ce7f3188 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 2999.285157][T18331] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2999.293126][T18331] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000059616d61 21:14:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, &(0x7f00000000c0)=""/56) [ 2999.301080][T18331] RBP: 00007fb2ce7f31d0 R08: 0000000000000000 R09: 0000000000000000 [ 2999.309124][T18331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2999.317081][T18331] R13: 0000000000a9fb1f R14: 00007fb2ce7f3300 R15: 0000000000022000 21:14:46 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, &(0x7f00000000c0)=""/56) [ 2999.392285][T18327] ERROR: Out of memory at tomoyo_realpath_from_path. 21:14:46 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x541b, &(0x7f00000000c0)=""/56) 21:14:46 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x8000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:46 executing program 4: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000080)={{}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, &(0x7f00000000c0)=""/56) 21:14:46 executing program 2 (fault-call:1 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:46 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x0, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:46 executing program 0 (fault-call:0 fault-nth:1): prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) [ 2999.656501][T18355] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2999.665078][T18359] FAULT_INJECTION: forcing a failure. [ 2999.665078][T18359] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2999.695529][T18364] FAULT_INJECTION: forcing a failure. 21:14:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f00000000c0)=""/56) [ 2999.695529][T18364] name failslab, interval 1, probability 0, space 0, times 0 [ 2999.715963][ T37] audit: type=1326 audit(1625346886.945:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18365 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:47 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x541b, &(0x7f00000000c0)=""/56) [ 2999.772579][T18359] CPU: 0 PID: 18359 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2999.782452][T18359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2999.792519][T18359] Call Trace: [ 2999.795808][T18359] dump_stack_lvl+0xcd/0x134 [ 2999.800477][T18359] should_fail.cold+0x5/0xa [ 2999.805003][T18359] _copy_to_user+0x2c/0x150 [ 2999.809520][T18359] simple_read_from_buffer+0xcc/0x160 [ 2999.815004][T18359] proc_fail_nth_read+0x187/0x220 [ 2999.820043][T18359] ? proc_fault_inject_read+0x220/0x220 [ 2999.825608][T18359] ? security_file_permission+0x248/0x560 [ 2999.831356][T18359] ? proc_fault_inject_read+0x220/0x220 [ 2999.836928][T18359] vfs_read+0x1b5/0x570 [ 2999.841102][T18359] ksys_read+0x12d/0x250 [ 2999.846581][T18359] ? vfs_write+0xa30/0xa30 [ 2999.851019][T18359] ? syscall_enter_from_user_mode+0x21/0x70 [ 2999.856936][T18359] do_syscall_64+0x35/0xb0 [ 2999.861376][T18359] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2999.867287][T18359] RIP: 0033:0x41935c [ 2999.871186][T18359] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2999.891329][T18359] RSP: 002b:00007fb2ce7f3170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2999.899759][T18359] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000041935c [ 2999.907737][T18359] RDX: 000000000000000f RSI: 00007fb2ce7f31e0 RDI: 0000000000000003 [ 2999.915720][T18359] RBP: 00007fb2ce7f31d0 R08: 0000000000000000 R09: 0000000000000000 [ 2999.923698][T18359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2999.931680][T18359] R13: 0000000000a9fb1f R14: 00007fb2ce7f3300 R15: 0000000000022000 [ 2999.956561][T18364] CPU: 1 PID: 18364 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2999.966401][T18364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2999.976460][T18364] Call Trace: [ 2999.980914][T18364] dump_stack_lvl+0xcd/0x134 [ 2999.985527][T18364] should_fail.cold+0x5/0xa [ 2999.990047][T18364] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 2999.995427][T18364] should_failslab+0x5/0x10 [ 2999.999943][T18364] __kmalloc+0x72/0x330 [ 3000.004127][T18364] tomoyo_encode2.part.0+0xe9/0x3a0 [ 3000.009424][T18364] tomoyo_encode+0x28/0x50 [ 3000.013849][T18364] tomoyo_realpath_from_path+0x186/0x620 [ 3000.019491][T18364] tomoyo_path_number_perm+0x1d5/0x590 [ 3000.024968][T18364] ? tomoyo_path_number_perm+0x18d/0x590 [ 3000.030622][T18364] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 3000.036450][T18364] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3000.042710][T18364] ? lock_acquire+0x442/0x510 [ 3000.047399][T18364] ? lock_release+0x522/0x720 [ 3000.052098][T18364] ? lock_downgrade+0x6e0/0x6e0 [ 3000.056957][T18364] ? lock_acquire+0x442/0x510 [ 3000.062163][T18364] ? lock_release+0x522/0x720 [ 3000.066833][T18364] ? __context_tracking_exit+0xb8/0xe0 [ 3000.072286][T18364] ? __fget_files+0x288/0x3d0 [ 3000.077040][T18364] security_file_ioctl+0x50/0xb0 [ 3000.082058][T18364] __x64_sys_ioctl+0xb3/0x200 [ 3000.086752][T18364] do_syscall_64+0x35/0xb0 [ 3000.091157][T18364] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3000.097055][T18364] RIP: 0033:0x4665d9 [ 3000.100934][T18364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:14:47 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x541b, &(0x7f00000000c0)=""/56) [ 3000.120528][T18364] RSP: 002b:00007fd78ebc3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3000.129012][T18364] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3000.137236][T18364] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 3000.145199][T18364] RBP: 00007fd78ebc31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3000.153156][T18364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3000.161111][T18364] R13: 0000000000a9fb1f R14: 00007fd78ebc3300 R15: 0000000000022000 21:14:47 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x9000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3000.192825][T18355] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f00000000c0)=""/56) [ 3000.272687][T18383] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f00000000c0)=""/56) 21:14:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:14:47 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x0, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f00000000c0)=""/56) [ 3000.612574][T18364] ERROR: Out of memory at tomoyo_realpath_from_path. [ 3000.648635][T18383] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:47 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:47 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x0, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f00000000c0)=""/56) [ 3000.715504][ T37] audit: type=1326 audit(1625346887.945:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18401 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:48 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xe000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3000.793499][ T37] audit: type=1326 audit(1625346888.025:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18408 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:48 executing program 0: prctl$PR_SET_SECCOMP(0x7, 0x1, 0x0) [ 3000.905788][T18426] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:48 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, &(0x7f00000000c0)=""/56) 21:14:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x2, 0x0) 21:14:48 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, &(0x7f00000000c0)=""/56) 21:14:48 executing program 0: prctl$PR_SET_SECCOMP(0x8, 0x1, 0x0) [ 3001.231128][T18426] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:48 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:14:48 executing program 0: prctl$PR_SET_SECCOMP(0x17, 0x1, 0x0) 21:14:48 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, &(0x7f00000000c0)=""/56) [ 3001.610368][ T37] audit: type=1326 audit(1625346888.845:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18467 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:48 executing program 5 (fault-call:1 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:14:48 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4c01, 0x0) 21:14:48 executing program 0: prctl$PR_SET_SECCOMP(0x18, 0x1, 0x0) 21:14:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3001.706074][T18475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3001.726774][T18485] FAULT_INJECTION: forcing a failure. [ 3001.726774][T18485] name failslab, interval 1, probability 0, space 0, times 0 [ 3001.742370][T18485] CPU: 1 PID: 18485 Comm: syz-executor.5 Tainted: G W 5.13.0-syzkaller #0 [ 3001.752199][T18485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3001.762266][T18485] Call Trace: [ 3001.765547][T18485] dump_stack_lvl+0xcd/0x134 [ 3001.770151][T18485] should_fail.cold+0x5/0xa [ 3001.774654][T18485] ? tomoyo_realpath_from_path+0xc3/0x620 [ 3001.780365][T18485] should_failslab+0x5/0x10 [ 3001.784866][T18485] __kmalloc+0x72/0x330 [ 3001.789008][T18485] tomoyo_realpath_from_path+0xc3/0x620 [ 3001.794600][T18485] ? tomoyo_profile+0x42/0x50 [ 3001.799272][T18485] tomoyo_path_number_perm+0x1d5/0x590 [ 3001.804725][T18485] ? tomoyo_path_number_perm+0x18d/0x590 [ 3001.810437][T18485] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 3001.816494][T18485] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3001.822731][T18485] ? lock_acquire+0x442/0x510 [ 3001.827410][T18485] ? lock_release+0x522/0x720 [ 3001.832082][T18485] ? lock_downgrade+0x6e0/0x6e0 [ 3001.837265][T18485] ? lock_acquire+0x442/0x510 [ 3001.841927][T18485] ? lock_release+0x522/0x720 [ 3001.846676][T18485] ? __context_tracking_exit+0xb8/0xe0 [ 3001.852132][T18485] ? __fget_files+0x288/0x3d0 [ 3001.856798][T18485] security_file_ioctl+0x50/0xb0 [ 3001.861728][T18485] __x64_sys_ioctl+0xb3/0x200 [ 3001.866396][T18485] do_syscall_64+0x35/0xb0 [ 3001.870802][T18485] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3001.876689][T18485] RIP: 0033:0x4665d9 [ 3001.880570][T18485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:14:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3001.900166][T18485] RSP: 002b:00007f4cbdba6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3001.908565][T18485] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3001.916519][T18485] RDX: 0000000000000000 RSI: 000000000000541b RDI: 0000000000000003 [ 3001.924479][T18485] RBP: 00007f4cbdba61d0 R08: 0000000000000000 R09: 0000000000000000 [ 3001.932464][T18485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3001.940428][T18485] R13: 0000000000a9fb1f R14: 00007f4cbdba6300 R15: 0000000000022000 21:14:49 executing program 0: prctl$PR_SET_SECCOMP(0x1b, 0x1, 0x0) 21:14:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3002.081899][T18485] ERROR: Out of memory at tomoyo_realpath_from_path. [ 3002.158423][T18475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:49 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5421, 0x0) 21:14:49 executing program 4 (fault-call:1 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:14:49 executing program 0: prctl$PR_SET_SECCOMP(0x1c, 0x1, 0x0) 21:14:49 executing program 5 (fault-call:1 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:14:49 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x11000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5450, 0x0) [ 3002.497528][T18518] FAULT_INJECTION: forcing a failure. [ 3002.497528][T18518] name failslab, interval 1, probability 0, space 0, times 0 [ 3002.506192][T18511] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3002.511657][T18520] FAULT_INJECTION: forcing a failure. [ 3002.511657][T18520] name failslab, interval 1, probability 0, space 0, times 0 21:14:49 executing program 0: prctl$PR_SET_SECCOMP(0x2f, 0x1, 0x0) [ 3002.553191][ T37] audit: type=1326 audit(1625346889.785:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18523 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3002.579663][T18518] CPU: 0 PID: 18518 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 3002.589502][T18518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3002.599563][T18518] Call Trace: [ 3002.602847][T18518] dump_stack_lvl+0xcd/0x134 [ 3002.607529][T18518] should_fail.cold+0x5/0xa [ 3002.612058][T18518] ? tomoyo_realpath_from_path+0xc3/0x620 [ 3002.617825][T18518] should_failslab+0x5/0x10 [ 3002.622343][T18518] __kmalloc+0x72/0x330 [ 3002.626511][T18518] tomoyo_realpath_from_path+0xc3/0x620 [ 3002.632067][T18518] ? tomoyo_profile+0x42/0x50 [ 3002.636758][T18518] tomoyo_path_number_perm+0x1d5/0x590 [ 3002.642229][T18518] ? tomoyo_path_number_perm+0x18d/0x590 [ 3002.647883][T18518] ? tomoyo_execute_permission+0x4a0/0x4a0 21:14:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5451, 0x0) [ 3002.653697][T18518] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3002.660018][T18518] ? lock_acquire+0x442/0x510 [ 3002.664713][T18518] ? lock_release+0x522/0x720 [ 3002.669407][T18518] ? lock_downgrade+0x6e0/0x6e0 [ 3002.674275][T18518] ? lock_acquire+0x442/0x510 [ 3002.679067][T18518] ? lock_release+0x522/0x720 [ 3002.683755][T18518] ? __context_tracking_exit+0xb8/0xe0 [ 3002.689231][T18518] ? __fget_files+0x288/0x3d0 [ 3002.693917][T18518] security_file_ioctl+0x50/0xb0 [ 3002.698877][T18518] __x64_sys_ioctl+0xb3/0x200 [ 3002.703568][T18518] do_syscall_64+0x35/0xb0 [ 3002.707994][T18518] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3002.713900][T18518] RIP: 0033:0x4665d9 [ 3002.717813][T18518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3002.737421][T18518] RSP: 002b:00007f7a70c36188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3002.745841][T18518] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3002.753815][T18518] RDX: 0000000000000000 RSI: 0000000000000010 RDI: 0000000000000003 [ 3002.761783][T18518] RBP: 00007f7a70c361d0 R08: 0000000000000000 R09: 0000000000000000 [ 3002.769845][T18518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3002.777822][T18518] R13: 0000000000a9fb1f R14: 00007f7a70c36300 R15: 0000000000022000 [ 3002.803144][T18520] CPU: 1 PID: 18520 Comm: syz-executor.5 Tainted: G W 5.13.0-syzkaller #0 [ 3002.813053][T18520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3002.823115][T18520] Call Trace: [ 3002.826421][T18520] dump_stack_lvl+0xcd/0x134 [ 3002.831027][T18520] should_fail.cold+0x5/0xa [ 3002.835551][T18520] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 3002.841021][T18520] should_failslab+0x5/0x10 [ 3002.845549][T18520] __kmalloc+0x72/0x330 [ 3002.849718][T18520] tomoyo_encode2.part.0+0xe9/0x3a0 [ 3002.854929][T18520] tomoyo_encode+0x28/0x50 [ 3002.859359][T18520] tomoyo_realpath_from_path+0x186/0x620 [ 3002.865012][T18520] tomoyo_path_number_perm+0x1d5/0x590 [ 3002.870487][T18520] ? tomoyo_path_number_perm+0x18d/0x590 [ 3002.876138][T18520] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 3002.881961][T18520] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3002.888216][T18520] ? lock_acquire+0x442/0x510 [ 3002.892906][T18520] ? lock_release+0x522/0x720 [ 3002.897579][T18520] ? lock_downgrade+0x6e0/0x6e0 [ 3002.902426][T18520] ? lock_acquire+0x442/0x510 [ 3002.907095][T18520] ? lock_release+0x522/0x720 [ 3002.911762][T18520] ? __context_tracking_exit+0xb8/0xe0 [ 3002.917227][T18520] ? __fget_files+0x288/0x3d0 [ 3002.921896][T18520] security_file_ioctl+0x50/0xb0 [ 3002.926952][T18520] __x64_sys_ioctl+0xb3/0x200 [ 3002.931638][T18520] do_syscall_64+0x35/0xb0 [ 3002.936045][T18520] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3002.941931][T18520] RIP: 0033:0x4665d9 [ 3002.945811][T18520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3002.965679][T18520] RSP: 002b:00007f4cbdba6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3002.974173][T18520] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3002.982131][T18520] RDX: 0000000000000000 RSI: 000000000000541b RDI: 0000000000000003 [ 3002.990091][T18520] RBP: 00007f4cbdba61d0 R08: 0000000000000000 R09: 0000000000000000 21:14:50 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x7, 0x0) 21:14:50 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x12000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3002.998141][T18520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3003.006103][T18520] R13: 0000000000a9fb1f R14: 00007f4cbdba6300 R15: 0000000000022000 [ 3003.023555][T18511] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3003.048501][T18520] ERROR: Out of memory at tomoyo_realpath_from_path. 21:14:50 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x3ffff, 0x0) [ 3003.142435][T18542] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3003.145405][T18518] ERROR: Out of memory at tomoyo_realpath_from_path. 21:14:50 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:50 executing program 5 (fault-call:1 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:14:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5452, 0x0) 21:14:50 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:14:50 executing program 4 (fault-call:1 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3003.432809][ T37] audit: type=1326 audit(1625346890.665:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18555 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3003.463473][T18565] FAULT_INJECTION: forcing a failure. [ 3003.463473][T18565] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3003.464586][T18556] FAULT_INJECTION: forcing a failure. [ 3003.464586][T18556] name failslab, interval 1, probability 0, space 0, times 0 [ 3003.481977][T18565] CPU: 1 PID: 18565 Comm: syz-executor.5 Tainted: G W 5.13.0-syzkaller #0 [ 3003.499126][T18565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3003.509461][T18565] Call Trace: [ 3003.512746][T18565] dump_stack_lvl+0xcd/0x134 [ 3003.517438][T18565] should_fail.cold+0x5/0xa [ 3003.522176][T18565] _copy_to_user+0x2c/0x150 [ 3003.526766][T18565] simple_read_from_buffer+0xcc/0x160 [ 3003.533525][T18565] proc_fail_nth_read+0x187/0x220 [ 3003.538580][T18565] ? proc_fault_inject_read+0x220/0x220 [ 3003.544229][T18565] ? security_file_permission+0x248/0x560 [ 3003.549955][T18565] ? proc_fault_inject_read+0x220/0x220 [ 3003.555510][T18565] vfs_read+0x1b5/0x570 [ 3003.559750][T18565] ksys_read+0x12d/0x250 [ 3003.563990][T18565] ? vfs_write+0xa30/0xa30 [ 3003.568398][T18565] ? syscall_enter_from_user_mode+0x21/0x70 [ 3003.574383][T18565] do_syscall_64+0x35/0xb0 [ 3003.578792][T18565] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3003.584935][T18565] RIP: 0033:0x41935c [ 3003.588938][T18565] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 3003.608898][T18565] RSP: 002b:00007f4cbdba6170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 3003.617398][T18565] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c [ 3003.625548][T18565] RDX: 000000000000000f RSI: 00007f4cbdba61e0 RDI: 0000000000000004 [ 3003.633686][T18565] RBP: 00007f4cbdba61d0 R08: 0000000000000000 R09: 0000000000000000 [ 3003.641648][T18565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3003.649626][T18565] R13: 0000000000a9fb1f R14: 00007f4cbdba6300 R15: 0000000000022000 [ 3003.670587][T18542] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3003.692005][T18556] CPU: 0 PID: 18556 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 3003.702720][T18556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3003.712782][T18556] Call Trace: [ 3003.716067][T18556] dump_stack_lvl+0xcd/0x134 [ 3003.720681][T18556] should_fail.cold+0x5/0xa [ 3003.725205][T18556] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 3003.730589][T18556] should_failslab+0x5/0x10 [ 3003.735104][T18556] __kmalloc+0x72/0x330 [ 3003.739364][T18556] tomoyo_encode2.part.0+0xe9/0x3a0 [ 3003.744577][T18556] tomoyo_encode+0x28/0x50 [ 3003.749005][T18556] tomoyo_realpath_from_path+0x186/0x620 [ 3003.754911][T18556] tomoyo_path_number_perm+0x1d5/0x590 [ 3003.760388][T18556] ? tomoyo_path_number_perm+0x18d/0x590 [ 3003.766043][T18556] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 3003.771864][T18556] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3003.778207][T18556] ? lock_acquire+0x442/0x510 [ 3003.783245][T18556] ? lock_release+0x522/0x720 [ 3003.787936][T18556] ? lock_downgrade+0x6e0/0x6e0 [ 3003.792965][T18556] ? lock_acquire+0x442/0x510 [ 3003.797649][T18556] ? lock_release+0x522/0x720 [ 3003.802334][T18556] ? __context_tracking_exit+0xb8/0xe0 [ 3003.807812][T18556] ? __fget_files+0x288/0x3d0 [ 3003.812678][T18556] security_file_ioctl+0x50/0xb0 [ 3003.817630][T18556] __x64_sys_ioctl+0xb3/0x200 [ 3003.822321][T18556] do_syscall_64+0x35/0xb0 [ 3003.826854][T18556] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3003.833288][T18556] RIP: 0033:0x4665d9 [ 3003.837882][T18556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3003.862363][T18556] RSP: 002b:00007f7a70c36188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3003.870792][T18556] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3003.878774][T18556] RDX: 0000000000000000 RSI: 0000000000000010 RDI: 0000000000000003 21:14:51 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x7fffffff}) 21:14:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5460, 0x0) 21:14:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x14000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3003.886925][T18556] RBP: 00007f7a70c361d0 R08: 0000000000000000 R09: 0000000000000000 [ 3003.894902][T18556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3003.902879][T18556] R13: 0000000000a9fb1f R14: 00007f7a70c36300 R15: 0000000000022000 21:14:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x6364, 0x0) [ 3003.984266][T18582] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3003.997341][T18556] ERROR: Out of memory at tomoyo_realpath_from_path. 21:14:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:14:51 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) 21:14:51 executing program 4 (fault-call:1 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3004.109889][T18590] FAULT_INJECTION: forcing a failure. [ 3004.109889][T18590] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3004.133401][T18590] CPU: 1 PID: 18590 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 3004.143244][T18590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3004.153314][T18590] Call Trace: [ 3004.156862][T18590] dump_stack_lvl+0xcd/0x134 [ 3004.161476][T18590] should_fail.cold+0x5/0xa [ 3004.165995][T18590] _copy_to_user+0x2c/0x150 [ 3004.170638][T18590] simple_read_from_buffer+0xcc/0x160 [ 3004.176203][T18590] proc_fail_nth_read+0x187/0x220 [ 3004.181239][T18590] ? proc_fault_inject_read+0x220/0x220 [ 3004.186838][T18590] ? security_file_permission+0x248/0x560 [ 3004.192587][T18590] ? proc_fault_inject_read+0x220/0x220 [ 3004.198152][T18590] vfs_read+0x1b5/0x570 [ 3004.202437][T18590] ksys_read+0x12d/0x250 [ 3004.206782][T18590] ? vfs_write+0xa30/0xa30 [ 3004.211210][T18590] ? syscall_enter_from_user_mode+0x21/0x70 [ 3004.217106][T18590] do_syscall_64+0x35/0xb0 [ 3004.221610][T18590] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3004.227500][T18590] RIP: 0033:0x41935c [ 3004.231379][T18590] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 3004.251150][T18590] RSP: 002b:00007f7a70c36170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 3004.259567][T18590] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c [ 3004.267982][T18590] RDX: 000000000000000f RSI: 00007f7a70c361e0 RDI: 0000000000000004 [ 3004.275952][T18590] RBP: 00007f7a70c361d0 R08: 0000000000000000 R09: 0000000000000000 [ 3004.288867][T18590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3004.297007][T18590] R13: 0000000000a9fb1f R14: 00007f7a70c36300 R15: 0000000000022000 21:14:51 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x0, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8913, 0x0) 21:14:51 executing program 0: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f00000001c0)={0x0, @can, @l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3f}, 0x1}, @hci={0x1f, 0x3, 0x2}, 0xfffd, 0x0, 0x0, 0x0, 0x81, &(0x7f0000000180)='dummy0\x00', 0x1, 0x6, 0x1709}) sendmsg$nl_xfrm(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@report={0x5c, 0x20, 0x300, 0x70bd2d, 0x25dfdbff, {0x32, {@in6=@dev={0xfe, 0x80, '\x00', 0x3a}, @in6=@loopback, 0x4e24, 0x0, 0x4e21, 0x8001, 0x2, 0xa0, 0x0, 0x1d}}, [@replay_thresh={0x8, 0xb, 0x6}, @proto={0x5, 0x19, 0x33}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4081}, 0x4000084) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0xfffffffb, 0x8, '9P2000.u'}, 0x15) 21:14:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x2, 0x0) [ 3004.335147][T18582] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x15000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8914, 0x0) [ 3004.437190][ T37] audit: type=1326 audit(1625346891.665:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18602 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3004.473198][T18609] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:14:51 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000000)={0xfffffff7, 0x9, 0xd257, 0x7, 0x10, "fe923325539d4982f0869d4ef7f202ca3edb13"}) 21:14:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8933, 0x0) 21:14:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4606, 0x0) 21:14:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) 21:14:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3004.802848][T18609] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:52 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x0, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:52 executing program 0: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000040)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) sched_getattr(0x0, &(0x7f0000000000)={0x38}, 0x38, 0x0) r1 = syz_open_dev$rtc(&(0x7f0000000080), 0x0, 0x387201) ioctl$RTC_AIE_OFF(r1, 0x7002) personality(0x4000005) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f00000000c0)={0x7, 0x81, 0x2, 0xaa, 0x8cd5}) sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, 0x0, 0x200, 0x70bd2c, 0x1, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x80000001}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x153f}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x801}, 0x800) 21:14:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4c01, 0x0) 21:14:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae02, 0x0) 21:14:52 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x16000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x2, 0x0) [ 3005.319747][T18667] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, 0x0) 21:14:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x3, 0x0) 21:14:52 executing program 0: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, 0x0) mmap$fb(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000005, 0x30, r0, 0x31000) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5421, 0x0) [ 3005.368184][ T37] audit: type=1326 audit(1625346892.595:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) 21:14:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5450, 0x0) [ 3005.668475][T18667] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:53 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x0, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4, 0x0) 21:14:53 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x5, 0x0, 0x40, 0x4}, {0x2, 0xc1, 0x0, 0x1}, {0x401, 0x2e, 0x9, 0x80000000}, {0x4, 0x3f, 0x9, 0x9}, {0xde3, 0x9, 0x7, 0x5}, {0x4, 0x1, 0x9, 0x100}, {0x0, 0x7, 0x40, 0x2}, {0x7f, 0x1, 0x80, 0x3}]}) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) 21:14:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae05, 0x0) 21:14:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5451, 0x0) 21:14:53 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x17000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5452, 0x0) [ 3006.236771][T18731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3006.246792][ T37] audit: type=1326 audit(1625346893.475:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18733 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:14:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae06, 0x0) 21:14:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5, 0x0) [ 3006.323029][ T37] audit: type=1326 audit(1625346893.555:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18742 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5456, 0x0) 21:14:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x6, 0x0) 21:14:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, 0x0) [ 3006.618005][T18731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3007.066624][ T37] audit: type=1326 audit(1625346894.295:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18733 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:14:54 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5460, 0x0) 21:14:54 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) 21:14:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x7, 0x0) 21:14:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae08, 0x0) 21:14:54 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x18000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3007.193126][T18784] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x6364, 0x0) 21:14:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8, 0x0) 21:14:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae0b, 0x0) [ 3007.234125][ T37] audit: type=1326 audit(1625346894.465:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18791 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:54 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x3, 0x8040) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000200)=""/134) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x85, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000001000)=""/4100) 21:14:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x9, 0x0) 21:14:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8913, 0x0) [ 3007.537088][T18784] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:55 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae10, 0x0) 21:14:55 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x3, 0x6, 0x8, 0x761}, {0x800, 0xff, 0x16, 0x9}, {0x8, 0x1f, 0x7f, 0x8001}, {0x2, 0x42, 0x0, 0x405}]}) 21:14:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8914, 0x0) 21:14:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xa, 0x0) 21:14:55 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x19000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3008.178921][T18836] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3008.244522][ T37] audit: type=1326 audit(1625346895.475:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18848 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:55 executing program 0: ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae83, 0x0) 21:14:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8933, 0x0) 21:14:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xb, 0x0) 21:14:55 executing program 0: ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0) 21:14:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae85, 0x0) [ 3008.616977][T18836] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:56 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) 21:14:56 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x0, 0x7, 0x7}, {0xc1d, 0x3, 0x9, 0x41c}, {0x3, 0x8, 0xd9, 0x401}, {0x20, 0x43, 0x59, 0xfffffffe}]}) 21:14:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc, 0x0) 21:14:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae87, 0x0) 21:14:56 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1a000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3009.153911][T18888] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:56 executing program 0: getresgid(&(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000040)) ioctl$FBIOGET_CON2FBMAP(0xffffffffffffffff, 0x460f, &(0x7f00000000c0)={0x39, 0x2}) 21:14:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xd, 0x0) 21:14:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae88, 0x0) [ 3009.315250][ T37] audit: type=1326 audit(1625346896.545:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18905 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:14:56 executing program 0: clock_gettime(0x6, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xe, 0x0) [ 3009.517695][T18888] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:57 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0x0, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, 0x0) 21:14:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae89, 0x0) 21:14:57 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1b000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:57 executing program 0: ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000080)={r0, r1}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xf, 0x0) 21:14:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) [ 3010.261896][T18947] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:57 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x3, 0x0) 21:14:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x2f, 0x0) 21:14:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae8b, 0x0) [ 3010.322404][ T37] audit: type=1326 audit(1625346897.555:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18960 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, 0x0) 21:14:57 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0x0, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4b4a, 0x0) 21:14:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae8c, 0x0) 21:14:57 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) [ 3010.504995][ T37] audit: type=1326 audit(1625346897.735:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=18985 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3010.584102][T18947] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae08, 0x0) 21:14:57 executing program 0: ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) 21:14:57 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1c000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:14:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae8d, 0x0) 21:14:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4c01, 0x0) 21:14:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400448c9, 0x0) 21:14:58 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x8, &(0x7f0000000080)=[{0x8, 0x3f, 0x1, 0x4}, {0xfff, 0x4, 0x80, 0x10000}, {0x3ff, 0x1, 0x8, 0x7fff}, {0x0, 0xff, 0x1, 0x8}, {0x85, 0xd8, 0x3, 0xd0a4}, {0xfffb, 0x0, 0x2, 0x2af3}, {0x8, 0x20, 0x21, 0x9}, {0x3ff, 0x2, 0x81}]}) 21:14:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3010.774164][T19005] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3011.098969][T19005] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:58 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0x0, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400448dd, 0x0) 21:14:58 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000040)={{0x8, 0x6, 0x6, 0xc0000000, '\x00', 0x3}, 0x6, 0x7, 0xfffff4ad, 0x0, 0x8, 0x7, 'syz1\x00', &(0x7f0000000000)=[')\x00', '%\x00', '\x00', ',#\xde*.\x00', ':\x00', '#\\.}-\x00', '\x00', ']!)\x00'], 0x18, '\x00', [0x20, 0x8, 0x100, 0x2]}) 21:14:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae8f, 0x0) 21:14:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5421, 0x0) 21:14:58 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1d000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3011.397779][T19045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:58 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400454ca, 0x0) [ 3011.428913][ T37] audit: type=1326 audit(1625346898.655:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19052 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xff7f, 0x0) 21:14:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5450, 0x0) 21:14:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400448c9, 0x0) 21:14:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40049409, 0x0) [ 3011.763359][T19045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5451, 0x0) 21:14:59 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:14:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400448dd, 0x0) 21:14:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40086602, 0x0) 21:14:59 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:14:59 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1e000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3012.293207][T19103] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:14:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5452, 0x0) 21:14:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4008ae06, 0x0) 21:14:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400454ca, 0x0) 21:14:59 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x101, 0x20, 0x1, 0x1}, {0x0, 0x20, 0x81, 0x8}, {0x6, 0x7f, 0x0, 0xfffffffc}, {0xeefe, 0x0, 0x84, 0x4}]}) [ 3012.345318][ T37] audit: type=1326 audit(1625346899.575:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19112 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:14:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5460, 0x0) 21:14:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40186366, 0x0) 21:14:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000280)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000240)={0x8, &(0x7f0000000200)=[{0x81, 0x81, 0x3, 0x8}, {0x40, 0x3, 0x45, 0xfffffffa}, {0x2, 0x9, 0x9, 0x5}, {0xff0d, 0x4, 0x0, 0xffffffff}, {0x7, 0x6, 0x3f, 0x7fff}, {0xfe00, 0x9, 0x7, 0x9}, {0x3ff, 0x1, 0x0, 0xffffff84}, {0xcbe, 0x20, 0x4, 0x9}]}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000002c0)={0x8, 0x8, 0x20, 0x9, '\x00', '\x00', '\x00', 0x1, 0xc9f3, 0x9, 0x7, "c3400000001f00"}) 21:14:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40049409, 0x0) 21:14:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x6364, 0x0) 21:14:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x401c5820, 0x0) [ 3012.638944][T19103] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:00 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40086602, 0x0) 21:15:00 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:15:00 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1f000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8913, 0x0) 21:15:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4020940d, 0x0) 21:15:00 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = fork() sched_getattr(r0, &(0x7f0000000040)={0x38}, 0x38, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000000000)={0x7a, 0x9, 0x6, 0x91f6, 0x2}) 21:15:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8914, 0x0) [ 3013.225129][T19167] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086301, 0x0) [ 3013.304453][ T37] audit: type=1326 audit(1625346900.535:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19175 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4008ae06, 0x0) 21:15:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8933, 0x0) 21:15:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086601, 0x0) [ 3013.562082][T19167] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:01 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) 21:15:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40186366, 0x0) 21:15:01 executing program 0: socketpair(0x21, 0xa, 0x8, &(0x7f0000000000)={0xffffffffffffffff}) accept4$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, &(0x7f0000000080)=0x10, 0x800) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f00000000c0)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r2 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000000)) r3 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r3, 0x400443c8, &(0x7f0000000000)) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000100)={{{@in=@private, @in6=@private0}}, {{@in=@broadcast}, 0x0, @in6=@private0}}, &(0x7f0000000200)=0xe8) 21:15:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, 0x0) 21:15:01 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x20000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3014.288859][T19229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3014.392111][ T37] audit: type=1326 audit(1625346901.625:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19237 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x801c581f, 0x0) 21:15:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x401c5820, 0x0) 21:15:01 executing program 0: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIO_WAITFORVSYNC(r0, 0x40044620, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, 0x0) ioctl$FBIOGETCMAP(r0, 0x4604, &(0x7f0000000100)={0x4ea0, 0x2, &(0x7f0000000000)=[0x0, 0x0], &(0x7f0000000040)=[0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0]}) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) r2 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPCONNDEL(r2, 0x400443c9, &(0x7f0000000180)={@none, 0x6}) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000140)={0x7, 0x47, 0x2}, 0x7) ioctl$TIOCSERGETLSR(r1, 0x5459, 0x0) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4020940d, 0x0) 21:15:01 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = syz_open_dev$rtc(&(0x7f0000000000), 0x1000, 0x0) ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000040)) [ 3014.718951][T19229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:02 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x0, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x81785501, 0x0) 21:15:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, 0x0) 21:15:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086301, 0x0) 21:15:02 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) membarrier(0x10, 0x0) 21:15:02 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x21000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3015.322329][T19281] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:02 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x2, &(0x7f0000000080)=[{0x9, 0x73, 0x8, 0x481}, {0x878d, 0x2, 0x8, 0x6a1}]}) prctl$PR_GET_DUMPABLE(0x3) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000140), 0xff, 0x20201) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000180)={0xa1b, 0xc, [0xff, 0x9, 0x70]}) ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x7, 0x1, 0x5, 0x7}, {0x20, 0x3, 0xc1, 0x12e3}, {0x8, 0x2, 0x1d, 0x8}, {0xbb16, 0x5, 0x80, 0x8}]}) [ 3015.398752][ T37] audit: type=1326 audit(1625346902.625:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19292 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086601, 0x0) 21:15:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) 21:15:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045520, 0x0) 21:15:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x801c581f, 0x0) [ 3015.586284][ T37] audit: type=1326 audit(1625346902.815:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19300 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, 0x0) [ 3015.676759][T19281] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:03 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x0, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, 0x0) 21:15:03 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x22000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, 0x0) 21:15:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae08, 0x0) [ 3016.293186][T19331] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, 0x0) [ 3016.360525][ T37] audit: type=1326 audit(1625346903.595:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19334 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:03 executing program 0: getitimer(0x1, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) ioctl$FBIOPUT_CON2FBMAP(0xffffffffffffffff, 0x4610, &(0x7f0000000040)={0x29}) 21:15:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, 0x0) 21:15:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400448c9, 0x0) [ 3016.487169][ T37] audit: type=1326 audit(1625346903.645:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19300 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0189436, 0x0) 21:15:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, 0x0) 21:15:03 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) [ 3016.698036][T19331] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc020660b, 0x0) 21:15:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400448dd, 0x0) 21:15:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, 0x0) 21:15:04 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x23000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:04 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x0, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) socket$inet(0x2, 0x800, 0xfff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x3) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) [ 3017.326565][T19382] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 21:15:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400454ca, 0x0) 21:15:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = accept$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @initdev}, &(0x7f00000000c0)=0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:04 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) [ 3017.502806][ T37] audit: type=1326 audit(1625346904.735:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19393 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, 0x0) 21:15:04 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000000)=0x4) 21:15:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40049409, 0x0) 21:15:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22c8c0, 0x0) r1 = fork() getpriority(0x0, r1) r2 = fork() r3 = fork() getpriority(0x2, r3) getpriority(0x1, r2) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r4 = fork() getpriority(0x0, r4) [ 3017.700755][T19382] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:15:05 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x24000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3017.862505][T19433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3018.182520][T19433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:05 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x0, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:05 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) 21:15:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40086602, 0x0) 21:15:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:15:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x389080, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc200, 0x0) 21:15:05 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x25000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3018.342109][T19474] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x2e, 0x25, 0x6, 0x18, 0x6, 0x1, 0x1, 0x45}}) 21:15:05 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPCONNDEL(r0, 0x400443c9, &(0x7f0000000000)={@any, 0x5}) 21:15:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4008ae06, 0x0) 21:15:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0189436, 0x0) [ 3018.403657][ T37] audit: type=1326 audit(1625346905.635:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19484 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:05 executing program 0: syz_open_pts(0xffffffffffffffff, 0x40000) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc020660b, 0x0) [ 3018.709133][T19474] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:06 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x0, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40186366, 0x0) 21:15:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200041, 0x0) 21:15:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc1205531, 0x0) 21:15:06 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0xc6201) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000080)=""/24) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000000)={0x80d, 0x8, [0xc50, 0x0]}) prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:15:06 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x26000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3019.364827][T19531] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3019.409427][ T37] audit: type=1326 audit(1625346906.625:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19536 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:06 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0xf000, 0x4a, 0x6, 0xa9}, {0x101, 0x1f, 0xf8, 0x1f}, {0x6, 0x3, 0x7, 0x73}, {0x8, 0x1, 0x2, 0x8}, {0x1000, 0xad, 0xb3, 0x1}]}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(0xffffffffffffffff, 0xc0045520, &(0x7f00000000c0)=0x80000000) clock_gettime(0x0, &(0x7f0000000080)) 21:15:06 executing program 2: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) connect$can_j1939(r0, &(0x7f0000000040)={0x1d, 0x0, 0x0, {0x2, 0x1, 0x4}, 0x1}, 0x18) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@empty, @in=@initdev}}, {{@in6=@private1}, 0x0, @in=@multicast2}}, &(0x7f0000000000)=0xe8) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r0, 0x800443d3, &(0x7f00000001c0)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x3, 0x9b13, 0x1}) 21:15:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x401c5820, 0x0) 21:15:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x406002, 0x0) write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000100)={0x7, 0x4d, 0x2}, 0x7) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2c0883) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r1, 0xc00864c0, &(0x7f00000000c0)={0x0}) r3 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r3, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r3, 0xc00864c0, &(0x7f0000000140)={r2}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r1, 0xc00864c0, &(0x7f0000000040)={r2}) 21:15:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x810081, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:06 executing program 5: ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x7, 0x8, 0xf, 0x1b, 0x0, 0x8, 0x5, 0x9c}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) [ 3019.780539][T19531] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3020.060691][ T3277] ieee802154 phy0 wpan0: encryption failed: -22 [ 3020.067012][ T3277] ieee802154 phy1 wpan1: encryption failed: -22 21:15:07 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x0, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4020940d, 0x0) 21:15:07 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:15:07 executing program 5: setitimer(0x2, &(0x7f0000000000)={{0x0, 0x2710}, {0x0, 0x2710}}, &(0x7f0000000040)) r0 = openat$fb1(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000140), 0x8, 0x40) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r1, 0x81785501, &(0x7f0000000180)=""/190) write$fb(r0, &(0x7f0000000100)="ca", 0x1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0x541b, 0x0) 21:15:07 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) 21:15:07 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x27000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3020.279571][ T37] audit: type=1326 audit(1625346907.505:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3020.328122][T19618] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:07 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) ioprio_get$uid(0x3, 0xee01) 21:15:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086301, 0x0) 21:15:07 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x141e00, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sched_yield() ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:07 executing program 0: set_tid_address(&(0x7f0000000000)) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x7, 0x2, {0x1, '}'}}, 0xa) [ 3020.669296][T19618] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:08 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086601, 0x0) 21:15:08 executing program 0: sync() prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x5, 0x0, 0x7a, 0x3}, {0x8000, 0x5, 0x4, 0x2}, {0x1000, 0x22, 0x2d, 0x8000}]}) 21:15:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x37, 0x1, {0x0, 0x7, 0x2, 0x0, 0xa, '/dev/ptmx\x00'}}, 0x28) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0) ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000100)={0x3, 0x1}) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, &(0x7f0000000140)=""/193) ioctl$VT_RESIZE(r4, 0x5609, &(0x7f0000000000)={0x7, 0x4, 0x5}) ioctl$TIOCGPTPEER(r2, 0x5441, 0x5) ioctl$KDSIGACCEPT(r4, 0x4b4e, 0x10) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:08 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x28000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3021.164445][ T37] audit: type=1326 audit(1625346908.395:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19690 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3021.213652][T19691] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, 0x0) 21:15:08 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000040), 0x2000000, 0x40000) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0, 0x3}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r0, 0xc00864c0, &(0x7f0000000000)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0x541b, 0x0) 21:15:08 executing program 2: ioctl$sock_bt_cmtp_CMTPCONNDEL(0xffffffffffffffff, 0x400443c9, &(0x7f0000000000)={@any, 0x4}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x787080, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:08 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREMOVE(r0, &(0x7f0000000000)={0x7, 0x7b, 0x12d}, 0x7) 21:15:08 executing program 5: ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000040)={0x29, 0x21, 0x2, 0x11, 0x1, 0xa19, 0x6, 0x33}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000180)={0x1d, 0x0, 0x0, {0x2, 0x0, 0x3}, 0xfd}, 0x18) setsockopt$SO_J1939_SEND_PRIO(r1, 0x6b, 0x3, &(0x7f0000000000)=0x4, 0x4) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x801c581f, 0x0) [ 3021.696279][T19691] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:09 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f0000000000)) 21:15:09 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) write$P9_RLOPEN(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0xd, 0x1, {{0x4, 0x2}, 0x3}}, 0x18) 21:15:09 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x29000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) syz_open_dev$sndctrl(&(0x7f0000000000), 0x8000, 0x4080) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) write$fb(0xffffffffffffffff, &(0x7f00000000c0)="bdd52329776b2001d8545c5ca46c7c1878e02ffea5895afd50ea39847fcbd016f82735b12b2706795aba179b755ee0bb070b6c1906109fe52f1dba8cbd31d91ada5e11d0bf595adcfd325796c63e9c7f64560eec792ba755fe51c6957c155253486024a6d1b4014dbc2bedc1787841f0450073e74f02d8e7fc5d429544b43c802490cd0843abe35e1bee0dd747535c384357d28ac3317a7fa514878f1f3f5d9f7c26d11489761d2106ddead18be2f0334837e8f068fc96fb3b3217def337145955c094374738f2", 0xc7) sysfs$3(0x3) 21:15:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x81785501, 0x0) [ 3022.053266][T19752] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045520, 0x0) 21:15:09 executing program 0: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$P9_RREADLINK(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="100000dd77d95f423d89ce36c0487624d80c17010007002e2f66696c6530"], 0x10) [ 3022.116266][ T37] audit: type=1326 audit(1625346909.345:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19761 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, 0x0) 21:15:09 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) syz_open_pts(r0, 0x8e002) 21:15:09 executing program 5: getresgid(&(0x7f00000000c0), &(0x7f0000000100)=0x0, &(0x7f0000000140)) getgroups(0x6, &(0x7f0000000180)=[0x0, 0xee00, 0xee01, 0xee00, 0xee01, 0xffffffffffffffff]) r2 = getegid() r3 = getegid() getgroups(0x9, &(0x7f00000001c0)=[0xffffffffffffffff, r0, 0xffffffffffffffff, r1, r2, 0x0, 0xee01, r3, 0xee01]) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x86040, 0x0) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x418043, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x209000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0x541b, 0x0) [ 3022.411310][T19752] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:10 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, 0x0) 21:15:10 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) syz_open_pts(r0, 0x101200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x20280, 0x0) ioctl$FBIOGETCMAP(r2, 0x4604, &(0x7f00000001c0)={0x8, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000200)={0x6, 0x9, 0xc897}) syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) 21:15:10 executing program 0: clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) setitimer(0x1, &(0x7f0000000080)={{0x77359400}, {r0, r1/1000+60000}}, &(0x7f00000000c0)) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x268200, 0x0) r3 = syz_open_dev$rtc(&(0x7f0000000140), 0x3, 0x101000) ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f0000000180)={0x1d, 0x8, 0xa, 0x12, 0x9, 0x9, 0x6, 0x99, 0x1}) ioctl$RTC_VL_READ(r2, 0x80047013, &(0x7f0000000040)) getegid() 21:15:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x7b, 0x1}, 0x7) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/206) 21:15:10 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3f000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3022.977956][T19817] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:10 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, 0x0) [ 3023.060813][ T37] audit: type=1326 audit(1625346910.295:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19826 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:10 executing program 5: ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000000)={0x5, 0x20, [0x2eb1, 0x0, 0x3, 0x2, 0x7, 0x5c, 0x230, 0x400]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x14400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) 21:15:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x33f802, 0x0) r1 = syz_open_dev$rtc(&(0x7f0000000040), 0x3, 0x20000) ioctl$RTC_VL_CLR(r1, 0x7014) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, 0x0) 21:15:10 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x2, 0xa3, 0x7, 0x80000000}]}) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000080)={0x6, 0x20, [0x2, 0xd8c, 0x10000, 0xffffffff, 0x2, 0xfffffffa, 0x631a3811, 0x1]}) [ 3023.321828][T19817] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:11 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x0, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:11 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) 21:15:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:11 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x40000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 21:15:11 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r0, &(0x7f0000000180), 0x18) r1 = socket$can_j1939(0x1d, 0x2, 0x7) r2 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r2, &(0x7f0000000180), 0x18) r3 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r3, &(0x7f0000000080)={0x1d, 0x0, 0x2, {0x2, 0x0, 0x2}}, 0x18) setsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, &(0x7f0000000000)=0x1, 0x4) setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000040), 0x4) [ 3024.038114][T19872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, 0x0) 21:15:11 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) syz_open_dev$sndctrl(&(0x7f0000000000), 0x5, 0x2100) 21:15:11 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x8000) ioctl$DRM_IOCTL_SYNCOBJ_RESET(r0, 0xc01064c4, &(0x7f0000000080)={0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x541b, 0x0) [ 3024.195453][ T37] audit: type=1326 audit(1625346911.425:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19887 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae88, 0x0) 21:15:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x420000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x107003, 0x0) ioctl$FBIOPUT_CON2FBMAP(r1, 0x4610, &(0x7f0000000040)={0x2f}) ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) 21:15:11 executing program 0: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLERRORu(r0, &(0x7f0000000000)={0x13, 0x7, 0x2, {{0x6, ']-@]*:'}, 0x6}}, 0x13) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) [ 3024.468997][T19872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:12 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x0, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, 0x0) 21:15:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000100)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f00000001c0)={&(0x7f0000000000)=[r1, r1, r1, r1, r1], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f00000000c0)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, r1], &(0x7f0000000040)=[r2], 0x6, 0x1}) 21:15:12 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:15:12 executing program 0: clock_nanosleep(0x5, 0x1, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000100)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x80800) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x9, 0x6, 0x3, 0x5}, {0x400, 0x5, 0x1f, 0x5}, {0x5, 0x20, 0xbd, 0x101}]}) 21:15:12 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x48000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3025.092339][T19931] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) 21:15:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0189436, 0x0) [ 3025.184210][ T37] audit: type=1326 audit(1625346912.415:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19942 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:12 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x1410c0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x52d080, 0x0) ioctl$VT_SETMODE(r1, 0x5602, &(0x7f00000000c0)={0x3, 0x5, 0x8, 0x4, 0x9}) ioctl$VT_RELDISP(r0, 0x5605) r2 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r2, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(r2, 0xc01064c2, &(0x7f0000000100)={0x0, 0x1, r0}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0x541b, 0x0) 21:15:12 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x4, 0x1f, 0x8, 0x5}, {0x3f, 0x6, 0x81}, {0x8, 0x1, 0x7, 0x80}, {0x8, 0x0, 0x5, 0x3ff}, {0x7ff, 0x8, 0x7, 0x5}]}) 21:15:12 executing program 2: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RAUTH(r0, &(0x7f0000000100)={0x14, 0x67, 0x2, {0x80, 0x0, 0x1}}, 0x14) write$P9_RUNLINKAT(r0, &(0x7f0000000200)={0x7, 0x4d, 0x1}, 0x7) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) r2 = syz_open_dev$rtc(&(0x7f0000000000), 0x7, 0x280000) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RREAD(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="450000007502003a0000000e380067191af2b083d749c98ef74e7e7f5b79e9d7dd58bb946173743db8a498383830c31e926b787ba37ddffdf3cf7df94344bf81f39d1ed7c8"], 0x45) ioctl$RTC_VL_READ(r2, 0x80047013, &(0x7f0000000040)) 21:15:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc020660b, 0x0) [ 3025.346665][ T37] audit: type=1326 audit(1625346912.575:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 3025.509177][T19931] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:13 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x0, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc1205531, 0x0) 21:15:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0xb0580) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f0000000040)={0x5, 0x18, [0x6, 0x4, 0x5, 0x1, 0x7f, 0x84]}) 21:15:13 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4c000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000040)={0x6, 0x1f}) r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x7, 0x277ba8f625b8c14f) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000140)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r2, 0xc01864cd, &(0x7f0000000200)={&(0x7f0000000180)=[0x0, 0x0, 0x0, r3, r4], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x1}) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 3026.090895][T19994] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:13 executing program 5: accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @loopback}, &(0x7f0000000040)=0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000000c0)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) [ 3026.303148][ T37] audit: type=1326 audit(1625346913.535:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20002 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f00000002c0)=0x8a0f) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000280)=0x1) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RUNLINKAT(r3, &(0x7f0000000040)={0x7, 0x4d, 0x2}, 0x7) socket(0x1b, 0x1, 0x80000805) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000240)=""/29) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000300)) 21:15:13 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8903, &(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x6fc9, 0x6, 0x0, 0xfffffff4}, {0x8, 0xe9, 0x8, 0x33f}, {0x8, 0xf7, 0x3f, 0x3}, {0x7f, 0x5c, 0x9, 0x3}]}) 21:15:13 executing program 4: r0 = getgid() getresgid(&(0x7f0000000040), &(0x7f0000000080)=0x0, &(0x7f00000000c0)) setregid(r1, r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x440400, 0x0) 21:15:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xb71f5d930972cbab, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3026.479703][ T37] audit: type=1326 audit(1625346913.705:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20031 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000000)={0x4, 0x10000, 0x79, 0x4d6, 0x12, "854e437ff400bf0446ef97444216d0813fbb17"}) [ 3026.537688][T19994] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) socketpair(0x19, 0x800, 0x8, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, &(0x7f0000000040), 0x4) 21:15:14 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x0, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:14 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x60000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x100, 0x24880) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000000)={0x8, 0x5, 0x80, 0x5, 'syz0\x00'}) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f0000000240)={0x9df, 0x8, 0xa7, 0x9, '\x00', '\x00', '\x00', 0x1, 0x0, 0x8, 0x7, "64489ff6095969e1df333cf109590fc4"}) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r3, 0xc008551c, &(0x7f0000000200)={0x7f, 0x4, [0xffffffe0]}) 21:15:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101080, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80100, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x2}}, 0x14) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x7ff, 0x0, 0xdf}) write$P9_RGETLOCK(r1, &(0x7f0000000000)={0x27, 0x37, 0xfffe, {0x2, 0x0, 0x9, 0x0, 0x9, '/de\t\x00\x00\x00m\x00'}}, 0x27) socket$nl_xfrm(0x10, 0x3, 0x6) [ 3027.260631][T20073] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)={0x97e7, 0x39de2e00, 0x101, 0xf50, 0x15, "0d09615a42202989e20944edb86134cdd4e5f6"}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3027.334780][ T37] audit: type=1326 audit(1625346914.565:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20084 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) read$fb(r1, &(0x7f00000000c0)=""/144, 0x90) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:14 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x100000001, 0x8080c2) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000040)={0xfff, 0x9, 0x6, 0x7, '\x00', '\x00', '\x00', 0x5, 0x4, 0x401, 0x0, "8f9130505c1fd8f54beab4fe54fa83b8"}) write$P9_RREAD(0xffffffffffffffff, &(0x7f00000001c0)={0x3c, 0x75, 0x2, {0x31, "27eb663e6f115f25d8bf5f4b7638227b1defc26c8f3c43b34a59f1167d32dba1d3c1eb6595cf5a2c41d628f832abd9c7ac"}}, 0x3c) 21:15:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_VL_READ(0xffffffffffffffff, 0x80047013, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:14 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:14 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r1 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x80000001, 0x400) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f0000000240)={0x7, 0x0, 0xffff, 0x14d, '\x00', 0x1ff}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f00000002c0)=0xdc) r2 = fork() getpriority(0x0, r2) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f00000000c0)={{0xa, 0x1, 0x1, 0x0, 'syz0\x00', 0x7}, 0x6, 0x0, 0x7, r2, 0x2, 0x2, 'syz1\x00', &(0x7f0000000000)=['}\\,--{,](/$\x00', '#}+\x00'], 0x10, '\x00', [0x9, 0x2, 0x4, 0x2]}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sched_rr_get_interval(r2, &(0x7f0000000280)) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0x10, 0x0) [ 3027.726215][T20073] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:15 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x0, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x4, 0x1}}, 0x14) write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) 21:15:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/149) 21:15:15 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = fork() sched_getattr(r0, &(0x7f0000000000)={0x38}, 0x38, 0x0) 21:15:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x68000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:15 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181940, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xbb5b51062e72fb6c, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLINK(r1, &(0x7f0000000000)={0x7, 0x47, 0x2}, 0x7) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r2, 0xc0405519, &(0x7f00000000c0)={0x1, 0x0, 0xa3a7, 0x7fffffff, 'syz0\x00', 0x7fffffff}) [ 3028.184202][ T37] audit: type=1326 audit(1625346915.415:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20152 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3028.187005][T20153] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x220601, 0x0) 21:15:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) setsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, 0xfffffffffffffffc, 0x0) 21:15:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x300, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/221) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:15 executing program 0: ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$VT_RELDISP(r0, 0x5605) 21:15:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) wait4(0x0, &(0x7f0000000040), 0x80000000, &(0x7f00000000c0)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) getrusage(0x52973a5e46400358, &(0x7f0000000180)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x224001, 0x0) [ 3028.613773][T20153] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:16 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x0, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:16 executing program 2: ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, &(0x7f0000000000)={0x7, 0x3ff, 0x1, 0x9, 0x5, 0xfffffffd, 0xfffffffffffffffc}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x404300, 0x0) 21:15:16 executing program 4: setitimer(0x1, &(0x7f0000000000)={{0x77359400}}, &(0x7f0000000040)) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f00000000c0)={0x1, 0x1, {0x4008037, 0xe, 0x7, 0xf, 0xa, 0x7f, 0x5, 0xe4}}) getitimer(0x2, &(0x7f00000002c0)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f0000000140)=0x10) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r0, 0x800455d1, &(0x7f0000000180)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000200), 0x406483, 0x0) ioctl$FBIOPUT_CON2FBMAP(r2, 0x4610, &(0x7f0000000240)={0x6, 0x2}) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r3, 0x80dc5521, &(0x7f0000000280)=""/16) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f0000000300)=ANY=[@ANYBLOB="0a0c000010000000bb010000ff000000c60000000200000045b6230b5d9ee3c316388cd1b7a62aa26fa00b46f66d3329864bfb5637638123faa55f689d23130c137241e96626d24b40742b420d509f9ae2e08a83894b23ed28ea351134a84586d4441e834e2c20583a667f6ff94632d0b7a407b29d2e9aad95f5ce3ebad1ea32dda0f4873edb4685835bd87cd6f9b1a7a5f452a43071082fbfe92830f1e649c0b3a85334f920002d8797d87a5ddf76f0c89f9c6210419a9060a03e6b85ce4eda406c6c7048821357c2860473762eba64fc07f79c6d62574274594f123899291c232ad3507fd888391887445a6798e09a9a9bdf0b10cec687b7333205408ed2460ea3b3227c3d6f8c304801121f8df80646d9"]) 21:15:16 executing program 0: syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000240)={0x24, &(0x7f0000000080)={0x0, 0x23, 0x2e, {0x2e, 0x23, "33abef96c640ab85c3ea6d2e7158bf04fc98020830bad571636f8c1383a4c51e7ed53139fe68248426aecc31"}}, &(0x7f00000000c0)={0x0, 0x3, 0xc9, @string={0xc9, 0x3, "11d0c502e3e5739c1775c9e481592a080e83ee2da66c00744fdcb4f2c815b93c7171b1571e25b6000698f840e0e55706b607d51f91d63b386ec3f96a31bffd27baafc18000ca29b88f041b5f4f9b613caed6e5e5ef1b414765fcfeaac939d256d70511b9003faad3525b9230d926be7726904145896290dcffbe29a2fe7af12a7570a0abde62e27c3684c7b486fb27d6e29f00991a56866848bb2fdd9a8922f258dba0573890bda1aa9aa191b2ba973158a7a4054ea9e2b6081e836003d11e776276058130c9df"}}, &(0x7f00000001c0)={0x0, 0x22, 0x14, {[@global=@item_4={0x3, 0x1, 0x4, "11e6e86e"}, @global=@item_012={0x1, 0x1, 0x8, 'l'}, @main=@item_4={0x3, 0x0, 0xb, "1b4b9179"}, @main=@item_4={0x3, 0x0, 0xa}, @main=@item_012={0x0, 0x0, 0xa}, @global=@item_012={0x1, 0x1, 0x5, '9'}]}}, &(0x7f0000000200)={0x0, 0x21, 0x9, {0x9, 0x21, 0x4, 0x0, 0x1, {0x22, 0xb3b}}}}, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x16, 0x57, "c30c1d6524a353b879d3c1c2938730c20f1186c37267f131a97fde21cfa5ab0402ae6036f48c59902e150eca0aee86bb5a4eaaeb18ef7a135be32a5314ded609941cc1c5f596e5a55df2f22d6928fedc3af4f5ee7a4d81"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0x3f}, &(0x7f0000000340)={0x0, 0x8, 0x1}, &(0x7f0000000380)={0x20, 0x1, 0x2, "c9ce"}, &(0x7f00000003c0)={0x20, 0x3, 0x1, 0xe}}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000840)={0x8, &(0x7f0000000800)=[{0x100, 0xc7, 0x3f, 0x1}, {0x7f, 0x2, 0x9, 0x4}, {0x9, 0x8, 0x1, 0x6}, {0xa3, 0x1f, 0x12, 0x3}, {0x3, 0x6, 0x9e, 0x9}, {0x3, 0x15, 0xfa, 0xffffffff}, {0x4, 0x5, 0xff, 0x1}, {0x22, 0x40, 0x1, 0x5}]}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000880)=""/157) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x401, 0x3b, 0x7, 0x9}, {0x8, 0x40, 0x7, 0xfffffffc}, {0x1, 0x2, 0x2, 0x6}]}) getcwd(&(0x7f0000000e00)=""/243, 0xf3) pipe2$9p(&(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RLERRORu(r1, &(0x7f0000000980)={0x17, 0x7, 0x2, {{0xa, '/dev/ptmx\x00'}, 0x1}}, 0x17) ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000dc0)={0x0, 0x1, 0x18, 0x1d, 0x2e, &(0x7f00000009c0)="bd9ab1be8cc7011e9e002eaf23fea49344371ff1ea392bde6b3aa1635644fea880dc4acda06071bc3837d1f2d46601674d860db11898be9b332a9f11fd119c5f91938edc65ed2d07e015dd9f256c7f86f4b0e9f874757b140bae93845a74063752821a3ce3fc58080dc526c3f0746c56592d660dbbb0834ddd4a0187721e0cd6965feed89ec533e13b82937bb014fdab8c9032408d4bd74a2b8d7632e61dd1139776933f3ca8bdf91c6a45c54a876298b55ad4a3ac8524a812c8624199c0c80cc3284c01adce126a8c2819bbd7486c878ea281fde6cafb275a032a94c3ede0c536103a38113fa1100018d1f34df4caf2369a10ee2c4378239e7eb97cb713416b05348b85df11045359b0dae0d16beaab2d4c01329aad923ab9a8e46754d3a006969f3be8e64a3a47b7c1a6fade055521e346abb36edd51ca22b36f519eb3c7d3c91276ba7f1cd1539f343100d3fce82eefe3eca51356d035585a67f47cf75d3209c2e2d884e4c32a56055cb32fac7be6207d2f8c0e0d99cadee9c2b054f64f331df619bb2a48f1e4e0ae290fe049c7828fe77f174948f2baf61ff3f6a3300a6342a68550c22a4d3922f77e65e364ba55bc1d35b197d68a248fbab4197402834bcaf7f0fffb33dc14a927ea3dccf29545f72cc0fcab09565fe79ee36a1573460446516aad649665e66cf9546c1b4b271b0e8f98de5c7e95dcd7e8b2db2e6cbcab77b99c7251341115299c723bb4ef819f764fd47c0551b56f898479567f0accbb1a21de52f4faa5b0f57b5ac66ba69b64334022bee05e2c1aaea6864caca9fe9e22e398252e79d82bb8f09fe19bfbad3b56edd92486e24641093d6ad3b6d303a5c9a0a1786c15756e36860a8af2218aa16a28b3cd11b0c22f65f769b2f72d54fbc26b4bcfed80c9d202b0db9717555e9db92aa73253e8e3250f7fc027207da958151dc4e504774fd2cfd4bf196322b7fe132b9ef9c63e3f59e7b67bd9d9ea9c0cd7d65918aef0df98eab67ea58ee159dc783105acb07f81ba5eaaae5d5bd9c92ca4e5055ec1dfeb91e17b1a937f131fd2947892f8f83ce19174e32c3a89ec5ebf92a2cfd4861a78b1471daefc63910472064c5c49f876dc23dd8bdd0bfb7cfb44c8c351814a18bc4297a340509eec915a5d9c1ec51cef21ffb320101eb44c6cd2756d7934fe826e2c338099d440779b343933d1c568a79d77a9716d56f5dc67b26fe273b8368a359ff2e31e3b3fa17e31f2cad33c26ff4f2e171bee5e5e92272041a5119a184cf77af00cf247b84d4e37426e1eb9ad3e4aec8672017a4ade2927af30e5264e253c8359407f942309ab983c02c2d73cd4ada72d37c83c10c055c0c0f60423dd8a69955f446aaa8554d1bc8a0763682548babd82ac66d29bde1577d392ec2ff4a164616888b98fa6235b581324fc4fa6b499e1b1d571bdc4897661"}) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000580)={0x24, &(0x7f0000000440)={0x20, 0x22, 0x5c, {0x5c, 0xd, "e593858565c60ffbdc4a46ca61f76a03cdbb873e4774c1a9ebaf17790141c259a0da0616b33338e4d70b4539fbcf96f74b45d7910dc00b51468c8ff9622ffba5ecccf4268c1c6c9619fdeb18f70e01586b27d5f2cecf6b3e2c73"}}, &(0x7f00000004c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x439}}, &(0x7f0000000500)={0x0, 0x22, 0x6, {[@local=@item_4={0x3, 0x2, 0x8, "2554598a"}, @local]}}, &(0x7f0000000540)={0x0, 0x21, 0x9, {0x9, 0x21, 0x400, 0x20, 0x1, {0x22, 0x762}}}}, &(0x7f00000007c0)={0x2c, &(0x7f00000005c0)={0x0, 0x15, 0xc7, "9bd6fa01c12c9548c5525c731389abe180b86b3cb479b2fa9cdea7bac8e39ea2f092c9d1a9d6fd3766483dc383a9f23301213fbc204cfba58222a169ec7838986ed0a84f92aa59e94aeff2c9990f71f8fc6e8a5751b5ee35e137c4181be3c975df1b1fb03edb880efa3e641c506ede9011d9156dab44dceca03d22d4a95a3ef7282d70ba013071e9314a978d795b7e7846215560013d8a15d8e571259bc06318522728e061b3ff18e7f29dc520b604da96477e7faebebe74133b1f4c95faae1620dccb2ba71045"}, &(0x7f00000006c0)={0x0, 0xa, 0x1, 0x80}, &(0x7f0000000700)={0x0, 0x8, 0x1, 0xc3}, &(0x7f0000000740)={0x20, 0x1, 0x28, "3ed3d17a1c145131adbf8788a379a0d344eb0d38f132d9367ca850218b090d8e666868185a34d289"}, &(0x7f0000000780)={0x20, 0x3, 0x1, 0xc9}}) 21:15:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6c000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3029.074416][T20222] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x7c000000000000, 0x2) 21:15:16 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x541b, 0x0) [ 3029.201612][ T37] audit: type=1326 audit(1625346916.435:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20229 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f00000000c0)=""/183) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x100, 0x141802) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r1, 0xc01064c1, &(0x7f0000000040)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 3029.319780][ T37] audit: type=1326 audit(1625346916.555:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20242 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f0000000000)={0x0, 0x1, 0x4, 0x5, 'syz1\x00', 0x782}) 21:15:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20141, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000080)=""/32) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) 21:15:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x105000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x15b801, 0x0) [ 3029.475360][T20222] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:17 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:17 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x541b, 0x0) 21:15:17 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x74000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80800, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3030.260478][T20291] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3030.335024][ T37] audit: type=1326 audit(1625346917.565:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20297 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3030.503176][ T37] audit: type=1326 audit(1625346917.735:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20229 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:17 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x80000001, 0x2) 21:15:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x667fd8c6d8bf632a, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x10000, 0x6100) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f0000000040)={0x1, 0x1, 0x9, 0x1, '\x00', 0x6}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:17 executing program 4: ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$media(&(0x7f0000000000), 0x9, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000040)) getresgid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)) getresgid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000080)) 21:15:17 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7a000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x240000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000040)=""/53) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:18 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x7, 0x3, 0x8, 0x6}, {0xffff, 0x3, 0x2, 0x8}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2a0000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:18 executing program 5: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) [ 3030.834997][T20322] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:18 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:18 executing program 0: ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0xe2a) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, &(0x7f00000000c0)={0x40, 0x610, 0x3c00, 0x280, 0x95ce, 0x7f, 0xf, 0x0, {0x7, 0x19}, {0xab4, 0x800, 0x1}, {0x1, 0x1, 0x1}, {0x230, 0x7, 0x1}, 0x3, 0x0, 0x2, 0xffff, 0x1, 0x3, 0x3, 0x2b4d, 0x4, 0xffff, 0x101, 0x1, 0x21, 0x4, 0x0, 0x7}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f0000000000)={0x7, 0x6, 0x8, 0x0, 'syz1\x00', 0x9}) 21:15:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x4a06) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000000)=0x7ff) [ 3031.171338][T20322] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:18 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x8c3d0000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:18 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x15) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x541b, 0x0) 21:15:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc02864ca, &(0x7f00000000c0)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x1, 0xa, 0x3, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000100)={0x0, 0x0, r1}) 21:15:18 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = fork() prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000140)={0xa, &(0x7f00000000c0)=[{0xff, 0x7, 0x1, 0x1}, {0x3f, 0x9, 0x46, 0x3}, {0x9, 0x4, 0x9, 0x800}, {0x31b, 0x8, 0x2, 0x100}, {0x8c5, 0x1, 0x8, 0x744}, {0x5, 0x0, 0x3f, 0xfffffff7}, {0x4, 0x3f, 0x0, 0x9}, {0x6f7c, 0x2, 0x4, 0x5e33}, {0x800, 0x6, 0x40, 0x5}, {0x1000, 0x7, 0xd1, 0x92bb}]}) getpriority(0x0, r0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RGETLOCK(r1, &(0x7f0000000080)={0x23, 0x37, 0x1, {0x3, 0x1, 0x73, r0, 0x5, '\x8b{&#\xc1'}}, 0x23) rt_sigqueueinfo(r0, 0x10, &(0x7f0000000000)={0x3, 0x9b7, 0x8}) 21:15:18 executing program 2: pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RLERRORu(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="1600000081010009002f56f5f685cc6053f8ffffffffffffffcefba900"], 0x16) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000040)={0x7fb, 0x6, 0x0, 0x1, 0x5, "842a72f41f7d230573d58c369b6ddae7f94516"}) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000000)={0x1, 0x8, 0x101, 0x6, 0x7, "3c7f61907d829c80d036dd13b5152598d46089"}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) [ 3031.284132][ T37] audit: type=1326 audit(1625346918.515:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20373 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3031.361617][T20376] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$RTC_VL_READ(0xffffffffffffffff, 0x80047013, &(0x7f00000000c0)) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$9p(r1, &(0x7f0000000040)="f1479cc5a65a4bee583f850b1f1473e28382", 0x12) socket$nl_generic(0x10, 0x3, 0x10) 21:15:18 executing program 2: ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000000)=0xb79) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SET_PDEATHSIG(0x1, 0x2) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x30) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 3031.714734][T20376] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:19 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x0, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:19 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RUNLINKAT(r1, &(0x7f00000000c0)={0x7, 0x4d, 0x2}, 0x7) write$P9_RLERRORu(r0, &(0x7f0000000040)={0x10, 0x7, 0x1, {{0x3, ')-+'}, 0x7fff}}, 0x10) 21:15:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xc902, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:19 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x9effffff) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) [ 3032.153038][ T37] audit: type=1326 audit(1625346919.385:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20776 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:19 executing program 0: rt_sigqueueinfo(0xffffffffffffffff, 0x13, &(0x7f0000000000)={0x1a, 0x50, 0x8}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f00000000c0)=0x2) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) getcwd(&(0x7f0000000000)=""/125, 0x7d) [ 3032.214305][T20779] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) write$P9_RCLUNK(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x79, 0x1}, 0x7) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_ROPEN(r1, &(0x7f0000000040)={0x18, 0x71, 0x1, {{0x0, 0x4, 0x5}, 0x6}}, 0x18) r2 = fork() write$P9_RGETLOCK(r1, &(0x7f00000000c0)={0x27, 0x37, 0x2, {0x2, 0x10000, 0x7, r2, 0x9, '/dev/kvm\x00'}}, 0x27) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r3, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREADLINK(r3, &(0x7f0000000100)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) 21:15:19 executing program 4: pause() r0 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) read$fb(0xffffffffffffffff, &(0x7f00000001c0)=""/109, 0x6d) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(0xffffffffffffffff, 0xc02064c3, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x9d7a, 0x5, 0x1, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000100)={0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r0, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000000)=[0x0], &(0x7f0000000140)=[r1, 0x0, r2], 0x1}) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r3, 0x800455d1, &(0x7f0000000240)) r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r4, 0xc008551b, &(0x7f0000000280)={0x4, 0x20, [0x1, 0x20, 0x0, 0x7d, 0x7fffffff, 0x100, 0x34, 0x1]}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0x10, 0x0) 21:15:19 executing program 0: ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045542, &(0x7f0000000080)=0xf7d) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x8, 0x5, 0x13, 0x3}, {0x0, 0x8, 0x1, 0x2}, {0x3, 0x94, 0x9, 0x5470}, {0x0, 0x6, 0xc0, 0x8}, {0x1, 0x9, 0x1, 0x7}, {0x6, 0xfa, 0x9, 0x5}, {0x12, 0x40, 0x3, 0x1}]}) syz_open_dev$rtc(&(0x7f0000000180), 0xffff, 0x2002) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) pipe2$9p(&(0x7f0000000100), 0x80000) pipe2$9p(&(0x7f0000000140), 0x84800) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x2, 0x3, 0x4}}, 0x14) write$P9_ROPEN(r0, &(0x7f00000000c0)={0x18, 0x71, 0x1, {{0x1, 0x0, 0x8}, 0x800}}, 0x18) 21:15:19 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1281, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 3032.529414][T20779] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:20 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x0, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(0xffffffffffffffff, 0xc0045520, &(0x7f0000000000)=0x42d) 21:15:20 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xc0000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:20 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_SEND_PRIO(r0, 0x6b, 0x3, &(0x7f0000000080)=0x2, 0x4) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x5, 0x200) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r1, 0x80dc5521, &(0x7f0000000040)=""/27) 21:15:20 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:15:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(0xffffffffffffffff, 0xc02064c3, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x9, 0x2, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x2}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc02864ca, &(0x7f0000000180)={&(0x7f0000000000), &(0x7f0000000140)=[0x0, r1, r2], 0x5, 0x0, 0x1}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:20 executing program 0: ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000000)=ANY=[@ANYRESDEC]) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000040)={0xfffffffa, 0x24, [0x7, 0x401, 0x271c, 0x80000000, 0x2, 0x5, 0x0, 0x4, 0x4]}) r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0xd5, 0x4000) r1 = fork() getpriority(0x0, r1) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000100)={{0x6, 0x0, 0x0, 0x8, 'syz1\x00', 0x7ffe}, 0x0, 0x20, 0x56, r1, 0x7, 0xfffffff9, 'syz1\x00', &(0x7f00000000c0)=['!\x00', '\x00', ')&\x00', '-{}\x00', '*\\@-\'&(\x00', '!:\x00', ',+^/\x00'], 0x1a, '\x00', [0x4, 0x5, 0xfc05]}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) [ 3033.030998][T20840] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3033.093711][ T37] audit: type=1326 audit(1625346920.325:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x50b040, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000200)={0x0, r1, 0x0, 0x0, 0x4}) r2 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, &(0x7f0000000040)=0x10, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f0000000100)={'nat\x00', 0x0, 0x0, 0x0, [0x0, 0x4, 0x5, 0x9, 0x4, 0x10001], 0x1, &(0x7f00000000c0)=[{}, {}, {}], 0x0, [{}]}, 0x88) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) getuid() r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x81, 0x100) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r2, 0xc0405519, &(0x7f0000000140)={0x3, 0x3, 0x1, 0x682, 'syz0\x00', 0xffffffff}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000000)=""/110) [ 3033.360307][T20840] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x5) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x1d, 0x9, 0xf5, &(0x7f0000000280)="d6eb14b34abec6eb623082697e89938a42e55bdf6044ac9e39007e96a2367246e0598c4bf4fddd18f3fd14b776ba4792a70aa3c3262b5a27261d51ba65ba3b0e0a13f45491704b68eca39f379a4226133b70412d6b6aad77229b2389327276aa57c31fe3157b0e00399a4386d347af9ea1c2fb43718d476c8befdcc1f1e5dd238a196c365cc5be8b0da658154dc1be0755dd58d373cde9190e6691aed4622c15a3c01096e7137a913cf4ec0e31d01fb7933cb55af51859908acc58a79babb9778d381205bb344e106d92972e3c15ced9b03474994591e4b9fbc88e497355744262b29b9f166272f5b8a483688c082732b7db235a82829c306da53d55c062e39701084620f66ae4c8369bdaa27413e8969ef6c004a164446b32208d67abce543de8158540bac91296f0e93e08c024fdbc4b239e26cf71ff0faa6bf233df78501a00e481f3957696fb9c4db762bfa6c0bbe54bc562a3a0f4a8f1c2282513bbb8042d00d8cea5723126a4a6d174ad189af9840bb1da8312804066c1aaef19a1c868a3b0fa4f29626ea765af81be77bcd614c37b19e7fdf5f2e0d8a11749fcdde429437d8a02831257f5b1a4c4d69b81452ae15b1e67d44b1537b15f7ff9873800bd9032457dfbe2578ca6038938ef444d051ff24bdcd8d3c601f3b3801870b25ec0ab7aded5873c26903dfcc8d7e36424e34bb18707b582194aab2400a5462efd3a94dd2651f8f9ad95ff25f0384aec3649312c325063e6d58636e4f27b8000b110e1d5a8aee544efacbebd9779b853278f18697dff9882a06aea6895d1171d753441d42b7df67b1abdf4cc986f4f8d3a88efe22cdf6f81e71bfb71add357e24097a6f9ff0f21698b57d8742ba6aea645fbe989df381351116a26223d74aa1f5f7b531056a5d8602a743e7b7921aa61336f734774207b838a94c5b669e678b3cae128b8d0aa57495ede8378d8b28b23f0209984aaf66d318a7a90d52ef749112c9cee003e34e3e34b4ed2f5e6534037d6a27f8b75b60a424fe27c82c57b1ecc68d81e8c28a7a1975ed3a74cc9cdd92ebab49e034e51a2715535f7ceaa9d3a0f79c7a45c476f1a3013563f9732327666e6917649371c6a5289376257cc8ce40463c3814332ee84b1f64319cd122f904eda6245566fed3fc9feeb754c070bce2c968a42b30893610a78580f6ed121da3f502d0f642eae0093ac8863312258d132253c9036022349534a1db7d61422e73f78de8d66fea07366d5bd7866dcd77403e32e106fca990125e70154652bfd98a7dcaa9ef1372617d770d5df30ae599afa7b3454f43b0997117e27e17d19298d396eb02ded1b744a4cf150a0ac9deb6d43281e2072534f699f572e216149db10e30ab0a89fdbc2466323b2107de5fff408a07a527adb9e1979eab592fd413d37f5e02c533873269d94773774bf95c6aabe57fe"}) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x210600, 0x0) syz_open_pts(r0, 0x10c01) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = syz_open_pts(r1, 0x24140) ioctl$VT_SETMODE(r4, 0x5602, &(0x7f0000000140)={0x5, 0x6, 0x4, 0x7, 0x7}) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000000000)=""/82) 21:15:20 executing program 0: ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x2}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], 0x7}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc02864ca, &(0x7f0000000240)={&(0x7f00000001c0)=[0x0], &(0x7f0000000200)=[0x0], 0x80, 0x1, 0x1, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000280)={0x0, 0x0, 0x0, r1, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f0000000300)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, r0, r1, r2, r3, 0x0], 0x6, 0x1}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:20 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f0000000100)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x28000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r3, 0x7003) r4 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000300), 0x800) accept$inet(r4, 0x0, &(0x7f0000000340)) syz_open_dev$sndctrl(&(0x7f0000000180), 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f00000001c0)) prctl$PR_GET_THP_DISABLE(0x2a) ioctl$RTC_WKALM_RD(r3, 0x80287010, &(0x7f0000000140)) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000010c0)=""/4097) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) 21:15:21 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x0, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:21 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf0ffffff) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8041, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x101100) r2 = syz_open_dev$dri(&(0x7f0000000100), 0x3, 0x606cc2) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r2, 0xc01064c1, &(0x7f0000000040)={0x0, 0x1, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r1, 0xc01064c1, &(0x7f00000000c0)={0x0, 0x0, r3}) 21:15:21 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0xf11e, 0x6, 0x6, 0x4}, {0xbf, 0x7f, 0x5, 0x9}, {0x1, 0x0, 0xd9, 0x7}, {0x40, 0x6, 0x81, 0x2}, {0x401, 0x40, 0x3, 0x1}, {0x7ff, 0xd7, 0x1, 0x3}, {0x8, 0x2, 0xcb, 0x7}]}) 21:15:21 executing program 2: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000000)={0x7, &(0x7f00000000c0)=[{}, {@fixed}, {@fixed}, {@fixed}, {}, {}, {@none}]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) 21:15:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$FBIOPUTCMAP(0xffffffffffffffff, 0x4605, &(0x7f0000000140)={0x200, 0x4, &(0x7f0000000000)=[0x4, 0x28, 0x8a, 0xc19], &(0x7f0000000040)=[0x9, 0x8, 0x3, 0x401, 0x6, 0x1, 0x7fff, 0x38, 0x0, 0xf001], &(0x7f00000000c0)=[0x8, 0x8000, 0xffe0, 0x5dd6], &(0x7f0000000100)=[0x3, 0x0, 0x7, 0x1f, 0x1, 0x4]}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3033.978014][T20903] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) [ 3034.036328][ T37] audit: type=1326 audit(1625346921.265:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20910 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:21 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) 21:15:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4b0900, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCCONS(r1, 0x541d) 21:15:21 executing program 2: getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000000000)=0xe8) setsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f0000000280), 0x4) r1 = socket(0x1f, 0x80000, 0xfffffffb) r2 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000080)={r2, 0x2}) socket$inet_sctp(0x2, 0x5, 0x84) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f00000001c0)={0xa0, 0x19, 0x2, {0x4, {0x8, 0x4, 0x7}, 0xa0, r0, 0x0, 0x7, 0x7, 0x7, 0x3f, 0x10001, 0x4, 0x10000, 0x9, 0x954, 0x4, 0x1, 0x1, 0xc0, 0x0, 0x800}}, 0xa0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x62040, 0x0) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f00000002c0)) ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x3) ioctl$VT_SETMODE(r3, 0x5602, &(0x7f0000000300)={0x1, 0x4, 0x0, 0x4, 0x8}) 21:15:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x0, 0x0, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8005}, 0x1) 21:15:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x81c0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3034.335360][T20903] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:22 executing program 5: ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, &(0x7f0000000000)={0x1, 0x3, 0x400, 0x4, 0x5dd6, 0xfffffffd, 0xf474}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40a00, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) 21:15:22 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x900c1, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7002) 21:15:22 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:22 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfcfdffff) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:22 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x0, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:22 executing program 2: write$9p(0xffffffffffffffff, &(0x7f0000000300)="7895369fb9f185f71047793d89773ab7e96224a112f0715476c4e4f845fc509383292c97995fdc6262cf6b7e418146faa12d62520cf14c377a9f10b25c1b545fc7599db8b8c4806197959925964f8072de348d9ea7e3a164b8ea21f824f5bb88a539b0c4e22b01529c369109009a6c0b7b7bae0073d863c54033122e439fedee5ab80b6cc24e99291880d96848ea75ddfe5d70f63e2b3a6540ee5c63514e33255d85331dd0b693f09a6baa710a4b4d08fddab544b813772e8fd6d47122400e8fc4e1ddd52a3f434ae912a596e2cd2ff6a043926c273d7d66f1916c353a8c056b05f9766804560834b0de8e5f7dc578f4bd4fb54ba2fc0800000047000000000000", 0x101) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f00000000c0)) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r1, 0x81785501, &(0x7f0000000240)=""/55) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000040)) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0x19, 0x1, {0x999eec391d456a1f, {0x22, 0x1, 0x7}, 0x8, 0xee00, 0xee00, 0x9, 0x8000000000000, 0x5, 0x80, 0x0, 0x2, 0x20, 0x3f, 0x6, 0x0, 0x8, 0x1558400000000, 0x1ff, 0x7fffffff, 0x56b6340b}}, 0xa0) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r3, 0x40405514, &(0x7f0000000280)={0x2, 0x4, 0xfff, 0x9a, 'syz1\x00', 0xfc9}) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000440)=""/254) [ 3035.009301][T20959] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:22 executing program 0: ioctl$FBIOGET_CON2FBMAP(0xffffffffffffffff, 0x460f, &(0x7f0000000000)={0x8}) ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f0000000280)) r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, 0x0) ioctl$FBIOPUTCMAP(r0, 0x4605, &(0x7f0000000400)={0x9, 0x2, &(0x7f0000000300)=[0x4, 0xfff8], &(0x7f0000000340)=[0x2], &(0x7f0000000380)=[0x5, 0x3], &(0x7f00000003c0)=[0x6e46]}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x5, &(0x7f0000000240)=[{0x20, 0x16, 0x2, 0x2}, {0x100, 0x0, 0x1f, 0x7ff}, {0x3f74, 0x3, 0x0, 0xfffffffa}, {0x8, 0x8, 0x15, 0xf7}, {0x4, 0x0, 0x81, 0xfffffff8}]}) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0) ioctl$FBIOPUTCMAP(r1, 0x4605, &(0x7f0000000200)={0x1ff, 0x5, &(0x7f0000000100)=[0xfffc, 0x6, 0xfc01, 0x430, 0x3], &(0x7f0000000140)=[0x82c8, 0x3ff, 0x80, 0x6, 0x20, 0x1, 0x9, 0x7, 0x400, 0x5], &(0x7f0000000180)=[0x6], &(0x7f00000001c0)=[0x6, 0x1, 0xfffe, 0x8001, 0x5]}) [ 3035.128050][ T37] audit: type=1326 audit(1625346922.355:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20967 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x105000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000040)=""/55) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f00000000c0)={0x3, 0x24, [0x1, 0x4, 0x939, 0x3ff, 0x2, 0x80000001, 0x200, 0xfff, 0x7fffffff]}) 21:15:22 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f00000003c0)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x509080, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x8, 0x800) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000400)={0x3, 0x4, 0x8, 0x200, '\x00', '\x00', '\x00', 0xfffffffb, 0x0, 0xfff, 0x8001, "e2576b6cf5b96a402335fa741cee4190"}) r4 = fork() getpriority(0x0, r4) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000280)={{0x6, 0x4, 0x5, 0x2, 'syz1\x00', 0x717}, 0x3, 0x10, 0x7f, r4, 0x4, 0x8, 'syz0\x00', &(0x7f0000000240)=['/dev/kvm\x00', '\x00', '\x00', '\x00'], 0xc, '\x00', [0x0, 0x7, 0x6df, 0x7ff]}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) set_tid_address(&(0x7f0000000000)) 21:15:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000180)={0x7, 0x7b, 0x1}, 0x7) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000000)) r2 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPCONNDEL(r2, 0x400443c9, &(0x7f0000000040)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8}) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000280)={{{@in=@local, @in6=@mcast1}}, {{@in=@remote}, 0x0, @in=@initdev}}, &(0x7f0000000200)=0xe8) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) pipe2$9p(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RREAD(r4, &(0x7f00000003c0)={0x33, 0x75, 0x2, {0x28, "8c3fda6c74133b6471f9891fe04fa872cf4ba31bca2eb059a060d782643d79ddda7b32da2ddf1e87"}}, 0x33) ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0) ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f00000001c0)={0x81, 0x8}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) sysinfo(&(0x7f00000000c0)=""/148) 21:15:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x404c03, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3035.331887][ T37] audit: type=1326 audit(1625346922.555:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20980 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:22 executing program 5: ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000001c0)={0x0, 0x3, 0x4, 0x14, 0x7, {}, {0x4, 0x1, 0x2, 0x0, 0x1, 0xff, "0651d677"}, 0xffff, 0x0, @offset=0x8, 0x10000}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f0000000100)=""/73) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RFLUSH(r1, &(0x7f0000000040)={0x7, 0x6d, 0x2}, 0x7) [ 3035.399643][T20959] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x573100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0) 21:15:22 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfcffffff) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_AIE_OFF(r1, 0x7002) [ 3035.602745][T21006] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:23 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x0, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f00000000c0)={0x10, 0x240, 0x190, 0x258, 0x9, 0x8, 0xf, 0x1, {0x4, 0x3ff, 0x1}, {0x5, 0x1ff, 0x1}, {0xff, 0x3, 0x1}, {0x1f, 0x7ff}, 0x2, 0x40, 0x4, 0x2, 0x1, 0x2, 0x3, 0xbfc, 0x9, 0x2, 0x7, 0x401, 0x27, 0x100, 0x2}) [ 3035.932289][T21006] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3035.966227][ T37] audit: type=1326 audit(1625346923.195:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21028 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3036.147564][ T37] audit: type=1326 audit(1625346923.375:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=20980 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:23 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000000)={0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r0, 0xc01064c1, &(0x7f0000000040)={0x0, 0x0, r1}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2a100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0x10, 0x0) 21:15:23 executing program 5: ioctl$FBIOGET_CON2FBMAP(0xffffffffffffffff, 0x460f, &(0x7f0000000000)={0x33, 0x1}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) syz_open_pts(r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x541b, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/162) 21:15:23 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfeffffff) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:23 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) syz_open_pts(0xffffffffffffffff, 0x20080) 21:15:23 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x5) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/234) r3 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, &(0x7f00000001c0)=0x10, 0x800) setsockopt$EBT_SO_SET_COUNTERS(r3, 0x0, 0x81, &(0x7f0000000300)={'filter\x00', 0x0, 0x0, 0x0, [0x1000, 0x0, 0x5, 0xfffffffffffff3e6, 0x0, 0x5768], 0x6, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x0, [{}, {}, {}, {}, {}, {}]}, 0xd8) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) [ 3036.290954][T21047] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000000)) 21:15:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000040)={0x4, 0x8, [0x7, 0xffff325b]}) 21:15:23 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000100)={0xa, &(0x7f0000000080)=[{0x5, 0x7, 0x8, 0x3}, {0x6, 0x9, 0x9, 0x1f}, {0x9, 0x1, 0x8, 0xee4}, {0x2, 0x81, 0xf9, 0x4}, {0x6c, 0xff, 0x6, 0x80000000}, {0x8, 0x80, 0x2, 0x8}, {0x9, 0xfd, 0x1, 0xf8000000}, {0xc60, 0xbc, 0xfb, 0x67b2}, {0x7f, 0x2, 0x6, 0xffff}, {0xffff, 0x4, 0x80}]}) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xff, 0x0, 0x9, 0x5}, {0x4, 0x20, 0x5, 0xfffffff7}]}) 21:15:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x761141, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3036.495454][ T37] audit: type=1326 audit(1625346923.725:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21070 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 3036.551914][ T37] audit: type=1326 audit(1625346923.775:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21070 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 3036.624735][T21047] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:24 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x0, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101143, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0) 21:15:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) getcwd(&(0x7f00000000c0)=""/181, 0xb5) 21:15:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) 21:15:24 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfffff000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3036.848300][T21091] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3036.894529][ T37] audit: type=1326 audit(1625346924.125:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21095 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20200, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x4023, 0x0) mmap$fb(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x7, 0x13, r1, 0xcc000) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:24 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 21:15:24 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x541b, 0x0) 21:15:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLERROR(r1, &(0x7f0000000000)={0x12, 0x7, 0x1, {0x9, '/dev/kvm\x00'}}, 0x12) [ 3037.183300][T21091] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:24 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) 21:15:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f00000000c0)={0x0, @xdp={0x2c, 0xd, 0x0, 0xb}, @qipcrtr={0x2a, 0x3, 0x7ffe}, @generic={0x1a, "fdbd83d98e4adf66ee6153447ce0"}, 0x40, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000000)='ip6tnl0\x00', 0x3ff, 0x5, 0x4}) [ 3037.322153][ T37] audit: type=1326 audit(1625346924.555:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21070 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 3037.344196][ C1] vkms_vblank_simulate: vblank timer overrun 21:15:24 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x82, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000100)=""/60) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:24 executing program 5: prctl$PR_SET_SECUREBITS(0x1c, 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:24 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfffffdfc) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:24 executing program 0: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$FBIOPUTCMAP(r0, 0x4605, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140), &(0x7f0000000180), 0x0}) prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) 21:15:24 executing program 2: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x40401, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000040), 0x7, 0x22001) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f00000000c0)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc02864ca, &(0x7f0000000180)={&(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0], 0x0, 0x1, 0x4, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(0xffffffffffffffff, 0xc02064c3, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x81, 0x5, 0x1, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r1, 0xc02064cc, &(0x7f0000000240)={r2, r3, r4, r5, 0x5}) write$vga_arbiter(r0, &(0x7f0000000040)=ANY=[], 0x14) write$vga_arbiter(r0, &(0x7f0000000000)=@other={'lock', ' ', 'io'}, 0x8) [ 3037.780054][T21157] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000140)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40280, 0x0) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(0xffffffffffffffff, 0x400443c9, &(0x7f0000000100)={@any, 0x54}) ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000000040)={0x0, 0x20, 0x3, 0x401, 0x5}) 21:15:25 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x6, 0xe2, 0x3, 0x2}, {0xfa67, 0x1, 0x4, 0x2a0a}, {0x800, 0x3f, 0x0, 0x6}, {0x9, 0x8, 0x40, 0xd5}, {0x4, 0xfc, 0x8, 0x9}, {0x8, 0x40, 0x7, 0x9}]}) 21:15:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) prctl$PR_MCE_KILL_GET(0x22) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x2, {0x0, 0x3, 0x5}}, 0x14) write$P9_RWSTAT(r1, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x38dece4ef63c3da7) r3 = getuid() write$P9_RGETATTR(r2, &(0x7f0000000100)={0xa0, 0x19, 0x1, {0x200, {0x80, 0x4, 0x6}, 0x0, r3, 0xee00, 0xc65, 0x1, 0x101, 0x5, 0x7f7, 0x39, 0x9, 0x6, 0x8, 0x5be8, 0x8, 0x323c, 0xa82, 0x2, 0x8b7}}, 0xa0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x630ec1, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:25 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r0, &(0x7f0000000040)={0x7, 0x1b, 0x2}, 0x7) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) 21:15:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000100)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCGPTPEER(r2, 0x5441, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000000)=""/214) [ 3038.120233][T21157] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:25 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x0, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x71, 0x2, {{0x1, 0x0, 0x2}, 0x1ff}}, 0x18) 21:15:25 executing program 2: write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1200000007020009002f646576ea4b366f00"], 0x12) syz_80211_join_ibss(&(0x7f00000000c0)='wlan0\x00', &(0x7f0000000100)=@random="a618a23f485bc2ef3c30e960ff18214a7b7eb95f8a8b", 0x16, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r1, 0xc01064c1, &(0x7f0000000140)={0x0, 0x1}) 21:15:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000000)={0x3, 0x401, 0x6}) 21:15:25 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x400, 0x0, 0xfa, 0x8}]}) 21:15:25 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xffffff9e) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r1, 0xc01064c1, &(0x7f0000000000)={0x0, 0x1}) r2 = syz_open_dev$rtc(&(0x7f0000000040), 0x8, 0x2) ioctl$RTC_PLL_SET(r2, 0x40207012, &(0x7f00000000c0)={0x3, 0x1, 0x8, 0x3f, 0x3, 0x1, 0xbf}) 21:15:26 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3038.687888][T21209] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3038.707762][ T37] kauditd_printk_skb: 2 callbacks suppressed [ 3038.707779][ T37] audit: type=1326 audit(1625346925.935:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21213 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:26 executing program 0: ioctl$GIO_UNIMAP(0xffffffffffffffff, 0x4b66, &(0x7f0000000040)={0xa, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x8) prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) 21:15:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x6, 0x25, 0xd, 0x12, 0x2, 0x8, 0x0, 0xfa, 0xffffffffffffffff}) 21:15:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101602, 0x0) ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) syz_open_pts(r1, 0x80c80) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f00000000c0)={'filter\x00', 0x0, 0x0, 0x0, [0x32, 0x3, 0x0, 0x84f, 0x8001, 0x7], 0x5, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}], 0x0, [{}, {}, {}, {}, {}]}, 0xc8) [ 3039.063922][T21209] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:26 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x0, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$media(&(0x7f0000000000), 0x9, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000040)) r2 = fork() getpriority(0x0, r2) waitid(0x1, r2, 0x0, 0x2, &(0x7f00000000c0)) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0)) 21:15:26 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x80000000, 0x80000) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r0, 0xc02064cc, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1}) 21:15:26 executing program 5: write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="090080000000000000272c3af7e700002e8eec054c6b8ddcfd0fed5b695b0d6a80032d11584b479f57f1e3025ffc458573f1025fb4b93f082eee41c66749bef0aa834155fe2167f2629c889942"], 0x10) 21:15:26 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfffffff0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:27 executing program 0: r0 = getegid() getgroups(0x3, &(0x7f0000000000)=[r0, 0xffffffffffffffff, 0xee01]) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) socket$inet(0x2, 0x3, 0xfffffff8) 21:15:27 executing program 5: prctl$PR_GET_THP_DISABLE(0x2a) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3039.730283][T21267] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3039.791886][ T37] audit: type=1326 audit(1625346927.025:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21275 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RVERSION(r1, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1, 0x8, '9P2000.u'}, 0x15) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:27 executing program 0: personality(0x6) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_xfrm(0x10, 0x3, 0x6) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@target={'target ', {'PCI:', '14', ':', '16', ':', '3', '.', 'b'}}, 0x15) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000180)={'nat\x00', 0x0, 0x0, 0x0, [0x6ce4, 0x1000, 0xfffffffffffffffc, 0x8, 0x80, 0x3], 0xa, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x118) 21:15:27 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) [ 3040.067121][T21267] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:27 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x0, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x6080, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/4096) 21:15:27 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfffffffc) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:27 executing program 2: ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, &(0x7f0000000000)={0x4, 0x5}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/42) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:27 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) 21:15:27 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RUNLINKAT(r0, &(0x7f00000000c0)={0x7, 0x4d, 0x1}, 0x7) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x254301, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f0000000100)=""/21) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) clock_gettime(0x0, &(0x7f0000000000)) [ 3040.699132][T21322] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000100)={0x6, 0x14, [0x0, 0x6, 0x3, 0xfffffffc, 0x7fff]}) waitid(0x2, 0xffffffffffffffff, &(0x7f0000000000), 0x1, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101040, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3040.753393][ T37] audit: type=1326 audit(1625346927.985:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21329 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:28 executing program 0: ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000400)={0x0, 0x1, 0x12, 0xf, 0x140, &(0x7f0000000000)="ae4b1f9a686f1126c1f93722815883c4dcdbbf5db92e68833b041f27f482396d9299c3d5efaf9383cee6a858a52f8ce55ba7e60f8ca5b1e51ac0cba77d3b2893fa2729973108184ff5b4eb084976fdf9c711d67484a7041eb4e69af3aa5be479eb68cd8aec6ded47e18404ebe54ccd5f9578b7781a1fd6752b649e3302f85c070e3e02712ea94ee0c6f34296715aad5623272d4d0703569f3ae7422a4d131f8903408b530f29e66cd490cb826b6faed0e12367c8c9b46918b71f360fdf546497857525a48778a559cc3d5fdae6cf12c3cfd2d737a4389298a55cf5e34dd9833c60bcb73c2893f1ddd9171dbdb819fe0697b38e819a215b7624229e74ccc99794cad945adb8ce3e8172bfebb0d5ce505033f62534e77c8b39daa1e0a62d67dc44c25d731c9623353f07e9f66273652da1196bbaa8c2f01c7a21e6e072393285d9f6dbb6647b8520f0c85254cf4eca12e4387e33612e3078095040469dc7a83fbd3ce9dee8e1c443b1ac71aea77901d146d4dc11ea16199eb04a37a9937ebcaf90efa3d0222d2e27d1f116f958db1366bc440ff286b0400b6c67648794721ba132d0ea8773d08a1a6c8717fc5a0b5ae4001aa37a349d0cdb91a9d76ad9bd784f5af3c5f86ca1cd508bf8d021eeb3c2f96706ec77a2760b1660b141b1991904ba0c738d0bfe53044cf6947b307f755217f37fc6f4487759af46f3db661903c8278cb67fb587c0df14d0ee201a69dd84b47555da792237ef036b4aa0fef8717ad308045f9d4f522aa6fa6ca7a6c826d4420dad0f57401e259a91c35f20469a9741061253cec5288ba75892f691110fa7f3743b7ab5af48a815316c558dd679fa3fc02f58199cd13f573a038863c8f64b6c1c99fb47971649477eb6cc99a22ab26e63e097b1009aa99d6d97f38f4fc30ba20b37d5b25dc7de144192bdbe769303a761e36da6248fc9900120536dd00a6f156844a65e0b1ad4a8cf52210aa6b5f0d3d068e72e66a18b54bd15adc250268bd7e4d3ab3d128b77437bef960323e60fca07a6085ea64cc4ecdd54f4d822f3c75bde34a0da1301aaa487ded6a57d9395db1a340a1a04725dc684d7bf5dd188b29809af1e487f3c29f8ccf02530fabd421c3aea7b7f009add49d0a8a97be5c7833da2dadb964188e4c24b57618bf3a2a911a3c9644c80d30f0273a9e11cd85f989ed8b9a1d568e68302cb7a316b5edaa73bbd4e80286e7e872a87f0580562a5ca4b73b7558c00185d7931dbe42f902fd38f2f7a0c18ddbb4c894f68ac2f0c07575488ce9a3f73f1b623be537765c98149e498e6ed392ee3e7cedc93e68d0c40a5e7dfe017ced55407d3e04167f034784a2d5152228e3fcf5e86544001c983a88736a8ac79d24480403b9ff5bf41410cd51bc787a3cd6b41b2493592e9eede374dcc0e17988f0fe757305341db884a3e94f92b"}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:15:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000000)={0xfff, 0x81, 0x929}) 21:15:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x4a4401, 0x0) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) socket$inet6(0xa, 0x80000, 0x3) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000400)=""/72) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000002c0)={{0x3, 0x0, 0x9, 0x80000001, '\x00', 0x7fff}, 0x5, 0x200, 0x1, 0xffffffffffffffff, 0x2, 0xe78, 'syz0\x00', &(0x7f0000000040)=['-,],/+W-,\x00', '/dev/kvm\x00'], 0x13, '\x00', [0x9, 0x8000, 0x3, 0x3]}) ioctl$FBIOGET_VSCREENINFO(0xffffffffffffffff, 0x4600, &(0x7f0000000100)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000001c0)=""/159) 21:15:28 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xfff8, 0xfe, 0x1f, 0x4}, {0x80, 0x0, 0x4, 0x4}]}) r0 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r0, &(0x7f0000000180), 0x18) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000080)={r0}) 21:15:28 executing program 4: r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x8000, 0x84a01) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r2, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = syz_open_dev$dri(&(0x7f0000000040), 0x4, 0x880800) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r4, 0xc00864c0, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r2, 0xc01064c1, &(0x7f0000000100)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f0000000200)={&(0x7f0000000180)=[r5, r5, r5, r5, r5, r5, r5], &(0x7f00000001c0)=[r1, r3, r1, r3], 0x2, 0x7, 0x6, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r2, 0xc02864ca, &(0x7f0000000280)={&(0x7f0000000140)=[r5, r5, r6], &(0x7f0000000240)=[r7], 0xfffffffffffffc7d, 0x3, 0x4}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r8, 0x10, 0x0) [ 3041.025116][T21322] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3041.039286][ T37] audit: type=1326 audit(1625346928.265:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21363 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:28 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x0, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:28 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000100)=0x6) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f00000000c0)) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000000)={0x3da4, 0x5, 0x8, 0xf6, 0x1a, "2444fa7418e81416b547b1af230cb436cb3056"}) 21:15:28 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfffffffe) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(0xffffffffffffffff, 0x400443c9, &(0x7f0000000000)={@any, 0x2}) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x101000) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f00000000c0)={0x7f, 0x4, [0x1000]}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000100)=0x9) 21:15:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84c00) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000000c0)={0x24, 0x37, 0x1, {0x1, 0x0, 0x5, 0x0, 0x6, '9P2000'}}, 0x24) write$P9_RVERSION(r1, &(0x7f0000000040)={0x13, 0x65, 0xffff, 0x6493205a, 0x6, '9P2000'}, 0x13) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) write$P9_RLINK(r1, &(0x7f0000000100)={0x7, 0x47, 0x1}, 0x7) [ 3041.686102][T21390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3041.833711][ T37] audit: type=1326 audit(1625346929.065:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21363 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:29 executing program 4: r0 = socket(0x1f, 0x4, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r0, 0x800443d3, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2, 0x1, 0x6}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) 21:15:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000000c0)={{0x3, 0x3, 0xffffc919, 0x5ee2, '\x00', 0x4}, 0x6, 0x0, 0x7fff, 0xffffffffffffffff, 0x2, 0x9, 'syz0\x00', &(0x7f0000000000)=['{\x00', '/dev/kvm\x00'], 0xb, '\x00', [0x4, 0x5, 0x1, 0x7]}) 21:15:29 executing program 0: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, &(0x7f0000000000)={0x10, 0x20, 0xbb0, 0x360, 0x6, 0x922, 0xf, 0x2, {0x2b, 0x1, 0x1}, {0x10000, 0x1}, {0x8, 0x1, 0x1}, {0x7, 0x0, 0x1}, 0x1, 0x2, 0x6, 0x9e, 0x1, 0x0, 0x7, 0xe3, 0x8, 0x1, 0x1ff, 0xfd6f, 0x20, 0x200, 0x1, 0xb}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) [ 3041.941057][ T37] audit: type=1326 audit(1625346929.105:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x47, 0x1}, 0x7) 21:15:29 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) sched_getattr(0x0, &(0x7f0000000040)={0x38}, 0x38, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) ioctl$FBIOBLANK(r1, 0x4611, 0x3) [ 3042.094312][T21390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:29 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:29 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0xc9, 0x0, 0x1, 0x4}]}) syz_open_dev$sndctrl(&(0x7f0000000000), 0x6, 0x101000) 21:15:29 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x0, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2b) 21:15:29 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:29 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x10080, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/143) 21:15:29 executing program 0: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x85000) write$P9_ROPEN(r0, &(0x7f0000000040)={0x18, 0x71, 0x2, {{0x20, 0x3, 0x7}, 0x8}}, 0x18) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0xc000) write$P9_RREADLINK(r1, &(0x7f00000001c0)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r2, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r3, &(0x7f0000000000)={0x7, 0x4d, 0x2}, 0x7) fork() openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) write$P9_RREMOVE(r0, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) [ 3042.629082][T21459] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = fork() r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80402, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/245) getpriority(0x0, r1) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000001c0)=""/180) getpriority(0x1, r1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 21:15:29 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x668e00, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x41040800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x34}}, 0x24040840) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000140)=""/113) [ 3042.680232][ T37] audit: type=1326 audit(1625346929.915:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21460 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:30 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:30 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0xaf8, 0x2, 0x19, 0xfff}, {0x4000, 0x0, 0x8, 0x3}, {0x6, 0x4d, 0x1, 0x3}, {0x5, 0x20, 0x6, 0x2}, {0xffff, 0x9, 0x7}, {0x401, 0xe0, 0x2, 0xfffffffd}, {0xff7f, 0x3, 0x0, 0x1000}, {0xe9d, 0x8b, 0x3f, 0x200}]}) 21:15:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREAD(r1, &(0x7f0000000180)={0x21, 0x75, 0x1, {0x16, "6eb03cf9b961f362e857a1b1ddddf5176db95e720323"}}, 0x21) ioctl$FBIOGETCMAP(0xffffffffffffffff, 0x4604, &(0x7f0000000140)={0x2, 0x5, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0], &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 21:15:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x214400, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f0000000100)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000180)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000000)=""/97) [ 3042.876773][T21485] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:30 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x0, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) fork() 21:15:30 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(0xffffffffffffffff, 0xc0405519, &(0x7f0000000000)={0x0, 0x3, 0x1000, 0x20, '\x00', 0x400}) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000100)={0x8, &(0x7f0000000080)=[{0x6, 0xf7}, {0x1, 0x1f, 0x7, 0x1}, {0x1, 0x5, 0x5b, 0xee5}, {0x7fff, 0x7f, 0xcb, 0xff}, {0xffff, 0x41, 0x6, 0x2}, {0x7f, 0x8, 0x17, 0x3b}, {0x3, 0x80, 0x81, 0x8}, {0x800, 0xa1, 0xc7, 0x9a76}]}) ioctl$RTC_VL_CLR(r0, 0x7014) 21:15:30 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x9000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/210) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x10440, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_PLL_SET(r1, 0x40207012, &(0x7f0000000000)={0x6, 0x3, 0x8, 0x7ff, 0x8, 0x289cfe8a, 0x6dec}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x8c40) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f00000000c0)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000180)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r2, 0xc01064c5, &(0x7f0000000200)={&(0x7f00000001c0)=[r3, 0x0, 0x0, r4, r5, 0x0, 0x0, 0x0, 0x0, r6], 0xa}) [ 3043.550525][T21527] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:30 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) write$fb(0xffffffffffffffff, &(0x7f0000000180)="239878a98fb87350235672e2f4fd58654e9c9db076617e5b58c56e082b7393b0a5d8cc12146ee799219ed4c3ea23e089a122e6f218f54e566f8d12610fe77a0a64ba2bd250c5fc591c27f7e52bb59ba013cf989de0066d1d58b8d234a830e63d9e1d6adb4f4e1273f34f0613399d43c15c6e8e659a235eb6aa8bc8bac0b0d16116711aadba6861cc735d67", 0x8b) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000140)) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/98) syz_80211_join_ibss(&(0x7f0000000000)='wlan0\x00', &(0x7f0000000040)=@default_ibss_ssid, 0x6, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:30 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x20000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3043.662909][ T37] audit: type=1326 audit(1625346930.895:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21526 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3043.685008][ C0] vkms_vblank_simulate: vblank timer overrun 21:15:31 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) getgid() 21:15:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x102000, 0x0) socket(0x9, 0x3, 0x8000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000000)) r3 = socket(0x29, 0x2, 0x0) ioctl$TIOCCONS(r1, 0x541d) ioctl$sock_bt_cmtp_CMTPCONNADD(r3, 0x400443c8, &(0x7f0000000000)) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r4) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 3043.835771][T21550] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x10, 0x738, 0x1709, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xff, 0xc0, 0x6, [{{0x9, 0x4, 0x0, 0x3, 0x2, 0x3, 0x1, 0x0, 0x5, {0x9, 0x21, 0x800, 0x0, 0x1, {0x22, 0x4d0}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0xff, 0xc0, 0xff}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x7, 0xfd, 0xfd}}]}}}]}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x201, 0x0, 0x8, 0x8, 0x40, 0x6e}, 0x13, &(0x7f00000000c0)={0x5, 0xf, 0x13, 0x2, [@wireless={0xb, 0x10, 0x1, 0x4, 0x0, 0x74, 0x7f, 0xd5d, 0x40}, @ptm_cap={0x3}]}, 0x3, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x380a}}, {0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x100a}}, {0xd0, &(0x7f0000000180)=@string={0xd0, 0x3, "04177b8988697c6a8b4667fe147d8b4999941b9efa13602dea8ab53b26be5979ef36600fc66b0f652b5198c495a420d15a938c87b40930ab465886009f5ad752b92fa537ddc7cf11d2ddea4aeb0ea3d822729c3f711b325202905164b92ba148ae1e0f82e2e492166c64f44bf25f80f398a03a12282e44b7c698d703aa89091c41160c1dd27c70e289150e42ae1e3760fba5ebaa364daecb77a7aa0dd489d24d85bbaf1daf3254f17b27cfe4d950ae5bcb7a12df296bb4c20de2df7eab30b1bb9f23c7f2b10301036e1e4d80647e"}}]}) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3043.903175][ T37] audit: type=1326 audit(1625346930.925:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21522 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) r1 = syz_open_pts(0xffffffffffffffff, 0x149000) ioctl$VT_RELDISP(r1, 0x5605) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(0xffffffffffffffff, 0xc01064c5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0], 0x2}) 21:15:31 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x40030000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3044.000242][ T37] audit: type=1326 audit(1625346931.175:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21554 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3044.078096][T21574] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3044.431252][ T37] audit: type=1326 audit(1625346931.665:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21522 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:15:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x4, 0x1, 0x1, 0x7fff, 0x18, "85680cb6e8fbf726fbfd4a5bcb72c5f2196e57"}) ioctl$TIOCCONS(r0, 0x541d) prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:15:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x4101, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x60601) r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x123081, 0x0) ioctl$FBIOPUT_CON2FBMAP(r2, 0x4610, &(0x7f00000000c0)={0x1b, 0x2}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r1, 0xc00864c0, &(0x7f0000000000)) 21:15:31 executing program 2: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RLOPEN(r0, &(0x7f00000000c0)={0x18, 0xd, 0x1, {{0x1, 0x2, 0x6}, 0x8}}, 0x18) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x2100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) 21:15:31 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf0ffffffffffff) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3044.533130][T21586] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:31 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f00000000c0)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) r3 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r3, 0x4606, 0x0) ioctl$FBIOPAN_DISPLAY(r3, 0x4606, 0x0) ioctl$FBIOPUT_CON2FBMAP(r2, 0x4610, &(0x7f0000000000)={0x3c, 0x1}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) getgid() 21:15:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x30100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000100)) r2 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r2, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_RESET(r2, 0xc01064c4, &(0x7f00000000c0)={&(0x7f0000000080)=[r3, 0x0], 0x2}) 21:15:32 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:32 executing program 0: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x40000) write$P9_RLOPEN(r0, &(0x7f0000000040)={0x18, 0xd, 0x1, {{0x1, 0x2, 0x1}, 0x40}}, 0x18) 21:15:32 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x10582, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000100)=""/4096) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(0xffffffffffffffff, 0xc008551c, &(0x7f0000000000)={0x0, 0x4, [0x7]}) 21:15:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200800, 0x0) openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x2080, 0x0) 21:15:32 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xcee19b4144586a19, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f00000000c0)={0x1, 0x1, {0x26, 0x1a, 0xf, 0x2, 0x1, 0x5b, 0x1, 0x18, 0xffffffffffffffff}}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000000)={0x3, 0x80000001, 0x5, 0x3, 0xb, "11b52e4f571996459bca15e05a591f0a10a8b7"}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000040)) 21:15:32 executing program 0: r0 = syz_open_dev$media(&(0x7f0000000000), 0x9, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f00000000c0)=0x10) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000040)) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) exit(0x441) [ 3044.864368][T21586] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3044.887660][ T37] audit: type=1326 audit(1625346932.115:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21629 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:32 executing program 5: r0 = socket(0x9, 0x800, 0xe35d) ioctl$sock_bt_cmtp_CMTPCONNDEL(r0, 0x400443c9, &(0x7f0000000000)={@none, 0x8de}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x541b, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(0xffffffffffffffff, 0xc0405519, &(0x7f00000000c0)={0x4, 0x3, 0x7, 0xfff, '\x00', 0x9}) socketpair(0x5, 0xa, 0x20, &(0x7f0000000040)) 21:15:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x100000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:32 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f00000001c0)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0)=0x0) write$P9_RGETATTR(r0, &(0x7f0000000100)={0xa0, 0x19, 0x2, {0x4, {0x8, 0x1, 0x8}, 0x8, 0xee01, r1, 0x100000001, 0x8001, 0x2da05c02, 0x200, 0x3, 0xffffffff, 0x8, 0x7, 0x6c0, 0x6, 0xf857, 0x9, 0x8, 0x3, 0x101}}, 0xa0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0x10, 0x0) 21:15:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x6, 0x10e40) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000040)) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(r1, 0xc01064c2, &(0x7f00000000c0)) [ 3045.069109][T21659] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:32 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_VL_CLR(r1, 0x7014) 21:15:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x200000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3045.277233][T21686] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:32 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x0, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x130400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x7, 0x40) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f00000000c0)={{0x8, 0x0, 0x0, 0x2, '\x00', 0xffff}, 0x4, 0x10, 0x3338, 0xffffffffffffffff, 0x3, 0x3, 'syz0\x00', &(0x7f0000000040)=['/dev/kvm\x00', '\x00', '#[\x00'], 0xd, '\x00', [0xdaff, 0x3, 0x1, 0x3]}) r2 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x7, 0x100) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f00000002c0)=ANY=[@ANYBLOB="007e17820be479ad79c47730747b297a0000001c000000da9452fed0a900000800000000"]) ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x3) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000240)={0x2, 0x14, [0x23, 0x9, 0x800, 0x5, 0x7]}) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r3, 0xc0045540, &(0x7f0000000280)) 21:15:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x670e01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:32 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000180)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000040)) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000140)={0x7, 0x7f, 0x2}, 0x7) r3 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r3, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r3, 0xc01064c1, &(0x7f0000000040)) r4 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x3e, 0x424202) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r4, 0xc0045520, &(0x7f00000001c0)=0xb0e) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r4, 0x40405514, &(0x7f0000000100)={0x1, 0x4, 0x5, 0x1, 'syz1\x00', 0x45c}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x123080, 0x0) 21:15:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x300000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3045.738874][T21703] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3045.811941][ T37] audit: type=1326 audit(1625346933.045:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21705 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3045.834192][ C0] vkms_vblank_simulate: vblank timer overrun 21:15:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x130400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x7, 0x40) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f00000000c0)={{0x8, 0x0, 0x0, 0x2, '\x00', 0xffff}, 0x4, 0x10, 0x3338, 0xffffffffffffffff, 0x3, 0x3, 'syz0\x00', &(0x7f0000000040)=['/dev/kvm\x00', '\x00', '#[\x00'], 0xd, '\x00', [0xdaff, 0x3, 0x1, 0x3]}) r2 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x7, 0x100) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f00000002c0)=ANY=[@ANYBLOB="007e17820be479ad79c47730747b297a0000001c000000da9452fed0a900000800000000"]) ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x3) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000240)={0x2, 0x14, [0x23, 0x9, 0x800, 0x5, 0x7]}) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r3, 0xc0045540, &(0x7f0000000280)) 21:15:33 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$FBIOGETCMAP(0xffffffffffffffff, 0x4604, &(0x7f0000000140)={0x2, 0x6, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 21:15:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getcwd(&(0x7f0000000000)=""/57, 0x39) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000140)={0x1, 0x7f, 0x7fe000, 0x10001, 0x16, "42245dc8fae11b9b7dd7a29d3f40c722d6837c"}) syz_open_dev$vim2m(&(0x7f0000000040), 0x5, 0x2) getcwd(&(0x7f00000000c0)=""/87, 0x57) 21:15:33 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x400000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:33 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x9, 0x5000) r2 = fork() getpriority(0x0, r2) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f00000000c0)={{0x9, 0x4, 0x6, 0x9a, 'syz1\x00', 0xc739}, 0x3, 0x10000000, 0x8, r2, 0x6, 0x5, 'syz1\x00', &(0x7f0000000040)=['\'-*\x00', '\x00', '/dev/kvm\x00', '/dev/kvm\x00', '/dev/kvm\x00', '/dev/kvm\x00'], 0x29, '\x00', [0xb8d7, 0x3, 0x86, 0x1f]}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3045.944943][T21718] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:33 executing program 2: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000080), 0x2a81c1, 0x0) read$fb(r0, &(0x7f00000010c0)=""/4096, 0x1000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x191842, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) 21:15:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f00000000c0)={0x0, @qipcrtr={0x2a, 0x1, 0x2}, @can, @in={0x2, 0xd922, @dev={0xac, 0x14, 0x14, 0x28}}, 0x7a, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000000)='batadv_slave_0\x00', 0x7, 0x4}) 21:15:33 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x0, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:33 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x500000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:33 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000000)=""/12) 21:15:33 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:33 executing program 2: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) ioctl$FBIOGET_VSCREENINFO(0xffffffffffffffff, 0x4600, &(0x7f00000000c0)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 21:15:33 executing program 5: clock_getres(0x1, &(0x7f0000000000)) prctl$PR_GET_SECUREBITS(0x1b) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3046.674477][T21771] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3046.698924][ T37] audit: type=1326 audit(1625346933.925:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21764 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3046.721189][ C0] vkms_vblank_simulate: vblank timer overrun 21:15:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x430001, 0x0) r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x4) ioctl$VT_RELDISP(r1, 0x5605) ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0x17, 0x1b, 0x1c0, &(0x7f00000000c0)="8757e70ffafe228c599ce30897eab26ecfb888bad5277a277ff435e54175c25d7c9f077f1df742d8c87d50258fbddda0dab5e78792f6ea007bc4c9bf08bf453c7c0e22607df88ad762f60fb27d38c2290e0fa1786c9692976692b8acbe8f92dba08da907da6364e0a64c2d5af99d03e165e9cab9df774b1ba0150e8e5b9fd1b0636666529de292d8edea9cb51983dfa16c8b47ad4d0fc7edc6927b566dbb937b3862d08de5b6983d72208ce6d4617967c65b044d411a8940a3c1bfcad91d12dddad111dae2efa5738efe5740d7014addf56cf6b1332bbc02e041809b1155ee5c3572ede0ca85e919ab2f1841fdb954049f5293c38d6a5d422896e8e383be222d16735084d47e2c5f9b6f2fdccde036e60d6dbd43502ea9b0d293942b7ea945f9bf5ef5ac2372494fd4b040f7337516436dfbe82c3e012a544da36483237bd0278d2f97477b463b6fe8ea164e881323183fa625aec2b4fc79c534075b5cdd79c0328f72c8ede10cdca053b1a28b771228ec4ed6ba0c206ca03e408b8d4d6bf88e61a4032d1462508f396b2cac69762ace2d646d71e1791b20f960802afb005cbbdf2be8dd86e1ab02c2fbbc0a9b92a761052e51121c685b03254f803ab5ec66f564b6f38be628f8a2e5fe37becf3a61a8ec044656543757068e33f8a30778bc9ce71b6eaf0824ca0cea49cdbcf0f24d636c489e5dc5394ac412d19aeb43da7d9b422891deef31cb076eee9deadc7f1a1dfb2ded9f988bb374e3cc9bbb4abfc8999d26da5327a73e03e8fed36568ed4f7ad5da4be1f14fc81cfb40b6a001f0d1baf5fed7be285ac5b6c80ac02fd8060330c49011c09838f507e1daf9cbed3fc4ab6f26b51fade4405616a83d9f450e4b4879ba4948ef67088bd1d638f3184ed48ec8f3cef4b24ff9351d8e651a4b2b0bd343482c9623ff63cb54022b356caeb2a7dc4fc4eb696b517d170812fe62be296bca80a35473187911957aa87a992e6e48eeaf352b768049015053aa79d8b9cecbdf2e70d202314499b7f48d925ea1ebc50f5256e439e71044f02ae81227e61a28282ec9bcbfcf12909f65a03a78846d85c53cd683135d76bce49fb86f4cbc4144f64776d3f978716ec82eb97707ee5cf4ee0d08d08f3dff42723b0c73bc949dbd0694d80e7ee3aa1e44689ae5ba574a84edc2ba1666da69734b1381b45a55f4710c89c16429859dee4cb0ed44eefa331aa31514e53ec498917711b7c7ac2426d2192c6a064e569513e9abd3bc488a080ba76e666dba39b7dc3b12cd6c682f92418ab1200cf5dca446d8811189961b539902da90a7dd5e6e4cb66a50b34990c6f14d02fe879f66e517b21e646edbdc7e5cfa3d4891357ff51964471d34f1ac575b97c569424ce2208742dce1f7e4d0472f70e35b843553c17e04e4a1f608886f18297cc4385e540709a57154e41283a1f9"}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1c01, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)={0x13, 0x65, 0xffff, 0xff, 0x6, '9P2000'}, 0x13) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:34 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x600000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:34 executing program 5: ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000040)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f0000000140)={&(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x2}) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(0xffffffffffffffff, 0xc02064c3, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, r0], 0x8001, 0x9, 0x4, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000200)={r0, r1, r2, r3, 0x6}) sched_yield() r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0x541b, 0x0) [ 3046.806469][ T37] audit: type=1326 audit(1625346934.035:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21772 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x10043, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) 21:15:34 executing program 5: write$P9_ROPEN(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(0x0, 0x0) write$P9_RREAD(0xffffffffffffffff, 0x0, 0x0) fork() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x690000, 0x0) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@target={'target ', {'PCI:', 'e', ':', '1c', ':', '1f', '.', '8'}}, 0x15) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3046.942607][T21794] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:34 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x0, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x60801, 0x0) write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x67, 0x1, {0x20, 0x3}}, 0x14) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:34 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x700000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:34 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) rseq(&(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x7, 0x6, 0x100, 0x5c59}, 0x7}, 0x20, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f00000000c0)={0x0, 0x2040, 0x1000, 0x0, 0x14, "df0ba0dfafa4024984f72675258fdc5d7e14eb"}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r2, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLERROR(r2, &(0x7f0000000100)={0xb, 0x7, 0x2, {0x2, ':\x18'}}, 0xb) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) write$9p(r2, &(0x7f0000000140)="50052df6e6759d01ef019487b830f89139cd78d269bcc350ddfaa0bbaf7fa534223f7ee03bae7dfa8699914923de97de78a64fc6870187cfc6681f57585533fed0682dba3cb24af15cea30433d10ebdedcd56f31f0e394f89c0edeafdce663259c932cd3ea76f6df18e6d3e6cc5f37de1dbbe18048ba96dee7f2d0c597074f13e8b851723c3c8b8ae4cc659fb34d", 0x8e) 21:15:34 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x100000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3047.601441][T21834] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3047.602939][T21832] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4040, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) setsockopt$SO_J1939_SEND_PRIO(r1, 0x6b, 0x3, &(0x7f0000000040)=0x5, 0x4) 21:15:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x127500, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) [ 3047.673960][ T37] audit: type=1326 audit(1625346934.905:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21837 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3047.702296][T21829] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r1, 0xc01064c5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1}) 21:15:35 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x800000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3047.811308][T21855] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RLERRORu(r1, &(0x7f00000000c0)={0x2d, 0x7, 0x2, {{0x20, '/dev\x14kvm\x00\xe8\xe4\xf1\xa9\xd9\xf7\x7f\x9a\x9eA\x0e\xeb\xf5\xb9k\x13_7\xc6\xc9N\x1f\x85'}, 0x9}}, 0x2d) 21:15:35 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x900000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3048.002038][T21872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:35 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:35 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101402, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) setsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f0000000280), 0x4) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) getresgid(&(0x7f0000000100), &(0x7f0000000140)=0x0, &(0x7f0000000180)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0xd) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f00000001c0)={0xa0, 0x19, 0x2, {0x2100, {0x80, 0x0, 0x7}, 0x0, 0x0, r0, 0x3, 0x1, 0x2b4, 0xce, 0x1, 0x8b, 0x5, 0x87, 0x8, 0x1, 0x400, 0x2b, 0x3ff, 0x40}}, 0xa0) 21:15:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RUNLINKAT(r1, &(0x7f0000000000)={0x7, 0x4d, 0x2}, 0x7) pipe2$9p(&(0x7f00000000c0), 0x80800) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RLOPEN(r2, &(0x7f0000000100)={0x18, 0xd, 0x2, {{0x10, 0x1, 0x6}, 0x7}}, 0x18) 21:15:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/226) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:35 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x100000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:35 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xe00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3048.548649][ T37] audit: type=1326 audit(1625346935.775:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21890 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3048.612621][T21898] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sync() ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3048.681877][T21901] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3048.713041][T21896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:36 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x220840, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) 21:15:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x218700, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:36 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000000c0)={{0x8, 0x2, 0x8, 0x8001, 'syz1\x00', 0x3}, 0x7, 0x3, 0x33ed24de, 0x0, 0x3, 0xffffff00, 'syz0\x00', &(0x7f0000000000)=['/dev/kvm\x00', '/dev/kvm\x00', '\x00'], 0x13, '\x00', [0x7, 0x7fff, 0x8000]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) getuid() 21:15:36 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x100000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3049.208539][T21937] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3049.222454][T21934] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:36 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:15:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x381000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) ioctl$FBIO_WAITFORVSYNC(r1, 0x40044620, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000100)=""/16) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22101, 0x0) 21:15:36 executing program 4: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x109802, 0x0) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000100)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, &(0x7f0000000040)=ANY=[@ANYBLOB="af"], 0x10) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000540)={0x0, 0x0, 0xe, 0x20, 0x74, &(0x7f0000000140)="67b8cf24203760c5d7eb374925417053ad62a4f2297e27aa45f7f177c7a3172b45fd0d3ac690c516c28892c02f931e59b008e69eecd6320abadace04289e5a72a43ca375c8a82cfcec4a395c18bb04d82b271b1d7d4fd93d6f02690cbddc148e88a70e68d06edd7ec153ec1c790b80d2fd8cc88c23710dceae582db0aaa42d4a1a9ee89e8d3ea429d0f89b1f1b30c2bfe6de51bf28ded3329b935b1ae8d499c99e8db2863ea0fe042284471dfa2cbd836e6d931bbdd1db4326b394789ed11d75ec961dc5508abbd7c1c769dae3e60eadb737ca6b1cfd9ae1f940c672ad0e4d962e74353d9f17a99fdf4026761a8b0738e1baf73402f6565d0250314e1137f9060213bb59225c34fa1889e0b83a4bd03866ffb38af4bf85d23dc5737dc08a7e5dd0783a4cf580cb3c904a74129c1eb5288a3eae107970f67b143653ad8d15ebd182d7d72e9ea19f553e956530f30468cf96c63c1bf126de9399b6ae971343da1446facbe11a80dd6c30ce509ff47b39a30555548ffb5d4c81135962af25b486e9d61658272d8858373c5059b13fa74b0332675205e60b7da8d663b53af65081f2f8af6a5c693812cb41c711d43ed0ef767289b8371168c4f2d14c791f884d7fbd7902d83de3e5d3ae2f10b4f9196251d2990b683c743e258811a081ef5b6794b4e1bd409f394a82899c2341a4b5efaaffe308683de122a765f4ba1ba4cc5bdff756459d6a0a2c412e16c0fbcbb2532fe06d6c70091d1137b432afec30ff50a9ae20bcd4f5384b27cda15ef8df4e1fd6bbc2cf88e0f65a303745edcbc3226290bc5c44b1d9ab9378d193abd3034282f8f8f9071d65ca247466732c772af07968d08765ea5c5351ebb67fd000d4d983978776ebecf560422a2363224517430ba67fa113901a1fc1730e0aa61a9242440d37f2bcb445fe609313120a55824f9a19ef3fd6dc1aae120869f210c0cdf5fa28ad1a14cde7ab437582cdaad4cfb0535f781d80f289a5eee78646bd68f32a081f7c49428ffcaef1b382065dc15f9d47ac6b7081aaf67b1967f580acc09d201e267b92337d697d0c7d1e1df73e2a784fb8488c958ea7dddf27c9ea3cd816d189df4e64e9615b3be67068e2ab38999dd0c81b778a31c094d8e9f97c9c8ad0160dfd60e5ea27f0f3d22d210e67d0a6ed9cb50430f80d27f7a0fa10786b63e54e2a9a71775479b4cf01f07b22c5f9e53a3c89fb0bb5603fc1ff1e8cef54e4b275c1b1ced03af0df1cd923297bf24dc15e57e16800b138e1752b7ebb6dd735e136f83331bd4f230a8b163c87445e53a8a72e15900ecaeb52e79db6d1a8773a4887b869b0b67cf2cd408ca6a120a0a7d311cf0e6fa7e6f5e76789afa6501e4ac84beaf665ce7110eee6f270fadfa86d8ea7b0f1f592a269bd850728efd3600f0107e94adfd2c3879001f8c13e5835e6b6eea1101f"}) r2 = syz_open_pts(r0, 0xc0) ioctl$KDMKTONE(r2, 0x4b30, 0x5) r3 = getegid() r4 = getegid() setregid(r3, r4) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) 21:15:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3049.452660][T21950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x656ec0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3049.510292][ T37] audit: type=1326 audit(1625346936.745:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21949 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3049.858602][T21960] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3051.071356][T28691] device hsr_slave_0 left promiscuous mode [ 3051.078185][T28691] device hsr_slave_1 left promiscuous mode [ 3051.094304][T28691] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3051.113241][T28691] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3051.134011][T28691] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 3051.162194][T28691] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3051.173385][T28691] device bridge_slave_1 left promiscuous mode [ 3051.190666][T28691] bridge0: port 2(bridge_slave_1) entered disabled state [ 3051.205447][T28691] device bridge_slave_0 left promiscuous mode [ 3051.269884][T28691] bridge0: port 1(bridge_slave_0) entered disabled state [ 3051.293789][T28691] device veth1_macvtap left promiscuous mode [ 3051.323615][T28691] device veth0_macvtap left promiscuous mode [ 3051.346998][T28691] device veth1_vlan left promiscuous mode [ 3051.355583][T28691] device veth0_vlan left promiscuous mode [ 3054.059506][T26679] Bluetooth: hci4: command 0x0409 tx timeout [ 3056.139512][T16250] Bluetooth: hci4: command 0x041b tx timeout [ 3057.257324][T28691] team0 (unregistering): Port device team_slave_1 removed [ 3057.298626][T28691] team0 (unregistering): Port device team_slave_0 removed [ 3057.318212][T28691] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3057.344197][T28691] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3057.529412][T28691] bond0 (unregistering): Released all slaves [ 3057.813132][T21990] chnl_net:caif_netlink_parms(): no params data found [ 3058.008452][T21990] bridge0: port 1(bridge_slave_0) entered blocking state [ 3058.063133][T21990] bridge0: port 1(bridge_slave_0) entered disabled state [ 3058.072043][T21990] device bridge_slave_0 entered promiscuous mode [ 3058.081556][T21990] bridge0: port 2(bridge_slave_1) entered blocking state [ 3058.088666][T21990] bridge0: port 2(bridge_slave_1) entered disabled state [ 3058.102600][T21990] device bridge_slave_1 entered promiscuous mode [ 3058.126091][T21990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3058.138217][T21990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3058.220799][T21990] team0: Port device team_slave_0 added [ 3058.230058][T23946] Bluetooth: hci4: command 0x040f tx timeout [ 3058.258568][T21990] team0: Port device team_slave_1 added [ 3058.297998][T21990] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3058.319856][T21990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3058.382188][T21990] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3058.413396][T21990] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3058.448236][T21990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3058.545257][T21990] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3058.688666][T21990] device hsr_slave_0 entered promiscuous mode [ 3058.746036][T21990] device hsr_slave_1 entered promiscuous mode [ 3058.784480][T21990] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 3058.867726][T21990] Cannot create hsr debugfs directory [ 3059.472602][T21990] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3059.508983][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 3059.541944][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 3059.587331][T21990] 8021q: adding VLAN 0 to HW filter on device team0 [ 3059.621284][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 3059.654243][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 3059.695903][T23946] bridge0: port 1(bridge_slave_0) entered blocking state [ 3059.703021][T23946] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3059.745747][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 3059.761849][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 3059.780174][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 3059.798677][T16250] bridge0: port 2(bridge_slave_1) entered blocking state [ 3059.805868][T16250] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3059.835322][T16250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 3059.867716][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 3059.884048][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 3059.902873][T23946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 3059.938445][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 3059.953997][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 3059.973489][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 3059.987642][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 3059.998280][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 3060.011268][T21990] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 3060.031718][T21990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 3060.044014][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 3060.066151][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 3060.111398][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 3060.137982][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 3060.173435][T21990] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3060.221278][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 3060.243922][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 3060.299936][T25344] Bluetooth: hci4: command 0x0419 tx timeout [ 3060.309973][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 3060.319385][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 3060.335734][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 3060.351286][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 3060.377748][T21990] device veth0_vlan entered promiscuous mode [ 3060.439442][T21990] device veth1_vlan entered promiscuous mode [ 3060.522638][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 3060.558627][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 3060.569215][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 3060.622193][T12029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 3060.635363][T21990] device veth0_macvtap entered promiscuous mode [ 3060.654547][T21990] device veth1_macvtap entered promiscuous mode [ 3060.694798][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3060.731321][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3060.752149][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3060.774158][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3060.801227][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3060.819778][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3060.838160][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3060.848925][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3060.883870][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3060.899891][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3060.920361][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3060.940895][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3060.971969][T21990] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3060.987193][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 3061.014424][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 3061.046130][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 3061.056282][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 3061.068929][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3061.134445][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3061.157644][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3061.179755][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3061.205296][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3061.244195][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3061.286899][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3061.300399][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3061.330457][T21990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3061.353843][T21990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3061.365180][T21990] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3061.389574][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 3061.401469][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 3061.596074][T19746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3061.626230][T19746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3061.639330][ T472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3061.664220][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 3061.677348][ T472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3061.720303][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 21:15:49 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sync() ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0) ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000000)=0x10004000) 21:15:49 executing program 5: socket$inet_sctp(0x2, 0x1, 0x84) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000000)=""/33) 21:15:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f00000000c0)={0x1, 0x8, 0x7}) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000100)=""/207) getegid() r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 21:15:49 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 3061.847100][T22221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3061.937424][T22232] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3061.996540][ T37] audit: type=1326 audit(1625346949.225:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22228 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RAUTH(r1, &(0x7f0000000040)={0x14, 0x67, 0x1, {0x8, 0x0, 0x5}}, 0x14) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000000c0)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:49 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1100000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x10c00, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x29c1, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x20400, 0x0) ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f00000000c0)) mmap$fb(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x300000c, 0x810, 0xffffffffffffffff, 0xf6000) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000200)={{{@in6=@loopback, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}}}, &(0x7f0000000300)=0xe8) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000340)={0x1d, r2, 0x1, {0x1, 0xfe, 0x2}, 0xff}, 0x18) [ 3062.158168][T22258] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@broadcast, @in6=@empty}}, {{@in6}, 0x0, @in=@loopback}}, &(0x7f0000000040)=0xe8) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) 21:15:49 executing program 2: ioctl$FBIOPUTCMAP(0xffffffffffffffff, 0x4605, &(0x7f0000000140)={0x3a03, 0x1, &(0x7f0000000000)=[0x1ff], &(0x7f0000000040)=[0x89, 0x20, 0x6, 0x6, 0xffff, 0x7, 0x7, 0x80], &(0x7f00000000c0)=[0x7, 0x76b], &(0x7f0000000100)=[0xd05, 0x1]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/131) 21:15:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sync() ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:49 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1200000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0xfffffff9, 0x1, 0xb8, 0x0, 0x14, "8c3c938aee4b590677fd2ac4003a65e6692b34"}) ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, 0x0) 21:15:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLCREATE(r1, &(0x7f0000000000)={0x18, 0xf, 0x1, {{0x0, 0x2, 0x4}, 0x8}}, 0x18) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) mmap$fb(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8, 0x11, 0xffffffffffffffff, 0x26000) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) [ 3062.411628][T22283] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:50 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200, 0x3, 0x7}) 21:15:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:50 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1400000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0xfffffff9, 0x1, 0xb8, 0x0, 0x14, "8c3c938aee4b590677fd2ac4003a65e6692b34"}) ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, 0x0) 21:15:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc801, 0x0) r1 = getuid() ioprio_get$uid(0x0, r1) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) write$P9_RSETATTR(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x1b, 0x1}, 0x7) [ 3062.831000][T22324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2a01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6_sctp(0xa, 0x1, 0x84) 21:15:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)) 21:15:50 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1500000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3062.894879][ T37] audit: type=1326 audit(1625346950.125:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22322 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_ROPEN(r1, &(0x7f0000000040)={0x18, 0x71, 0x2, {{0x0, 0x2, 0x3}, 0x7}}, 0x18) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@broadcast, @in6=@empty}}, {{@in6}, 0x0, @in=@loopback}}, &(0x7f0000000040)=0xe8) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) [ 3062.983693][T22334] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) clock_getres(0x0, &(0x7f0000000000)) 21:15:50 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200, 0x3, 0x7}) 21:15:50 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1600000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0) ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000000)=0x10004000) 21:15:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLERROR(r1, &(0x7f0000000000)={0xd, 0x7, 0x2, {0x4, '@^:&'}}, 0xd) 21:15:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) ioctl$KDMKTONE(r1, 0x4b30, 0x5) 21:15:50 executing program 5: ioctl$SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f00000000c0)=""/85) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28b00, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000140)={0x7fffffff, 0x80, 0x57f, 0xfffffe01, '\x00', '\x00', '\x00', 0x4, 0x2, 0xc0a3, 0x16c, "7e2653e9837fa35fea214c463197463d"}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3063.740667][T22379] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000000)={0x3, 0x6, 0x824, 0x4a, '\x00', 0x8}) [ 3063.783611][ T37] audit: type=1326 audit(1625346951.015:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22378 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1700000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:51 executing program 5: init_module(&(0x7f0000000040)='/dev/kvm\x00', 0x9, &(0x7f0000000180)='/dev/kvm\x00') pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RCLUNK(r0, 0xfffffffffffffffe, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x541b, 0x0) waitid(0x1, 0xffffffffffffffff, 0x0, 0x2, &(0x7f00000000c0)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x44000, 0x0) 21:15:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/97) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2122c2, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3063.937856][T22405] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:51 executing program 2: ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1230c0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) ioctl$KDMKTONE(r1, 0x4b30, 0x5) 21:15:51 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200, 0x3, 0x7}) 21:15:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1800000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:51 executing program 5: write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000080)={0xa0, 0x19, 0x1, {0x0, {0x80, 0x2, 0x3}, 0x82, 0x0, 0xffffffffffffffff, 0xff, 0x8, 0x800, 0x5, 0x0, 0x3, 0x4, 0x7, 0x3f, 0x3f, 0x8001, 0x6, 0x7, 0x7fff, 0x7}}, 0xa0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x28040, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4a, &(0x7f0000000240)=""/4096) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000140)=""/200) 21:15:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = fork() getpriority(0x0, r1) getpriority(0x2, r1) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$RTC_UIE_OFF(r2, 0x7004) 21:15:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x40402, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) ioctl$KDMKTONE(r1, 0x4b30, 0x5) [ 3064.664353][T22440] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3064.729123][ T37] audit: type=1326 audit(1625346951.955:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22445 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:52 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8ae83, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x220280, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400800, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:52 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1900000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) ioctl$KDMKTONE(r1, 0x4b30, 0x5) 21:15:52 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8100, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLERRORu(r0, &(0x7f0000000140)={0x1b, 0x7, 0x1, {{0xe, '^$[/(}]]-+$#.@'}, 0x4}}, 0x1b) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0x10, 0x0) [ 3064.883599][T22468] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc0040, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) r1 = socket$bt_cmtp(0x1f, 0x3, 0x5) r2 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r2, &(0x7f0000000180), 0x18) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000040)={r2, 0x4}) r3 = fork() wait4(r3, &(0x7f0000000000), 0x2, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:52 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x200, 0x3, 0x7}) 21:15:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in6=@ipv4={""/10, ""/2, @initdev}, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in=@empty}}, &(0x7f0000000000)=0xe8) ioprio_set$uid(0x0, r1, 0x2000) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4a, &(0x7f00000001c0)=""/130) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$VT_SETMODE(r2, 0x5602, &(0x7f0000000040)={0x80, 0x20, 0x1, 0x2, 0xff}) 21:15:52 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1a00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000000)) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000002c0)={{{@in6=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private0}, 0x0, @in=@remote}}, &(0x7f00000000c0)=0xe8) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0) ioctl$TIOCGSOFTCAR(r3, 0x5419, &(0x7f0000000100)) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, r2, 0x3, {0x0, 0x0, 0x1}, 0xff}, 0x18) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x48200, 0x0) write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000001c0)={0xf, 0x7, 0x2, {{0x2, '&\x1e'}, 0x5}}, 0xf) ioctl$TIOCGSOFTCAR(r4, 0x5419, &(0x7f0000000180)) [ 3065.578706][T22508] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:53 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x21c101, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000100)=""/44) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) 21:15:53 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1b00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x4) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x8000, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$TIOCGPTPEER(r2, 0x5441, 0x2be5) ioctl$TIOCCONS(r1, 0x541d) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000000)) [ 3065.809324][ T37] audit: type=1326 audit(1625346953.035:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22516 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3065.846630][T22520] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$FBIOGETCMAP(0xffffffffffffffff, 0x4604, &(0x7f0000000200)={0x7, 0x6, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x140000, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RLCREATE(r1, &(0x7f00000002c0)={0x18, 0xf, 0x1, {{0x40, 0x2, 0x1}, 0xf5}}, 0x18) write$P9_RATTACH(r2, &(0x7f0000000280)={0x14, 0x69, 0x2, {0x4, 0x3, 0x4}}, 0x14) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RSETATTR(r1, &(0x7f0000000040)={0x7, 0x1b, 0x2}, 0x7) 21:15:53 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x200, 0x3, 0x7}) 21:15:53 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1c00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDDISABIO(r1, 0x4b37) 21:15:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) 21:15:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x193b41, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3066.677972][T22582] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$RTC_PLL_GET(r1, 0x80207011, &(0x7f00000000c0)) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000000)={0x0, 0x800, 0x9, 0x3ff, 0x13, "bda64a77b5ad5a8f4ca93650c109a3a69275ad"}) 21:15:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) 21:15:54 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1d00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x47, 0x2}, 0x7) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3066.950104][ T37] audit: type=1326 audit(1625346954.175:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22596 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3067.030316][T22606] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:54 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1e00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3067.214130][T22633] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:55 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x200, 0x3, 0x7}) 21:15:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) socket(0x8, 0x2, 0x7) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = socket(0xa, 0x2, 0x0) setsockopt$SO_J1939_SEND_PRIO(r1, 0x6b, 0x3, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) 21:15:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) 21:15:55 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1f00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3067.828089][T22649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3067.935482][T22669] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) [ 3067.992850][ T37] audit: type=1326 audit(1625346955.225:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22661 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) ioctl$FBIOBLANK(r1, 0x4611, 0x4) r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x200080, 0x0) ioctl$FBIOBLANK(r2, 0x4611, 0x1) 21:15:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) 21:15:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x60c500, 0x0) ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000100)={0xffffffff, 0x20, 0x8, 0x5, 0x11, "c1b62f08d742b0f0270c99c0220f29c45f3220"}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1f, 0x101000) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000000040)={0x200, 0x28, [0x2, 0x5, 0xb563, 0x4, 0x4, 0x1, 0x200000, 0x2, 0x401, 0x6]}) 21:15:55 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2000000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) [ 3068.184047][T22689] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:56 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x0, 0x3, 0x7}) 21:15:56 executing program 4: ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/132) 21:15:56 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2100000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) 21:15:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3068.854286][T22722] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:56 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2200000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3069.066732][ T37] audit: type=1326 audit(1625346956.295:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22730 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:56 executing program 4: personality(0x400000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(0xffffffffffffffff, 0x400443c9, &(0x7f0000000040)={@any, 0x3f}) 21:15:56 executing program 2: ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc02864ca, &(0x7f0000000100)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0], 0x2, 0x3, 0x6, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000140)={r0, 0x0, 0x0, r1, 0x6}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000180)=""/216) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) [ 3069.131554][T22747] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:56 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2300000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3069.262008][T22763] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:57 executing program 2: arch_prctl$ARCH_GET_CPUID(0x1011) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sched_getparam(0x0, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:15:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:57 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2400000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:57 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x0, 0x3, 0x7}) [ 3070.003890][T22792] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:57 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:15:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:57 executing program 4: syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000000)=""/58) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80c0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3070.224364][ T37] audit: type=1326 audit(1625346957.455:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22805 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:57 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x2, 0x40) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f00000000c0)=0x39580000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000040)={0xffffffff, 0x4, [0xaa2]}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) setsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f0000000100), 0x4) 21:15:57 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2500000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3070.332985][T22818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:57 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2600000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x88002, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/133) setsockopt$SO_J1939_SEND_PRIO(0xffffffffffffffff, 0x6b, 0x3, &(0x7f0000000000)=0x7, 0x4) socketpair(0x28, 0xa, 0x9, &(0x7f0000000040)) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(0xffffffffffffffff, 0xc01064c5, &(0x7f00000001c0)={&(0x7f0000000180)}) 21:15:57 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) [ 3070.418171][T22837] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:57 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREAD(r0, &(0x7f00000000c0)={0xaa, 0x75, 0xfffd, {0x9f, "046243924057db659fbb384054228e8b9a3579e73e76a1cc626785f6c3428bdf10057365eed58a550fd19ab65c4d8dd31a86c25170536f7c90eb1127f2dbf25d796a1bb5a25b901101b1c14c2a863300b5d260b81754fb55697fc04671ba4e7c2ee220f3e8bae0674177ce38f9b1c21bff21ae29f2711fb59ab833abd7b261215c5b8710cb6305f2e3c4cbdc7b8223a11986e5e15cbd20f0127bf5ce580bbf"}}, 0xaa) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) 21:15:57 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:57 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2700000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3070.573204][T22854] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:58 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x4) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYRES64, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32, @ANYBLOB="1dcabf2b550a93d165225ada0f34a9125583680fe4fc56df77fd058816cd4e344d7060c42c651a95e4ec19fa9bbc6c11e61ff919162a612356319c7a0f6c555f5f7f8ce9ccb0db053e982b219d83aa2baccd1d2fe20153b2a8cbf747737827762c70a1bdd041e2f5aeec3c212108742a31421a6be0cef76be7a07a5bddf103946f31e3bd99e5976c48a9b2d40562d59bc73d13518568faf15a814bf8cd1f129072af19cae9d0e615e06137f776004eb4e48ea95d13ac250d3c9b8deca0ffb19ec4572dcc1e44e4184386ae30d1cc263c3ae4b9aec9b900db3da1a912e71ac6824b636dd834213db565d92f8821f5e93ff67458e22dab13f26a", @ANYRES32, @ANYRES64=r1, @ANYRESOCT=r2], 0xd) 21:15:58 executing program 0: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:15:58 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2800000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:58 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x0, 0x3, 0x7}) 21:15:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000100)={0x7, 0x4d, 0x1}, 0x7) write$P9_RLOPEN(0xffffffffffffffff, &(0x7f0000000340)={0x18, 0xd, 0x2, {{0x2, 0x1, 0x8}}}, 0x18) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000000)={0x0}) r4 = syz_open_dev$dri(&(0x7f0000000140), 0x20, 0x220003) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r4, 0xc00864c0, &(0x7f0000000380)={r3}) r6 = syz_open_dev$dri(&(0x7f00000002c0), 0x6, 0x20040) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r6, 0xc01864cd, &(0x7f0000000440)={&(0x7f00000003c0), &(0x7f0000000400)=[r2]}) ioctl$KDGKBDIACR(r5, 0x4b4a, 0x0) ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000200)={0x0, 0x0, 0xf, 0x12, 0x194, &(0x7f00000004c0)="4aacc15ee3617b915798b55b47ac2f48937ffc43183c2c5a4e1b482647dabd16f1e8a7d8ea4217b3aa5c2b4cb2ebd46cd2d14ed764379f286733ddd896baa4c93edd02b9cb8e5786c4c841366317b495a4fa7317f7e6e49cc4525e9989671010eed757da072ce3309d393d6c3a04e2ab0159c6f34c2bab1e9088e086b6d3cbcaeb11aefbb60a855145692be1ddfc9d16848d3d96b9445f5fe9efd62e24c5d27c3afe33544f6fcef8ed51829ffefd09cb4a116917089a91d049e19a22af078a859cf23081ecad931b94c524403cd89f821256ad41056e0a2738744bbdda17b75c3cbb2386146680c080fce9636307c0c755084e2b6416d2741b28ddcf96cd6f73b31920399e3cd74e046f56157555efd7b4147c025cf3a379d3046c3a24256419e94b70b7fac53012570feac76c50b9ee53670bb2985f6dc3fc61dbb9faafc28a80155f6d799867f04bce0315bc12a1bacd0ffab92196a630affec86e473d7e6f57821697bee352d1edafb73dcb6973fa64bf22e30cb3833b138ced4c08f6562d3725f89daa93e9b8afb632390db2fdf989e6c77ef8e7f470ac6144e73b9becaf356106c19539270705ee59d8692119157049309395f1c63ca8e1cf4a26fa1ed218f79b6f840513b3d9b8263899a32b60416c4d8fadd1d8a57e73e06275e4fd4ded1df1044e38927579385bd3486c5250de988f24e22bceed068885d0b7f0448787609a3c6145259e6a8c017d7e42e3216d4ead56bcda8ec96fd4119e6a482a2ab4949c3d19253fa4d89ae93fabac3809df5dcac19aa390f741df6127120ad1e76eff36bb86babc6680b4178b92041f5ec48e743bbe60f86465497579b0f8ddeb668f6ede1a9d27fdc964590f1a768511ee53c52fd4ea3ea0ed35d6fe18897f64e30b980c2524662e983fd89f38dc6229fe86fd5dd44abb51eb8d8fc8f3b17b3cd68b9f920d506eb938ed98a8ffef3191a9a979fda77ad5ec5a6388e23f793108ecc82438c078226375e54e0a4f09a6202cdfebe89b2f23a43cba3edd0b646d1672ef67049933221e0eaa54bd5f12fb82db2ab4aa48ad977c6550667f991ae98c4f12eddf94b023bb3e892884cdc0bb8e98f178a3d7f2156e7f05afb18409c87f149ed09a0450f6238e93154e760acb3d8162d6a2ab244c77182457c356630974c402e4df281b6411f32b43c52ed3d127f0bd2b9bd1582ed78e5d84ae590178d278e4c8127795aefcd4bc5febcea0cf9100e291cad1bd16fa01359e7e357f8f6e5c5f0bc0f405fd95b0d7fc434fd177d3cceebe306c93e7639073f9d34ffb67e33e5df376f53c3a0720efa24cdb956b494cd144c029b4811db8005ce0e67d5f8813c04137e1fa4bc29c11a1534cb37496c80fab30ec44b436ef62325600a636dd46247c957b84e8d35b6ef44c8f095ef6fc396e60eb8ea3cf7f539190584cc231"}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(r1, 0xc01064c2, &(0x7f0000000180)={r3, 0x0, 0xffffffffffffffff}) ioctl$TIOCGPTPEER(r5, 0x5441, 0xc33) r9 = syz_open_dev$dri(&(0x7f0000000280), 0x100, 0x80001) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r9, 0xc01064c1, &(0x7f00000001c0)={r7, 0x0, r8}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(0xffffffffffffffff, 0xc01064c5, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, r10, r3, r3], 0x8}) [ 3071.062676][T22871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:58 executing program 5: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x109702, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000040)={{{@in6=@mcast2, @in=@multicast2}}, {{@in6=@initdev}, 0x0, @in=@multicast1}}, &(0x7f0000000140)=0xe8) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3071.143044][ T37] audit: type=1326 audit(1625346958.375:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22875 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:15:58 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x2900000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3071.257526][T22900] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f00000000c0)={0x37ec, 0x30, 0x190, 0x384, 0x7, 0x1f, 0x6, 0x0, {0x1, 0xe835}, {0x7, 0xff}, {0x80000000, 0x1, 0x1}, {0x8, 0x831, 0x1}, 0x1, 0x0, 0xffffffff, 0x57, 0x1, 0xd9e7, 0x2, 0x40000100, 0xfffff000, 0x8, 0xf7617acb, 0x3, 0x5, 0x200, 0x3, 0x8}) 21:15:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:58 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3f00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:58 executing program 4: prctl$PR_CAPBSET_DROP(0x18, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000340)={0x0, 0xc, [0x14d682d8, 0x6, 0x7fff]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000000180), &(0x7f00000001c0)=0x10, 0x800) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000240)={'nat\x00', 0x0, 0x0, 0x0, [0x7, 0x101, 0x1aef, 0x3, 0xb59, 0x5], 0x5, &(0x7f0000000380)=[{}, {}, {}, {}, {}, {}, {}], 0x0, [{}, {}, {}, {}, {}]}, 0xc8) ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x6c401, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0x10, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RGETLOCK(r3, &(0x7f0000000140)={0x28, 0x37, 0x2, {0x2, 0x3, 0x0, 0x0, 0xa, '?\'|$*\\(\'{@'}}, 0x28) r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x20a02, 0x0) ioctl$TIOCMBIC(r4, 0x5417, &(0x7f0000000040)=0xfea) 21:15:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3071.394307][T22913] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:59 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200, 0x0, 0x7}) 21:15:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:15:59 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4000000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:15:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f00000000c0)={0x37ec, 0x30, 0x190, 0x384, 0x7, 0x1f, 0x6, 0x0, {0x1, 0xe835}, {0x7, 0xff}, {0x80000000, 0x1, 0x1}, {0x8, 0x831, 0x1}, 0x1, 0x0, 0xffffffff, 0x57, 0x1, 0xd9e7, 0x2, 0x40000100, 0xfffff000, 0x8, 0xf7617acb, 0x3, 0x5, 0x200, 0x3, 0x8}) 21:15:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x268240, 0x0) ioctl$RTC_WKALM_SET(r1, 0x4028700f, &(0x7f0000000040)={0x0, 0x1, {0x2c, 0x1f, 0x17, 0x13, 0x3, 0x0, 0x2, 0xa3, 0x1}}) 21:15:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3071.966525][T22945] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:59 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:15:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f00000000c0)={0x37ec, 0x30, 0x190, 0x384, 0x7, 0x1f, 0x6, 0x0, {0x1, 0xe835}, {0x7, 0xff}, {0x80000000, 0x1, 0x1}, {0x8, 0x831, 0x1}, 0x1, 0x0, 0xffffffff, 0x57, 0x1, 0xd9e7, 0x2, 0x40000100, 0xfffff000, 0x8, 0xf7617acb, 0x3, 0x5, 0x200, 0x3, 0x8}) 21:15:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, &(0x7f00000000c0)={0xd98e, 0x4, 0xbf92e59c, 0x8001, '\x00', '\x00', '\x00', 0xdc, 0x9, 0x3, 0x1, "d251e42da5876cce72ca1c3c94005590"}) 21:15:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:15:59 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4800000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3072.074984][ T37] audit: type=1326 audit(1625346959.305:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=22951 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3072.138680][T22959] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:15:59 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x8, 0xa500) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f00000000c0)=0x10000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x3, 0x422382) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000000140)={0x8000, 0x18, [0x3, 0xfffffa24, 0x0, 0x4, 0x7fff, 0x2]}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x10, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x64181, 0x0) 21:16:00 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200}) 21:16:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:00 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4c00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:00 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:16:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000000)={0x0, 0x0, r0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000000c0)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_RESET(0xffffffffffffffff, 0xc01064c4, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, r1, 0x0, r2, r3], 0x5}) [ 3072.929879][T23001] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:00 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) 21:16:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3073.005913][ T37] audit: type=1326 audit(1625346960.235:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23009 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:00 executing program 4: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x10, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xbf7b98fd7560ef81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x47, 0x2}, 0x7) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000100)=""/205) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000200)={{{@in=@private, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@remote}}, &(0x7f0000000300)=0xe8) r3 = getgid() write$P9_RGETATTR(r1, &(0x7f0000000340)={0xa0, 0x19, 0x2, {0x301, {0x8, 0x2}, 0x4, r2, r3, 0x20, 0xe2, 0x5db58237, 0xcab0, 0xfff, 0x3, 0x3, 0xffff, 0x200, 0x0, 0x9, 0x3, 0x4, 0x1, 0x1}}, 0xa0) 21:16:00 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6000000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3073.135650][T23032] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x82, 0x0) ioctl$VT_RELDISP(r1, 0x5605) 21:16:01 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200}) 21:16:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:01 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4800000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:01 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x0, 0x3, 0x7}) 21:16:01 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6800000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:01 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x1f, 0xffff5052, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_WKALM_SET(r1, 0x4028700f, &(0x7f0000000280)={0x0, 0x1, {0x29, 0x39, 0x1, 0x9, 0xb, 0x8001, 0x2, 0xf6}}) r2 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x101, 0x8000) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000240)=0x3ff) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000000)=""/114) r3 = syz_open_dev$sndctrl(&(0x7f00000002c0), 0x800, 0x280000) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r3, 0x40045542, &(0x7f0000000300)=0x4) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0x10, 0x0) [ 3073.924874][ T37] audit: type=1326 audit(1625346961.155:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23057 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3074.029478][T23074] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3074.100563][T23079] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000100)={0x20, 0x37, 0x0, {0x1, 0x0, 0xb2c, 0x0, 0x2, '^('}}, 0x20) r1 = fork() rt_sigqueueinfo(r1, 0x22, &(0x7f0000000140)={0x10, 0x5, 0xfffffff8}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r2 = fork() getpriority(0x0, r2) rt_sigqueueinfo(r2, 0x20, &(0x7f0000000000)={0x15, 0x80000001}) [ 3074.144301][ T37] audit: type=1326 audit(1625346961.275:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23067 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3074.173540][T23073] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:01 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4800000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3074.613442][T23118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3074.635488][T23116] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:02 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200}) 21:16:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3074.976171][ T37] audit: type=1326 audit(1625346962.205:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23131 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3076.730017][T28691] device hsr_slave_0 left promiscuous mode [ 3076.771121][T28691] device hsr_slave_1 left promiscuous mode [ 3076.790614][T28691] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3076.798059][T28691] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3076.836105][T28691] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 3076.919897][T28691] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3076.932058][T28691] device bridge_slave_1 left promiscuous mode [ 3076.952775][T28691] bridge0: port 2(bridge_slave_1) entered disabled state [ 3076.971987][T28691] device bridge_slave_0 left promiscuous mode [ 3077.004426][T28691] bridge0: port 1(bridge_slave_0) entered disabled state [ 3077.046985][T28691] device veth1_macvtap left promiscuous mode [ 3077.070894][T28691] device veth0_macvtap left promiscuous mode [ 3077.076958][T28691] device veth1_vlan left promiscuous mode [ 3077.096931][T28691] device veth0_vlan left promiscuous mode [ 3079.659523][T25344] Bluetooth: hci4: command 0x0409 tx timeout [ 3081.500569][ T3277] ieee802154 phy0 wpan0: encryption failed: -22 [ 3081.506898][ T3277] ieee802154 phy1 wpan1: encryption failed: -22 [ 3081.739534][ T9772] Bluetooth: hci4: command 0x041b tx timeout [ 3083.264163][T28691] team0 (unregistering): Port device team_slave_1 removed [ 3083.296165][T28691] team0 (unregistering): Port device team_slave_0 removed [ 3083.327067][T28691] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3083.405748][T28691] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3083.636720][T28691] bond0 (unregistering): Released all slaves [ 3083.829539][ T9772] Bluetooth: hci4: command 0x040f tx timeout [ 3084.025151][T23168] chnl_net:caif_netlink_parms(): no params data found [ 3084.249179][T23168] bridge0: port 1(bridge_slave_0) entered blocking state [ 3084.312886][T23168] bridge0: port 1(bridge_slave_0) entered disabled state [ 3084.323744][T23168] device bridge_slave_0 entered promiscuous mode [ 3084.361357][T23168] bridge0: port 2(bridge_slave_1) entered blocking state [ 3084.389564][T23168] bridge0: port 2(bridge_slave_1) entered disabled state [ 3084.410983][T23168] device bridge_slave_1 entered promiscuous mode [ 3084.466712][T23168] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3084.528888][T23168] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3084.598823][T23168] team0: Port device team_slave_0 added [ 3084.631810][T23168] team0: Port device team_slave_1 added [ 3084.685637][T23168] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3084.765756][T23168] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3084.877555][T23168] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3084.932868][T23168] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3084.949644][T23168] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3085.063555][T23168] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3085.216925][T23168] device hsr_slave_0 entered promiscuous mode [ 3085.273481][T23168] device hsr_slave_1 entered promiscuous mode [ 3085.313234][T23168] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 3085.338094][T23168] Cannot create hsr debugfs directory [ 3085.846850][T23168] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3085.902789][ T9772] Bluetooth: hci4: command 0x0419 tx timeout [ 3085.953683][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 3085.973088][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 3085.988011][T23168] 8021q: adding VLAN 0 to HW filter on device team0 [ 3086.009395][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 3086.025274][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 3086.054844][ T9772] bridge0: port 1(bridge_slave_0) entered blocking state [ 3086.062151][ T9772] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3086.089352][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 3086.112178][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 3086.122110][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 3086.165690][T25344] bridge0: port 2(bridge_slave_1) entered blocking state [ 3086.173250][T25344] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3086.194018][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 3086.241163][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 3086.258146][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 3086.284588][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 3086.295617][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 3086.307669][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 3086.355313][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 3086.365039][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 3086.374708][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 3086.396242][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 3086.405586][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 3086.423432][T23168] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 3086.490091][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 3086.497786][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 3086.535653][T23168] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3086.580450][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 3086.598893][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 3086.635073][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 3086.656408][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 3086.692114][T23168] device veth0_vlan entered promiscuous mode [ 3086.720351][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 3086.738371][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 3086.772579][T23168] device veth1_vlan entered promiscuous mode [ 3086.892977][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 3086.911947][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 3086.924888][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 3086.972377][ T9772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 3086.998021][T23168] device veth0_macvtap entered promiscuous mode [ 3087.025273][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 3087.040524][T23168] device veth1_macvtap entered promiscuous mode [ 3087.066898][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3087.081899][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.106415][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3087.117870][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.147212][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3087.161171][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.179923][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3087.200188][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.215983][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3087.235343][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.248139][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3087.268412][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.284733][T23168] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3087.305380][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 3087.322124][T22201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 3087.335750][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3087.347738][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.365688][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3087.377202][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.391697][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3087.408429][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.424175][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3087.448113][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.464500][T23168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3087.484060][T23168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3087.506106][T23168] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3087.523380][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 3087.547807][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 3087.619113][T10920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3087.631350][T10920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3087.653494][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 3087.679088][T10920] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3087.691783][T10920] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3087.719713][T25344] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 21:16:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6c00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:15 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x4800000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:15 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200}) 21:16:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) [ 3087.800113][T23412] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3087.905134][T23421] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3087.942152][T23425] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3087.958780][ T37] audit: type=1326 audit(1625346975.185:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23413 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3087.996577][T23432] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3087.996577][T23435] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:16:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7400000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3088.227558][T23451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7a00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000000c0)=""/4096) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:15 executing program 5: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6c00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:15 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200}) [ 3088.391534][T23466] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3088.392684][T23464] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3088.447065][T23471] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3088.475530][ T37] audit: type=1326 audit(1625346975.705:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23470 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:15 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x8000000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:15 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7a00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3088.786077][T23484] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3088.807981][T23486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:16 executing program 5: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6c00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x8c3d000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3088.851756][T23481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:16 executing program 2: ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc02864ca, &(0x7f0000000100)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0], 0x2, 0x3, 0x6, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000140)={r0, 0x0, 0x0, r1, 0x6}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000180)=""/216) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) 21:16:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x9effffff00000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3088.931538][T23500] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3088.998767][T23502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3089.013218][T23506] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3089.034644][T23501] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xc000000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 3089.185282][T23518] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:16 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x10, 0x200}) 21:16:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 21:16:16 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7a00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xf0ffffff00000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:16 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) [ 3089.342777][T23528] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3089.343087][T23530] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:16 executing program 5: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x6c00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3089.407671][T23538] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3089.422324][ T37] audit: type=1326 audit(1625346976.655:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23531 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 21:16:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfcfdffff00000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:16 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x200, 0x3, 0x7}) [ 3089.481923][T23545] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3089.549510][T23540] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3089.563870][T23550] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) [ 3089.607570][ T37] audit: type=1326 audit(1625346976.835:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23553 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:16 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfcffffff00000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3089.727586][T23567] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:17 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x200, 0x3, 0x7}) 21:16:17 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfeffffff00000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:17 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x7a00000000000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) [ 3090.265478][T23591] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3090.292442][T23600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:17 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3090.312533][ T37] audit: type=1326 audit(1625346977.545:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23589 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:17 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xffffffff00000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3090.364563][T23587] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/4096) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x24) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0) 21:16:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2a01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6_sctp(0xa, 0x1, 0x84) [ 3090.427607][T23611] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:17 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0xfffffffffffff000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:17 executing program 3: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:17 executing program 3: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3090.598196][T23624] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3090.922813][T23624] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RUNLINKAT(r1, &(0x7f0000000000)={0x7, 0x4d, 0x2}, 0x7) pipe2$9p(&(0x7f00000000c0), 0x80800) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RLOPEN(r2, &(0x7f0000000100)={0x18, 0xd, 0x2, {{0x10, 0x1, 0x6}, 0x7}}, 0x18) 21:16:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0) ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000000)=0x10004000) 21:16:18 executing program 3: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:18 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x0, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:18 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101402, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) setsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f0000000280), 0x4) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) getresgid(&(0x7f0000000100), &(0x7f0000000140)=0x0, &(0x7f0000000180)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0xd) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f00000001c0)={0xa0, 0x19, 0x2, {0x2100, {0x80, 0x0, 0x7}, 0x0, 0x0, r0, 0x3, 0x1, 0x2b4, 0xce, 0x1, 0x8b, 0x5, 0x87, 0x8, 0x1, 0x400, 0x2b, 0x3ff, 0x40}}, 0xa0) 21:16:18 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) wait4(0x0, &(0x7f0000000040), 0x2, &(0x7f0000000080)) syz_80211_inject_frame(&(0x7f0000000140)=@device_b, &(0x7f0000000180)=@data_frame={@qos_no_ht={{@type00={{0x0, 0x2, 0xc, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x9}, @device_b, @broadcast, @from_mac=@device_b, {0x6, 0x8}}, {0x2, 0x1}}, {@type10={{0x0, 0x2, 0xb, 0x1, 0x0, 0x1}, {0x15}, @random="9508a0eb2c95", @device_a, @initial, {0x4, 0x1}}, {0x8, 0x1, 0x1, 0x1, 0x9}}}, @a_msdu=[{@device_b, @device_a, 0xbe, "e905f7020e69e4513da9d390aef48fafd82fe6f7ae4628a1c6f3c616f5e6435e585374d023163b05b73c41393e2650b3320911ef843c0c0759e5c6abceac9a6b4248ab4d128114c821846c54d092d46cb5e7715ec57ad789367e46630ffe9c2a9400f3d7595a75578daf23154d489271df3742992252fccd198a7194ab64315734a74b306664e9bab09eef7843de4f21641f46f879b729b0eb186ec5fd08c323f2aa695f087eab5a1858bd1905e681ac631a571fa4da53a1181c07db9064"}]}, 0x100) 21:16:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r1, 0xc01064c5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1}) 21:16:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3091.205696][T23656] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3091.224168][ T37] audit: type=1326 audit(1625346978.455:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23649 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:18 executing program 1: sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) r0 = fork() syz_80211_inject_frame(&(0x7f0000000040), &(0x7f0000000080)=@mgmt_frame=@action={@with_ht={{{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x6}, @broadcast, @device_b, @random="fe9d5992b0e0", {0xa, 0x6}}, @ver_80211n={0x0, 0x7ffb, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}}, @sa_query_req={0x8, 0x0, 0x4}}, 0x20) getpriority(0x0, r0) sched_getparam(r0, &(0x7f0000000000)) sched_yield() 21:16:18 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:18 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x8000, 0x2, 0x0, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x10, 0x738, 0x1709, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xff, 0xc0, 0x6, [{{0x9, 0x4, 0x0, 0x3, 0x2, 0x3, 0x1, 0x0, 0x5, {0x9, 0x21, 0x800, 0x0, 0x1, {0x22, 0x4d0}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0xff, 0xc0, 0xff}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x7, 0xfd, 0xfd}}]}}}]}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x201, 0x0, 0x8, 0x8, 0x40, 0x6e}, 0x13, &(0x7f00000000c0)={0x5, 0xf, 0x13, 0x2, [@wireless={0xb, 0x10, 0x1, 0x4, 0x0, 0x74, 0x7f, 0xd5d, 0x40}, @ptm_cap={0x3}]}, 0x3, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x380a}}, {0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x100a}}, {0xd0, &(0x7f0000000180)=@string={0xd0, 0x3, "04177b8988697c6a8b4667fe147d8b4999941b9efa13602dea8ab53b26be5979ef36600fc66b0f652b5198c495a420d15a938c87b40930ab465886009f5ad752b92fa537ddc7cf11d2ddea4aeb0ea3d822729c3f711b325202905164b92ba148ae1e0f82e2e492166c64f44bf25f80f398a03a12282e44b7c698d703aa89091c41160c1dd27c70e289150e42ae1e3760fba5ebaa364daecb77a7aa0dd489d24d85bbaf1daf3254f17b27cfe4d950ae5bcb7a12df296bb4c20de2df7eab30b1bb9f23c7f2b10301036e1e4d80647e"}}]}) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:16:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x102000, 0x0) socket(0x9, 0x3, 0x8000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000000)) r3 = socket(0x29, 0x2, 0x0) ioctl$TIOCCONS(r1, 0x541d) ioctl$sock_bt_cmtp_CMTPCONNADD(r3, 0x400443c8, &(0x7f0000000000)) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r4) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 3091.559273][ T37] audit: type=1326 audit(1625346978.785:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23689 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) r1 = fork() r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80402, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/245) getpriority(0x0, r1) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4400, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000001c0)=""/180) getpriority(0x1, r1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) 21:16:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) fork() 21:16:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:19 executing program 1: clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) clock_getres(0x7, &(0x7f0000000180)) setitimer(0x2, &(0x7f0000000080)={{0x77359400}, {r0, r1/1000+60000}}, &(0x7f00000000c0)) syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000100)) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f00000001c0)={0x40000000, 0x3, 0x7ff, 0x3, 0x1, "65a1b76b29256f47363dba5c9f992767414ac3"}) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x10440, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_PLL_SET(r1, 0x40207012, &(0x7f0000000000)={0x6, 0x3, 0x8, 0x7ff, 0x8, 0x289cfe8a, 0x6dec}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x8c40) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f00000000c0)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000180)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r2, 0xc01064c5, &(0x7f0000000200)={&(0x7f00000001c0)=[r3, 0x0, 0x0, r4, r5, 0x0, 0x0, 0x0, 0x0, r6], 0xa}) 21:16:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2b) 21:16:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:19 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x1, 0x0, 0x0, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(0xffffffffffffffff, 0x400443c9, &(0x7f0000000000)={@any, 0x2}) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x101000) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f00000000c0)={0x7f, 0x4, [0x1000]}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000100)=0x9) 21:16:19 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000100)=0x6) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f00000000c0)) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000000)={0x3da4, 0x5, 0x8, 0xf6, 0x1a, "2444fa7418e81416b547b1af230cb436cb3056"}) 21:16:19 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x4a4401, 0x0) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) socket$inet6(0xa, 0x80000, 0x3) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000400)=""/72) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000002c0)={{0x3, 0x0, 0x9, 0x80000001, '\x00', 0x7fff}, 0x5, 0x200, 0x1, 0xffffffffffffffff, 0x2, 0xe78, 'syz0\x00', &(0x7f0000000040)=['-,],/+W-,\x00', '/dev/kvm\x00'], 0x13, '\x00', [0x9, 0x8000, 0x3, 0x3]}) ioctl$FBIOGET_VSCREENINFO(0xffffffffffffffff, 0x4600, &(0x7f0000000100)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000001c0)=""/159) 21:16:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:19 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$media(&(0x7f0000000000), 0x9, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000040)) r2 = fork() getpriority(0x0, r2) waitid(0x1, r2, 0x0, 0x2, &(0x7f00000000c0)) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) [ 3092.529100][ T37] audit: type=1326 audit(1625346979.755:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23746 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0)) 21:16:19 executing program 2: write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1200000007020009002f646576ea4b366f00"], 0x12) syz_80211_join_ibss(&(0x7f00000000c0)='wlan0\x00', &(0x7f0000000100)=@random="a618a23f485bc2ef3c30e960ff18214a7b7eb95f8a8b", 0x16, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r1, 0xc01064c1, &(0x7f0000000140)={0x0, 0x1}) 21:16:19 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:16:20 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x0, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 3092.788939][ T37] audit: type=1326 audit(1625346980.015:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23783 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:20 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:20 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x0, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101143, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0) 21:16:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000040)={0x4, 0x8, [0x7, 0xffff325b]}) [ 3093.604725][ T37] audit: type=1326 audit(1625346980.835:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23809 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:20 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x5) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/234) r3 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, &(0x7f00000001c0)=0x10, 0x800) setsockopt$EBT_SO_SET_COUNTERS(r3, 0x0, 0x81, &(0x7f0000000300)={'filter\x00', 0x0, 0x0, 0x0, [0x1000, 0x0, 0x5, 0xfffffffffffff3e6, 0x0, 0x5768], 0x6, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x0, [{}, {}, {}, {}, {}, {}]}, 0xd8) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) 21:16:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:16:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:21 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) sched_yield() 21:16:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f00000000c0)={0x10, 0x240, 0x190, 0x258, 0x9, 0x8, 0xf, 0x1, {0x4, 0x3ff, 0x1}, {0x5, 0x1ff, 0x1}, {0xff, 0x3, 0x1}, {0x1f, 0x7ff}, 0x2, 0x40, 0x4, 0x2, 0x1, 0x2, 0x3, 0xbfc, 0x9, 0x2, 0x7, 0x401, 0x27, 0x100, 0x2}) 21:16:21 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x7f41dfc9, 0x0, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:16:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 3094.027279][ T37] audit: type=1326 audit(1625346981.255:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23857 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:21 executing program 5: write$9p(0xffffffffffffffff, &(0x7f0000000300)="7895369fb9f185f71047793d89773ab7e96224a112f0715476c4e4f845fc509383292c97995fdc6262cf6b7e418146faa12d62520cf14c377a9f10b25c1b545fc7599db8b8c4806197959925964f8072de348d9ea7e3a164b8ea21f824f5bb88a539b0c4e22b01529c369109009a6c0b7b7bae0073d863c54033122e439fedee5ab80b6cc24e99291880d96848ea75ddfe5d70f63e2b3a6540ee5c63514e33255d85331dd0b693f09a6baa710a4b4d08fddab544b813772e8fd6d47122400e8fc4e1ddd52a3f434ae912a596e2cd2ff6a043926c273d7d66f1916c353a8c056b05f9766804560834b0de8e5f7dc578f4bd4fb54ba2fc0800000047000000000000", 0x101) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f00000000c0)) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r1, 0x81785501, &(0x7f0000000240)=""/55) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000040)) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0x19, 0x1, {0x999eec391d456a1f, {0x22, 0x1, 0x7}, 0x8, 0xee00, 0xee00, 0x9, 0x8000000000000, 0x5, 0x80, 0x0, 0x2, 0x20, 0x3f, 0x6, 0x0, 0x8, 0x1558400000000, 0x1ff, 0x7fffffff, 0x56b6340b}}, 0xa0) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r3, 0x40405514, &(0x7f0000000280)={0x2, 0x4, 0xfff, 0x9a, 'syz1\x00', 0xfc9}) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000440)=""/254) 21:16:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000180)={0x7, 0x7b, 0x1}, 0x7) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000000)) r2 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPCONNDEL(r2, 0x400443c9, &(0x7f0000000040)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8}) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000280)={{{@in=@local, @in6=@mcast1}}, {{@in=@remote}, 0x0, @in=@initdev}}, &(0x7f0000000200)=0xe8) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) pipe2$9p(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RREAD(r4, &(0x7f00000003c0)={0x33, 0x75, 0x2, {0x28, "8c3fda6c74133b6471f9891fe04fa872cf4ba31bca2eb059a060d782643d79ddda7b32da2ddf1e87"}}, 0x33) ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0) ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f00000001c0)={0x81, 0x8}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) sysinfo(&(0x7f00000000c0)=""/148) 21:16:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:16:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:16:21 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:21 executing program 3: ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, &(0x7f0000000000)={0x1, 0x3, 0x400, 0x4, 0x5dd6, 0xfffffffd, 0xf474}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40a00, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) 21:16:21 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x0, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:21 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x0, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:21 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f0000000100)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x28000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r3, 0x7003) r4 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000300), 0x800) accept$inet(r4, 0x0, &(0x7f0000000340)) syz_open_dev$sndctrl(&(0x7f0000000180), 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f00000001c0)) prctl$PR_GET_THP_DISABLE(0x2a) ioctl$RTC_WKALM_RD(r3, 0x80287010, &(0x7f0000000140)) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000010c0)=""/4097) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) [ 3094.722909][ T37] audit: type=1326 audit(1625346981.955:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23911 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3094.748788][ T37] audit: type=1326 audit(1625346981.975:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23912 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3094.770771][ C1] vkms_vblank_simulate: vblank timer overrun 21:16:22 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x40, 0x0, 0x0, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) getuid() r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x81, 0x100) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r2, 0xc0405519, &(0x7f0000000140)={0x3, 0x3, 0x1, 0x682, 'syz0\x00', 0xffffffff}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000000)=""/110) 21:16:22 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f00000000c0)=0x2) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) getcwd(&(0x7f0000000000)=""/125, 0x7d) [ 3094.892975][ T37] audit: type=1326 audit(1625346982.125:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=23927 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x15) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0x541b, 0x0) 21:16:22 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x7, 0x3, 0x8, 0x6}, {0xffff, 0x3, 0x2, 0x8}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2a0000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:22 executing program 1: prctl$PR_CAPBSET_DROP(0x18, 0x1d) syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x6a) 21:16:22 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x7, 0x3, 0x8, 0x6}, {0xffff, 0x3, 0x2, 0x8}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2a0000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:22 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) 21:16:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x4, 0x1}}, 0x14) write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) 21:16:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f00000000c0)=""/183) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x100, 0x141802) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r1, 0xc01064c1, &(0x7f0000000040)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:22 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) 21:16:22 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x60000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:22 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181940, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) 21:16:22 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000040)={0x550, 0x400, 0x30, 0x320, 0xb8, 0x5, 0x8, 0x2, {0xd0, 0x7}, {0x2, 0x4, 0x1}, {0x8, 0xfff}, {0x1ff, 0x9, 0x1}, 0x1, 0x43696dea09c0260f, 0x3, 0x7fff, 0x0, 0x2, 0xfff, 0x101, 0x1, 0x4, 0xff, 0x6, 0x23, 0x301, 0x2, 0xb}) syz_80211_inject_frame(0x0, 0x0, 0x0) read$fb(0xffffffffffffffff, &(0x7f00000001c0)=""/93, 0x5d) write$fb(0xffffffffffffffff, &(0x7f0000000100)="f846a3ff04cb7ad5762b5965042c0ca6c9c18ecb116dc6bc9fbe81d0b13e00b2b64741b0e8256baeb7eb2592dc6140089e43962eb3492dc08ee106cb549a48580ffd05127184bb0995928e8eb1a87112d3e0a59d6faf1de20f6ecd35fcdfd29b88a76d3afacfcdae2056593d8f6f00fea91be5d3222f9133b54dca4fb8e74ff68daa67ecbb34e5f548853e12a876ffde376a3f2cc5ee33cd81ad04913736b1ac7e", 0xa1) 21:16:22 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) 21:16:22 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x1, 0x0, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:22 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r1 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x80000001, 0x400) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f0000000240)={0x7, 0x0, 0xffff, 0x14d, '\x00', 0x1ff}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f00000002c0)=0xdc) r2 = fork() getpriority(0x0, r2) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f00000000c0)={{0xa, 0x1, 0x1, 0x0, 'syz0\x00', 0x7}, 0x6, 0x0, 0x7, r2, 0x2, 0x2, 'syz1\x00', &(0x7f0000000000)=['}\\,--{,](/$\x00', '#}+\x00'], 0x10, '\x00', [0x9, 0x2, 0x4, 0x2]}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sched_rr_get_interval(r2, &(0x7f0000000280)) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0x10, 0x0) [ 3095.796671][T24162] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:23 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) [ 3095.843850][ T37] audit: type=1326 audit(1625346983.075:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24159 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) read$fb(r1, &(0x7f00000000c0)=""/144, 0x90) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:23 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x0, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:23 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) [ 3095.997518][ T37] audit: type=1326 audit(1625346983.225:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24179 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:23 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) read$fb(r1, &(0x7f00000000c0)=""/144, 0x90) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f00000002c0)=0x8a0f) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000280)=0x1) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RUNLINKAT(r3, &(0x7f0000000040)={0x7, 0x4d, 0x2}, 0x7) socket(0x1b, 0x1, 0x80000805) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000240)=""/29) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000300)) 21:16:23 executing program 0: socketpair(0x0, 0x4, 0x0, &(0x7f0000000000)) 21:16:23 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000040)={0x6, 0x1f}) r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x7, 0x277ba8f625b8c14f) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000140)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r2, 0xc01864cd, &(0x7f0000000200)={&(0x7f0000000180)=[0x0, 0x0, 0x0, r3, r4], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x1}) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:23 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x0, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:23 executing program 0: socketpair(0x0, 0x4, 0x0, &(0x7f0000000000)) 21:16:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000040)={0x6, 0x1f}) r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x7, 0x277ba8f625b8c14f) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000140)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r2, 0xc01864cd, &(0x7f0000000200)={&(0x7f0000000180)=[0x0, 0x0, 0x0, r3, r4], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x1}) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) [ 3096.751301][ T37] audit: type=1326 audit(1625346983.985:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24244 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:24 executing program 3: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x29000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:24 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, 0x0, 0x0) sched_yield() prctl$PR_SVE_GET_VL(0x33, 0x175d8) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000080)={'broute\x00', 0x0, 0x0, 0x0, [0x5, 0x7f, 0x8001, 0x7, 0x1, 0x4], 0x5, &(0x7f0000000000)=[{}], 0x0, [{}, {}, {}, {}, {}]}, 0xc8) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:24 executing program 0: socketpair(0x0, 0x4, 0x0, &(0x7f0000000000)) 21:16:24 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa}, 0x0, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:24 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) [ 3096.869050][ T37] audit: type=1326 audit(1625346984.095:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24258 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:24 executing program 0: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000000)) [ 3096.930483][T24269] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f0000000000)) 21:16:24 executing program 0: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000000)) 21:16:24 executing program 0: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000000)) 21:16:24 executing program 4: sync() prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x5, 0x0, 0x7a, 0x3}, {0x8000, 0x5, 0x4, 0x2}, {0x1000, 0x22, 0x2d, 0x8000}]}) 21:16:24 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) r0 = fork() getpriority(0x0, r0) r1 = fork() setpgid(r0, r1) 21:16:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sched_yield() ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x37, 0x1, {0x0, 0x7, 0x2, 0x0, 0xa, '/dev/ptmx\x00'}}, 0x28) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0) ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000100)={0x3, 0x1}) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, &(0x7f0000000140)=""/193) ioctl$VT_RESIZE(r4, 0x5609, &(0x7f0000000000)={0x7, 0x4, 0x5}) ioctl$TIOCGPTPEER(r2, 0x5441, 0x5) ioctl$KDSIGACCEPT(r4, 0x4b4e, 0x10) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:24 executing program 0: socketpair(0x1e, 0x4, 0x0, 0x0) 21:16:24 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) 21:16:25 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x0, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:25 executing program 0: socketpair(0x1e, 0x4, 0x0, 0x0) 21:16:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x37, 0x1, {0x0, 0x7, 0x2, 0x0, 0xa, '/dev/ptmx\x00'}}, 0x28) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0) ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000100)={0x3, 0x1}) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, &(0x7f0000000140)=""/193) ioctl$VT_RESIZE(r4, 0x5609, &(0x7f0000000000)={0x7, 0x4, 0x5}) ioctl$TIOCGPTPEER(r2, 0x5441, 0x5) ioctl$KDSIGACCEPT(r4, 0x4b4e, 0x10) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) [ 3097.883435][ T37] audit: type=1326 audit(1625346985.115:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24332 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:25 executing program 0: socketpair(0x1e, 0x4, 0x0, 0x0) 21:16:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200041, 0x0) 21:16:25 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) 21:16:25 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000080)=@ctrl_frame=@bar={{}, {0x2013}, @device_a, @device_a, @multi={{0x1, 0x1, 0x1, 0x0, 0x3}, [{0x0, 0x7, {0xd, 0x3}, "e0726be423c8ef7e"}, {0x0, 0x5, {0x2, 0x2}, "b5e356d7388f67f5"}, {0x0, 0x6, {0x1, 0x1}, "789a0f42508d3b59"}]}}, 0x36) sched_yield() fork() r0 = fork() getpriority(0x0, r0) wait4(r0, &(0x7f00000000c0), 0x2, &(0x7f0000000100)) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:25 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0xc6201) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000080)=""/24) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000000)={0x80d, 0x8, [0xc50, 0x0]}) prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:16:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x2e, 0x25, 0x6, 0x18, 0x6, 0x1, 0x1, 0x45}}) 21:16:25 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x0, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:25 executing program 3: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1f000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086301, 0x0) [ 3098.358930][T24390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:25 executing program 0: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1d000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:25 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) 21:16:25 executing program 2: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x1b000000) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:25 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0x0, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 3098.765720][T24402] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3098.780847][ T37] kauditd_printk_skb: 1 callbacks suppressed [ 3098.780865][ T37] audit: type=1326 audit(1625346986.005:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24404 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 3098.789770][T24407] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:16:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:16:26 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f00000000c0)=""/56) 21:16:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:26 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0x0, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:26 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0xffffffffffffff35) 21:16:26 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff, 0xcb3a}, {0x0, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 3099.404933][ T37] audit: type=1326 audit(1625346986.635:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24437 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:26 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x1ff}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 3099.475786][ T37] audit: type=1326 audit(1625346986.685:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24438 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) [ 3099.545009][ T37] audit: type=1326 audit(1625346986.775:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24451 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) 21:16:26 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae10, 0x0) 21:16:27 executing program 1: ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000040)) syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f0000000080)) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) sched_yield() 21:16:27 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:27 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15, 0x80000001}, {0x0, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) [ 3099.967630][ T37] audit: type=1326 audit(1625346987.195:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24478 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:27 executing program 4: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000000)={0xfffffff7, 0x9, 0xd257, 0x7, 0x10, "fe923325539d4982f0869d4ef7f202ca3edb13"}) 21:16:27 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:27 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:27 executing program 0 (fault-call:0 fault-nth:0): socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:27 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000080)=ANY=[@ANYBLOB="20300b00080211000001080211000000505050505050f00704000080ffffffffffff00026e8b01069b16363606b02d1a20001d0100000001000000800003000d00000001000300000008dda8bf031d284b17a136ba13281d90bee98f91f744dc5d4a3248798883a71c5de7fad1986a1289bd736b76ac4a0323636c1b3399582cc07743419c8936464908eec336e01e2bf5d0b60e3cae56311fc5da2e13fd796ae1cf6a82736704bec13d5b8b8f6c96e96e12ae98345e252e174be0c922899d6e8db6ca12cd128de7ca88aaa45220490eb33ab6a048420ea5b5773efca28decf092260498498614b9e6ab611754dac1e600000000"], 0xf4) sched_yield() syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000005c0), 0x4200, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x19) ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000580)={0x0, 0x1, 0x2, 0x1d, 0x1fc, &(0x7f0000000180)="daf35e5adbb06cad3fff315c00f1e9ba4a745559a6e38e8dc23210de96f76ab6020493a58bc24936cb3b94972f78effacd7b2cf1b0c58eba566da82773f298337107a7e20b49e75f144383f68ab24d6a9534ff65f9a8f67654947e27bdca6f2cf06645e413897a2fcf9acf7e3bf9a463f80154528d4e71287cd98ba3d617d60dabaf5bb790f1e74e29451965a8d7d5cbe684f7bf0281cf033ee0f76de025c12e47ac394d92cc2364da446d44dc1c85575e11183223e0d0c1e0b1c9452b40de4ccfee25a7e41070ae4310e228c710effa0f961b96dc5150109b243f09b8b8fa7feddced206368bc35da1337e5b495b45b400f7d6007f28b608da888c3b4f5320fe96478474f21beb71ffa0e412d1ff9595ed12a52a98b2aad768d716033e1b503d8675618518c82aed432a39c7110c7277c3c9c7aafc53d88ca5955bc9d15cc61f1ca26bd1811a4e1e891e70e4dd28d8eb80ef52205c8de7f7d8636fa58e21e9b38cc196ed2cd536e87ba35cbfcb617060a778a0b5e8666f4fd1c41048858c915dab804717ad865135f37edb3c167d5c09c3ca69f94ed3c1997a3ce9c0cc435bcbb1ad9a7b9d31a3915c79e6bd856d10c316b10a568c6657c919bbcb08679a5bb9da81a07f55ac1eeedd582805468ef357eefb3ffd5f70ee91824e04daa3a77f3b9d0d477226bbde6f90a36eda1ed1720ae0527ceea86f15aa467c902f882a741430a9727045a12d46f40e23f64fd3840b59fdbb743f1afaba8b22112d976a60d13447c8c69fe65ec93ed32a8606fba41d5221cee8da48d9482ed1381e16786843ed33a92acbbd6facbd192b5593d90a4af2b191953917ce921842dd1daf60268821768d0d372761d7fafe236eb429d68108d25bf51605b15a19899cbc3676d1a0a9d1c15cda7bd313091b4707c7853969007aab5370993bc81085e61a6599b46c7441eb1e97b4d505d1a9a584f5a2fcaf0ba80d34fb04a6ece94ee5c364883c272774f232ee3f535166019f7aa2adc9ebdf2faa75567833dc8787959972a759ae4d9a744f1bd46382f3189882580055e78b190d7f9f16efbc7f1781712631c5fcde753b99a0eeacc9f12aca61e7dd906525b3dbb08d41cf38639860e80434a082eda46bfc8b49ff2bc8bdae922c871b6a42fdb59ddba0e0111d2f7eb615befa81dc3437f564ada67a8bad3c71795c3c793bc334284371c63a2549447ab8c4d7a082773683a11499ce42fc55af1d4506039ac69125bfe1fecaaf00f1518a14575cf67a6774bd30f2f4744340adc8a8eea56a717cbdb0b30888b854e518648d94460b6c4c2c7dcea7b4d6916ab3333e75355bc67247ac7fbcbd69415f23b6df66797092853a0a31fd228035feb124d4e8e39fc82aeaa95d7f3515765a2507340b756c1647580bb7be274b52c3ac16ceb12d78b793b322dd7dedbfdce964d5a3cc1"}) r3 = getgid() setregid(0xee01, r3) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:27 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/56) r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:27 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x29, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x1}]}) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x8100, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000180)={0x0, 0x0, 0x280, 0x598, 0x0, 0x2667, 0x10, 0x0, {0x15}, {0x1ff, 0xcb3a}, {0xfffffe00, 0x7fc}, {0x5, 0x33e151aa, 0x1}, 0x1, 0x40, 0x10001, 0x7f41dfc9, 0x1, 0xe08a, 0x8000, 0x2, 0x4, 0x6, 0x2, 0xb8, 0x10, 0x200, 0x3, 0x7}) 21:16:27 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) [ 3100.459767][ T37] audit: type=1326 audit(1625346987.685:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=24500 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 21:16:27 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:27 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) [ 3100.514603][T24508] FAULT_INJECTION: forcing a failure. [ 3100.514603][T24508] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.556752][T24508] CPU: 0 PID: 24508 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 3100.566604][T24508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3100.576669][T24508] Call Trace: [ 3100.579952][T24508] dump_stack_lvl+0xcd/0x134 [ 3100.584568][T24508] should_fail.cold+0x5/0xa [ 3100.589200][T24508] ? __anon_vma_prepare+0x62/0x560 [ 3100.594508][T24508] ? __anon_vma_prepare+0x62/0x560 [ 3100.599644][T24508] should_failslab+0x5/0x10 [ 3100.604198][T24508] kmem_cache_alloc+0x5e/0x4a0 [ 3100.608979][T24508] __anon_vma_prepare+0x62/0x560 [ 3100.613941][T24508] do_huge_pmd_anonymous_page+0xd8a/0x2590 [ 3100.619765][T24508] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3100.626021][T24508] ? path_openat+0xfc1/0x27e0 [ 3100.630714][T24508] __handle_mm_fault+0x2ffb/0x5320 [ 3100.635939][T24508] ? vm_iomap_memory+0x190/0x190 [ 3100.640890][T24508] ? lock_release+0x720/0x720 [ 3100.645583][T24508] ? cgroup_rstat_updated+0x20/0x390 [ 3100.650882][T24508] ? __count_memcg_events+0x60/0xc0 [ 3100.656103][T24508] handle_mm_fault+0x1c8/0x7f0 [ 3100.660885][T24508] do_user_addr_fault+0x483/0x1210 [ 3100.666014][T24508] exc_page_fault+0x9e/0x180 [ 3100.670711][T24508] asm_exc_page_fault+0x1e/0x30 [ 3100.675579][T24508] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 3100.681318][T24508] Code: 00 00 48 39 d9 73 54 0f 1f 00 66 89 01 31 c9 0f 1f 00 c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 1f 00 <89> 01 31 c9 0f 1f 00 c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 3100.700936][T24508] RSP: 0018:ffffc9000b4d7e40 EFLAGS: 00010297 [ 3100.707013][T24508] RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000000 [ 3100.714994][T24508] RDX: 0000000000040000 RSI: ffffffff870980cb RDI: ffffffff8deb5210 [ 3100.722978][T24508] RBP: 0000000000000004 R08: 0000000000000000 R09: ffffffff8deb5217 [ 3100.730962][T24508] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004 [ 3100.738941][T24508] R13: 0000000000000005 R14: 0000000000000000 R15: dffffc0000000000 [ 3100.746926][T24508] ? __sys_socketpair+0xfb/0x570 [ 3100.751885][T24508] __sys_socketpair+0x107/0x570 [ 3100.756928][T24508] ? __ia32_sys_socket+0xb0/0xb0 [ 3100.761882][T24508] ? get_vtime_delta+0x26e/0x420 [ 3100.766870][T24508] __x64_sys_socketpair+0x93/0xf0 [ 3100.771917][T24508] ? syscall_enter_from_user_mode+0x21/0x70 [ 3100.777836][T24508] do_syscall_64+0x35/0xb0 [ 3100.782272][T24508] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3100.788273][T24508] RIP: 0033:0x4665d9 [ 3100.792173][T24508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3100.811968][T24508] RSP: 002b:00007fb2ce7f3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 3100.820400][T24508] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3100.828378][T24508] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 3100.836360][T24508] RBP: 00007fb2ce7f31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3100.844466][T24508] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 21:16:28 executing program 3 (fault-call:1 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3100.852450][T24508] R13: 0000000000a9fb1f R14: 00007fb2ce7f3300 R15: 0000000000022000 21:16:28 executing program 0 (fault-call:0 fault-nth:1): socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:28 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) [ 3100.923310][T24523] FAULT_INJECTION: forcing a failure. [ 3100.923310][T24523] name failslab, interval 1, probability 0, space 0, times 0 [ 3100.957802][T24523] CPU: 0 PID: 24523 Comm: syz-executor.3 Tainted: G W 5.13.0-syzkaller #0 [ 3100.967660][T24523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3100.977744][T24523] Call Trace: [ 3100.981032][T24523] dump_stack_lvl+0xcd/0x134 [ 3100.985669][T24523] should_fail.cold+0x5/0xa [ 3100.990195][T24523] ? tomoyo_realpath_from_path+0xc3/0x620 [ 3100.996030][T24523] should_failslab+0x5/0x10 [ 3101.000554][T24523] __kmalloc+0x72/0x330 [ 3101.005160][T24523] tomoyo_realpath_from_path+0xc3/0x620 [ 3101.010742][T24523] ? tomoyo_profile+0x42/0x50 [ 3101.015441][T24523] tomoyo_path_number_perm+0x1d5/0x590 [ 3101.020926][T24523] ? tomoyo_path_number_perm+0x18d/0x590 [ 3101.026583][T24523] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 3101.032412][T24523] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3101.038670][T24523] ? lock_acquire+0x442/0x510 [ 3101.043363][T24523] ? lock_release+0x522/0x720 [ 3101.048062][T24523] ? lock_downgrade+0x6e0/0x6e0 [ 3101.052931][T24523] ? lock_acquire+0x442/0x510 [ 3101.057632][T24523] ? lock_release+0x522/0x720 [ 3101.062437][T24523] ? __context_tracking_exit+0xb8/0xe0 [ 3101.067926][T24523] ? __fget_files+0x288/0x3d0 [ 3101.072620][T24523] security_file_ioctl+0x50/0xb0 [ 3101.077614][T24523] __x64_sys_ioctl+0xb3/0x200 [ 3101.082311][T24523] do_syscall_64+0x35/0xb0 [ 3101.086743][T24523] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3101.092659][T24523] RIP: 0033:0x4665d9 [ 3101.096557][T24523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 21:16:28 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) [ 3101.116702][T24523] RSP: 002b:00007f9dd23dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3101.125335][T24523] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3101.133410][T24523] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 3101.141488][T24523] RBP: 00007f9dd23dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3101.149554][T24523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3101.157559][T24523] R13: 0000000000a9fb1f R14: 00007f9dd23dc300 R15: 0000000000022000 [ 3101.184095][T24536] FAULT_INJECTION: forcing a failure. [ 3101.184095][T24536] name failslab, interval 1, probability 0, space 0, times 0 [ 3101.223174][T24536] CPU: 0 PID: 24536 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 3101.233205][T24536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3101.243272][T24536] Call Trace: [ 3101.246559][T24536] dump_stack_lvl+0xcd/0x134 [ 3101.251178][T24536] should_fail.cold+0x5/0xa [ 3101.255703][T24536] ? __anon_vma_prepare+0x2d8/0x560 [ 3101.260927][T24536] ? __anon_vma_prepare+0x2d8/0x560 [ 3101.266137][T24536] should_failslab+0x5/0x10 [ 3101.270659][T24536] kmem_cache_alloc+0x5e/0x4a0 [ 3101.275437][T24536] __anon_vma_prepare+0x2d8/0x560 [ 3101.280486][T24536] do_huge_pmd_anonymous_page+0xd8a/0x2590 [ 3101.286306][T24536] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3101.292558][T24536] ? path_openat+0xfc1/0x27e0 [ 3101.297250][T24536] __handle_mm_fault+0x2ffb/0x5320 [ 3101.302382][T24536] ? vm_iomap_memory+0x190/0x190 [ 3101.307334][T24536] ? lock_release+0x720/0x720 [ 3101.312027][T24536] ? cgroup_rstat_updated+0x20/0x390 [ 3101.317333][T24536] ? __count_memcg_events+0x60/0xc0 [ 3101.322550][T24536] handle_mm_fault+0x1c8/0x7f0 [ 3101.327334][T24536] do_user_addr_fault+0x483/0x1210 [ 3101.332472][T24536] exc_page_fault+0x9e/0x180 [ 3101.337082][T24536] asm_exc_page_fault+0x1e/0x30 [ 3101.342218][T24536] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 3101.347954][T24536] Code: 00 00 48 39 d9 73 54 0f 1f 00 66 89 01 31 c9 0f 1f 00 c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 1f 00 <89> 01 31 c9 0f 1f 00 c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 3101.367575][T24536] RSP: 0018:ffffc9000b497e40 EFLAGS: 00010297 [ 3101.373652][T24536] RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000000 [ 3101.381624][T24536] RDX: 0000000000040000 RSI: ffffffff870980cb RDI: ffffffff8deb5210 [ 3101.389601][T24536] RBP: 0000000000000004 R08: 0000000000000000 R09: ffffffff8deb5217 [ 3101.397578][T24536] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004 [ 3101.405553][T24536] R13: 0000000000000005 R14: 0000000000000000 R15: dffffc0000000000 [ 3101.413534][T24536] ? __sys_socketpair+0xfb/0x570 [ 3101.418491][T24536] __sys_socketpair+0x107/0x570 [ 3101.423356][T24536] ? __ia32_sys_socket+0xb0/0xb0 [ 3101.428305][T24536] ? get_vtime_delta+0x26e/0x420 [ 3101.433261][T24536] __x64_sys_socketpair+0x93/0xf0 [ 3101.438297][T24536] ? syscall_enter_from_user_mode+0x21/0x70 [ 3101.444215][T24536] do_syscall_64+0x35/0xb0 [ 3101.448647][T24536] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3101.454552][T24536] RIP: 0033:0x4665d9 [ 3101.458446][T24536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3101.478069][T24536] RSP: 002b:00007fb2ce7f3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 3101.486583][T24536] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3101.494567][T24536] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 3101.503240][T24536] RBP: 00007fb2ce7f31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3101.511262][T24536] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 3101.519275][T24536] R13: 0000000000a9fb1f R14: 00007fb2ce7f3300 R15: 0000000000022000 21:16:28 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getcwd(&(0x7f0000000040)=""/149, 0x95) syz_80211_inject_frame(0x0, 0x0, 0x0) ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37) r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000140)=0xa7f) 21:16:28 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:28 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:16:28 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000080)=ANY=[@ANYBLOB="20300b00080211000001080211000000505050505050f00704000080ffffffffffff00026e8b01069b16363606b02d1a20001d0100000001000000800003000d00000001000300000008dda8bf031d284b17a136ba13281d90bee98f91f744dc5d4a3248798883a71c5de7fad1986a1289bd736b76ac4a0323636c1b3399582cc07743419c8936464908eec336e01e2bf5d0b60e3cae56311fc5da2e13fd796ae1cf6a82736704bec13d5b8b8f6c96e96e12ae98345e252e174be0c922899d6e8db6ca12cd128de7ca88aaa45220490eb33ab6a048420ea5b5773efca28decf092260498498614b9e6ab611754dac1e600000000"], 0xf4) sched_yield() syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000005c0), 0x4200, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x19) ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000580)={0x0, 0x1, 0x2, 0x1d, 0x1fc, &(0x7f0000000180)="daf35e5adbb06cad3fff315c00f1e9ba4a745559a6e38e8dc23210de96f76ab6020493a58bc24936cb3b94972f78effacd7b2cf1b0c58eba566da82773f298337107a7e20b49e75f144383f68ab24d6a9534ff65f9a8f67654947e27bdca6f2cf06645e413897a2fcf9acf7e3bf9a463f80154528d4e71287cd98ba3d617d60dabaf5bb790f1e74e29451965a8d7d5cbe684f7bf0281cf033ee0f76de025c12e47ac394d92cc2364da446d44dc1c85575e11183223e0d0c1e0b1c9452b40de4ccfee25a7e41070ae4310e228c710effa0f961b96dc5150109b243f09b8b8fa7feddced206368bc35da1337e5b495b45b400f7d6007f28b608da888c3b4f5320fe96478474f21beb71ffa0e412d1ff9595ed12a52a98b2aad768d716033e1b503d8675618518c82aed432a39c7110c7277c3c9c7aafc53d88ca5955bc9d15cc61f1ca26bd1811a4e1e891e70e4dd28d8eb80ef52205c8de7f7d8636fa58e21e9b38cc196ed2cd536e87ba35cbfcb617060a778a0b5e8666f4fd1c41048858c915dab804717ad865135f37edb3c167d5c09c3ca69f94ed3c1997a3ce9c0cc435bcbb1ad9a7b9d31a3915c79e6bd856d10c316b10a568c6657c919bbcb08679a5bb9da81a07f55ac1eeedd582805468ef357eefb3ffd5f70ee91824e04daa3a77f3b9d0d477226bbde6f90a36eda1ed1720ae0527ceea86f15aa467c902f882a741430a9727045a12d46f40e23f64fd3840b59fdbb743f1afaba8b22112d976a60d13447c8c69fe65ec93ed32a8606fba41d5221cee8da48d9482ed1381e16786843ed33a92acbbd6facbd192b5593d90a4af2b191953917ce921842dd1daf60268821768d0d372761d7fafe236eb429d68108d25bf51605b15a19899cbc3676d1a0a9d1c15cda7bd313091b4707c7853969007aab5370993bc81085e61a6599b46c7441eb1e97b4d505d1a9a584f5a2fcaf0ba80d34fb04a6ece94ee5c364883c272774f232ee3f535166019f7aa2adc9ebdf2faa75567833dc8787959972a759ae4d9a744f1bd46382f3189882580055e78b190d7f9f16efbc7f1781712631c5fcde753b99a0eeacc9f12aca61e7dd906525b3dbb08d41cf38639860e80434a082eda46bfc8b49ff2bc8bdae922c871b6a42fdb59ddba0e0111d2f7eb615befa81dc3437f564ada67a8bad3c71795c3c793bc334284371c63a2549447ab8c4d7a082773683a11499ce42fc55af1d4506039ac69125bfe1fecaaf00f1518a14575cf67a6774bd30f2f4744340adc8a8eea56a717cbdb0b30888b854e518648d94460b6c4c2c7dcea7b4d6916ab3333e75355bc67247ac7fbcbd69415f23b6df66797092853a0a31fd228035feb124d4e8e39fc82aeaa95d7f3515765a2507340b756c1647580bb7be274b52c3ac16ceb12d78b793b322dd7dedbfdce964d5a3cc1"}) r3 = getgid() setregid(0xee01, r3) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:28 executing program 0 (fault-call:0 fault-nth:2): socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) [ 3101.606925][T24523] ERROR: Out of memory at tomoyo_realpath_from_path. 21:16:28 executing program 3 (fault-call:1 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:28 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:16:28 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) [ 3101.697402][T24562] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3101.741783][T24565] FAULT_INJECTION: forcing a failure. [ 3101.741783][T24565] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3101.744607][T24566] FAULT_INJECTION: forcing a failure. [ 3101.744607][T24566] name failslab, interval 1, probability 0, space 0, times 0 [ 3101.772655][T24569] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3101.789389][T24562] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3101.824510][T24566] CPU: 1 PID: 24566 Comm: syz-executor.3 Tainted: G W 5.13.0-syzkaller #0 [ 3101.834347][T24566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3101.844587][T24566] Call Trace: [ 3101.847878][T24566] dump_stack_lvl+0xcd/0x134 [ 3101.852493][T24566] should_fail.cold+0x5/0xa [ 3101.857016][T24566] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 3101.862398][T24566] should_failslab+0x5/0x10 [ 3101.866916][T24566] __kmalloc+0x72/0x330 [ 3101.871084][T24566] tomoyo_encode2.part.0+0xe9/0x3a0 [ 3101.876280][T24566] tomoyo_encode+0x28/0x50 [ 3101.880681][T24566] tomoyo_realpath_from_path+0x186/0x620 [ 3101.886303][T24566] tomoyo_path_number_perm+0x1d5/0x590 [ 3101.891754][T24566] ? tomoyo_path_number_perm+0x18d/0x590 [ 3101.897374][T24566] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 3101.903189][T24566] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3101.909420][T24566] ? lock_acquire+0x442/0x510 [ 3101.914101][T24566] ? lock_release+0x522/0x720 [ 3101.918771][T24566] ? lock_downgrade+0x6e0/0x6e0 [ 3101.923619][T24566] ? lock_acquire+0x442/0x510 [ 3101.928284][T24566] ? lock_release+0x522/0x720 [ 3101.932946][T24566] ? __context_tracking_exit+0xb8/0xe0 [ 3101.938401][T24566] ? __fget_files+0x288/0x3d0 [ 3101.943067][T24566] security_file_ioctl+0x50/0xb0 [ 3101.947995][T24566] __x64_sys_ioctl+0xb3/0x200 [ 3101.952666][T24566] do_syscall_64+0x35/0xb0 [ 3101.957070][T24566] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3101.962954][T24566] RIP: 0033:0x4665d9 [ 3101.966835][T24566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3101.986428][T24566] RSP: 002b:00007f9dd23dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3101.996728][T24566] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3102.004693][T24566] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 3102.012737][T24566] RBP: 00007f9dd23dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3102.020695][T24566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3102.028651][T24566] R13: 0000000000a9fb1f R14: 00007f9dd23dc300 R15: 0000000000022000 [ 3102.050534][T24565] CPU: 1 PID: 24565 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 3102.060373][T24565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3102.070438][T24565] Call Trace: [ 3102.073726][T24565] dump_stack_lvl+0xcd/0x134 [ 3102.078337][T24565] should_fail.cold+0x5/0xa [ 3102.082865][T24565] prepare_alloc_pages+0x17b/0x580 [ 3102.088000][T24565] ? lock_downgrade+0x6e0/0x6e0 [ 3102.092862][T24565] __alloc_pages+0x12f/0x500 [ 3102.097460][T24565] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 3102.104223][T24565] ? rwlock_bug.part.0+0x90/0x90 [ 3102.109152][T24565] ? anon_vma_interval_tree_insert+0x2d4/0x4c0 [ 3102.115298][T24565] alloc_pages_vma+0x5ab/0x770 [ 3102.120053][T24565] do_huge_pmd_anonymous_page+0x42b/0x2590 [ 3102.125869][T24565] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3102.132104][T24565] ? path_openat+0xfc1/0x27e0 [ 3102.136769][T24565] __handle_mm_fault+0x2ffb/0x5320 [ 3102.141875][T24565] ? vm_iomap_memory+0x190/0x190 [ 3102.146813][T24565] ? lock_release+0x720/0x720 [ 3102.151496][T24565] ? cgroup_rstat_updated+0x20/0x390 [ 3102.156770][T24565] ? __count_memcg_events+0x60/0xc0 [ 3102.161959][T24565] handle_mm_fault+0x1c8/0x7f0 [ 3102.166984][T24565] do_user_addr_fault+0x483/0x1210 [ 3102.172087][T24565] exc_page_fault+0x9e/0x180 [ 3102.176669][T24565] asm_exc_page_fault+0x1e/0x30 [ 3102.181508][T24565] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 3102.187238][T24565] Code: 00 00 48 39 d9 73 54 0f 1f 00 66 89 01 31 c9 0f 1f 00 c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 1f 00 <89> 01 31 c9 0f 1f 00 c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 3102.207212][T24565] RSP: 0018:ffffc9000ba27e40 EFLAGS: 00010297 [ 3102.213454][T24565] RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000000 [ 3102.221499][T24565] RDX: 0000000000040000 RSI: ffffffff870980cb RDI: ffffffff8deb5210 [ 3102.229587][T24565] RBP: 0000000000000004 R08: 0000000000000000 R09: ffffffff8deb5217 [ 3102.237632][T24565] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004 [ 3102.245636][T24565] R13: 0000000000000005 R14: 0000000000000000 R15: dffffc0000000000 [ 3102.253967][T24565] ? __sys_socketpair+0xfb/0x570 [ 3102.258898][T24565] __sys_socketpair+0x107/0x570 [ 3102.263740][T24565] ? __ia32_sys_socket+0xb0/0xb0 [ 3102.268753][T24565] ? get_vtime_delta+0x26e/0x420 [ 3102.273683][T24565] __x64_sys_socketpair+0x93/0xf0 [ 3102.278711][T24565] ? syscall_enter_from_user_mode+0x21/0x70 [ 3102.284595][T24565] do_syscall_64+0x35/0xb0 [ 3102.289025][T24565] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3102.294910][T24565] RIP: 0033:0x4665d9 [ 3102.298791][T24565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3102.318383][T24565] RSP: 002b:00007fb2ce7f3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 3102.326788][T24565] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3102.334832][T24565] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 3102.342788][T24565] RBP: 00007fb2ce7f31d0 R08: 0000000000000000 R09: 0000000000000000 21:16:29 executing program 2 (fault-call:0 fault-nth:0): prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:29 executing program 1: syz_80211_inject_frame(&(0x7f0000000040), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:29 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) [ 3102.350762][T24565] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 3102.358718][T24565] R13: 0000000000a9fb1f R14: 00007fb2ce7f3300 R15: 0000000000022000 [ 3102.404293][T24557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3102.443977][T24586] FAULT_INJECTION: forcing a failure. [ 3102.443977][T24586] name failslab, interval 1, probability 0, space 0, times 0 [ 3102.462707][T24586] CPU: 0 PID: 24586 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 3102.472548][T24586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3102.482709][T24586] Call Trace: [ 3102.486085][T24586] dump_stack_lvl+0xcd/0x134 [ 3102.490788][T24586] should_fail.cold+0x5/0xa [ 3102.495316][T24586] ? yama_ptracer_add+0x48/0x550 [ 3102.501403][T24586] should_failslab+0x5/0x10 [ 3102.505928][T24586] kmem_cache_alloc_trace+0x55/0x3c0 [ 3102.511232][T24586] yama_ptracer_add+0x48/0x550 [ 3102.516018][T24586] yama_task_prctl+0x2e3/0x4e0 [ 3102.520976][T24586] security_task_prctl+0x6d/0xf0 [ 3102.525977][T24586] __do_sys_prctl+0x94/0x1040 [ 3102.530669][T24586] ? __ia32_sys_umask+0xb0/0xb0 [ 3102.535539][T24586] ? syscall_enter_from_user_mode+0x21/0x70 [ 3102.541541][T24586] do_syscall_64+0x35/0xb0 [ 3102.545974][T24586] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3102.551911][T24586] RIP: 0033:0x4665d9 [ 3102.555806][T24586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3102.576728][T24586] RSP: 002b:00007fd78ebc3188 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 3102.585277][T24586] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3102.593295][T24586] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000059616d61 21:16:29 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) [ 3102.601272][T24586] RBP: 00007fd78ebc31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3102.609350][T24586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3102.617415][T24586] R13: 0000000000a9fb1f R14: 00007fd78ebc3300 R15: 0000000000022000 21:16:29 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:29 executing program 2 (fault-call:0 fault-nth:1): prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) [ 3102.697800][T24566] ERROR: Out of memory at tomoyo_realpath_from_path. 21:16:30 executing program 0: socketpair(0x2, 0x4, 0x0, &(0x7f0000000000)) [ 3102.753508][T24598] FAULT_INJECTION: forcing a failure. [ 3102.753508][T24598] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3102.802501][T24598] CPU: 1 PID: 24598 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 3102.812701][T24598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3102.823030][T24598] Call Trace: [ 3102.826316][T24598] dump_stack_lvl+0xcd/0x134 [ 3102.830929][T24598] should_fail.cold+0x5/0xa [ 3102.835636][T24598] _copy_to_user+0x2c/0x150 [ 3102.840155][T24598] simple_read_from_buffer+0xcc/0x160 [ 3102.845633][T24598] proc_fail_nth_read+0x187/0x220 [ 3102.850673][T24598] ? proc_fault_inject_read+0x220/0x220 [ 3102.856323][T24598] ? security_file_permission+0x248/0x560 [ 3102.862840][T24598] ? proc_fault_inject_read+0x220/0x220 [ 3102.868401][T24598] vfs_read+0x1b5/0x570 [ 3102.872551][T24598] ksys_read+0x12d/0x250 [ 3102.876891][T24598] ? vfs_write+0xa30/0xa30 [ 3102.881299][T24598] ? syscall_enter_from_user_mode+0x21/0x70 [ 3102.887190][T24598] do_syscall_64+0x35/0xb0 [ 3102.891599][T24598] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3102.897488][T24598] RIP: 0033:0x41935c [ 3102.901413][T24598] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 3102.921450][T24598] RSP: 002b:00007fd78ebc3170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 3102.929868][T24598] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000041935c [ 3102.937840][T24598] RDX: 000000000000000f RSI: 00007fd78ebc31e0 RDI: 0000000000000003 21:16:30 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getcwd(&(0x7f0000000040)=""/149, 0x95) syz_80211_inject_frame(0x0, 0x0, 0x0) ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37) r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000140)=0xa7f) 21:16:30 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xc327) syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCCONS(r0, 0x541d) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:30 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/56) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3102.945837][T24598] RBP: 00007fd78ebc31d0 R08: 0000000000000000 R09: 0000000000000000 [ 3102.953796][T24598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3102.961755][T24598] R13: 0000000000a9fb1f R14: 00007fd78ebc3300 R15: 0000000000022000 21:16:30 executing program 0: socketpair(0x2c, 0x4, 0x0, &(0x7f0000000000)) 21:16:30 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) [ 3103.115871][T24620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:30 executing program 0: socketpair(0x1e, 0x2, 0x0, &(0x7f0000000000)) [ 3103.157814][T24613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:30 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:30 executing program 0: socketpair(0x1e, 0x5, 0x0, &(0x7f0000000000)) 21:16:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x2, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:30 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:30 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:30 executing program 1: syz_80211_inject_frame(&(0x7f0000000040), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:30 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getcwd(&(0x7f0000000040)=""/149, 0x95) syz_80211_inject_frame(0x0, 0x0, 0x0) ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37) r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000140)=0xa7f) 21:16:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:30 executing program 0: socketpair(0x1e, 0xa, 0x0, &(0x7f0000000000)) 21:16:30 executing program 5: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:30 executing program 2: prctl$PR_SET_SECCOMP(0x7, 0xffffffffffffffff, 0x0) 21:16:30 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4606, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:30 executing program 5: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) [ 3103.596243][T24657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:30 executing program 2: prctl$PR_SET_SECCOMP(0x8, 0xffffffffffffffff, 0x0) [ 3103.673619][T24651] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:30 executing program 5: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4c01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:31 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x1000}, "7e0eeeeccbb9e978da8d5659cb57c21f895ef8615e701c2fad4068857c1e32dd6cd67c13a8595a3a734585819d516490ac6e6444a01507bfb46700f59cd5d246d962630eaaf752b8c4f27d7470184d7a36f3b14412367035636737fa0681c860a2d406f7af388410a7cfdba75d263d085662e54d462181f5596fd68b096fc58495dd45c0e287579af6af18c20ca799ae0f065350331da7705ee802c3aa4ca2a43cd0e0b77b80c07321aacfd1ac49baf25b3a04213d5de1fdecbb1187c4dd69b4aa7987c91434b795c9171ef4bc1b7c62fcc71ff52bdfe01578b659cec02980b572b245720df50d0cf00ee6109a86abe91bdc4450d382d8d2ae619284b63ef9dbd3109a91fa46cc18a96e72e0d87bfc5668734a78578b945949916c88762e0c4ba174d6c18fa96c05eab1b93bb809e403cc28ca3bce7c6d9f9fd8728d26ee7d28bd93a6ae116df704b08b3a8c4df4dd8f97359fb6e6c988629cc0f27a46e8fe338ba2f389f4dcae053de9c7c8d0247ec9bd5feae229de1f1f44c67cebc85327bddffa583612d36ef2eeea5ee439ded6f6271768cf1d6d1396545520301a05367fa4f2d86c08cb1c83b74234e70aa288613d4750725be04bed5c5b32c322d19b227ab076e1f14351d93631c498acf1f1d56b9cef2304b656d1a085fa025cd176024be1b26a1b8ce125b965fe2823a58e17be2148d4765973eac65179ba840db7ca9ba51b782ffdfca2d7fbc803cbe460af9f354c589bc7cef6db644a21a040def0b209f76c5056a245bb204af1aa43e68d4c4f8b3d2f6097cfe4707f52ad7c0265f66d206a01656fdb060e68649d15d0b07462c82df1afcb34935515f3aaf2015b9e86216b70d04163eff31abdd109088791830352f9100b5c46a56f44e60202eba03972923b84189264c948193d2de3d42c433ef94b1a93225aeedffbba0b24af588b2613c76f26d889d2ca914967806d725636eaa2780180ebee3c3a68d2032a36433effabdff1f3bc37038fea60d9f28460febc037339aa490cbccd07727586b2b15cd2aa5c504d80b84707a9f58086099f31e687c2fd400ebb28a974c549cae89fd8c45437cd9594962226043fff12049fc659d511fbe85de8838de034980a2927ff618d535c980dfa59063d1ca2dab7d1fe224c306b1afb14ee0a1b2bf9594092c299333d6d87decb8119d859651d423bbef4edda381e3c98931ea396f0a3c10ef3c373bdc875a30536ee6ea6486acfe8fe78f604298af55c7c90ecde54aafc674593fb6616f60dffe1274dca05cf146a75410fa824b76ad6566e07bb56a167d2f25067431f44ae947a2def989bbce4f8420cdc50d1c3997c4c117a479a0c0f65df2bc7517e3e69b3b60d5fe79cc089202668decafe35ba3923cbe2111eb9ecdc97119071652794a7f1f5abde689d9d1b817a3fbef2a5a2a1e9610ddf742478e10b39b1a445b48242a3334bfd278711381233a5a02429f1c65944f8a0617ac37b81b89c26eb311921802f7ed20904a7194a0317e324fc1d08fcb5d8b31feebb6a3c19af2e552580fa3d12b0a942b87a896639f3a72834d8588606278f2301c35db3edf1e97d0f1a059c5e03034690d90d678f8a42b4a4daed27d62e4d96fb73c7554ecf9949e5ab3f4e26d4d36ca0fa88a575f49236fa678d528fa4502ffc3d34d576a77f842ac6d23bf483d86cca0330ffe3003277b29ac487241ff0f439420663b2dc1db3c1b6b3391e1a82cf2c8f13b8d83cd3adc4e4d8f79d0f61d33cf9fcb261ecf75c63fe025360f9c6e64afd2ad5e22b2493bf1574a2ac01d08dc128c32e48e965967c776d3232c98d4ce77aafccadb2b22430a3bf7d0c054f275dcb4f38bd139694e160f45643a5d292e6dbc138842bd5d1343ed6ef88a2f458bcb504ebf5606830a5b5640fa6aa583a298dec50c4dbac6e63e1a9a3b2d7fa742a57534dbb70c03cbdcafa7e8b4527a228a189b689ffecd2daf79d927d929b0e6fb7d86ef4e3e7dac19e33f464f3d1274dcd71e9a17f3ab344fa9a4a6952cd2dac32bc21d9b2611a14c6e8a72ae80a6d7137fb28c251e09dc0c35af1de8a747c2ed9f7f373a1c8a81ab8d0b3f6cb685ac422407f5ab606a8a81e334426fc6e2dcc93d5a7b33f52c9bac4c50044671530e7a66e3ec20a10afc73955705a1c4f684d1def7a3d264a68425490a292459d8c72ba6bd00b99bb2930f8c37eac7a63995c4c5ada93fe31f18de35accddf3a20fb17df1b7168712cb4e1a83c03955c38c7fc372d3c8f591fd66dc30cb9a660b91f5d7377e2bb3530dd3469ec51c861f7db20a982601682161f1a684dcefafff8186636987f25b95ea2e84243f772ba7a166a3224153b0ea1eebfc77cd104f9c9fb58802dc85d807e4f7ca9be8cc1813bfe3b80a8a99cfd45f343f38acfa139485a73599f61481db95f36c4ceeceba0b0b31cfebe81aabceefb7c65fb8f4e2d104553b41877eb6556c8208dfa7e1436264cd8b778f4ef3ffec53e86c5a18fa680f2754394a9b46754c31481654a49597126d1c7be5e5418e3b759a7549f433891a6b7e1dd37a709efd0207dbb5c18339d7ce791e1dad294d7de0e332e1992f4a8f297005331666abf5d566dbf7dc3ec7de09ad3053a40de475ca506de4b9ff3b0d89a99955feec895112db7fddcd6bf4cdbab9058068904acf844178d18eaad306f861d646d9b48d5204b02490e23ed65d4dd69b269a89f0764b22da68e44abe8d7d28dca66d29821f5dc2eb006f05a75855b974f73ced09ad9a5cda419324523c4cd008ce66453e3840dee2ea84f488bfddfb835467d5be9860eeebd734f55d34adbb8675e8077da9e75558dd4b90f041bc2daa366a6691170bb6fc439ab26ab0313f75180e88a744e6ed32d6ace6271442e47513fdfd6189131aef413dae02094a68453e37c5de4fffd08b53d468afb7f4637291754318b9b5d2bad1802adefdf90ff878d3b3d1f59b132858de075c1623fe18b872683066ba9b66205ff16faf8578ecf25db5bcacaf1fc1c8010867892b7924d67b4954cca5a27d11226af766872689111924ba7ac748c0254cf2443053523c6a450aa51a365f7d0184844d88da3f8eb1aead543e91cfe214bda7d63d50effba49cfe26e8fb8d8e86667b969d2f8d389fab8ffbdcf33922f7c7b2a20447e5f70a3788a72fdec5bbd19a83760e22468276b0fcbfec1c842d6303db97c3d8cffcd925d32569a65f22692ce730a6c9bf09300e714a88e2a69ec85bae724e683bc90ee8e3e8db831e9a2cea406cce4adbda8a94d89254f65f09befc49ba34d8355160e905b596155f888036a56d05f235eaf047cab09bc1947a9c15e28eac89709f476bd3a025de086d41524717836a5d49b3ffe7b562aed1f00bb5f604ddcc005ed133ecf132462468b5fb8a23d307484c9f461a4657d380573f955b41c6e0a543373a66a19a5ef92a595597826ea0588652d1f0007b811156593f4b6357350b9232bf93221e8fffb39b13f9b55fe7e945fa91254f39c47a6a5bf25a485157350da030f55f801d6c0ab1a19ab89b661e2bd0bfc4dbacdf02559d1070e1c4e4be6d1dffa0730a0ef7ec12adc26915ebb4766a03a7f2832b925f926ed44086603eb7461e171ee4e5bce731edadeabe1e700a3054261b29b965091e21720049cacd30415f5370f242e1373db35a7d67ef5eab3a6767ae9cec6e3cd31127e629329d6c5457d9e2bb51bdd8144f7f92c0ebfe89adcf1217871310df1928795c5967e07046b06071c87c9e132dbab8ff4e46113e9597123cf002d2783d1dab42173779dac1e25fd3fc298d52d86973593ad6d81d17ea0b5c3dad87520861b1aea66db911f8bb0157bb17e832b54baffbe8cf22fdf0e87b3fd23e50c7b5a47b82e0d90bc0c143e6f1f5db418c8cc6e9c1cf77e14626c4ea7027c8de9157a3e6cb0beea28870db64df110b5d03da225ef9bb0372701bca54df04d9f10ba9ba8300ba04e65912692990ed10b918c50e05716f1399dd62d619f4121d07b3afe490b232a4157b42b8fb55f9ee7537a3a29880238f4c43e13e1f3f8d7770443a194b1d5637ec38d00d8dd155fc0fd768bb41cdb0e83ccd7bc6a262c461f08634c3c1cdfbfcb40c7190b8ee9ba6ad3dca5a9448a635426a051f43b46728855c0f7675ecd7849872289b4ca9514f8a53aee28bb0344d216a228c92fa9491a42967bbf81fe2ab751f89ea8b313a461ac8a55078351903b66c10e07064068c07f3e7ab4f8cc7e92df331ddd9ae86f6a605c340c84f892925aa06db8a3dc576338121e807b0a175bb18818d6684ce20f337e6ef26546c6474f55961dce0612361b7432686b52fc796a52fafed736e048d8d1fa26fe3e7a449e1eb38b86254687b150a205657c9a520390d583599127e28b8554a9c2b1850cfe63a0793a735fc44134714835c65e2fd6a4282b1294e846382f2fd8360090aad563b78ff10fce75ba1453dfbc82eeea083eb93e5864781492273e2ae7fec6c07e56098abe1a800afcb5f3c5ade13736684ca599036f7495fc3106af4dcdb362fd2d98f49e995c08c5e64d5c9b4e3d2b976c1fb6f4d4c5269b978e74eb80ae03422ef9b0212444a2534f01eacd29df974fd1d715139e0a49f35ad9fab9dd2d928c38a4419cab0596ee3236f82e0860304e78d65ae876752c80ceb954142867992d2038de9a3315673fc99989dccc125756cb05bb997f749551602f2216e8451c5878dabefbfb1becb43329a2550bcf3640a24d229ae3e96f508dbf4e125ceaaec47fef7c85c62f010805c3b15a819bbd940c19fe7a5b292ff1f35a50d3f60d75218359761b6033f900d3c76fd3d65f064c0bf6408ed21b60021af4bae6bdbc7cc02590487f8a44e34f8060494e02401e7499d5ceda5d01d38536df7bd7e6e5fb747c2e9981dad678d9add5b884a14c76f00df66609ee5a497f519a6a37a9d209f343d635d34af3dd99e7c3ab549b4bfeca6b3a88a9db9f188ef8f85675207df647a1c6125b9616600afab228c83226a4b515ed7ee6b193bac1dc6ae20b72ea86d26741f6043180b7c30c7e3b423eefb991bbd8ebe23ea4c1e184c11ceb7cf7892864d21bfbf24ff3c3dc2527ee958b244f764665975b658c48f83faeaae7ae29d6ae6af0fef24721717f1e3a5829b8ac26dd5657c977d5628f770828f810c8db033a29d7f48c914494345bc5b3c06f67c82c8230acfba91ccafb0ac59e4e1afd14ff878c75d559ccc0b4206a27710fc01d95a8f9e9a76cd068943a22fad31f4e72151310323a115308068f15322606bcafac97313e6a210e97f9760bc9155c21eab78df775d864146dd32146ed1693da48ac723eaa4b5f95f4d802abaa1b5bba44d3e5f8a329e69bde72cea637ac66e632ed3ac971c02c129101aa0ff67b9513c25e0a8c0842ba69911f290630489e71f2f22e36dac9682c5f518159cbf04221e89b7bfa1036e0f810f36f8e46bb04475aff79e5aa063c334eadc6df051c28076cf3b7d300ace253ce7ff05db70b27eca2ad094377741ed7e03ac32252bfc2d5cc5fbbe09aeedf052c1900d4e51a682fa608e5b3577921f2b4c36672be08dcb7d0a2eb7e3bb8e86d4fe4ad5fd16d745baf621222605f34aa5a7ff232c7122fd4400d123ec018b874e63c5584b48680a34a9c139d6b6b6a13466267630b3fab284ff912a2a1626321e26f6959e2282b982de1081cc98148662f628e07f4a993540fe8f4f1b8ff3eaf26551140adea39c0542a92c045a4fd6bc2bdeea68d1da7eb526186bca4484905c076ca2ea142f29"}, 0x1004) syz_80211_inject_frame(&(0x7f0000000080), &(0x7f00000000c0)=@ctrl_frame=@cf_end_cf_ack={{}, {0x1c0b}}, 0x10) sched_yield() syz_open_dev$dri(&(0x7f0000000040), 0x61ee, 0x200000) 21:16:31 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getcwd(&(0x7f0000000040)=""/149, 0x95) syz_80211_inject_frame(0x0, 0x0, 0x0) ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37) r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000140)=0xa7f) 21:16:31 executing program 0: socketpair(0x1e, 0x4, 0x3, &(0x7f0000000000)) 21:16:31 executing program 2: prctl$PR_SET_SECCOMP(0x17, 0xffffffffffffffff, 0x0) 21:16:31 executing program 5: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x541b, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:31 executing program 0: socketpair(0x1e, 0x4, 0x4, &(0x7f0000000000)) 21:16:31 executing program 2: prctl$PR_SET_SECCOMP(0x18, 0xffffffffffffffff, 0x0) 21:16:31 executing program 5: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5421, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3104.088607][T24710] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3104.122590][T24705] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:31 executing program 0: socketpair(0x1e, 0x4, 0x10, &(0x7f0000000000)) 21:16:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5450, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:31 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() process_vm_readv(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000000080)=""/141, 0x8d}, {&(0x7f0000000140)=""/28, 0x1c}, {&(0x7f0000000180)=""/31, 0x1f}, {&(0x7f00000001c0)=""/205, 0xcd}, {&(0x7f00000002c0)=""/127, 0x7f}, {&(0x7f00000015c0)=""/221, 0xdd}], 0x7, &(0x7f00000014c0)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1, 0x0) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000001500)={0xc, 0x7, 0x2, {0x3, '#\'/'}}, 0xc) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:31 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getcwd(&(0x7f0000000040)=""/149, 0x95) syz_80211_inject_frame(0x0, 0x0, 0x0) ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37) syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) 21:16:31 executing program 2: prctl$PR_SET_SECCOMP(0x1b, 0xffffffffffffffff, 0x0) 21:16:31 executing program 5: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:31 executing program 0: socketpair(0x1e, 0x4, 0xf0, &(0x7f0000000000)) 21:16:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5451, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:31 executing program 2: prctl$PR_SET_SECCOMP(0x1c, 0xffffffffffffffff, 0x0) 21:16:31 executing program 0: socketpair(0x1e, 0x4, 0x300, &(0x7f0000000000)) 21:16:31 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, 0x0) [ 3104.580121][T24749] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:31 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000080)=@mgmt_frame=@beacon={@with_ht={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1}, {0x3f6}, @device_b, @device_a, @from_mac=@broadcast, {0xb, 0x9}}, @ver_80211n={0x0, 0x800, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}}, 0x8000, @default, 0x8208, @void, @void, @void, @void, @val={0x6, 0x2, 0x4}, @val={0x5, 0x45, {0x2, 0xe3, 0x8, "0cc83da5787e992b526c546e10f367283440d64dd4cafc029fcde770a0cdc72667733ec9b3e4807d24cd1648bca06bea6f140c233e0831bb74fac3b2de2bfaf81912"}}, @val={0x25, 0x3, {0x0, 0xb7, 0x81}}, @val={0x2a, 0x1, {0x0, 0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0xee, 0x3c, 0x5}}, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x1, 0x0, 0x3f, 0x7f}}, [{0xdd, 0x1a, "35dda95338f60e0ec9b0d0a3f557aa66d86ffba85aaa750fcc34"}, {0xdd, 0xef, "d17acc337db713bff54c1be14e614001288163040557886a7cf22ca4d06651c58b4a2b9e7dddd36cda8891c8293c7b8d8b9ce0be7a307419ac5d398e54c92b4607347f904a640648a3e67e9b4ce5077bc1a40aa9c442799e73940689054ab6f9592ce44cc89bb4534a67c9ae467100a87ec743339b0d18b808ae0db576c812b11266e8353616c4d180ddbd1563caf4900fd55cfd09ecbeead937df306b2100d4b515bff4c50dd8d68b9243ca9dfa496f0d94e1463ad4c6ddf189e303bbd4a04b001851433550b148028cb0dee3a3158a20d1f91c3e99f4e1918ac7a24ca3c122d6de492848ecd8770253d0351bddbe"}, {0xdd, 0xcc, "ebb00d2c2d11563cf56f1fc4f8393e71ff20bb63f6b46349496d915270bae219fc1a4dd62de21be3ecd032d1f413c40af2eb319f6cdb80d4eb60284860c7762cf05cafc955dfce7113366ff03760f9a5022d79e48828986a438e68aba04484de7cc012ea2f062d1d09ff4e82907eb10ec7a5a3a8ea6c8041675602851c0a03d483bc2bebd095e5ef649407d7b89cb71955711d2d6a122c3db78e77b29a9e7069da9685dd864429a5f9ef222b0799098d6f875075412cfacd9f0864abf84ea88011c29492f44876585a6a3111"}, {0xdd, 0xe5, "f1145e6b07ea0f9a92f5cd73cfe0c38a084a0db7301464272e87a8f7f5fec5ceb210a156991725541f0bd473f707ba56895bb1d75bdcb80337e6ca5961cef6a56224a28d7cfe75c58c9878907afb3e59404af5dd0c6672d0a2e0013806b5afa3e1ffd908cbf4d89c543f7dd646d6feb5c26a937e2e5ebc159632c0055f3e2368f662ce0603014beedd3ac40612e68f0b607d7129223f329ea7367735ea8571bf5012f97825a9255348ff57618e84b8001412cdfd2c13675eace538bd544aa8542e730199fe57aa1e76b78dd08264443897d8d0a29247167066cb0b57a3f9a2d2f0f924fa8b"}, {0xdd, 0xb2, "a74146d42aa7c83e133733cac914b4c10056a5531aa5527a8dccda5d49e63faf4007a1db32b9b8da6625b06c83c0f2bea7476b968681f22a723d80247b029541e444ea73eb860d9a2aaf198d1483f05d344f76f673cbbdcf157e20beb032684b470184c5a3d1db8b86a95e77545af0ffa990534c30c6fc57ab8380468f5569ff8180c3a44e91d5819cfd3e72fdac856263f78b209869addcffebb28056a56010e6cb4d9dc4b6d92653a76ffa33155788e34d"}, {0xdd, 0x9d, "4c25000a8038d520d7a27be715c8caa5a4688abb6b5fd0a608c5093f19312956a248c3f200446d6907943c4a0c0e801d1cc1d5458b23caeedd261c32ac277e08e25ee93ac551b42abbe081b3f534b7f8e87d814fb10b0f2a91524734a78fc865a959d606b9dadcb53594f52857592a7024a827fd49f7c52ddecb2e14d40e7894ce71d230d843ded696ec307536bf1e3124f15b0409c25daabf2b3b3bd3"}]}, 0x4a6) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) 21:16:31 executing program 0: socketpair(0x1e, 0x4, 0x1f00, &(0x7f0000000000)) 21:16:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5452, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3104.629057][T24748] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:31 executing program 2: prctl$PR_SET_SECCOMP(0x2f, 0xffffffffffffffff, 0x0) 21:16:32 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getcwd(&(0x7f0000000040)=""/149, 0x95) syz_80211_inject_frame(0x0, 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) 21:16:32 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, 0x0) 21:16:32 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:16:32 executing program 0: socketpair(0x1e, 0x4, 0x2000, &(0x7f0000000000)) 21:16:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5460, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:32 executing program 0: socketpair(0x1e, 0x4, 0x3f00, &(0x7f0000000000)) 21:16:32 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, 0x0) [ 3105.039872][T24791] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:32 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) 21:16:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x6364, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3105.102704][T24782] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:32 executing program 0: socketpair(0x1e, 0x4, 0x4000, &(0x7f0000000000)) 21:16:32 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x0, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:32 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getcwd(&(0x7f0000000040)=""/149, 0x95) syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) 21:16:32 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1000, 0x103001) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0, 0x17}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r0, 0xc00864c0, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r0, 0xc00864c0, &(0x7f0000000180)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_RESET(r1, 0xc01064c4, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0, r2, r3, 0x0], 0x4}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r0, 0xc02064c3, &(0x7f0000000100)={&(0x7f00000000c0)=[r4, r5], 0x0, 0x2, 0x2}) 21:16:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8913, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:32 executing program 0: socketpair(0x1e, 0x4, 0xf000, &(0x7f0000000000)) 21:16:32 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x0, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:32 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, 0x0, 0x0) sched_yield() 21:16:32 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x0, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:32 executing program 0: socketpair(0x1e, 0x4, 0x200000, &(0x7f0000000000)) 21:16:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8914, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3105.534551][T24837] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:32 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) connect$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, 0x0, 0x2, {0x1, 0x1, 0x2}, 0xfe}, 0x18) 21:16:32 executing program 0: socketpair(0x1e, 0x4, 0xf0ffff, &(0x7f0000000000)) 21:16:32 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:33 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) 21:16:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8933, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:33 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x7fff, 0x0, 0xa9}, {0x0, 0x8, 0x7, 0x3}, {0xf2, 0x3c, 0xb, 0xe17}, {0x7f, 0x80, 0x52, 0x9}, {0x101, 0x9, 0x40, 0xffff}, {0x4, 0x1, 0x7, 0x21e}]}) socket$inet_sctp(0x2, 0x5, 0x84) 21:16:33 executing program 0: socketpair(0x1e, 0x4, 0x1000000, &(0x7f0000000000)) 21:16:33 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:33 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x6) 21:16:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:33 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) [ 3105.994147][T24887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:33 executing program 0: socketpair(0x1e, 0x4, 0x3000000, &(0x7f0000000000)) 21:16:33 executing program 2: ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(0xffffffffffffffff, 0xc0045540, &(0x7f0000000000)=0x1) prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x6d, 0x80}, 0x7) 21:16:33 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:33 executing program 0: socketpair(0x1e, 0x4, 0x4000000, &(0x7f0000000000)) 21:16:33 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) 21:16:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae02, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:33 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = fork() sched_getscheduler(r0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x6, 0x8, 0x81, 0x200}, {0x7, 0xfd, 0x7, 0x1ff}, {0x3251, 0x27, 0xfe, 0xa3b37a7f}, {0x80, 0x81, 0x6, 0x5}, {0x200, 0x4, 0x9, 0xcf}]}) 21:16:33 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:33 executing program 0: socketpair(0x1e, 0x4, 0x10000000, &(0x7f0000000000)) 21:16:33 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:33 executing program 0: socketpair(0x1e, 0x4, 0x1f000000, &(0x7f0000000000)) 21:16:33 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x10001, 0x40) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f00000000c0)=0x6) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045542, &(0x7f0000000080)=0x100) [ 3106.428100][T24932] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:33 executing program 5: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getcwd(&(0x7f0000000040)=""/149, 0x95) syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) 21:16:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:33 executing program 0: socketpair(0x1e, 0x4, 0x3f000000, &(0x7f0000000000)) [ 3106.544025][T24948] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:34 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x301080) 21:16:34 executing program 2: r0 = socket(0xf, 0x6, 0x5) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00'}) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x250001, 0x0) ioctl$FBIOPUTCMAP(r1, 0x4605, &(0x7f00000001c0)={0x1, 0x0, &(0x7f00000000c0), &(0x7f0000000100)=[0x1, 0x4, 0xae3e, 0x9, 0xffe0, 0x6, 0x81, 0x1, 0x3, 0x5], &(0x7f0000000140)=[0xce, 0x4c7b], &(0x7f0000000180)=[0x16, 0x2, 0x401]}) openat$fb1(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0xb344, 0x9, 0x0, 0x80}, {0xfff, 0x6, 0xc1, 0x3}, {0x2, 0x9, 0x20, 0x9}, {0x2, 0x4, 0x29, 0x8}, {0x3, 0xc1, 0x1, 0x3}, {0x1, 0xfb, 0x8}, {0x2, 0x2, 0x6, 0x8}]}) 21:16:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae05, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:34 executing program 0: socketpair(0x1e, 0x4, 0x40000000, &(0x7f0000000000)) 21:16:34 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$KDDISABIO(r0, 0x4b37) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000040)={0x8, 0x8, 0x200, 0x7, 0x15, "1c1d25bf8d5d8e318656fbafadd2e6d86002cb"}) 21:16:34 executing program 0: socketpair(0x1e, 0x4, 0xfeffffff, &(0x7f0000000000)) 21:16:34 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREAD(r0, &(0x7f0000000140)={0x2f, 0x75, 0x1, {0x24, "4faa643550915a704627fc3f7450c0afd6545c3391912111d7539f0a8756b43701315b08"}}, 0x2f) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000000)={0xb7, 0x75, 0x2, {0xac, "b27627b47e308e3896e0ce123d08c02eec11c0a626836ec526cd72d349e87c14be32b34ebb87ca0280f15b4f74cb7fafc3c52cf75420f6686dc96b3cafa9d1ae43107d02cae6e1fe7fbef12dc5a2da4dfc8b8a7177a4f6f2254df2fde12f17abcfa0b5eed8bf2586aa67cd60166e67cd18e5c249057c71fb041027e3f852e26f87be5943eb260e8dacaa82e8e30c751a365190a91f3a6835255271c50ef419c75b8081502336ceb5851f53ce"}}, 0xb7) accept$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @empty}, &(0x7f0000000100)=0x10) 21:16:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae06, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:34 executing program 4: syz_open_dev$sndctrl(0x0, 0xffffffffffffffff, 0x301080) 21:16:34 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x0, 0x1, 0x4, '\x00', '\x00', '\x00', 0x0, 0x708bdd95, 0x8, 0x1, "845c86128cb76dcaa832e316dd442374"}) 21:16:34 executing program 0: socketpair(0x1e, 0x4, 0xfffff000, &(0x7f0000000000)) 21:16:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5460, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:34 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x952, 0x0, 0x1f, 0x34}, {0x3, 0xf7, 0x6, 0x27c}, {0x81, 0x1, 0xaa, 0x7}, {0x0, 0xe9, 0x9, 0x7fff}, {0x7f, 0xa9, 0x0, 0x6}, {0x9, 0x80, 0xf9, 0x3}]}) 21:16:34 executing program 4: syz_open_dev$sndctrl(0x0, 0xffffffffffffffff, 0x301080) 21:16:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:34 executing program 0: socketpair(0x1e, 0x4, 0xfffffffe, &(0x7f0000000000)) 21:16:34 executing program 2: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, &(0x7f0000000040)={0x556, 0x320, 0x780, 0x320, 0xff, 0x3f, 0x8, 0x0, {0x3, 0x200, 0x1}, {0xfffffffb, 0x0, 0x1}, {0xfffffc01, 0x4, 0x1}, {0x1ff, 0x7}, 0x3, 0x10, 0x100, 0x0, 0x1, 0x3b39f3d2, 0x40, 0x9, 0x9, 0x0, 0x9522, 0x5, 0x4, 0x4, 0x3, 0x3}) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) 21:16:34 executing program 4: syz_open_dev$sndctrl(0x0, 0xffffffffffffffff, 0x301080) 21:16:34 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x23c001, 0x0) 21:16:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5452, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae08, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:34 executing program 0: socketpair(0x1e, 0x4, 0xffffffff, &(0x7f0000000000)) 21:16:34 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x4) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:34 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x301080) 21:16:34 executing program 5 (fault-call:1 fault-nth:0): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae0b, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:34 executing program 2: ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x1) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:34 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x301080) 21:16:34 executing program 0: getcwd(&(0x7f0000000140)=""/209, 0xd1) socketpair(0x3, 0x4, 0x0, &(0x7f0000000000)) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000040)=@target={'target ', {'PCI:', '1', ':', '1', ':', 'f', '.', 'd'}}, 0x13) getcwd(&(0x7f0000000080)=""/153, 0x99) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TCSETSW(r0, 0x5451, 0x0) ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f00000002c0)) r1 = syz_open_dev$sndctrl(&(0x7f0000000240), 0x8, 0x244100) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000000280)={0x3, 0x28, [0x1, 0x1, 0x7, 0x9, 0x9, 0x8, 0x1, 0x5, 0x6, 0x4]}) 21:16:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae10, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3107.435440][T25044] FAULT_INJECTION: forcing a failure. [ 3107.435440][T25044] name failslab, interval 1, probability 0, space 0, times 0 [ 3107.506015][T25044] CPU: 0 PID: 25044 Comm: syz-executor.5 Tainted: G W 5.13.0-syzkaller #0 [ 3107.515996][T25044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3107.526059][T25044] Call Trace: [ 3107.529345][T25044] dump_stack_lvl+0xcd/0x134 [ 3107.533970][T25044] should_fail.cold+0x5/0xa [ 3107.538518][T25044] ? tomoyo_realpath_from_path+0xc3/0x620 [ 3107.544257][T25044] should_failslab+0x5/0x10 [ 3107.548781][T25044] __kmalloc+0x72/0x330 [ 3107.552952][T25044] tomoyo_realpath_from_path+0xc3/0x620 [ 3107.558506][T25044] ? tomoyo_profile+0x42/0x50 [ 3107.563200][T25044] tomoyo_path_number_perm+0x1d5/0x590 [ 3107.568676][T25044] ? tomoyo_path_number_perm+0x18d/0x590 [ 3107.574326][T25044] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 3107.580386][T25044] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3107.586646][T25044] ? lock_acquire+0x442/0x510 [ 3107.591336][T25044] ? lock_release+0x522/0x720 [ 3107.596033][T25044] ? lock_downgrade+0x6e0/0x6e0 [ 3107.600908][T25044] ? lock_acquire+0x442/0x510 [ 3107.605601][T25044] ? lock_release+0x522/0x720 [ 3107.610282][T25044] ? __context_tracking_exit+0xb8/0xe0 [ 3107.615760][T25044] ? __fget_files+0x288/0x3d0 [ 3107.620459][T25044] security_file_ioctl+0x50/0xb0 [ 3107.625476][T25044] __x64_sys_ioctl+0xb3/0x200 [ 3107.630172][T25044] do_syscall_64+0x35/0xb0 [ 3107.634596][T25044] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3107.640510][T25044] RIP: 0033:0x4665d9 [ 3107.644538][T25044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3107.664241][T25044] RSP: 002b:00007f4cbdba6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3107.672666][T25044] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 3107.680645][T25044] RDX: 0000000020000100 RSI: 00000000c1205531 RDI: 0000000000000003 [ 3107.688620][T25044] RBP: 00007f4cbdba61d0 R08: 0000000000000000 R09: 0000000000000000 [ 3107.696591][T25044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3107.704559][T25044] R13: 0000000000a9fb1f R14: 00007f4cbdba6300 R15: 0000000000022000 21:16:35 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLERRORu(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0d00000007050000002c3daaf5400992390f79b7087a4d000000"], 0xd) syz_80211_inject_frame(0x0, 0x0, 0x0) write$P9_RFLUSH(r0, &(0x7f0000000140)={0x7, 0x6d, 0x2}, 0x7) write$P9_RWSTAT(r0, &(0x7f0000000100)={0x7, 0x7f, 0x1}, 0x7) 21:16:35 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$KDMKTONE(r2, 0x4b30, 0x2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19) syz_open_pts(r1, 0x101000) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000040)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_RESET(0xffffffffffffffff, 0xc01064c4, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0, r3, r4, 0x0, 0x0], 0x5}) 21:16:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae83, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:35 executing program 0: write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)={0xb, 0x7, 0x1, {0x2, '\xc3#'}}, 0xb) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0xc4000) write$P9_RREMOVE(r0, &(0x7f00000000c0)={0x7, 0x7b, 0x2}, 0x7) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RGETLOCK(r1, &(0x7f0000000140)={0x23, 0x37, 0x1, {0x0, 0x7, 0x2, 0xffffffffffffffff, 0x5, '@.(#)'}}, 0x23) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:35 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x301080) [ 3107.757970][T25044] ERROR: Out of memory at tomoyo_realpath_from_path. 21:16:35 executing program 5 (fault-call:1 fault-nth:1): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae87, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3107.866475][T25086] FAULT_INJECTION: forcing a failure. [ 3107.866475][T25086] name failslab, interval 1, probability 0, space 0, times 0 [ 3107.882017][T25086] CPU: 0 PID: 25086 Comm: syz-executor.5 Tainted: G W 5.13.0-syzkaller #0 [ 3107.891936][T25086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3107.902176][T25086] Call Trace: [ 3107.905515][T25086] dump_stack_lvl+0xcd/0x134 [ 3107.910139][T25086] should_fail.cold+0x5/0xa [ 3107.914662][T25086] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 3107.920048][T25086] should_failslab+0x5/0x10 [ 3107.924563][T25086] __kmalloc+0x72/0x330 [ 3107.928732][T25086] tomoyo_encode2.part.0+0xe9/0x3a0 [ 3107.933956][T25086] tomoyo_encode+0x28/0x50 [ 3107.938386][T25086] tomoyo_realpath_from_path+0x186/0x620 [ 3107.944047][T25086] tomoyo_path_number_perm+0x1d5/0x590 [ 3107.949530][T25086] ? tomoyo_path_number_perm+0x18d/0x590 [ 3107.955184][T25086] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 3107.961008][T25086] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3107.967375][T25086] ? lock_acquire+0x442/0x510 [ 3107.972067][T25086] ? lock_release+0x522/0x720 [ 3107.976757][T25086] ? lock_downgrade+0x6e0/0x6e0 [ 3107.981615][T25086] ? lock_acquire+0x442/0x510 [ 3107.986300][T25086] ? lock_release+0x522/0x720 [ 3107.990986][T25086] ? __context_tracking_exit+0xb8/0xe0 [ 3107.996464][T25086] ? __fget_files+0x288/0x3d0 [ 3108.001151][T25086] security_file_ioctl+0x50/0xb0 [ 3108.006108][T25086] __x64_sys_ioctl+0xb3/0x200 [ 3108.010799][T25086] do_syscall_64+0x35/0xb0 [ 3108.015226][T25086] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3108.021138][T25086] RIP: 0033:0x4665d9 [ 3108.025029][T25086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3108.044645][T25086] RSP: 002b:00007f4cbdba6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3108.053074][T25086] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 21:16:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae88, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:35 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x0) 21:16:35 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) [ 3108.061060][T25086] RDX: 0000000020000100 RSI: 00000000c1205531 RDI: 0000000000000003 [ 3108.069128][T25086] RBP: 00007f4cbdba61d0 R08: 0000000000000000 R09: 0000000000000000 [ 3108.077107][T25086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3108.085087][T25086] R13: 0000000000a9fb1f R14: 00007f4cbdba6300 R15: 0000000000022000 21:16:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae89, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:35 executing program 0: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWSTAT(r0, &(0x7f0000000080)={0x7, 0x7f, 0x2}, 0x7) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) [ 3108.143543][T25086] ERROR: Out of memory at tomoyo_realpath_from_path. 21:16:35 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000080)={0x0, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, @ethernet={0x306, @local}, @ethernet={0x300}, 0x6, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)='bridge0\x00', 0x0, 0x4, 0x1ff}) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:35 executing program 5 (fault-call:1 fault-nth:2): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:35 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x0) 21:16:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae8b, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:35 executing program 2: ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:35 executing program 0: socketpair(0x11, 0x3, 0x0, &(0x7f0000000000)) setsockopt$SO_J1939_SEND_PRIO(0xffffffffffffffff, 0x6b, 0x3, &(0x7f0000000040)=0x4, 0x4) [ 3108.362245][T25125] FAULT_INJECTION: forcing a failure. [ 3108.362245][T25125] name fail_usercopy, interval 1, probability 0, space 0, times 0 21:16:35 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f0000000080)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r0, 0xc01064c1, &(0x7f0000000040)={0x0, 0x1}) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) [ 3108.412964][T25125] CPU: 0 PID: 25125 Comm: syz-executor.5 Tainted: G W 5.13.0-syzkaller #0 [ 3108.422913][T25125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3108.433070][T25125] Call Trace: [ 3108.436363][T25125] dump_stack_lvl+0xcd/0x134 [ 3108.441071][T25125] should_fail.cold+0x5/0xa [ 3108.445594][T25125] _copy_to_user+0x2c/0x150 [ 3108.450111][T25125] simple_read_from_buffer+0xcc/0x160 [ 3108.455687][T25125] proc_fail_nth_read+0x187/0x220 21:16:35 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000100), 0xffffffffffffffff, 0x0) 21:16:35 executing program 2: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RREAD(r0, &(0x7f0000000040)={0xb9, 0x75, 0x2, {0xae, "df7ab0f95840d209e5177c69cf4a965b9c24095e8819c302bb8c39806b9489d4d8477ea3e1f77081dedf1b16a2dc027cb24ff6d79e71c342240865839453b9354ad5dfee27cdd01fa20d595bd0e183c650564fb73269957b5e3bc6eadb25a5a8c161f0156a6cc70f9128011e1b62de48db844642490ba44094d754684a8bc4c5cce9f37d1eb4bae1a9fff97679760f79897839ecb13b87b1c52e8a02a8fee6666f22c3e3455e0f94298aed4af080"}}, 0xb9) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) [ 3108.460738][T25125] ? proc_fault_inject_read+0x220/0x220 [ 3108.466319][T25125] ? security_file_permission+0x248/0x560 [ 3108.472062][T25125] ? proc_fault_inject_read+0x220/0x220 [ 3108.477641][T25125] vfs_read+0x1b5/0x570 [ 3108.481825][T25125] ksys_read+0x12d/0x250 [ 3108.486087][T25125] ? vfs_write+0xa30/0xa30 [ 3108.490523][T25125] ? syscall_enter_from_user_mode+0x21/0x70 [ 3108.496437][T25125] do_syscall_64+0x35/0xb0 [ 3108.500871][T25125] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3108.506793][T25125] RIP: 0033:0x41935c [ 3108.510696][T25125] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 3108.530436][T25125] RSP: 002b:00007f4cbdba6170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 3108.538968][T25125] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c [ 3108.546956][T25125] RDX: 000000000000000f RSI: 00007f4cbdba61e0 RDI: 0000000000000004 [ 3108.555805][T25125] RBP: 00007f4cbdba61d0 R08: 0000000000000000 R09: 0000000000000000 21:16:35 executing program 4: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x23c001, 0x0) 21:16:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae8c, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3108.563784][T25125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3108.571855][T25125] R13: 0000000000a9fb1f R14: 00007f4cbdba6300 R15: 0000000000022000 21:16:35 executing program 2: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, 0x0) ioctl$FBIOBLANK(r0, 0x4611, 0x4) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x101003, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) write$fb(r1, &(0x7f0000000040), 0x0) ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f0000000000)={0x8, 0x2}) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) [ 3108.640093][T25145] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3108.709973][T25140] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:36 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040), &(0x7f0000000400)=ANY=[@ANYBLOB="00880500ffffffffffffffffffffffff0802110000015200800048c14000030000032a823c2d1a0004093d02000000000000030005001f00000001000004000001ddb50a9b4d34bd96d7bad6a4a307e135b6eddad8620c8c258f527b6d1661843a2a754857f7b1b428451337c295df77c98fbf2730165376f10acbc76218cda27d349331869af5f32d08777e5433b0f6c174fdee274ff2caff0362e6a0c48db8d27bb239cd10e732d288e41e7902320c9d85276a27180c34083cf9f9dce2fbd118a4000f3823433ec32ba39a905052f4af074cbc91d48da708d424c1aafef394e2e0a07d0980f10dafc3831ed48cc0188d6d4145092987c9d0972d8255f73e6bc4a59cf1432decdd2151e3e1360de16d9ccf67c81743467b10fe612c82b41166af5f683175f77ff05c73dd8244acaf135f53f0ded809b1aa6d5820a1f8d3796bb7b4f718d03790c0af72842413125b0b9f9c7e7be6da21ca558e08c66fc314d5e3aca44b230f0e8302a32f7dafd43540e6a0d31449e14765fde328499bc1d787075858583071900bd5b4ef3d18d98c33129b86557c9c741180c456eefd6847601d3d6c78f8dffca4cb39d26b0e8bddbf3c62d201d9c99af4d47457bf206673051e422db02e1ae19561d5dfe13c96a89f72dfdbfb43724033c3c1dfc2ca5100cfbf8c2267715117b974c753048a4621368ef74021b5fc8146da340fa79e007a525445f1ec159421a938d28c2368e1504345bb98459a17bdad2b3dfad6eb52e19461df2494e1e22bbceb9e681a0c450dc6f6b99163a4f478192bf0bee2ba086f1e706434a3f589204aab7c53e96e9dbb1affda52b6496ad53758ad4e942106510d87d67f8e7c208fd632b88b023fbaf4ddf2af13fdb5cb14aa19b0fd1b41e6dd320f2820de76c559603a382319d01390e207fc085b8098188bd7041761aefdfa4f37edc307e86fe0194c4da8ac3552fb6a72290ecf99d2486e40b4a1c57869c19749eef7902c44080a36f992ea95afcbfccff756f64152a32a404ca970fcbdd8b6c555cd060e3aa24b90645df75d82866ab580506fe9d06bed25bd15788735498581c23f2518e3210b67ece2235028e5796d5226f5518d1a861ace5d3c0de25f7b68fed608c6ba573e7c90ee86f29f9d25366ccc9cb507ed67a992fdfcece58bcf77aa9e13687896eeb8b1d67092de8846f18880438db6a3a0a2bbbeae133aac5d2dc6acdd07b9198fba2f02bd"], 0x35d) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) sched_yield() 21:16:36 executing program 0: r0 = fork() getpriority(0x0, r0) syz_open_dev$media(&(0x7f00000000c0), 0xffffffffffffffff, 0x202080) rt_sigqueueinfo(r0, 0x2e, &(0x7f0000000040)={0x21, 0x397396df, 0x6}) socketpair(0x1e, 0x4, 0x3ff, &(0x7f0000000000)) 21:16:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae8e, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:36 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 2: arch_prctl$ARCH_GET_CPUID(0x1011) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xff7f, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:36 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x2, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 0: socketpair(0x27, 0x4, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)={0xffffffffffffffff, 0x200}) r1 = syz_open_dev$media(&(0x7f0000000080), 0x4, 0x210200) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f00000000c0)) 21:16:36 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 4: arch_prctl$ARCH_GET_CPUID(0x1011) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:36 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sysinfo(&(0x7f0000000140)=""/194) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_UIE_OFF(r1, 0x7004) ioctl$RTC_UIE_ON(r0, 0x7003) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x12080, 0x0) syz_open_dev$rtc(&(0x7f0000000280), 0x7fffffff, 0x1) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r3, 0x7003) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000100)) ioctl$RTC_UIE_ON(r2, 0x7003) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$RTC_UIE_ON(r4, 0x7003) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r5, 0x7003) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$RTC_PLL_GET(r1, 0x80207011, &(0x7f0000000040)) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400448c9, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400448dd, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:36 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x4606, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOGET_VSCREENINFO(r0, 0x4600, &(0x7f0000000080)) 21:16:36 executing program 1: syz_80211_inject_frame(&(0x7f0000000040), 0x0, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x8, 0x20040) 21:16:36 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 21:16:36 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 0: r0 = socket$inet_sctp(0x2, 0x5, 0x84) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d, 0x1}, 0x7) r2 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r2, &(0x7f0000000180), 0x18) setsockopt$SO_J1939_ERRQUEUE(r2, 0x6b, 0x4, &(0x7f00000000c0), 0x4) accept4$inet(r0, 0x0, 0x0, 0x0) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:36 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x4c01, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400454ca, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:36 executing program 2: ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x81, 0x6, 0x7f, 0x1}]}) 21:16:36 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x541b, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 0: socketpair(0xa, 0x4, 0x0, &(0x7f0000000040)) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPCONNDEL(r0, 0x400443c9, &(0x7f0000000000)={@any, 0x2}) [ 3109.515283][ T37] audit: type=1326 audit(1625346996.745:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=25230 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40049409, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:36 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f0000000040)=""/22) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:36 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x5421, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40086602, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:37 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x5450, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:37 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f00000000c0)) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'}) [ 3110.337435][ T37] audit: type=1326 audit(1625346997.565:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=25230 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:37 executing program 2: setitimer(0x2, &(0x7f0000000000)={{0x77359400}, {0x0, 0x2710}}, &(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:16:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4008ae06, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:37 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:37 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x5451, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:37 executing program 0: socketpair(0x28, 0x5, 0x0, &(0x7f0000000000)) 21:16:37 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() 21:16:37 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40186366, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:37 executing program 0: fork() socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, @tipc=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1}}, @ipx={0x4, 0x9d, 0x1, "632b50b38373", 0x81}, @rc={0x1f, @any, 0x2}, 0xd62, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)='veth0_vlan\x00', 0x8, 0x1000, 0xd}) 21:16:37 executing program 2: r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x3c0, 0x160, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, {0x78b}}) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x14000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, &(0x7f0000000140)={0x578, 0x1000, 0x356, 0x140, 0x8001, 0x800, 0x4, 0x1, {0x101, 0x7fffffff}, {0x1, 0xffffff81, 0x1}, {0x80000001, 0x63, 0x1}, {0x8, 0x2}, 0x1, 0x80, 0x0, 0x9, 0x0, 0x9, 0x100, 0x4, 0xef, 0x983b, 0x5, 0xffffffc0, 0x1, 0x200, 0x1}) r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000200), 0x410880, 0x0) ioctl$FBIOGET_FSCREENINFO(r2, 0x4602, &(0x7f0000000240)) 21:16:37 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x5452, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:37 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:37 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x5456, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x401c5820, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:37 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:37 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x7fffffff, 0x73af27e6979112d2) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000040)={0x0}) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r1, 0xc01064c1, &(0x7f0000000080)={r0}) setsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f00000000c0), 0x4) 21:16:37 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)) read$fb(r1, &(0x7f0000000040)=""/244, 0xf4) 21:16:38 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, &(0x7f0000000080)=@data_frame={@qos_no_ht={{@type00={{0x0, 0x2, 0xa, 0x0, 0x0, 0x0, 0x1}, {0x80}, @device_b, @broadcast, @from_mac=@device_b, {0x6}}, {0x1, 0x1, 0x3, 0x0, 0xff}}, {@type10={{0x0, 0x2, 0x9, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x7f}, @random="f71365a682e3", @broadcast, @initial, {0x8, 0x7}}, {0x9, 0x0, 0x3, 0x1, 0xff}}}, @a_msdu=[{@broadcast, @device_a, 0xa9, "58a087a2dab1219e6e5388b7eb450b1dc37ad570f8599ae875a870b775e2fbcbb1d0dd534fc993efe866468e28e90bcabce39119bdcd7147044f8a626878eb8a7d027f0f205d5be97f1aa2df977ebad4339e5e914ccf49dab1f8a94b47e23a03f753e6331cf27df81e5c224bf2faf9c20d2355ba9a4e13c84ec818ee90f511a2f86252161ffd14c39379112e3c0f6c08b1bc621995246a5183ec450d7d7b36b8c30d2d15aa980dc6ee"}, {@device_b, @device_b, 0x71, "d127a47868a8f5464fbe797eb6babab8df83a0ffd05ea0205ed3efa27fbd09448a0231825ed2e767cd7b277d0608648702eb992281786d04c6cfb0af23b0b42269cc65c8028489c2afaf589b12620d16f19caa43a493032682f76b72967432568c9ab5e405feb56887a33d5a276c17721b"}, {@broadcast, @broadcast, 0x74, "8abd64270766ac2424124be9e60f4f169f7dcdee185dc38fec8496396bf6b1a201f09ffa2b22c98d9574157112458a7ae754f6761989b753c9aef02722cd1629af14b41b18afe28907589fbc1cf5f39cc9550fcf9594d40e3b7ad0ff2117b8014d6a8d0af176f86dc04a5f823fff86a71688e416"}, {@device_a, @broadcast, 0x87, "62450f170b1c6d5c886582e081e67f9b4b208e34830010c209e5207af95cb4d5bb758961ea13ff78e2587e87354d1de1c5281af546f905bea19fa9d6916f2405507ee6ded69e2a4ba915c520fa1f26a3e242725c82abc10ae1e4831f2bd76b623eaceb883d869422224a4407eede606d66c8888f7672cbe1c3965ca3600ca1f97a2c990c636df5"}]}, 0x288) 21:16:38 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x5460, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:38 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:38 executing program 0: ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000040)) ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4020940d, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:38 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f00000000c0)={0x7, &(0x7f0000000000)=[{@fixed}, {@fixed}, {@fixed}, {@fixed}, {@fixed}, {@none}, {@none}]}) 21:16:38 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x6364, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:38 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:38 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000000)) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000040)) 21:16:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086301, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:38 executing program 2: ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f00000000c0)={r0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(0xffffffffffffffff, 0xc01064c5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, r1, 0x0, r0], 0x3ffffffffffffd9c}) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:38 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:38 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) 21:16:38 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x8913, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:38 executing program 0: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$vga_arbiter(r0, &(0x7f0000000080), 0xf) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:38 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x10, 0x0) 21:16:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086601, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:38 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:16:38 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x0, 0xff, 0x2, 0x7ff}, {0x0, 0x1, 0x6, 0x3}, {0x97a, 0x80, 0x0, 0x6}]}) prctl$PR_GET_THP_DISABLE(0x2a) 21:16:38 executing program 4: syz_80211_inject_frame(&(0x7f0000000040)=@device_b, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, &(0x7f0000000080)=@data_frame={@qos_no_ht={{@type00={{0x0, 0x2, 0xa, 0x0, 0x0, 0x0, 0x1}, {0x80}, @device_b, @broadcast, @from_mac=@device_b, {0x6}}, {0x1, 0x1, 0x3, 0x0, 0xff}}, {@type10={{0x0, 0x2, 0x9, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x7f}, @random="f71365a682e3", @broadcast, @initial, {0x8, 0x7}}, {0x9, 0x0, 0x3, 0x1, 0xff}}}, @a_msdu=[{@broadcast, @device_a, 0xa9, "58a087a2dab1219e6e5388b7eb450b1dc37ad570f8599ae875a870b775e2fbcbb1d0dd534fc993efe866468e28e90bcabce39119bdcd7147044f8a626878eb8a7d027f0f205d5be97f1aa2df977ebad4339e5e914ccf49dab1f8a94b47e23a03f753e6331cf27df81e5c224bf2faf9c20d2355ba9a4e13c84ec818ee90f511a2f86252161ffd14c39379112e3c0f6c08b1bc621995246a5183ec450d7d7b36b8c30d2d15aa980dc6ee"}, {@device_b, @device_b, 0x71, "d127a47868a8f5464fbe797eb6babab8df83a0ffd05ea0205ed3efa27fbd09448a0231825ed2e767cd7b277d0608648702eb992281786d04c6cfb0af23b0b42269cc65c8028489c2afaf589b12620d16f19caa43a493032682f76b72967432568c9ab5e405feb56887a33d5a276c17721b"}, {@broadcast, @broadcast, 0x74, "8abd64270766ac2424124be9e60f4f169f7dcdee185dc38fec8496396bf6b1a201f09ffa2b22c98d9574157112458a7ae754f6761989b753c9aef02722cd1629af14b41b18afe28907589fbc1cf5f39cc9550fcf9594d40e3b7ad0ff2117b8014d6a8d0af176f86dc04a5f823fff86a71688e416"}, {@device_a, @broadcast, 0x87, "62450f170b1c6d5c886582e081e67f9b4b208e34830010c209e5207af95cb4d5bb758961ea13ff78e2587e87354d1de1c5281af546f905bea19fa9d6916f2405507ee6ded69e2a4ba915c520fa1f26a3e242725c82abc10ae1e4831f2bd76b623eaceb883d869422224a4407eede606d66c8888f7672cbe1c3965ca3600ca1f97a2c990c636df5"}]}, 0x288) 21:16:38 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x8914, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:38 executing program 0: ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x3) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x7b, 0x1}, 0x7) 21:16:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x801c581f, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3111.359861][T25432] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3111.386667][T25431] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:38 executing program 2: write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x71, 0x1, {{0x2, 0x1, 0x3}, 0x8000}}, 0x18) prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000500)={0x0, 0x0, 0x8, 0x18, 0x96, &(0x7f0000000100)="b24e14c8c5ee5295730bc6d5ff76e7d8647fce55744a8ba9253f1ed1372605bbd0d29b033f8c35320cae2453ff13f562e5cb81107dbe92e3dfaaec82bedc11f1454e7c5caf11a848e35d65b3f8dc298a5a5b1f4564cc5284c28cb24d9bd8188856e518622e9862500fb86a43efd6bb0d6b28ceb4a3dd520e55c14b1fffad1cd4eb0453dcfe930c0326530bd87a75123e488e3b965a99c29493bff38edb5a70b4f3c94f684091e3b6d6cce2fc655ace07ac56ddc659b5c1a1e899bbdb7e5e069024fd6a9fbf051f7739077c9ffe6cb40285c598b3117d64bae7b9e3862d5a31e519c0d81426db6336349dc69c68cc25c79748e333d659f201d095aa80e51de5e34e8cbb6aa1c03579461568ef4e186d21b4a11dd2aef310f84837e5a7a6c19bfd935380fa3b0d190ceb4960467ea4a3da0ad85105894df214f2b705193e351ac86c11842fad83097ca2d40eadd8d2c56ff94c811726a740eff860c8c9b58e77bd0c3fcc249271a1ed1462a4f811e554c40090e7c1371bfbeda4d9d2f7ee2a5026ef3a0d90338a2bcd14cd766c9c8eab671174d1824d0f63dd5062746e01ec97c33ae51ad5a2545112c218dce3a2ad1dbc1c1a11e7823d7368c43a0184247bbe05f93b7f91866e38ad5510c26068ad29a48e42b08d0fe73cd0a7a8a85cfb8bda323c5c1c0965448f0fe97bec113b87d4b251a8d02dcbc9ac526efed32872ae97cd321eb0330a55de8a956239bdd65cbe29c11e87c9a1e62d695e30da5e800f4696c43e657d2105336f09eb95fb0eea1f6090e5f3384f2b5376daad9c3f7a75cf08d3932d60b22f96d3f89f704c1774508121b1f1cd47931105776c25aa1de09277bd0e154606793db4fbbe35c73f9c66db3dda95406e1d1ac62c3233dc1e16a025969b94274e6d4d089bc82dd10ae38d35f1704a8b4fc56e0b78014f3548ad7ff0b68ed18094f558473bb5166c4a2b76f21e5a2a7fa2f4d9139f746677bcbb3673a1347c3f7fe58e83202f7df05adf882a2ec8f0226fd97c8e6ea12fc10d848214a8e11eaf211beb6223b38022d20dc922c077f277a327d823cedc0ac76cac3bc77ca11011bfae7f831e51fb398341b644230fe509e8cbf7c724503db71bdcece2272bbd47cfc05d6670dad0d9cb3511cc5b5cf176fa85bf1b28ed71c3563fd0382068fa1913b3618713a049050ba03d6750b7c703baa4316769a3205669fd589e0ddc1b938d7c0c571be05b73c38b024618dbe0c43a167186ebe066db89db9afa2fbdd4d14d882a06108c79b280c2f1abfee8a11d74408240bfa1e26c0725abf94776a0f80e594110df87af27070d1c793d37a5f828d4e550a7047fcbfbc2e88232ea7ebdf143e2ed75436d775d107f360489f6b45a7ad2325df2266c1bab0677643c5923ac9aa6915be50dcc50b8ec938979646cbf84f93bc59721820e69d004"}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000040)={0x22, 0x39, 0x8, 0x3, 0x5, 0x7, 0x1, 0x400b, 0x1}) 21:16:38 executing program 1: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8a40, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x7ff, 0x6, 0x4}) syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:38 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x8933, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:38 executing program 0: clock_gettime(0x1, &(0x7f0000000040)) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x81785501, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:38 executing program 2: r0 = syz_open_dev$rtc(&(0x7f0000000140), 0x6, 0x400) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000180)={0xfd, 0x0, {0x3, 0x22, 0x85, 0xc, 0x9, 0x22, 0x6, 0xff}}) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_OFF(r0, 0x7004) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) read$fb(r1, &(0x7f0000000040)=""/198, 0xc6) 21:16:38 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={0x0, @xdp={0x2c, 0xc, 0x0, 0x28}, @nfc={0x27, 0x1, 0x0, 0x3}, @l2tp={0x2, 0x0, @rand_addr=0x64010102, 0x3}, 0x6, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)='veth0_vlan\x00', 0x10000, 0x0, 0xff}) socketpair(0x4, 0x6, 0x100, &(0x7f0000000080)) r1 = fork() waitid(0x2, r1, 0x0, 0x20000000, &(0x7f0000000380)) process_vm_readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/174, 0xae}], 0x1, &(0x7f0000000280)=[{&(0x7f0000000180)=""/241, 0xf1}], 0x1, 0x0) 21:16:38 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x400448c9, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:39 executing program 4: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x7fffffff, 0x73af27e6979112d2) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000040)={0x0}) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r1, 0xc01064c1, &(0x7f0000000080)={r0}) setsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f00000000c0), 0x4) 21:16:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045520, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:39 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x400448dd, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:39 executing program 2: r0 = syz_open_dev$dri(&(0x7f00000000c0), 0xdf7, 0x40100) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_RESET(r0, 0xc01064c4, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, r1, 0x0, r2, 0x0], 0x5}) prctl$PR_GET_THP_DISABLE(0x2a) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x40081, 0x0) prctl$PR_GET_THP_DISABLE(0x2a) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r0, 0xc01864cd, &(0x7f0000000340)={&(0x7f0000000280)=[r2], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f0000000400)={&(0x7f0000000380)=[r2], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0], 0x3, 0x1, 0x1, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f00000004c0)={&(0x7f0000000440)=[0x0, 0x0, r2, r1, r2, r1, 0x0, r2], &(0x7f0000000480)=[0x0, 0x0, 0x0], 0x8, 0x8, 0x1, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r0, 0xc02864ca, &(0x7f0000000540)={&(0x7f0000000200)=[r2, r1], &(0x7f0000000500)=[0x0, 0x0, 0x0, r4, 0x0, r5, r6], 0x6, 0x2}) ioctl$FIONREAD(r3, 0x541b, &(0x7f0000000040)) ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000080)={0x6, 0x2d1, 0x9, 0x3, 0xd, "b6207bb2c79d712cb02628559019050046e850"}) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x401c5820, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:39 executing program 2: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x204100, 0x0) ioctl$FBIO_WAITFORVSYNC(r0, 0x40044620, 0x0) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r1 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000000)) sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x8090) 21:16:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:39 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x400454ca, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:39 executing program 0: syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000240)={0x24, &(0x7f00000000c0)={0x40, 0x23, 0xb4, {0xb4, 0x21, "7ca558a413939a5301117abf88134fdf5a94f205dc4397912021319709ab133e65961825124e0cafc24c4683860fb2b762db441706c282d05913610de28cc880c3e6b35f101565406dbf039cffb507baace0241c972f0b5a0c6a74ca858abcd841ddfaebc55924e0a8586faca7bf85c1c8a9b311d2e323b1b43efeb511beec156013d83563b95ac222b0507d1f228e713001c5a8ce5059490c994479ab344cbf05af0453f5cc5a89ca754fde0ff6cb96c3ed"}}, &(0x7f0000000180)={0x0, 0x3, 0xc, @string={0xc, 0x3, "32fd49ea391010384c7e"}}, &(0x7f00000001c0)={0x0, 0x22, 0x27, {[@main=@item_4={0x3, 0x0, 0xa, "32d30200"}, @local=@item_4={0x3, 0x2, 0x7, "18785a94"}, @local=@item_4={0x3, 0x2, 0x0, "82a8b504"}, @main=@item_4={0x3, 0x0, 0x8, "5c0211c6"}, @global=@item_012={0x2, 0x1, 0x3, "9dd4"}, @main=@item_4={0x3, 0x0, 0xb, "d4e6a567"}, @main=@item_012={0x0, 0x0, 0xc}, @main=@item_4={0x3, 0x0, 0x9, "071f2916"}, @main=@item_4={0x3, 0x0, 0xb, "5ca0a51c"}]}}, &(0x7f0000000200)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7a0, 0x7e, 0x1, {0x22, 0x350}}}}, &(0x7f0000000440)={0x2c, &(0x7f0000000280)={0x40, 0x31, 0xa3, "04878f6e78cb7681c6b753bdf3660d3f45df8f25da15cfcff958621b680aba4eb188cd0458447086f7e33c3aa9cf8ace15acf4de5905c7d4ab5646f91830d8ca86ac9886b0db1417bb08c906f37309e66fca7b8c6d568d6e662ff54598f1bf4416705235bf1ba036636c6e0b6e65fa24fec7c6369206d109f8b25460b8aaff7ec8e2eef83de844ac18da5168236af06816636de6576803033394a8c2b777bf09a55cfb"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0xc0}, &(0x7f0000000380)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000003c0)={0x20, 0x1, 0x1e, "a56a0b64abdccb1342f8d8e4514e4dc143910076ef10f3a86263d21ee47e"}, &(0x7f0000000400)={0x20, 0x3, 0x1, 0x2}}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, &(0x7f0000000080)={0x8, 0xfffffffd, 0x1, 0xffffffff, 0x20, 0x7ff, 0x1f}) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:39 executing program 4: socketpair(0x28, 0x5, 0x0, &(0x7f0000000000)) 21:16:39 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) setreuid(0xee01, 0xffffffffffffffff) sched_yield() socket(0x29, 0x3, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:39 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x40045532, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:39 executing program 4: socketpair(0x28, 0x5, 0x0, &(0x7f0000000000)) 21:16:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:39 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) 21:16:39 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x40049409, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0189436, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:39 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x0, 0x7, 0x18c66241, 0xff, 0x1, 0x7], 0x5, &(0x7f0000000000)=[{}, {}, {}], 0x0, [{}, {}, {}, {}, {}]}, 0xc8) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$GIO_UNIMAP(0xffffffffffffffff, 0x4b66, &(0x7f0000000200)={0x8, &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}, {}]}) syz_open_pts(r1, 0x22aa80) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r2, &(0x7f0000000180)={0x14, 0x67, 0x1, {0x0, 0x3, 0x8}}, 0x14) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:39 executing program 4: socketpair(0x28, 0x5, 0x0, &(0x7f0000000000)) 21:16:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc020660b, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:39 executing program 0: socketpair(0x1e, 0x6, 0x0, &(0x7f0000000000)) r0 = socket(0x23, 0x1, 0x8) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0) 21:16:39 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x40086602, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:39 executing program 4: socketpair(0x0, 0x5, 0x0, &(0x7f0000000000)) 21:16:39 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) 21:16:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc1205531, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:39 executing program 1: syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, 0x0, 0x5) sched_yield() syz_80211_inject_frame(&(0x7f0000000000)=@device_b, &(0x7f0000000080)=@ctrl_frame=@ack={{}, {0x7f}, @device_b}, 0xa) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:40 executing program 4: socketpair(0x0, 0x5, 0x0, &(0x7f0000000000)) 21:16:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f0000000180)) r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x2ac, 0x191081) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000000140)={0xc8, 0xc, [0xf2ad, 0x8, 0x6]}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$TCSETSW(r4, 0x5403, &(0x7f00000000c0)={0x34c, 0x400, 0x1, 0x2, 0xc, "c63307b51c4394b8ba05da4ad2571a8d73eaa5"}) ioctl$TIOCGSOFTCAR(r3, 0x5419, &(0x7f0000000000)) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$KDSIGACCEPT(r2, 0x4b4e, 0x2f) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:40 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x40186366, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:40 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_GET_THP_DISABLE(0x2a) clock_getres(0x1, &(0x7f0000000000)) 21:16:40 executing program 0: socketpair(0x10, 0x80000, 0x80000001, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000001c0)) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) r2 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000000)) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000300)={{{@in=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in=@local}}, &(0x7f0000000140)=0xe8) connect$can_j1939(r1, &(0x7f0000000180)={0x1d, r3, 0x2, {0x2, 0x1}, 0xfd}, 0x18) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RVERSION(r4, &(0x7f0000000240)={0x15, 0x65, 0xffff, 0x7f, 0x8, '9P2000.L'}, 0x15) write$P9_RAUTH(r4, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RVERSION(r4, &(0x7f0000000200)={0x13, 0x65, 0xffff, 0x200, 0x6, '9P2000'}, 0x13) socketpair(0x23, 0x80000, 0x8, &(0x7f0000000280)={0xffffffffffffffff}) connect$can_j1939(r5, &(0x7f00000002c0)={0x1d, r3, 0x2, {0x0, 0x0, 0xfe2c0ad549379302}, 0xfd}, 0x18) 21:16:40 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x4, 0x3, 0x1}, {0x100, 0x7, 0x7, 0x66d}, {0x58, 0x6c, 0x3, 0x101}, {0x7, 0x7, 0xe4, 0x7fffffff}]}) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000100)={0x9, &(0x7f0000000080)=[{0x3f, 0x7, 0x1f, 0x800}, {0x6, 0x8, 0x2}, {0x0, 0x6, 0x31, 0x3}, {0x6, 0x80, 0x0, 0x1000}, {0x7, 0x3, 0xa5, 0xcde}, {0x2, 0x4, 0x7f, 0x1}, {0x3, 0x3, 0x81, 0x401}, {0x3, 0x1, 0x20, 0xb4e}, {0xff7f, 0x4, 0x3c, 0x1}]}) syz_open_dev$dri(&(0x7f0000000140), 0x7f, 0x80100) 21:16:40 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x401c5820, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:40 executing program 4: socketpair(0x0, 0x5, 0x0, &(0x7f0000000000)) 21:16:40 executing program 0: r0 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r0, &(0x7f0000000180), 0x18) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, @can, @l2={0x1f, 0x8, @any, 0x8}, @qipcrtr={0x2a, 0x1, 0x7fff}, 0x6, 0x0, 0x0, 0x0, 0xd8, &(0x7f0000000040)='veth0_to_bridge\x00', 0x6, 0x1, 0x3ff}) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) [ 3112.986026][ T37] audit: type=1326 audit(1625347000.215:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=25576 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x1}, 0x7) 21:16:40 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x4020940d, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:40 executing program 1: syz_80211_inject_frame(&(0x7f0000000040), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:40 executing program 4: socketpair(0x28, 0x0, 0x0, &(0x7f0000000000)) [ 3113.062214][ T37] audit: type=1326 audit(1625347000.275:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=25576 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:40 executing program 0: socketpair(0x36, 0x4, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = accept$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000080)=0x10) ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f0000000100)={0x0, @llc={0x1a, 0x309, 0x4f, 0xbf, 0x7, 0x1f, @multicast}, @generic={0x4, "1bfdb8132ebc7648a6bf318661d9"}, @nl=@unspec, 0x3, 0x0, 0x0, 0x0, 0xc25, &(0x7f00000000c0)='wg1\x00', 0x6, 0x39f8, 0x8}) 21:16:40 executing program 4: socketpair(0x28, 0x0, 0x0, &(0x7f0000000000)) 21:16:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0)=0x0) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000100)={0xa0, 0x19, 0x1, {0x2094, {0x80, 0x1, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x2, 0x23dd, 0x7, 0xffffffff, 0x1, 0x6, 0x0, 0x4, 0x3636fcea, 0x4, 0x392, 0x1, 0x6, 0x8, 0x8}}, 0xa0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r2, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RAUTH(r2, &(0x7f00000001c0)={0x14, 0x67, 0x2, {0x8, 0x3, 0x4}}, 0x14) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:40 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x40405514, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:41 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) 21:16:41 executing program 0: socketpair(0x29, 0x800, 0x0, &(0x7f0000000000)) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) 21:16:41 executing program 4: socketpair(0x28, 0x0, 0x0, &(0x7f0000000000)) 21:16:41 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x40405515, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x18142, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) write$fb(r1, &(0x7f0000000000)="8a093da0cd3885ee760b3cf45d82c89b7cd9ba95ad89ca8a9d087363f9d7e76f05603dd5190be1c76ee31c649e08f2", 0x2f) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:41 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() r0 = getgid() getresgid(&(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0, &(0x7f0000000100)) r3 = getgid() r4 = getgid() getgroups(0xc, &(0x7f0000000140)=[0x0, 0xee00, 0x0, 0xffffffffffffffff, 0x0, r0, r0, r0, r1, r3, r4, r2]) setregid(r5, 0xee01) syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3113.807964][ T37] audit: type=1326 audit(1625347001.035:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=25576 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 3113.832598][ T37] audit: type=1326 audit(1625347001.065:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=25576 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:41 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = fork() getpriority(0x0, r0) setpgid(0x0, r0) 21:16:41 executing program 4: socketpair(0x28, 0x5, 0x0, 0x0) 21:16:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) pipe2$9p(&(0x7f0000000000), 0x80000) pipe2$9p(&(0x7f00000000c0), 0x80000) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RFLUSH(r1, &(0x7f0000000040)={0x7, 0x6d, 0x2}, 0x7) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:41 executing program 0: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLERRORu(r0, &(0x7f0000000040)={0xd, 0x7, 0x1, {{}, 0x3}}, 0xd) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:41 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045500, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:41 executing program 4: socketpair(0x28, 0x5, 0x0, 0x0) 21:16:41 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:41 executing program 0: write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000040)={0x14, 0x69, 0x2, {0x40, 0x4, 0x7}}, 0x14) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) write$P9_RLINK(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x47, 0x2002}, 0x7) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x7, 0x2, {0x7, '[@:,#:('}}, 0x10) 21:16:41 executing program 2: openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) openat$fb1(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) select(0x40, &(0x7f00000001c0)={0x8}, &(0x7f0000000200)={0xc4}, &(0x7f0000000240)={0x2}, &(0x7f00000002c0)) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, &(0x7f0000000000)={0x0, 0xa, 0x8e, {0x8e, 0x30, "19feb3a0f923040e73620afc2dd6757fb556ff170f58c594ae0fb0fe2901b6ccdeb2e55ad4dbe0edcb68ebafec883ca7c8fd3899e0d796504b70b66f20ba1a6d958770a531f4273f16755f9e4cca0d6cea712a5b221b8b82c00b3c9425dbed2939f507375b08b48a9b00e7854ac1184aa5660d48857302b8b8910bfec5b5788063dabfb08a3a5a30995cb18a"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x459}}, &(0x7f0000000100)={0x0, 0x22, 0x10, {[@main=@item_4={0x3, 0x0, 0xc, "8cb06666"}, @global=@item_012={0x2, 0x1, 0x1, "ef60"}, @main=@item_4={0x3, 0x0, 0x2, "9d25c857"}, @local=@item_012={0x0, 0x2, 0x4}, @global=@item_012={0x1, 0x1, 0x1, 'j'}]}}, &(0x7f0000000140)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7fb0, 0x1, 0x1, {0x22, 0xebd}}}}, &(0x7f00000003c0)={0x2c, &(0x7f00000001c0)={0x0, 0x9, 0x74, "1c6758e3b40e0252428196167eb31e53dd010b1c50b881b93d900c38a72b183784b23e64bfca1320c97850ecd2d94e4df1f83bb86420e456c8ca33dbb3745ca2f1c554270a3ec25c5d550c4997975bd53eeec4bfde32e82c3c08eedd9e6c8223a95904a5f3e843f804923f7db9553801b88964b0"}, &(0x7f0000000240)={0x0, 0xa, 0x1, 0x1f}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x3f}, &(0x7f00000002c0)={0x20, 0x1, 0x7e, "af0e07c64b7ebba9c45b9167d3daf3dc97d5a30c371fbe822e3603b9e96b1ea6746d44925e16fe21adcf03dfcfbd5ded98a3a403b67e049e1248379f59f0bb46dad00ebd23818f452353f073859815ef69a3a22eea3c5467eb955332b4f8e738a6ec0c33817c5ebc575063144df820608db49a3eedcd387f9c224a275cc8"}, &(0x7f0000000380)={0x20, 0x3, 0x1, 0x7f}}) 21:16:41 executing program 3: set_tid_address(&(0x7f0000000100)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2080, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1d1000, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x202080, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) keyctl$session_to_parent(0x12) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:41 executing program 4: socketpair(0x28, 0x5, 0x0, 0x0) 21:16:41 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RUNLINKAT(r0, &(0x7f0000000040)={0x7, 0x4d, 0x2}, 0x7) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:41 executing program 0: write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x71, 0x1, {{0x15f82b13fc54afb6, 0x3, 0x1}, 0x5}}, 0x18) 21:16:41 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x800455d1, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:41 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:41 executing program 3: write$P9_RSETATTR(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0x7) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:41 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80086301, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:41 executing program 0: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) accept4$inet(r0, 0x0, &(0x7f0000000040), 0x800) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:41 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:41 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x100000001, 0x40000) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000040)={0x366, 0x18, [0x1, 0x8, 0x8, 0x3, 0x9, 0x6c25]}) 21:16:42 executing program 0: socketpair(0x1e, 0x5, 0x0, &(0x7f0000000000)) 21:16:42 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80086601, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:42 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000040)={0xffffffffffffffff, 0x5}) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:42 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x7ff, 0x0, 0x3}, {0x9, 0x8c, 0xa6, 0x2}, {0x401, 0x4, 0x8, 0x10000}, {0xfff, 0x9, 0x9, 0x10038f3b}, {0x8, 0x0, 0x1, 0x4}, {0x8, 0x8, 0x80, 0xfffffffb}]}) 21:16:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000180)=""/176) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:42 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x801c581f, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 0: socketpair(0x10, 0x3, 0x2, &(0x7f0000000040)) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RGETATTR(r0, &(0x7f00000000c0)={0xa0, 0x19, 0x1, {0x1865, {0x80, 0x2, 0x6}, 0x48, 0x0, 0xee01, 0xfe0, 0x2, 0x9, 0x9, 0x200, 0x9, 0x7ff, 0xffffffffffffffff, 0xffffffff, 0x9312, 0x1000, 0x1ff, 0x4, 0x7fffffff, 0xccf}}, 0xa0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RGETATTR(r1, &(0x7f0000000180)={0xa0, 0x19, 0x1, {0x49a, {0x10, 0x2, 0x4}, 0x18, 0xffffffffffffffff, 0xffffffffffffffff, 0x9, 0x2, 0x3ff, 0x8000, 0xfffffffffffffffb, 0x9, 0x3, 0x3, 0x80000001, 0x7, 0x3f, 0x800, 0x4, 0x81}}, 0xa0) r2 = socket$inet_sctp(0x2, 0x1, 0x84) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r3, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLINK(r3, &(0x7f0000000240)={0x7, 0x47, 0x2}, 0x7) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) 21:16:42 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 2: ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) sched_yield() 21:16:42 executing program 0: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80010160}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@delpolicy={0x58, 0x14, 0x200, 0x70bd2a, 0x25dfdbfe, {{@in6=@local, @in=@remote, 0x4e23, 0x200, 0x4e23, 0xe00, 0x2, 0x0, 0x0, 0x84, 0x0, 0xee00}, 0x6e6bba, 0x1}, [@extra_flags={0x8, 0x18, 0x1c9}]}, 0x58}, 0x1, 0x0, 0x0, 0x8000410}, 0x4010) socketpair(0x1f, 0x6, 0x0, &(0x7f0000000000)) r0 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r0, &(0x7f0000000180), 0x18) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) 21:16:42 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80dc5521, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000040)={0x0, 0x0, 0x3, 0x80, 'syz1\x00', 0x8}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(0xffffffffffffffff, 0xc0045540, &(0x7f0000000000)=0x5) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:42 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000080), &(0x7f00000000c0)=@data_frame={@no_qos=@type01={{0x0, 0x2, 0x2, 0x0, 0x1, 0x1, 0x1}, {0x2}, @device_a, @random="6082f66e21fe", @broadcast, {0xd, 0x7f}}, @a_msdu=[{@device_b, @device_b, 0x1000, "a850d570fb9ad5186f7f3e173a12944016ee981a233023b973781a420826b1e95b0603375259f22dce192cd1f685a98bf59bc712f71083293d952c0933fff96a9265f9b23acc0c9891c64718e7af0071e01c5d5be2723ca8b156f1c316db97648ece7b92207f4eb7b9242baf7edc26ff6dc2c7a202cb7831bf843f7b5fd6d593154ccecd2e6c670d38e4c45d1cf83bba2ec75c635b8dc76dd99c2dd97623102a9d1e9eff5338b8d8dd88dbce956ef9c4ca9b535995be8ae2fd9951211fd527be42e8fdc2824a3d1cb6689f11dafc7d6a829a5ab5a6a5b7f7a62ec8a94aa89f9a0a6974670dec2a68da28e432d1681f4927019b6d1018ad36ec046076ce1c4e951b93fd6c740413c5634226a1cb4112c2c5718014740a2b79b28a21cc6fe5b79058db474bab648daeeef0a3e6933cefd0fcbba8cf6188c5ade347b7a0a12d91ff5c1e3dd196816da88df73289aeb3274b3974bae182cf26d7d1421a6836e65574b4c7e78b32fbe6ddba928e9bd94b52b660d5a6a228a138650d519088704bbf68c10bf9289f31af255c564bc2093fbe9cdb1f459bc15ba6c66f3eb0bbbc2e07abdd45dc62556804a0871667ce9e64006eba1e07bafd45ea08b5e4302bfe59a31f22db8aaf4e86d7d6c8823869aadfbdf8629199f8165395c0051c99be739a5d2d2776aa52ca0f21f57088024da957fe726c940eaedc7a8068c0311b6aae20b0995edb5d86d74c4ba78e24509c36d0faf5dd2e52f3499a096c176e58fce6dda4f0d79138c9159cc2e937bf10de5693213a028f41a6301a786b4e63403ec165343bb35d3d9f3e8386d6932dbfb92b5c1eba140a837c901848fbb04c6d489351fad09c0fe5b67b57e79557105a547bca266b624ce20bbb56b55a56d4d597c28a35adbc630df8fc1bcf077f3a23860e19d6b404891df138225aecba88607ec203aa5102d5d27f68cdf4388db757986abda0e8c83aa0bed59210b6f679da7ea936c88f3d35b1273a4cfca42de093af08245910e2ea7d8c7ac6b8965a08fd973f8073d344315fc8647e61cea4ca79b5b7af548bf484da06e0927dfb929e627871b9829c910a9361e795525ef19bffb0d9a7e57b35b235f244622f4840df4670725e8e3cdddaf0d53d86b6bfd5b67f32f86448278a3146de6fcc94681700695a87f52e2ca376f74e935b825394339612a6e0ae5b3d4ecb4eb8ebba73daf3a48ed57af23a4d1176f881a4ddac3dd6ee3989a513bf421d235ac0a7d19a2078dcc939335a7f46aa988e6f4904a44afaba68d3b25b316864336e80c1c9b24e37dbc4b49f1833d3415bb472a6cbe8e4ed120e31ea4fe4c5bdb6544f8fa5c67aa7208d7fc03255b0b0c6d3babc6fca488515b3c9fcec2864e3d8d9c873b10af5bd6904fac78c1b1bdb121dbd2aec14eda5ca07d6fd1c4ff289cd21230b44d10d558536e4be5b31d1d0e6306ee4320412f96c01dd71283cbb98c591a7d19d074221c7fd0a7cc70756bf6184791b38f7cb7948f0502f56f1ce77d20728d346bcdc6f75f3cd55916f9e358410ee91c104f1194e12b285689ac0b225d3c814c34384af9d4432577a0c379ad4a39b039348972a90da5ecf70cf68a005c0928a11f41a96d2d4172e95eb507ae739f68290095a3057325d5b6e5d0f8850c9a8e7b553078b387ccd07ee0e8fa60471f207975ce00df00721d2592c3d57beebccbba17b345135a5602cbaebf3ab7332ac3725fcd6d5fb9b58a52c95a192bb82296f16c69f1d1cd83efea9a88c71dbd4f5977a31451844771ed17c90a439cc4b3f1817a69d4d238d0b814e1f24c50936ee1743d18864eef0f485a6236c728ebcc27f9b297eec771638a50065726cbf00dda376cbe8d6d0d021638ca9f2d44cdc4b31b192ffc9108870c3029b222e3f37858aa2eb8656242ca321e185f4783b64a36b8d54a25492bfcc3422f9a454130c691b72b5df836077ec17d2b0be6d8d1805ca4cd428dd9b0238ec0c4daa59754247494ae6ab9ac8cb395f55201d975856058aeba809c48bde288b8711d406d6e3242b3b49879d9ddf5c7b632b5c5af5bd5dac7a724f849bc582130ca73eb44f3f90aa67df52228bbf4b73ecfc09170533d97ed24575b29f35cfb325733f3a212acb2e1461c15a85ef8a9930120dc0e05c95be4ac86820ddf916360450d2ffee3ff20b00fb93b05c55775a6514dcda1a58c593ddbe78a8f26db026da56d4324549783249e4ae93a0411224ce65484a4688738fae6b8951dacb98ad7fa88405f1090637469f37cad0e7868d12f524f04f6243c95baf410c8c09ebfe53b255dba9aa49d56f9f4d0f556f30f571dd916ae5bade0723b4d6a6806af3b31f286f1ff106343dc1174d71ceeb328fdedbc57d609e158e052655218e9520cacff455a1a746e8c78fddc157d63d64902548c3f9da9ff7e86fbff925e1d037d7889bc530fd90c0f0f4129ce05ff995f2e375484374e2caa19f827525f7a2ede15f3d76f051fbb66a872c75cce4fc913d1034fb9003ca1280821becf9d653f778a8bfb91231d3632d1a2bd65827fecc706342a790ebbbfa9386354dc956bc82324658c04f0cc690ea90b49474444b13dcbb7ce98fb56fb88ff9e901ca6cde40bccd5ad7241f3b20edc0f384cec9f89c143e23e2515031221edde3ec5b57dc68d5ac37bb2e263e7a879be3142ffd818e9222bf24e4976b29e5feee8cc5258d15315ae34a516ac25e54d20c8ba777a2ce805d12fdbcfc3c38e6d0c0e15ef93faf352a010904b4e628b7798c7c7a4e31b70150c36d91064bb1751b31315416a372868aca9cd70643bb6a9d4e42599ccee8098746085349035a0dc51df038e297e6a2408dcebd86bb2b14884a1c3ef0300143017cd4cf465686a11290f000aa0d88184fe43ad27328f54dca09b88ad932ce5aa3041aaecf8f7fdd9f6aaf711ea912d918a2f7f7d07b656273d957d888a1306e2e4f70c582e645622f056633a913fe3850fbb70bba809dccf0ba4387b9f67870cfdb1ab780b4fa6ab6281362c7df2fa1651023d090423c2219719449b0ce36cee98811d587ecd15846138c069daea869e9f6f2692e109e73c9ac812c0638b2e396a22e90d9de510dc05b5e66730f4f4d28e217eec602737e85078bb2457fccc22b4ef15867f8b08367bb9909833a2f0bb4a69e163b50202114694087c44698e3641b358292e54ade1f74f5c3c38f810832f766f9597e411b25128ebe231426c47d050a2f5c9c49313bdd6caad411fbd038571e7c162f1e157ed4e8c73e0e9dae6112de15716b10640dc32e9a5a100956f56935183e908074f03c4a0e6bb49bf54e60e66bd99a1d04e4e8fe4f7b76828faba540c1c13850cd8fa5d14b2f3a510e6d4b8bbbd5cd011fe8dcb419dbb06f203088ed4c8ae3e215958c813b60935093e30da10f8b8bd6c357673aea0632017d26aad81e9c17d6610cda87d051b08b64e6d386a7d9e69f975cca77ee0b47f4803e6dc74dccfacb1200452a275e0f248d700b33681fe82151627262e28eae5579f9e67d1796e27f4b677bea968b12cc51cbd88a368264351e0fa12e6615d978f3c7ae6da044f13a1debaa1c6c65910fde1a2fb36236926411dc067088fed34a50c5860abf158454c3bdb858bbdb8b124b94a5e825c7c8a43a47b028fe6bb0952778fdeae4582cd6adb3501cca684319919dfebc7f1b999d4591e0742da65156dc821d1e6d2705afa54f0127ef7f7dba840c7f75871848da625d7fa67c58b853a0f2a71dffe3cb1bcc28a1678d4ca90b12244a37bddc0ac1818045fd9fe4736c6836da04718af1ed499caf40c38c36a02fcd976f5a04e1790666730d31e44fe9db5f9dde412876b38f519f5231e483b7c45b59254702c764813b14a7f1068eb0899e94dbc4aa5c0a3bc2f6bb13b1c47c3e020bbb0403683bc55ff3828844337cb548bd42b84620d8fecb91ce359ec8bd0e96f53f477e96fefa7949108f7cb5de38c1311e7965a910e91967b8b608cb96759fb7df72b7c508bb7f57c2dcf50b97c7f132bb2375e7e9b9a48837ed450493f943ae807dcaa30bf521a814e059ea4b4c8804f716fd5cb4c358209f9841cd16d4e18d4c7a097136ea82bcabfb007a4df2db2afc8bb6375d59364547e48af666b4b3d1bd8f6bf330288f573cc29e5600017c5a63754d5d7eb2bdca5469548068bbc91d46de0ca7f6d2329bfebb3a0ec64cd50d59319354ae09ac38bf3d6c355e5626ea58b40e2a969c6c06b92de253a3e74c49a5b02ae5dcfa0ebc4f0885572294973fa3674f812062a2fde1c145b242a3e9da2a581cdaca479fe7c4d438d0976288cf651b9fe5b734c9437fd97c9348fb7b5d430c4149a9ff40a3706f9ea0434f43f4993d6186fa735b7b4a46655d448f5c1dcf765436116f376aed4deec15d629f7b683e88ab06f95ad3ee4dc6bdf85ba8b14ec46e04c0f69f3d15797169c9657b3b662da9616e91c9c9a99d6b8c1edc5bec4c61ff5d35f4a2db77878713c6e198c450c3535a71a5095f44b395201edfb29db615bc41a0e378ac21a505b8e79eff39d97f0eeba2109232f7fbbbaa5cebd8e78a6ee4bb4d46d3598a7e38f493d2cc4a9471796eb70c8952b418f5c0d551fe44e93b7f2af6bf3dd39305d7ed66c832830682baec665c400b5c347bf1c0586e9cb12e593dcbbc12e3c16df8e6e20f3b58352e3996e031bbad19a92421abf60067108e92537509d41c74645c3457a354a1a446d3a6cbe413e79477fd4f2ae1e31fb8449a6cc1bd6a178ffb0be19c469b1821d3df8ffc7063b9f232806b77a520e234ae5e60aad28b28098d1583cb8e51e8f8cc5b6dff393fafcc912f4fa28a9799b5ccd7b94b87f98280b2680101bd933a5e04270819b44c64b76c931edab71454e7c6aa3d13162d414c89b8291a628d321b80b9c736c28c8d8c7b8f50046fa2f750d6dcc3affb3132ca39c8d27f3e78246293e01aa5cf027f558af986e76ffdc8d64aa9d7c7ed52d0373f0e5c758822bbd3552fb05286167a95315bd8eee32296f954df399e24279575b0b4e3ad8975b47abed64f0ffd58109efb7cbe32b71c948ac983e89f8c697aea86de8278d2e1581b1fb829f0e1108d4a56b8ff1ca3edfa51cf2bb0a1d9a063ef19ce1fe3c121868708c6bacf64bb4bd8d4ae4d858521c5703eada9d79b57288d2a0218cd007585fdd494169473150b0186205d7f47eb95f43916046c3fddb01e6b31729fe67f31d71653d22da60343c9e50fad915eda63b1b23a3878501e39b2a62ef08079337d927071b1376ee91c8e1347b084c213dbf78a847abed500a106fde559b680ab0925f9384a5578c4dad036c5e6aeda2bc48662f1150f48ab7a07dc9dbf6880334d8b29a51b7cd14c9684cc5f2d3b2826d8d18f96d093cb32381f9bea4277ee1cfc150840824931561f90305b11ce8571ff235e792396e257e38fd7f00f90ff02b10604373af528df1e92e046b4d37616cb949a49afe92db5a39222431fc84f27f47c0cbc920ce2e5fd976a0b8e78515dd3b5e0459177e1477cb8d0bb905dc0de56f4aad48eda924871d1b14cae0fce67851390280920699089705eba7701d3e890dbc8e0e2e8802671271cba5c54820538757283159097be923ed4c7acf42c76fc36904237a9dc09106c3211a696a15c672cf0d01b83c297f2a9a497133ed5aa0ca853f783b3fe85cc33364d87e34e1a61d6fcb383d14efb448c3938c7a4421589c9ae6a0aca5bad62e79afb77767cd41b133666b931aa1398203cf57a8fc95b41588a57cc922058beb3aeeceeb219e56c"}, {@broadcast, @broadcast, 0x7b, "6321585902db5046aad39303791ff39962ac6d895ed87f8dc7d8fcafdbff2847f9165da13cbc3df631e920c34a9c3500a84bd5edfa3202eae520495c455ab733775aae4b4db918ed06d8918b2f558fd0f2e678348eee477a5469207792731b440d33f7b033c480f02682a4ccb918eb30f6dae0285dd71befcd3a60"}, {@device_b, @device_b, 0xbc, "89e3158bf53c9e1e76098c403c2c527a4ce29667ec224c3215f2e63be33919d20104963b6f4bdfa60b265a3cc007658f99ce9978ca02165a2a6a9f45be5764c291aea43865a8ec6d637ff27729cfe02ad491c42a9ce6ca257fa5c63c03e7e25ae9955f08158b7cf1a9fa668b85e89e271ac7a2ac67ec7a3ca3a552ccdd0415a292c25fbc9807a26e5e230b660b3b2068415533581e40b1b57b0b3035851989679e1369890b49c658b2db5301a1ca58d075de7de3bdce78e464cf0378"}]}, 0x1180) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) 21:16:42 executing program 2: prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) prctl$PR_SET_SECCOMP(0x59616d61, 0x2, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) r1 = syz_open_pts(r0, 0x101000) ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000140)={0x0, 0x0, 0x20, 0x12, 0x151, &(0x7f0000000280)="8a18d9b0eaed41db2ca7d3f11ad41a73c30f1fb7fc936bfc30e105620ec743933b24aec1f78cc6fea7636f3bb3be942e3588d9aaba9bcee0c202ab64ee43dd1fb0a071043dba1bdd14ab1574da244c76354ef474202dd912eabd31f1ae1a6cbc34c16310f228449eb97d19b8e9c8b2daee58a58e9f282875cc3d4af92d688151d9fc4aa116ce5e37ed13332d964b1087ce33becedc749e564dc57e8596cfdd6c81f0fb972e509397280c9f28b5d1c8d2c4418996804d1c15a15ac368688b0837a544a8d0e2c0a827a343aa5ea17fe41b08c45aa9935e48bd0ee90d924cbca3034105cfb3c57c056b4126b0db82d0da821d43c9883baae5fc8ce68ccbf13b0b76e80d3e8ae124e98843f75ae1ff11bf0129cc8dc4e26ab0ed3d4606700fefae22f128584f103f403e69905fe04133d435a5d046b08db6220a8b81aa3ce03c8e9fabaf9492e2f0219c30bb64e102b31d4dfb6d8d6b92928dea93fed4a730b3c83688dd24efbd5a8f3c9081c6ed370117328ea89ca0c3b32dcb4ea668333849bccdf29220927f5558ce5be1ecc855e99a0342245c7de5391646068a14b0f6e45d58ee78194c700145370041fa4169abcd5b6124619e85f54bbb736d5866b1183282e89c2010b36216102453891d1a363176acc072a4ada1591f6fb53456bf285f2bfa265f347fb86bc29b21db0dcd3cebfa486a1a031b2ba4c1cdcbfd6e3c97b1319e07cf7dddcee3ed46c525efb1371334f710b5928db287f7c947b674434827f46a4832f68887db7bd0d3d0a0c485ce3946e4e5176c38a335f1bfb28f1fdad4174f8b49f8d7131d640686ffba1d1b829e7c809fe3cd83c0ad3a3f47b4f10a06a865d51d7859d46eb99267efef7b4a268c46a89420822956c01d96e4d4b57a9553563d69932d8ab2d52ebde21cf1cd78f156cb3cdb2e4d361bd00745da0b33094aa4b428993700162af11cfeeed5435b92a6e3ed3a79491330f43132a85cd667021cc53454c7c99304398c26412e64f321da8e2bbf38dcd7e24d6e4db7859b870b72f76288720bd84733a3e2caa2d0af2d5fb8f53ca91e0eb98819a672dcaaa86deb43024954aec2cdce6cf3b33f046a7572289d50caf9e38448092d8d7aba6fb978a0e0975336da2a3b73a658f327632fb8c4f2c555d145e965dd661d5d6788103e1598ab9371a4e55ba29a345ffa5cf15b191484a3bd0fa94b9251f1f528916aabba0a8107b60b04a5952046c6b10c2f75f29900e309c1acff98d8ffde296d18b49ef7a460c267bf507d77250889af3a239dedf64a4f943d56d8f9c358806c23a0eb5e1ecb4fea67d634e8488e298004b7321fbb2cc4ebaa28c6c32fa29d79e46fcbd3aa940985a4b1ba1f69aa7408f6aab965f807f494e1aba2c05f8bea31e5b3fa21aa1591aa33c33937a3a11f9fc92fcf7447c28852dfd14754d9afff289d"}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$GIO_UNIMAP(r2, 0x4b66, &(0x7f0000000180)={0x3, &(0x7f00000000c0)=[{}, {}, {}]}) syz_open_dev$rtc(&(0x7f0000000080), 0x2, 0x9c5141) ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f0000000000)) 21:16:42 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x81785501, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = socket$inet6(0xa, 0x800, 0x200) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000002c0)={{{@in6=@private0, @in=@empty}}, {{@in6=@private1}, 0x0, @in6=@initdev}}, &(0x7f00000001c0)=0xe8) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@newae={0x50, 0x1e, 0x1, 0x70bd2d, 0x25dfdbff, {{@in6=@mcast1, 0x4d2, 0xa, 0x6c}, @in6=@mcast2, 0x800, 0x3502}, [@etimer_thresh={0x8, 0xc, 0x7f}, @XFRMA_IF_ID={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x48000) prctl$PR_MCE_KILL_GET(0x22) 21:16:42 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000000)=0x841) 21:16:42 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc0045516, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) getitimer(0x0, &(0x7f0000000000)) 21:16:42 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) r1 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f00000003c0)={0x81, 0x8, 0x400, 0x7, 0x80}) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000200)={r1, 0xa88}) socketpair(0x2, 0x800, 0x5, &(0x7f0000000040)={0xffffffffffffffff}) r3 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r3, &(0x7f0000000180), 0x18) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000080)={{{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private1}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8) r5 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r5, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r5, 0x800443d3, &(0x7f0000000400)={@any, 0xfffffffa, 0xff, 0xffff}) connect$can_j1939(r3, &(0x7f00000001c0)={0x1d, r4, 0x1, {0x2, 0x0, 0x3}}, 0x18) r6 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000240), 0x616302, 0x0) ioctl$FBIOGET_VSCREENINFO(r6, 0x4600, &(0x7f0000000280)) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r2, 0x800443d2, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{@fixed}, {@none}]}) 21:16:42 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc0045520, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:42 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:16:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x400, 0x0) 21:16:43 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc00455d0, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:16:43 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 1: ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000580)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f00000005c0)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000600)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f0000000700)={&(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0], 0x9}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f0000000780)={&(0x7f0000000640)=[r0, r1, r2, 0x0, 0x0], &(0x7f0000000740)=[r3], 0x5}) syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000080)=@mgmt_frame=@probe_response={@wo_ht={{0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1}, {0x6}, @device_a, @device_b, @random="69441fed492b", {0xe, 0x6}}, 0x8, @random=0x8, 0x2c8, @val={0x0, 0x6, @default_ap_ssid}, @void, @val={0x3, 0x1, 0x5c}, @val={0x4, 0x6, {0x35, 0xa2, 0x1, 0x2}}, @void, @void, @void, @void, [{0xdd, 0xaf, "bb466725a040e5e903d6c1f2c1fd6f739bf564fb3f5f77e967cf99f149daf79c7cdb577e3a90be64f9029219bb221d4e1126575ca06b60bf0d7146437a2b4fe7af4da6c460b814285ff5950a20ebf189bff908198f0d6e6386e26d90e6e5f3cb04d4dea08fe3e51400fa048483c0432dceee89685afb03e30effbad8375e413fa6288ecf8326ffc127ec75d2aee28b078bbaecf4795b0aef2fab628de5ad63e85c812db02aa15f9a93210b1c41c3ad"}, {0xdd, 0xdf, "0a4856dbd09511c04150f9a2fe6d7fdc7e688ab2a3eeecaa76f85749110b632ca68b7651b9dafc35c6ce519ca2f654db499cdb5c7426a841d0f610c4fa617a8c5e23838d58ba4f6a867c4d9e4bd3913607a47db558c5fb0367550a5df2b77d1b4ee0a75ccac9ff8eccfd91df7379ffdc31914eb9ab5a7fcebcbc3e7bf0e982b7bf91980d92c3fb3571ddf9622e44a84ee65fc230052f58863b4859d555ba87f50cfe292349c3cc975a3ef78d4f717b3723d7f9bae10028b07f535b0c64999141d8c582eacc7b7308108f00756a3d94597371068216ca85ba67a6527402e692"}, {0xdd, 0xe2, "e526b9c120e3857d751d40ae12f1c52715e29d602387caa23e9a286f1992064639913f72031c2c54e39a76880723c9d4a12750af13f47d10c8de07cd70f8931247f21adbb5d26aa6697868f8068cb6841a025e0ce3883f23ea8f2590218be5f862134327a867aa1516fd0e26bce7e411ab2088bb5a63a7eb838834078faf248347c3552c4ef828ae7b30a0d601c337e8650afe51447f2650b1815bbd376c62ff35827b74f5e7f0393c4b8c5dcf13c731a54529059943be8f37a670bf7e93b2b0869150296d4fb97d4c43181001ef1bac3e0e0d4c998d8a1c3b6700ea66df32623771"}, {0xdd, 0x92, "c2a2c92e52a8e175e9c01356414ec67d0522ccb21dc37b64ebb614dd6741233bccfde2d1a25cb1333836664bfa4e19b6b6eea56967a6ffa71a0b5534844624439018b18732652d43f832962a1fa6406d07a1b01427c74477918c23cfa40a5eaecdcdb56f091dadf5fec8173946b342c82ba51888f57ff4b2f28130e024f28eb7451524d14d7882114e3b0f99c1add748b384"}, {0xdd, 0xff, "b2304ec6303bec7bb5997b9cb3a18e81f6b4e40d17ae36ebb141d7c5f07ff88c3c0402a74eae391ee5fb860a4d77ed5478af9881093e5ca9a824b6c6de01fe37ad07e92e364bbefeff796f1fbf0b2d827a02f586372f66df564b2dd4a5c4db3ffa962c4fcfc20909d70cdb658a1cfbafe000c79870801ce3cb23178d7ee0441e3b2a99347a5821e80449fcefe31c2fe0616bca4b4b7845e39699a9761457b8275de4a740365f8a95bd1ab111f4e533b8d82136cbf2050f16846ed4c2e473bdecccf76e1cbeb580f79a1a497d97a1257f655b9eeb0393a6e56e90181674202a71f0af20fa91ad3ef308d4254da91b36c9a391e6781a97127d85161682e854be"}, {0xdd, 0xa7, "14189575a1d934b1f3750867864f4cba54179bd1623d2ac98ef9ad7c7f964f66ac78205fa150c76714416b5af761844391b92c69b1982ac883c52e380712e4993a7e796c519fd1508b61dbf4ff0d5e6aeecd3fe26b46b95adc160b4394628a09b11a0a7ff3bb0ca544558320f57c15fc59633734cc085a1c8c02b63c9d576c186d2a97a6029858c10b08c6bb2bd17b0b3e6065209e4bed9e8cba7f1ac2a0a0e0ff7cfcd109950c"}]}, 0x4eb) sched_yield() sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:43 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc0045878, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 0: r0 = syz_open_pts(0xffffffffffffffff, 0x783001) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000040)={0x2, 0x6, 0x8, 0x85, 0x8, "ca6176a46ffbb1bc8f90d73990cc201e492080"}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000080)={0x50, 0x20, 0x80000001, 0x4, 0x0, "7b4cfb08dbe7838e8f31f9afb39e3c1b3663d3"}) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:43 executing program 2: ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x35, 0xff, 0x40, 0x20}, {0x3, 0x4, 0x0, 0x3}, {0x1000, 0x7, 0xc, 0x81}, {0x7, 0x0, 0x6, 0x2}, {0x100, 0x2, 0x5, 0x5}]}) getegid() 21:16:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f00000000c0)={'filter\x00', 0x0, 0x0, 0x0, [0x3ff, 0x1f, 0x101, 0x7fffffff, 0x401, 0xff], 0x5, &(0x7f0000000040)=[{}], 0x0, [{}, {}, {}, {}, {}]}, 0xc8) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, &(0x7f0000000000)={0x80000000, 0xec14}) openat$ptmx(0xffffffffffffff9c, 0x0, 0x1c1942, 0x0) 21:16:43 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0x80045530, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc0045878, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 2: r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10, 0x800) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000080)={r0, 0x10001}) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:43 executing program 0: syz_open_pts(0xffffffffffffffff, 0x20004) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$KDDISABIO(r0, 0x4b37) 21:16:43 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, 0x0) 21:16:43 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc008551a, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 2: write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000180)={0x7, 0x47, 0x2}, 0x7) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) set_robust_list(&(0x7f0000000080)={0x0, 0x31b6, &(0x7f0000000040)={&(0x7f0000000000)}}, 0x18) wait4(0x0, &(0x7f0000000140), 0x1000000, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x7, 0x7f, 0xff}, {0x8001, 0xff, 0xa0, 0xe29f}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x3, &(0x7f00000001c0)=[{0x8, 0x9, 0x81, 0x3ff}, {0x9, 0x85, 0x4a, 0x77ce}, {0x9, 0x1, 0x4, 0xfff}]}) 21:16:43 executing program 1: ioctl$sock_bt_cmtp_CMTPCONNDEL(0xffffffffffffffff, 0x400443c9, &(0x7f0000000040)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x5}) r0 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r0, &(0x7f0000000180), 0x18) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000140)={r0, 0x1}) syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) r1 = fork() waitid(0x5, r1, &(0x7f00000001c0), 0x1, &(0x7f0000000240)) sched_yield() sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCDELRT(r2, 0x890c, &(0x7f00000000c0)={0x0, @nfc={0x27, 0x1, 0x2, 0x2}, @vsock={0x28, 0x0, 0x2710, @local}, @l2tp={0x2, 0x0, @remote, 0x4}, 0xb7, 0x0, 0x0, 0x0, 0x1000, &(0x7f0000000080)='vlan1\x00', 0x2, 0x200, 0x401}) 21:16:43 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) r1 = fork() setpgid(r1, 0x0) ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000000)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x420080, 0x0) ioctl$RTC_PLL_SET(r3, 0x40207012, &(0x7f00000000c0)={0x5, 0x40, 0x400, 0x168, 0x1, 0x1d3, 0xc000000000000000}) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:43 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, 0x0) 21:16:43 executing program 0: waitid(0x1, 0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) ioctl$FBIOPAN_DISPLAY(0xffffffffffffffff, 0x4606, &(0x7f0000000040)={0x690, 0x480, 0xe0, 0x140, 0x1, 0x7, 0x0, 0x2, {0x4, 0x841}, {0x3, 0x1}, {0x1000, 0x200, 0x1}, {0x73c, 0x9, 0x1}, 0x3, 0x2, 0xfff, 0xffffff0c, 0x0, 0x101, 0x3ff, 0x3, 0x5, 0xffffffff, 0x6, 0x0, 0x1, 0x2, 0x0, 0x7}) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0) 21:16:43 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000000)={0x5, 0xc, [0xfffffff7, 0xfffffffb, 0x7f]}) 21:16:43 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc008551b, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, 0x0) 21:16:43 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc008551c, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000000)={0x22, 0xff, 0x5, 0x7ff, 0x8}) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)) socket(0x18, 0x5, 0x7f) openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 21:16:43 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0x80045530, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = socket(0x2c, 0x1, 0x1) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{@none}, {}, {@none}]}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) [ 3116.756305][ T37] audit: type=1326 audit(1625347003.985:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=25960 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:44 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc0189436, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:44 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, 0x0, 0x0) sched_yield() sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000080)=@ctrl_frame=@cf_end_cf_ack={{}, {0x9}, @device_a, @device_b}, 0x10) ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0) 21:16:44 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) r1 = fork() setpgid(r1, 0x0) ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000000)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xae01, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x420080, 0x0) ioctl$RTC_PLL_SET(r3, 0x40207012, &(0x7f00000000c0)={0x5, 0x40, 0x400, 0x168, 0x1, 0x1d3, 0xc000000000000000}) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @broadcast}, &(0x7f0000000040)=0x10, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/119) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:44 executing program 0: socketpair(0x1e, 0x0, 0x400, &(0x7f0000000000)) 21:16:44 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc020660b, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:44 executing program 3: write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000280)={0x14, 0x69, 0x1, {0x10, 0x0, 0x1}}, 0x14) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) syz_80211_inject_frame(&(0x7f0000000040), &(0x7f00000002c0)=ANY=[@ANYBLOB="20143f00080211000001ffffffffffff64703f1dff788800820207000802110000000008a12a9ff2d49d869201018c2d1a0020047f000000000000000000070016000000000300080000e1dd57c0be0b5d6a4003c6799be6176ba6b0dbc8bc36dcb3149e2ec3d3c3fbc5aee1c4f26454decf9d94fbedead8c49f80f595ed2b7f0fb339f027797ce53aef5361baf508f6b82d94e90ce2edf74da798115c17dad6b674cd49ddf4fde31b70ec6a5dfbe627b45708e540b99c64b69d0274485e04140bec5d4d9ef6d20f290cb3e98eae6aca48d0c0b2c07bee55faa75f8eeb348975fe8ef98ef447711aebdbd53aa10a0f28df82c0392646812ccbcf0b229ed2019a447a6e4b24a75d398cc00fd6e406f4eb6a8bd48b551693f1fdc416780dd8ed9bdf37a79c4bf8c591f15208a6700410ff1be9d0f2822fbc6da23ba9f80b697cd253bb1d8318dffd00b53a0d9f145afb654af049c589955dc8f6df190b010087ac7e448fcc88d3041208a0f8cbb89e47e9a57cb1bc619dea2fafc9040aaee842b336dd3e8ea5fdc091d032dc3bebdd9cbd251082f436ffe4ada74f7a58"], 0x19a) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @broadcast}, &(0x7f0000000040)=0x10, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/119) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:44 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@device_b, 0x0, 0x0) r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x2480, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1b) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) sched_yield() [ 3117.532528][T26021] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 3117.593133][ T37] audit: type=1326 audit(1625347004.825:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=25960 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:44 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x5, &(0x7f0000000080)=[{0x5, 0x1, 0x0, 0x7}, {0x4, 0x9, 0x0, 0x4}, {0x81, 0x4, 0x6}, {0x27df, 0xff, 0xde, 0x1000}, {0x6, 0x6, 0x8, 0x1f}]}) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f0000000140)={0x1, &(0x7f0000000000)=[{}]}) r0 = socket$bt_cmtp(0x1f, 0x3, 0x5) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000001c0)={0x0, &(0x7f0000000100)}) syz_open_dev$tty1(0xc, 0x4, 0x4) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000040)={r1, 0x8}) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) 21:16:44 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc0405519, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:44 executing program 0: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, &(0x7f0000000040)={0x2, 0x2, 0x3, 0x8, '\x00', '\x00', '\x00', 0xfbfd, 0x4, 0x5e7, 0x0, "019aa8126bc4d56d176ea345923961b8"}) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:44 executing program 4: waitid(0x1, 0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) ioctl$FBIOPAN_DISPLAY(0xffffffffffffffff, 0x4606, &(0x7f0000000040)={0x690, 0x480, 0xe0, 0x140, 0x1, 0x7, 0x0, 0x2, {0x4, 0x841}, {0x3, 0x1}, {0x1000, 0x200, 0x1}, {0x73c, 0x9, 0x1}, 0x3, 0x2, 0xfff, 0xffffff0c, 0x0, 0x101, 0x3ff, 0x3, 0x5, 0xffffffff, 0x6, 0x0, 0x1, 0x2, 0x0, 0x7}) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0) 21:16:44 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RFLUSH(r0, &(0x7f0000000080)={0x7, 0x6d, 0x2}, 0x7) [ 3117.723643][ T37] audit: type=1326 audit(1625347004.955:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=26038 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:45 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc0505510, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:45 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPCONNDEL(r0, 0x400443c9, &(0x7f0000000040)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2}) 21:16:45 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000080)=0x40) sched_yield() openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000240)={0x3, 0x1c, [0x1bc7, 0x0, 0x5, 0x0, 0xe1a, 0x3b, 0x72d]}) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "92cb0b1d5d73bd084d71a815fca94d26"}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000200)=0x7721) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:45 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105511, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) [ 3117.914642][T26021] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 21:16:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x282, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r1 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, 0x0) write$fb(r1, &(0x7f0000000000)="33cfeafc80b4fb109377814e40be47df1c4b81b8de638e", 0x17) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:45 executing program 0: ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000040)={{0x3, 0x5, 0x1, 0x1, '\x00', 0x7fff}, 0x2, 0x30, 0x3, 0x0, 0x2, 0x3ff, 'syz1\x00', &(0x7f0000000000)=['@(^!%!.!\xf3^]-^-C-++:!\x00', ']]\x00'], 0x18, '\x00', [0x1, 0xe1, 0x5, 0x9]}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000180)) 21:16:45 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) [ 3118.569581][ T37] audit: type=1326 audit(1625347005.795:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=26038 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:45 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0xa1de, 0x20, 0xd6, 0x1f}, {0x8001, 0x6, 0x94, 0x7549}, {0x7315, 0x7, 0x3f, 0x20}, {0x8001, 0x0, 0x5, 0xffffffff}, {0x7, 0xbf, 0xa9, 0x3}, {0x81, 0x6, 0x0, 0xc0000000}]}) 21:16:45 executing program 0: r0 = fork() ptrace$getenv(0x4201, r0, 0x7a, &(0x7f0000000040)) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r1 = fork() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000000c0)={{0x4, 0x6, 0x5, 0x81, '\x00', 0xea}, 0x3, 0x20, 0x800, r1, 0x7, 0x1db, 'syz0\x00', &(0x7f0000000080)=['$@..)&)}+\x00', '.\x00', '\xe4}+:\x00', '\x00', '--:\'#/\x00', '.-$\x00', '\x00'], 0x1e, '\x00', [0x7, 0x7164, 0x9508, 0x6]}) 21:16:45 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105518, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000100), 0x430280, 0x0) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000040)={0xffffffff, 0x8001, 0x80, 0x7fff, 0x0, "e603f99ca06bf458fe2e70a4febc163e3221df"}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x202800, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$KDSETKEYCODE(r2, 0x4b4d, &(0x7f0000000000)={0x0, 0x94}) 21:16:45 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) exit(0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:45 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:45 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWSTAT(r0, &(0x7f0000000040)={0x7, 0x7f, 0x1}, 0x7) 21:16:45 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc4c85512, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:46 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) ioctl$FBIOGETCMAP(0xffffffffffffffff, 0x4604, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0]}) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f00000002c0)=""/187) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x758431f4b95f134d, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000001c0)=""/134) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000180)) sched_getattr(0x0, &(0x7f0000000380)={0x38}, 0x38, 0x0) r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) ioctl$FBIOPAN_DISPLAY(r2, 0x4606, 0x0) mmap$fb(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000001, 0x10010, r2, 0x14000) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) r3 = socket$inet(0x2, 0x80009, 0x7) accept$inet(r3, 0x0, &(0x7f0000000280)) 21:16:46 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) socket$nl_generic(0x10, 0x3, 0x10) 21:16:46 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc4c85513, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:46 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x4, 0x8, 0x81, 0x40}]}) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f0000000040)) 21:16:46 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) [ 3118.994714][T22176] device hsr_slave_0 left promiscuous mode [ 3119.018806][T22176] device hsr_slave_1 left promiscuous mode 21:16:46 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) [ 3119.046836][T22176] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3119.085434][T22176] batman_adv: batadv0: Removing interface: batadv_slave_0 21:16:46 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) socketpair(0xb, 0x6, 0x20, &(0x7f0000000040)) [ 3119.109826][T22176] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 3119.142835][T22176] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3119.176343][T22176] device bridge_slave_1 left promiscuous mode [ 3119.193898][T22176] bridge0: port 2(bridge_slave_1) entered disabled state [ 3119.232316][T22176] device bridge_slave_0 left promiscuous mode [ 3119.253747][T22176] bridge0: port 1(bridge_slave_0) entered disabled state [ 3119.281128][T22176] device veth1_macvtap left promiscuous mode [ 3119.287170][T22176] device veth0_macvtap left promiscuous mode [ 3119.293373][T22176] device veth1_vlan left promiscuous mode [ 3119.299154][T22176] device veth0_vlan left promiscuous mode 21:16:47 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000080)=@broadcast, &(0x7f00000000c0)=@data_frame={@no_qos=@type10={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x5}, @random="38627c5d79d1", @device_a, @device_a, {0x2, 0x1f}}, @random="16bdbeea7689d7563a7d6a58915471898ad2d4064414d07b6f61d7cbd11615c670889e6bfae239fc6ce27180f79a307dcc92deb2986ce1109ac84cc979da59ca62039e8c8238fb453ba4baafc8f9f87a9b66e005beb30c843d2d9d4aba3b74bf1228bf8a04df3db9f7d71483ec15651ae4e1512bbb16c616c4b10ec3b5c31ac126317a506074055a4cbb21f5883d805f356bd8908ed04469e029f1446dd8563cab88717d4abdf2a43e1f1925f4d2869581a8bd9e5ceafb24daa34ccf797b344bb4d64a031dcd4680ee4aa55b2d5809b3acad7be8e7a8bf86f3fab03c5a1048338f85cc0247a15c7d425acd995456c16fa8fd0c3f868deb08544e0903f7ec90a9998a6b3de708b0119909d6caa26fff1be9b9014b3d0e6e00be61ef3bca85f6eb4a3b431771846178309928a5d568eae3fff36acf3eb134c5e4b41c3557f6a57336059d2b23d5f0deddfed0103ca9d4daf43942c76899f065a71753af1f2a2aaeea47cde83384f20d18a4cd59f2c9bab548ed23b407bcd1bd98784433278e8959b50d3107c37b90a08b4aa44015d517f65807ae23c8c386d371a506749046c1168ce1c0404dc9b4757244b0ca67999e7887970e95ff15fdc8fa87906cb0d42474d076acebf497133ee21e122b61d7068039f5e90aa99e492f2f1372f82619380aa7cdcd94dfc5ae4ed73c25508e8c4d05e09127b853ecfe14976fd9ff00ea2b394ebf24625f7208550ac63eb763b303df2c3cc0850bc29b64a9abda2bbe2c3681762e7e854ba8511678a8ffec38a6e605201eb31de73f6702242b08cfc6e698bfa4d98f9107a12d913eb510e518a1a670b9aa4af142a5626513ce986701a4bdea97b323b9513fef2be31270e50490b4b480bf4e11fd0400616ff06f9e6f08902a3ee6581e9740b83d9f0af93bcd580b56eb94bfc974a48c2b69d8141e1b6e9f79f9f693305cc309c1782c54cf6d89c05d7d6ce67ef45a4ef1a3108e6b05dc58b0a1462212743dcef49f0f0a7d8116ef095522a16702bbaed7f0f0e2c7ee7c992db2b346497eaef896eb5008fb35a6786e757f5d5b64242f8e78c8809328e5c8f88d520f727646913d33b194ced18680ade20c5e804d5b96e3f95795b73398feb7b6773fde53514289af4f070784c7e0e22ff117652d0a2f451028e459fc80da768bec20fbbf44bcaa5cf1c55d25885541bdb118161ff3aa81e047b908d1a94a40fb25e731faf2b6fb6fe9993ad700bfa6a398fe61c7bf3fae8dd24e3a6bfa7cfef0c4d6c0955e7d30fb9895450759ec8f1da8b697cfcb069cf2bc3f503272cc425b88bfe29f6483692939e850c8ef4894b33cbdfcca4d29b1d8ccdb74f99838aba54a551a03e667669571698134c092a19dc5fa29ce45fa676de442310b0a6fa516872964e3925c39219431f79d0672f13460d70e0d05826a3bf1c49941f7bd054f35c0aa24199aa1d22993e82dc75e50909ce70e87730e8bc4c41d45a2f6fa51238ef75318619978010b82f78f3a1838aca081e87c9d81719c22472d20bcd187b0fc86f72adc590681367973e64a85bb08b2a473e8be58541935f0c54851c1a400e11477882848b4471eff1dbbd489777dbcaaf3f3955760a7491457660d8236d4221e490919d6b8568dbf86e151009c1ca3e2be00fc60a15c04675c2ba0189168ad3abe38fd5d455203a158f2d9e385eca57a018801ca9737c1a1e9f585d9e047d7f50e3bba780cc349b1df05ae4db96bf45b521e0448d7560510d989c5ead088f6e3926a87839a7266200f8a17615a39d5509e096fbdc51135b34c663d806ce8c89034d117c6fa9690c0322201543b7135b4b404720a3db2619499c48578ff96b2ae5c4c5667ad9ace419e5b92ff5073c4f6fa0ec6388969e3d371732867caecf2ea009675336cc1a51d7cd4982b47070d58ea1b5a6ad2ce02c9a259af42130d17241bb979fb8c05ae03c24cc8fea4b05e6262d21e0b420cddd633b5b98c3feebc9afd44361f06b0ae50991f46f0b127ec874c54385ee7e03be7bc06bbc78b893d9fa203bca6bc9222618de481e1d64281c45ab1e27f3d8d0b0b73013c1adeabd4d774f43ffd3980d0fc78eab42b7d794638bdce7b6805df11831cd981ad3d7d42b4f1b19c34436fec4b1732755508793e8eb35d71237656b2b752825659bde3f8b8ef038dd9e7fefa867b3bafd233a9a6c55a81fbc89fc77104baca5aadfa86c750b89b6cd9a0af1ce2c959572716c591dc7da246bdd491dc004ca9ca3716d79d29d98c6b005a1e9adb7077e61a9c2ac400f80519df6f5d863e5e74929e7a7dc7b87c04b6fb3dfb62ea"}, 0x683) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x464041, 0x0) 21:16:47 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = fork() wait4(r0, &(0x7f0000000000), 0x1, &(0x7f0000000040)) 21:16:47 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x2, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 3: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:47 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) socketpair(0x2a, 0x1, 0x7fd, &(0x7f0000000040)) r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x5, 0x480880) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f00000000c0)=0x80) 21:16:47 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) getrusage(0xffffffffffffffff, &(0x7f00000000c0)) write$P9_RLERROR(r1, &(0x7f0000000040)={0x12, 0x7, 0x1, {0x9, '/dev/kvm\x00'}}, 0x12) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:47 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x3, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 0: socketpair(0x1a, 0x2, 0xfffffffc, &(0x7f0000000000)) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000040)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socket(0x25, 0xa, 0x7) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000480)={0x0, 0x0, 0x7, 0x20, 0x18c, &(0x7f0000000080)="fcac19707e6fb496388eef0fa7e6082bdabfe54a00f4dfba40262776114ad0f4ecf3b41bf592a45880988e52feee26f613e688301fc6b7ce11da2777d5e97c001d822363c81050dd30390a12025293118d11ae78ad838d04cc61627f2766bc9d56a0a1ae87112521a2cdebb34e96d5420f5108bb85f4006aa3abae54da3b873a829ba6d9a0f551cd43fe11ca9e66d784da2e7b0a570f0d5c70fd3bf73de909d2c9a8d7af0b1f3281cc890590e70beaaf79d86656119adefe0cb32bc18f66f5cfe81bf2d8e798a344506fb77af5070148b3de4ccbdb0c3d24c3f9f2ef2285d88f390a3ed614bff65eb838a294e90e370b2b0a237e31fde97f4875e408d70374d1d145a82b55de3b463cc367e0f9b0bd023dced1874eadf74faf4dae84afa88afc673dbdb2faa7d00331a984be2241aa44df5e5e28b2f2f2af1e3bbe3bba6620254bf69b7c232b3e7c1d04813d1cb437ae4054c5cc163c74745e597266dccd84c3f50cdd04b1ed53d63043f8965978b6c4738f101d1e90199993f4414a15dbefccc128899e1296cbe597189bde75c842f7a9768126060e79dca3892c6b94ba43bb08a3dfbac741198d4e40c27e94233e3d2e40bd757e1f0b8f28e70d60058fa6ca450c5d929fc951581b6827b3125e587fba88ef2692237222410e12167dd40c47d5f697e0e779102bc71f29b4a2548157cfc8bd4aa7b13745523e57867bac2c744b18d6e24e7b913c42beb4b7e7b7bec7421a1dc195c3a5f6c78eb9657915195d9aa7b534903b4bd8c51a47744a81a86c5db203151d4b614e0d8643a0553434964e0ebb7163ee72bc5c8a0c9d0c6a341e973fa007e835f6adb2b6dd0b2e1954335a59c5433bcbd2ac024d69194ce5f85e83da56def890a794fd58ba09e0296ca3b728aa05afc3e99a31214640383cd103b34959a964ca64ddbfbf8f71c7f1c85f79ccd94a3756ebaa16ae9b2ebe28ccd1cdb61b8c3d5445e6efb0c0e9e450c095ded0ef4486a440ad5c139a5bf7dbd1b51c4ec8e2869f33f403cabc01ee9998db1b60628f1ce3f1b52153d9b17c5558e7765100eeeff4d581280317669eac274bffa678c96ada3304cf57ce3e92665ba54cb26ee77c2c799df06e7f441ddc87a6e235f305593807f5667e08ae6c7a5dcd3be6729140cd5f0fd2b7096afa2210e1769b8918d514a91987af1a2daf8d3f5fa1728cec6e4c6eba314093e4a1813b06633f6bf6e6237c32701a97d7bcec1c92012ce014f1331b81fab1d118c1d7e1609c418d5186c893d93d8116dc4b8b6d4c0116505df7a17308d6f05d01a658611df94fc57cd4a34781e141fcac25fea008b43e98ef86abcb4903881478fb42ecc1ddaabbcc79912b7529e74719629a153424eeed0ed5a03dd3a29d5db037e7a893dea5ecda795284cb0d9fa831c9309142519d87689e95c0943f4ebf6d6cc01160"}) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000004c0), 0x14640, 0x0) ioctl$KDMKTONE(r1, 0x4b30, 0x2800000000000000) 21:16:47 executing program 2: accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80800) prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) 21:16:47 executing program 4: ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x10000, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000080)=@ctrl_frame=@rts={{}, {0x6}, @device_b, @device_b}, 0x10) 21:16:47 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x4, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 2: r0 = syz_open_pts(0xffffffffffffffff, 0x80) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x6, 0x4, 0x8, 0xffffffff, 0x11, "c57e75f6739810e4a493d32a382adc7be3444f"}) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000040)=""/171) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) socketpair(0x3, 0x2, 0x40000e2, &(0x7f0000000000)) 21:16:47 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 0: socketpair(0x15, 0x4, 0x0, &(0x7f0000000000)) 21:16:47 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x5, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x208080, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f0000000180)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f0000000300)={&(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0], 0x9}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(0xffffffffffffffff, 0xc01864cd, &(0x7f0000000380)={&(0x7f0000000200)=[0x0, r2, 0x0, 0x0, r3, r4, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, r5, 0x0, r6], 0x9, 0x1}) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000100)=""/103) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r7, 0xc008ae05, &(0x7f00000000c0)=""/56) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r8, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r8, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:47 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x1636b) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x9, 0x0, 0x7, 0x5}, {0xff81, 0x2, 0x2}, {0xf95, 0xff, 0x8, 0x7}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0xfff8, 0x8, 0x40, 0x2}, {0x7, 0x0, 0x7f, 0x6}]}) 21:16:47 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x6, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 4: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:47 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000080)={0x6, &(0x7f0000000000)=[{}, {@fixed}, {}, {@fixed}, {@fixed}, {@fixed}]}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(0xffffffffffffffff, 0xc00864c0, &(0x7f00000000c0)={0x0}) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc02864ca, &(0x7f0000000180)={&(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], 0xfff, 0x2, 0x4, 0x0}) r3 = syz_open_dev$dri(&(0x7f0000000300), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r3, 0xc02864ca, &(0x7f0000000480)={0x0, 0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000200)={r1, 0x1, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(r3, 0xc01064c1, &(0x7f0000000240)={r1, 0x0, r4}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f00000001c0)={r1, 0x0, r2}) 21:16:47 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREMOVE(r1, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) accept$inet(r0, 0x0, &(0x7f0000000040)) write$P9_RGETLOCK(r1, &(0x7f00000000c0)={0x1f, 0x37, 0x2, {0x2, 0x568, 0x0, 0xffffffffffffffff, 0x1, ')'}}, 0x1f) 21:16:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/56) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000000)=""/1) 21:16:47 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x7, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:47 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:48 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x0, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) ioctl$FBIOBLANK(r1, 0x4611, 0x1) read$fb(r1, &(0x7f0000000140)=""/112, 0x70) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_PLL_SET(r0, 0x40207012, &(0x7f0000000000)={0x9, 0x3, 0x3, 0x23, 0x20, 0x401, 0x4}) syz_open_dev$rtc(&(0x7f00000000c0), 0x9, 0x0) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f00000001c0)) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r3, 0x7003) ioctl$RTC_PLL_GET(r3, 0x80207011, &(0x7f0000000200)) 21:16:48 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x300, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:48 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x4, 0x2a8840) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f0000000080)=0xb) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) 21:16:48 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/105) syz_open_dev$media(&(0x7f0000000000), 0x4, 0x100) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:48 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x500, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$FBIOPAN_DISPLAY(r1, 0x4606, &(0x7f0000000640)={0x578, 0x30, 0x500, 0x360, 0x2, 0x6, 0x0, 0x0, {0x4, 0x2, 0x1}, {0x200, 0xb5}, {0x1fffc000, 0x6, 0x1}, {0x5, 0x8}, 0x0, 0x40, 0xa9, 0x3, 0x1, 0x10001, 0x0, 0x2, 0x9, 0x7, 0x0, 0x8, 0x8, 0x200, 0x1, 0x2}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x19, 0x19f, &(0x7f0000000180)="543c250c3f18f7fc62e6fb8b5fa8b90eb6f2d07efe5cdde67cf00605acdfd748725a5301c258db87e4286d1cf1217c978dd043bd0ebfc8415cb743d1a82081dec800c0865088a8badac4878662b2506a4e13096215fef63bb2543d4cdbeaabd54e850dd6170a2f1f47a2dc7818badcc873446c20f954d65453b25dfe69a8d5081175529fb7c1e8ea483323532b5e84c4a5bd9ba7e36b03e34f187378f519ec12c8e762706beb8761bc45618b12a45699bfb1baf5d7b76dff1caec58e050173d23bc19a465c2f6919e5476167c75c4b85456574b8a8cf842072d554482896fb98507a4a63b1d894b3371f712ca4d58069b97b043e4bac0dfac8574dba53d1319bbaccee337bc60b7a4b4d45e496a9a35d1484e69c5c742cf7c946a121b8596c5caeca14c94d97d9220fc93b75c157320ef04a5c42cfb8b18fd59fa7d2a9b28963f91d4706a3810b1ed49f944a2d038f83fee1a9a84611291695f8edb9328032047a5f1fb7cf84a3322aeab2f068d849fc6b9019f4fabcb54d3584c5baf76b3971740b278bf716c4598c6fbb35724e6cc247d4ac2039371bf5c0fbb59441c313e29ee4ef642b997a20d1537a1b9ac15423c8cc737855e5f9f64ccae35d19bbee2dc1692a06d1359f40e98b0ac3ec2d717804dd7dcd83f793ad9179e0b792235e2ec9504e92af19d0dad269c3872d0ca4022f1d7342b96abc87fd43aa72404a39efc5ab278da324892f1bc7bc9f0540f06b3e6c99127a0bbbebd3c361f2d3c3121a33677b2b9936ca6199499322dfece5f26563c000462ea999fa7fa154f557fed827a36413aa1e9bb0d861f1acc8eb5cb0532e515df1b8829dd9da7050819da4e4c024ede8c13e0e8bfd90844d62eb8fe9f74add1e13ac6b202331f05fd04020bc57bf91db4dd5439975a3a1b7db7403c641b8c9354bbf582010d0406356f42c35c3075afda8e1f1f6ba48821746922d61f6a847056321d42d750fa055064696a2a9d5a38b82850541992942fc17f68462722e8a245ba78af3f24689736bc13582ed567d348f6be1dbe0b4cc0b1516e803eb64f831fdb3fc1ff346e1b8a11a1f6de9928ede2e41cc79cc5ecebd1796e4f9a080a0ff441023a5dde155c1a179132b2cd8b3f642e424a133352a294f1e495780a72024fa1e573d36ed91bcb8da84356dafc771d9dbe1e0b96bab452975c1b8532ce2b0bfb8186408251b457efa86167d4261cc23fc32cdeb1ebe06f924fbb968a6c04a5ded36d8d29eb13da6ce473db30b142bb5edcf7ae95ea6b2b6034f1006b3026194fe6419391d764b6965d7fce489be6db756dd2cbfa51b6e67e5782b166cafa10fd2f787efa801b4987996a8c1155f17890753ff1728ff092e4f430233c2ca9d4737d23bc65fe33a675067f96e99b9813b1f001762ae7cfcc2d8847d579a77b66baa61a2d795490ecf28f987"}) getrusage(0x0, &(0x7f0000000580)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) ioctl$FBIOGET_VSCREENINFO(0xffffffffffffffff, 0x4600, &(0x7f00000000c0)) 21:16:48 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x600, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:48 executing program 2: getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000000)={{{@in6=@dev, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@remote}}, &(0x7f0000000100)=0xfffffffffffffe57) ioprio_get$uid(0x0, r0) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:48 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1105517, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:48 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x22000) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) write$P9_RLOPEN(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0xd, 0x1, {{0x42}, 0x8}}, 0x18) connect$can_j1939(r1, &(0x7f00000000c0)={0x1d, 0x0, 0x0, {0x0, 0xf0, 0x1}}, 0x18) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r0, 0xc00864c0, &(0x7f0000000080)) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:48 executing program 0: ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f00000000c0)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000100)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_RESET(0xffffffffffffffff, 0xc01064c4, &(0x7f0000000180)={&(0x7f0000000140)=[r0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0], 0x9}) r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x414000, 0x0) ioctl$FBIOPUT_CON2FBMAP(r2, 0x4610, &(0x7f0000000080)={0x21, 0x2}) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000040)) 21:16:48 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x700, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:48 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1105517, 0x0) 21:16:48 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x400080, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f00000000c0)={0x8, 0x8f, 0x548d}) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000000)) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xfff, 0x10000) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KDGKBDIACR(r2, 0x4b4a, 0x0) ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f0000000100)={0x252, 0x1442, 0x1, 0x9, 0x14, "41e4255f3244b7f6b72cd0e9ec5a3bca90829b"}) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r1, 0x80dc5521, &(0x7f0000000040)=""/99) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000140)={0x7f, 0x6, 0x1, 0x6, 0x9}) 21:16:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x109c00, 0x0) 21:16:48 executing program 0: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RREADLINK(r0, &(0x7f0000000080)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) 21:16:48 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x1000000, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/105) syz_open_dev$media(&(0x7f0000000000), 0x4, 0x100) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:48 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x1f, 0x1, 0x26, 0x30}, {0x1, 0x2a, 0x1, 0x9}, {0xf1ca, 0xff, 0x7, 0x3}, {0x9, 0x3, 0x3f, 0x200}, {0x7, 0x1, 0x20, 0x9}, {0x4, 0x6, 0x5, 0xc876}]}) 21:16:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x66180, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RSETATTR(r1, &(0x7f0000000040)={0x7, 0x1b, 0x1}, 0x7) 21:16:48 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x2000000, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) [ 3121.654139][ T37] audit: type=1326 audit(1625347008.885:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=26387 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:48 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000080)={{{@in=@loopback, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@dev}}, &(0x7f0000000180)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@local, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6}}, &(0x7f00000002c0)=0xe8) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)=@newsa={0x21c, 0x10, 0x100, 0x70bd26, 0x25dfdbfb, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@empty, 0x4e20, 0xd0, 0x4e24, 0x0, 0x2, 0x20, 0x20, 0x88, 0x0, r0}, {@in6=@rand_addr=' \x01\x00', 0x4d4, 0xb5}, @in=@private=0xa010100, {0x2, 0xd3, 0x3, 0x2, 0x164, 0x6, 0x1, 0x20}, {0x340000000000, 0x1, 0x200, 0x1000}, {0x0, 0xffff, 0x4}, 0x70bd2b, 0x3505, 0xa, 0x3, 0x6, 0xa}, [@user_kmaddress={0x2c, 0x13, {@in=@dev={0xac, 0x14, 0x14, 0x40}, @in=@empty, 0x0, 0xa}}, @srcaddr={0x14, 0xd, @in=@loopback}, @extra_flags={0x8}, @sa={0xe4, 0x6, {{@in6=@dev={0xfe, 0x80, '\x00', 0x41}, @in6=@empty, 0x4e23, 0x0, 0x4e24, 0x0, 0x2, 0x80, 0x0, 0x11, r1, 0xee01}, {@in6=@dev={0xfe, 0x80, '\x00', 0x2f}, 0x4d6, 0x33}, @in=@dev={0xac, 0x14, 0x14, 0x17}, {0x3, 0x494d094b, 0xcfca, 0x6, 0xbf4, 0xfffffffffffffff7, 0x1ff, 0x7}, {0x401, 0x0, 0x80, 0xe95f}, {0x5, 0x8, 0x80000001}, 0x70bd28, 0x3502, 0xa, 0x3, 0x1, 0x18}}]}, 0x21c}, 0x1, 0x0, 0x0, 0x20040}, 0xc004) syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:48 executing program 0: write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RLCREATE(r0, &(0x7f00000000c0)={0x18, 0xf, 0x1, {{0x80, 0x2, 0x6}, 0x37}}, 0x18) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f0000000040)) socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000100)) 21:16:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x109c00, 0x0) 21:16:49 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x3000000, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:49 executing program 0: socketpair(0x2b, 0x4, 0x40000000, &(0x7f0000000000)) r0 = socket$inet(0x2, 0x6, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000040)={r0, 0x5d1b}) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000080)=0x1) 21:16:49 executing program 4: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREMOVE(r1, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) accept$inet(r0, 0x0, &(0x7f0000000040)) write$P9_RGETLOCK(r1, &(0x7f00000000c0)={0x1f, 0x37, 0x2, {0x2, 0x568, 0x0, 0xffffffffffffffff, 0x1, ')'}}, 0x1f) 21:16:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2500, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:49 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x4000000, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:49 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000040)={r0, 0x7}) 21:16:49 executing program 2: r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000040)={'broute\x00', 0x0, 0x0, 0x0, [0xffe, 0xfffffffffffffff7, 0x2, 0x6, 0x1, 0x7ffc], 0x8, &(0x7f0000000000)=[{}, {}], 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, 0xf8) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) 21:16:49 executing program 4: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREMOVE(r1, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) accept$inet(r0, 0x0, &(0x7f0000000040)) write$P9_RGETLOCK(r1, &(0x7f00000000c0)={0x1f, 0x37, 0x2, {0x2, 0x568, 0x0, 0xffffffffffffffff, 0x1, ')'}}, 0x1f) 21:16:49 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x5000000, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:49 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f00000004c0)=ANY=[@ANYBLOB="e8358a00080211000000080211000000ffffffffffff05000d9dc82aff00080211000000505050505050ffffffffffff985fa5204dda7887d84c1037dc726c0800002ad5a5be3a165c91e0512b9595b04ad73171d97e6d6df4f5266988baccfb932312bff5fd20e78a8797c66b20f53f4f5d3bdab67d06a7b57a3d561443d34d3e2ec81aa500aa8083eb41a0830611f80425935468f087d177207edf77043d635ab3919e0a0f48300727b98caf015e37a4619e8c696b7ae5fc8191f81929afc3cc8655e6644c0e4c68db56815794d1832dbee37bed2abd4760db5096ec829656a539fa0045d3f109c69c18e96f0a4535789393b3f53e4f26e49556110e7e70ae8f07c02beea207b6b9edc7e4048585f4db1d1680019f381a8a5bee3df7519ea97c143f560e7b5c89a7e88d67cd02812b90d40be6b74bd4e4869dfdcf90ef079c344445adf8d7cf8ae02f992f15f8b8dfe0a62f6fb2aaaaacd773e43554d144a563b6d7958c816920ba5c15888758c39dc4279950e3b4352bfb266c6b2b9c415a3e53777872dc782968ae2456ad32820f4351afbb97681b755cc6c4215f4d9e04a7040ee341f6009e3a346dc4e3d5b5d63364480cb98231b6b0a761a5cabc1b41a447aad2f40a0735568b25f7e6db0b975421f48b39e1a80ae8361256bbea0ae659f0c26483dab41d42ac990078835e5a215aece4e4588c87962765d4f2f8e74d66e4e5582ccff83a30e021177f9e6aa5e6118e31a608d94211c879328c2bc582996f0073d179854b1de2b8dab660eb657f90a0314f30a841f23dc629f10319a48f81083cd4c7be77d5820cfc314d9519a60267691d127f5ba2da9ad8a1457e83df7764d3292ae097dfcf8d53a81b2659b787bcafb8d669c41be9383f8b2c7f2501ded3bcef273095d2a864785c84b7f0b347a14f20def85b02d9ebd96df9913541599f89341e41678593a3368d68dc932e7caacd1e5852917e8b60025a941f8807a43ec679267727dc19301b71c5503f53633ca8f25b948fcd1df646ec252a68d32fd87191e09723473f4a5529092939af7395c30f035ea05ee330a012708884ee76c3dd6cb5cfac05769f691255539ade05eff4a15dd71ff4bc8f2276b642cc43737af9ab8c045bd30ae1a3e250f84bd880d44da21ee261a29f394dac3a8da949fa7dcbef97908491892949c048a8539e90c6db2dde8d5b90bff2174266c528ac59f7a6b944f715b2b3e9184850d585430b6507dadfe4ce5fc4d313d89df7437038895be7d260c5b359e18add35a8946471c7cfa21e2ff889ffff8c103df5ca28060a9a4610aa2fcd0c19610ce9fee07a4eb647a6bf5a5a6c03b9abc6f2f4350c69816f8dd0b68215e5445a1c32df84165c792ef6294fea653f1fc118011812ce6752330cceec609e26bd65"], 0x382) set_tid_address(&(0x7f0000000080)) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) set_tid_address(&(0x7f0000000140)) write$P9_RLINK(r0, &(0x7f0000000100)={0x7, 0x47, 0x1}, 0x7) syz_80211_inject_frame(&(0x7f0000000440)=@device_b, &(0x7f0000002f40)=ANY=[@ANYBLOB="58a30000ffffffffffff08021100000108021100000182020802110000010802110000010802110000004900855bb8b3208e93cbdcaf856b04fd3ef174a4786e356db983eb6fd9ad55f4ea0c60aaa3c80dd03ebd56d6b90fa198d5cba71375c747bbe836827c609d6c7f54671b69262e97f7e189d70008021100000008021100000092002daa1ab476fe814e97ed38feb3db5496ed91e6609d8eed36513b9be55727363b240d3c9fb2d10a94ae0435df61237b1f27acf75d1c42a7960f3784e9f2ab2518be3bb1d771b5ad0cac393b8b9dae938608dd2be675440dd36ff5447e3780602b01b0179e8a73c40276d41169d98c901352037983d38df7d938156c94c117d83be1393fcca942fd7cc7ed9c6212ada74c0bb3080211000001ffffffffffff5000a9b9e84044f27c1476aae769bd71122e2bc5c706b6ca0db84c94f627d4a014d94333c2885ee548ab44241ab3c2e1e06fa3d3d6341bfd8d7dc707d629cbe19d0aa477c7580c1f8d1a15db878d42ee12800000080211000000080211000000e9008b742e0ba0202435cd02a795544f6026fdfba2d7c5499984838d2f776eeb5b1e32cabf9338604ba160a09c28e922c6c5aa90947278de2cdc3c8aa6b726e5c4d15ef45b86d799083ddcb222598e8325c7134b17f328259e4b6070729542751427788b5082440d7bcbd44d28f8795020b4343729b2ee5a13bfcfc8c63d59abefc992015563c1cea0ea644ac4016d4c7151dc59711d15a5db2dc3431b364a78c9db48c29fa533cba02b570f1008252921e5421c56a4bcfebe9c3ebdfb1bd5edc44e471fd260e3d56fbb7c960e09729cfe51629e9c6d7d00edd7b1b1d5bc6da88bafd777a9546377f492a800ffffffffffffffffffffffffcb00cacf43edf65652a2df2a9d07777c7fe890aa40fd5833f14551844bc021c0a5425e20dafca7188eb5381d2820d97909f0564878abf44913921ee03b404f0501b637cdb735c4907651bf45d90fd296a3a5b135843ee96662ea8c86df52b48865a31aa71703fc1eac65b05151796a1576baa74473e983737c8cbab5879f098d23ffeb0b7734e2b0ef272f41d2ce778f66891e68108bc0a08040745c5eb5fd8e9546d521ba379188cf0a409c365559b0718151b3ffd49045c19c394905ebb24582fcb2cef3e7b8636f7d789d0c000000080211000000ffffffffffff6400ac82f0afdcad992aa51283cace8aca324386c87ffd6294ec0e45f05a118047ad672bee2fb0c0817a70aa3ea8aef583152070ee4fe4359cb7c13cea27c1c948742edd7cea39020a78178a70edb13065c02c83275573031b5a03c39779ece788acf9292d930000080211000001ffffffffffff0010d83101630d3c914e3b9024ef1963c65400c1abe423dc36d2345b35fccb66a01da1e3e4b3495efcb2d0c39e53c5eeef2c7b9960aef0d54e2f8fd623a41d43e232b2f9e6ceb9759db7a3e74aaecc0c011047e5fe0df5e84231b5cb0b6c43fb9088cfdefbb89a562c33aefc83039ecc5c7cff0316dce35266a4ca7c400f2b900ce6f2bf8fe3dcd539949dcaf2fcb5e30cfdaabb9a2d275aa9753d1e752cc5de3a51c5c605356ed51499e3aca39e36c058f96dd9c0247a7a94c444dc2c40cb037f51590af1c75df29889c09c0c44559bae3db4c674f226be5e5de2109483b0d5c80ed04cf34debea2db64a3320a638c1a7b6d4868bc29ff5b4084c5588384972d6d799d1a1ec88e5d90e97c59a114928e6673aaded6f0c98eb69c5e4e587670df66e7e45c306bcefa7051522528b4f6e46cbbaa95a603332efa7f3ce1cd2450a4074773bba205333346e0a8c7d3b33d27bff5bd2d260d7a9cbe5304edc93c25f2be14b8835040eab2010e8eb8f9be395bbd561dfb0915c400762b7ece6e9668859e35c51b89e41866d0ebccd785fbb90405e386c29a459977c7e07864e6579429dc18449c528512645b5ed7201261ced0d7c23943d959cf7f37ca96e6d431e7734b55823d64eb9c14fb57e7c6db410d6431b88ae63a139df434c89952c5105f2d5f7429f78ba7522712d51cac8f7f22e4e651a8c6aa8ad4f97b0a7fa10cd406266b9399f54158dd1393ad1cb53eacd35811cc8f3e32233364d04fdc6765a92c39991a5e35ce3f221b95c5815c91a241ece3259a6078c4f311d8482ff5c5495c785d13ba85b8bc6f45f72ce48411fee9f0e030bf127a2a9ff2d5d9b9dd5b84ae95b54305c36df9c68f80775553ef5f788b42ba3f76c58e0447e556b1de85b0284b25cb94692faf058f2d7255640abd856b5d47dbdffa9738fb6fde4df7296a29ec3f2571f3be21af64f1f6652351b727a52e5a78256ba119357fb81f8de4421ac76dd5b1e4dd8ebc82aa2792c720b0f7bf433b96effb9a11f651931be8b98441dbd36db179140767374e0177c92e23412ef7fb3ddcda0141e97af4bc7f68ed52d7f132c20c1d87ec1e97a5d4a98478e995cd493f9c3cf8f22967d16fd0c1fee4c87da26b9bb4114ccc00ea0090accf640014e581ad682a1517f9b6cec9879f0ec2c9f7f4cf3f2777de767b8a2a694153c7d5957c76bfa807afdabc757818a92c477a7d5addeb087820ec42336af1fe1315096021ecc437887d1beeb5bdda503eef6337066fe294787499378bea937c9494f6d0613a6c62ddf00e6a6412885b619ca2d1037de53dca7fec089621ba5681e9d1ec52a7f128ce6db7f6e42e5f77a9d5c9e6ddc86646631a340e71194c2d9dd82d8bc0cb0a918f22ae18e5f16d994695e5085720d41400f2d22e7aa1d4729847bf5a305bcead7f3f27c6765e20b24d2d473c979051ec65ad484214ded127ce3aaa3a86ab55dcf723e92e9ca8db7bec34fb4f769487c90dfd815fa83b11cf531680f88895bf520581949a3cd5b10becb3843eed1d44ba5137ed06535e38aa73e52472beaf5a0420e2d8e61c870e7f67cf6b7f8acddf9ccb9b4ce771a424ec014e03f9bb8cf12e6d4870c8b999041e37bc3f67a5e01bf6431e429d3b47501c3d22150d977f24d5a650ccb93d4123fff4e1a8b15619e6cba8c51cf2ee7611625c41cd61f38da87530904995e5f1b658fc472ce7bfc091b7b84ed51d5ac38dd802ec8ff95da3467a8e5870f5dcf6c96468c393b1e4f06a0020bca5037ce0bef2f493ddb0e851b80d1f60c12015a40c0e5ed77d214dee8d7e1261358ce9d80548676b87bf6203316b11e55557d00910ebff2c105c2f542a126f914b7bf5cd59d32b2f70923f722e99cf6f909d3861cf639b268432719cad269943930c636af9022ad4beb21bb71e86a3dc2ca975cc4b9b827527e67edc273622b888bd9fa0fff80535089b1bc7b6c1b6237cacc8339309a48ee07f957f9e3dea6e2281596658782e4ca1b1050e0a310e3cd50166b2d66eeef71a19ccd696aca42cdc46e3a68287b7da87152805b1fe7b7371926b072f4db9d6cf183fde8610a61ce28cf0d7efd97df5a75ed473f82a34d43d9adb2513ccb7661396693047ceff278ffcd070735e096f93f4fc516338002f170915f54c108fa774d13ecd9f728cfb796741c00a9df830b3dfc94f075bebda6819bb495fbf2e31525577d849a48555e3d6611c26beb42cb7e11729f5b9451daa217d635690691037d7b303962f8c918e0b4f1ce467bb4a80b48e404a1c55b10a095a842d462f721156427d937423ec2e317846f409d62cafae81d4b92e6a0be725566b1cec2d00848f3f9390b4cf378324e7da02f6202587691544c1a3cf7f086f571a62452ba28b8ede59c85b68fb43386f9f6d5a441369d8b926eab78f8d12f8cdf215fa57234a11e2f7928d99b86af3368fe3308bcdc08aa520fcf35916e59c1604f62795bd6d4d3ef07a4b48777168d22b4140eecc63bb059e15fe1fbbe0cd3e0460684fa210fa1ee32d0c0d1d12058f2767a8624d09686ed732c012d6916f590828f6d5151873a06b06cf9ac0f7b2dd3911529bbe3aa008ce42d7fd065bc0cd3a809f7257ee9ce1813a1665fa1127122c565b3436c120396b10a5905db193bf5b2b333f287bce931bbe6c8d9b3df3e16fdc84b1a721735983d8a5598943fe3a8932f335e688cf02bbe718bfa587dce2b03e481bad92b4016e3d50245fd4bb86a74d9e1ca467f8f5b27b6ae7528b7bca501c9d19ea64a735ece06c378594b8f4ab3aefcf6c09e8a4e06d0d70183aa299cdea2b2f5fce55e999c958b116652326d99997cf6c3d65fa436ee7618b984ef27e7d2464377e725b392178881d88d81bb88a304808d63081ac3aba1aebf2d473c08c2832d6c738ffd0e1988f8ebf8d0cbe75217f21653946e4f7d8ed0553924748d1a6fc7c73ecf7a8953b93d85bc2e7e105d8c8bf44a3e0508d320f8cf32c3140888a0f165ceaee44c94a458d03371c6e4ce5f2a9180fedc8edada119b50363b9f91373e308451daa67aa36e5a4f93d311f0ac6040ca95ba3386e0b4d5fb50a6147f71fedc7aff8f8653c3669d705304950a758537555c7979dc9e1a26b23d86b0ef8e89d68f6493fced11bf16be60fe7964c0f3b40b714c951145855c70cfff8a5011c7f1a9bbd5e0ec719574d910db6ba173ba3eefdf97a5e8880343b4d0d29cfb9cd46c542bacbe72e6669eaff5964b3a8d6ffb64ccc13949a63cb45e8777912de53b1d19f576c63ca472dd4c0c689cad34b8ce8aa30925e7b40ea71f61cfffef0ef4fbc1a6a43d840ffc29179973d60675459c9a2dd61f3ddb315312dfe3931e4953c6a5a31f64e9cfdf05a312091b8d83c10006bce0b40d6676782925e8406af330c0176e72098f08442790e0b9ca0ce388c56a8a0146a026b3ea872324e83bab900b41567ae8b3564570e2cef9b00ba4f0e8aa931331ecb264780f931969494de2973aeb0e84d2e17a3461a7f03ae4e11646c0c01f7ac4c6c59f54d45ec7c47e330be9a4aed7ebaadac44019632ebeae7954e1d47a476ce6ca12420514bfed5b4ce67e05c26ca72e864ffb1f44ac7ec6e354fcaf52626de80e1d5a54f6601dd933b96ec29ac8fcc2ff8744a93a268e24a5d9a867fc469d3d271c06e8ea0b4ea3319e2c243f9eb0f81b60d98cfa697be5d1ca5b65dd92b49cc980193e81461d49ec2cc14dc0eda7beb3bed4ce6887979fd7b6cebf66cb05978e0c4ce01bcb9fbaf0359003cafa3c05516e48f40c3a575d09835586bdf0985f5d7d4b056ed33ad4aac795e5135400ddab701906338175c7a0da49465e4e08ac267833f7d78150fc0abe968fe0a7d6448297ead578e7c973df62961679e95fe37ccb6a9d47817122129a979a679a1d3321143228e64e7324bffda0a4d734b79f80d615e72de2a0bc8bf453715acd0bd2833b66479a1e347292a143f77e9e0bc255388d82d0333b089d72b88fac40742dfecc7d58ce5a20108d3e2abb58ac0e821e705743348a3755154e957e47e8b832b1012de1548c7e09e1207dc4ca2827b43bcf30ac29f6054f5226f507234f791a3a7876af8abbd38d4550f983870994e47312454c5f956cd3bdf0ac4485a26f7875da18b57cc90057897ad89929b2ae4bac70cf18f4fc494c58ca2af9c442ff95897517bfdc74497f7044f56b04512f3130be4ffc9952cbc88d457d69aa471de7b1c98a3c12640512fc117b7743ed0e4cbdabbdd316e2daf934f7d1082009f1a30a0dac24675365fae87d2599e107c0d11da837571122fa042f01541a8c8b8bfd0f62a50e97388790a4368767a347806f4b93ce80b0e36c1609cc8d517b517f86f6b7e07dbcb415514e5d33d809710639cc53a1db1f92d9541b77e3d9934456e9465f8aba72f238b1a9f72310c6b3ce8245f40642a141e7cbf05f2640307257ad0337ef7559a8bce9a44ed6486a9038873894cd6c0fa7940647b413944c84cc946cb8bb7f72edb911ac6557a88b23e097957bc303c0cb6d31f6b69f1838daaacaab86fdca816fe11b16b330078b78dec816a2b49805fabe35ac3292b558ac0fe3ef058db88331f1a37f5c05e434b0dfabf3feaaa608b11ef5478d15457180f25fbb05a0ca0d6e40e47d897d8ef8b8694f2156121af7a2280fc17e6239eee1e46c4137af6ad986e99adf7948b2689437b175435a7c8fe835914f3bc5680e798c0307356946677a574c799fe3073adb35fc51615427ff2ed727ece6f79a7227a4274dfe7c882a93b79952bb1bba0e4be3d6c05b46b79d13afc4a6fc697eddd18652bdab3ba061d5b3796d3357a5df3b34ade690b9c0a895b0595b5cde8288debd3754b6ed9bc630b72245716f6b405b06eb04c3fcef0aaa42cf6042e49f9144559198c35d178f3fd44e51737a6941608ee69adc3327c087bf33410cbb5357049319418c523e54d8870386a6b61abfed9083f63551ec4def04ae932ca18a86a42854850cb326700809a87020273ef720cc9fcf8a1d94c657ba98afa78242d1f84df3c43915ee8e41229854b6e9668a1e12152b913349bca54f77df5de3f3fa857ce97a00806de094fa32a3cab309551cc649afc5087f2942738c444aa803102c7e4009fe85bc7a6428c0a5117fd9a232f9c2d085568daa2498e79aa6d6a7469948f3396569ddf024a454fa2e640dc65e41d1e68c2bec84ceebbd46fb85d3f75fc22b64c60d7674bce7ffb68f34e7f38f178a8bf5910c2ea085d399284b02af96454d4a8e7e6ee2425cecc78452aa535fc69a869e05fe58760bc4ae78b4aadc980d911e89518dcf7c706381185425e48f8ccbae0ff862e6e9dfceb79a3a039f8c81fc3bb1b5c4da0701b114ebd52cae673bbdd0481074f1dd39ff5e0f025f19a2ea7725cd559f04a872d14cdfae0ebab0c1639679d21ae84d77cfcbe76c42139a01021ab849b77aae48ced3e54118a3da3170e825a7881fff8a41bfb8102489477c814f4f8f16ee6927f115c2d9a1bb7a7ba0961b187d5ea274e93e074a6dba879f3af980ef2f1494bf7760e2593f3c7d4abd3793e1f9c625b6f38fbf967386536148074fd39367dc1b655d2902c0ae2c5b148cb9ed0da44ce6d3e6ae2aa60f98b66589077dbca0e539d78fb5e3594e936c05a991461b81910602e93002307bd9b28446c23f67d40cf078f8051e94e61145f422d849fa227fd6cbc05f9add04a2c7e0819caabf939e0b254027057b5ea67786c037a1bf6f1cd762f3f88b667003f9d4802e5f9fb4c62c8b73d8790000ffffffffffff08021100000184005459f41526c4dbb3dd073306134dc903efe8b726f37050fd7582012c2fa31df7386ca497a77f5cdcfa7570c8bccc2eb67c9b4b179028a7fa61e6f7084455e64c0c6de4566da802d6989804aa99096d40d9ab0aa7be803bc8a0276ed58ccd9ccacc2dc9acd4630c9fd444d553c5b967c5beb700c18ec05859be43c8eb8f4d9c100e0fcffc0000ffffffffffffffffffffffff05002d13ec2d6c006f363f25e600304d3dc98ebcaa981171aec436bfc936737dd915f3a93caaba304ebeb8097f8d5bf5478e6c1c2c52d613a8d85f1871a54e8b2ab512a3f3c1153ea68402cc099ee646a2dec5379e7f72862d63a83df30a9edd653c859c57262382b55954cf48be99f0005a32e478487ea89c535b5a271609cef2cee9761eb878bce441b2ee01c4073883e122bc6a6759c25b7f58a008436962e8bd660f32ba5c809a14bca7df3c1bf87e2f9d2be3462f375f914bada09b750b24695336132128cc0a2d5f2cc50322559bde831406b733b421650d7732adda245e5bec71d2b9624533c589b13899258d85092326ac8cc4b6f92d55f4df18455cada6eb367dd048691263ff09d6aca71a58da5944f4946667d36417263340f1fba7a7ae8bd24f55"], 0x1476) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(0xffffffffffffffff, 0xc008551c, &(0x7f0000000180)=ANY=[@ANYBLOB="04000000180000000500000003c83e84710000f0ff1000002000000000000000000000000f011275390d9af5b54fd7b988b25011b90013c1b6e0dbf009b0d42d8d8929"]) 21:16:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_RESET(0xffffffffffffffff, 0xc01064c4, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:49 executing program 0: ioctl$FBIOGET_CON2FBMAP(0xffffffffffffffff, 0x460f, &(0x7f0000000040)={0xf, 0x1}) socketpair(0x1e, 0x5, 0x0, &(0x7f0000000080)) 21:16:49 executing program 0: getitimer(0x1, &(0x7f0000000040)) socketpair(0x1e, 0x6, 0x0, &(0x7f0000000000)) 21:16:49 executing program 4: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREMOVE(r1, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) accept$inet(r0, 0x0, &(0x7f0000000040)) write$P9_RGETLOCK(r1, &(0x7f00000000c0)={0x1f, 0x37, 0x2, {0x2, 0x568, 0x0, 0xffffffffffffffff, 0x1, ')'}}, 0x1f) 21:16:49 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x6000000, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:49 executing program 3: ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045542, &(0x7f0000000040)=0x2004fb7) openat$ptmx(0xffffffffffffff9c, 0x0, 0x40000, 0x0) 21:16:49 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) sync() 21:16:50 executing program 4: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREMOVE(r1, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) accept$inet(r0, 0x0, &(0x7f0000000040)) 21:16:50 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x7000000, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x773f, 0x100) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000000c0)={0x3, 0x20004, 0x9, 0x9, '\x00', '\x00', '\x00', 0x5, 0x3f, 0x7, 0x6, "506dacc76a99216bf2ab0a999dc8235e"}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0xf, 0x1, {{0x10, 0x3, 0x7}, 0x2}}, 0x18) 21:16:50 executing program 4: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RREMOVE(r1, &(0x7f0000000100)={0x7, 0x7b, 0x2}, 0x7) accept$inet(r0, 0x0, &(0x7f0000000040)) 21:16:50 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) sched_yield() openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x153800, 0x0) 21:16:50 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000200)={'nat\x00', 0x0, 0x0, 0x0, [0x3, 0x80000001, 0x4, 0x7fff, 0xffffffff, 0x8], 0x3, &(0x7f0000000180), 0x0, [{}, {}, {}]}, 0xa8) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, 0x0) clock_gettime(0x0, &(0x7f00000000c0)) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000100)={0x5, 0x3, 0x4, 0x10, 0x3f, {}, {0x1, 0x0, 0x6, 0x80, 0xb5, 0x7f, '23g#'}, 0x1, 0x4, @fd, 0x23}) ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000040)={0x0, 0xf70eb85482427d13, 0x4, 0x4, 0x3, {0x77359400}, {0x3, 0x8, 0x3b, 0x3, 0x7, 0x1, "3b8d252c"}, 0x40, 0x2, @fd, 0xd}) 21:16:50 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x7, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:50 executing program 4: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) accept$inet(r0, 0x0, &(0x7f0000000040)) 21:16:50 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) r1 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000000)) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@local, @in6}}, {{@in=@local}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xe8) ioctl$RTC_UIE_OFF(r0, 0x7004) ioctl$RTC_PLL_GET(r0, 0x80207011, &(0x7f0000000040)) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000200)={0x7, 0x6d, 0x1}, 0x7) r2 = socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPCONNDEL(r2, 0x400443c9, &(0x7f0000000280)={@none}) socketpair(0x1e, 0xa, 0x3, &(0x7f0000000000)) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00'}) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f00000002c0)) 21:16:50 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x1a, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:50 executing program 2: syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000100)={'nat\x00', 0x0, 0x0, 0x0, [0x100, 0x6, 0x3, 0x1, 0x35, 0x80000001], 0x5, &(0x7f0000000080)=[{}, {}], 0x0, [{}, {}, {}, {}, {}]}, 0xc8) fork() r0 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000000)) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000200)={0x0, &(0x7f0000000240)}) socket(0x66, 0x3, 0x3) 21:16:50 executing program 4: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000040), 0x80000) accept$inet(r0, 0x0, &(0x7f0000000040)) 21:16:50 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:50 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040), &(0x7f0000000080)=@mgmt_frame=@action={@with_ht={{{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0xff}, @device_a, @device_a, @initial, {0x0, 0x924}}, @ver_80211n={0x0, 0x5, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}}, @channel_switch={0x0, 0x4, {{0x25, 0x3, {0x1, 0xae, 0x7}}, @void, @void}}}, 0x23) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:50 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)) prctl$PR_SET_PDEATHSIG(0x1, 0x19) 21:16:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xc8883, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x40401, 0x0) write$vga_arbiter(r1, &(0x7f0000000040)=ANY=[], 0x14) write$vga_arbiter(r1, &(0x7f0000000080)=@unlock_all, 0xb) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r3, 0x6b, 0x4, &(0x7f00000000c0)=0x1, 0x4) ioctl$KDSETKEYCODE(r2, 0x4b4d, &(0x7f0000000040)={0x31a, 0x2}) ioctl$KDDISABIO(r2, 0x4b37) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(0xffffffffffffffff, 0xc02064c3, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x100000000, 0x6, 0x2}) 21:16:51 executing program 0: r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000040), 0x4) socketpair(0x1e, 0x0, 0x8, &(0x7f0000000000)) 21:16:51 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x2, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:51 executing program 4: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept$inet(r0, 0x0, &(0x7f0000000040)) 21:16:51 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0x1, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RUNLINKAT(r0, &(0x7f0000000040)={0x7, 0x4d, 0x1}, 0x7) 21:16:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KDMKTONE(r0, 0x4b30, 0x6) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:51 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x3, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:51 executing program 4: accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000040)) 21:16:51 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000040)={0x8, &(0x7f00000000c0)=[{@none}, {}, {}, {@fixed}, {@fixed}, {}, {@fixed}, {@fixed}]}) 21:16:51 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x8, 0x28, 0x0, 0x6}, {0x7, 0x20, 0x1, 0x6130}, {0x6, 0x20, 0x0, 0x2}]}) 21:16:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ORIGINATORS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r0, 0x800, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x40c0) 21:16:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x141800, 0x0) 21:16:51 executing program 0: socketpair(0x1e, 0x4, 0x3, &(0x7f0000000000)) 21:16:51 executing program 4: accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000040)) 21:16:51 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x4, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) [ 3124.168284][T22176] team0 (unregistering): Port device team_slave_1 removed 21:16:51 executing program 4: accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000040)) 21:16:51 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x800, 0x9) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x0, &(0x7f0000000040)}) r1 = socket$inet(0x2, 0x4, 0x7f) r2 = accept$inet(r1, &(0x7f0000000200), &(0x7f0000000240)=0x10) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RAUTH(r3, &(0x7f0000000080)={0x14, 0x67, 0x0, {0x0, 0x3, 0x5}}, 0x14) write$P9_RGETATTR(r3, &(0x7f00000002c0)={0xa0, 0x19, 0x2, {0x1a0c, {0x2, 0x0, 0x6}, 0x100, 0xee01, 0xee01, 0x1, 0x800, 0x47e2, 0x7, 0x20, 0x4, 0x1fa, 0x5, 0xa2, 0xbb7, 0x35, 0x1000, 0x0, 0xe0b5, 0x3}}, 0xa0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x5, &(0x7f0000000140)=[{0x3, 0x0, 0x3, 0x800}, {0x8000, 0x2, 0x4, 0x800}, {0xfffb, 0xfb, 0x2, 0x1}, {0x7, 0x7, 0x7, 0x32}, {0x4, 0x7, 0x8, 0xd2f}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0xa, &(0x7f00000000c0)=[{0xe0, 0xff, 0x2}, {0x0, 0x8, 0x3, 0x3}, {0x3aef, 0x2, 0x40, 0x2}, {0x6, 0x4, 0x2, 0x2}, {0xb37, 0x6, 0x8, 0x400}, {0x1, 0x3, 0x3f, 0x5}, {0x5, 0x6, 0x4d, 0x92}, {0xdbc2, 0x9, 0xf8, 0x3ff}, {0xff, 0x6, 0x7, 0x9}, {0xf001, 0x20, 0x6, 0xfe}]}) accept4$inet(r2, 0x0, &(0x7f0000000280), 0x80000) pipe2$9p(&(0x7f00000001c0), 0x80000) 21:16:51 executing program 0: socketpair(0x1e, 0x3, 0x0, &(0x7f0000000000)) fork() r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={0x0, @ax25={0x3, @bcast, 0x6}, @isdn={0x22, 0x8, 0x5, 0x3f, 0x81}, @vsock={0x28, 0x0, 0x0, @host}, 0x7, 0x0, 0x0, 0x0, 0x200, 0x0, 0x133, 0xfff, 0x5}) prctl$PR_SVE_GET_VL(0x33, 0xeda6) prctl$PR_SVE_GET_VL(0x33, 0x19d38) socket$inet6(0xa, 0x2, 0x7fff) [ 3124.335984][T22176] team0 (unregistering): Port device team_slave_0 removed [ 3124.399495][T22176] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface 21:16:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) openat$ptmx(0xffffffffffffff9c, 0x0, 0x101800, 0x0) 21:16:51 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x5, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) [ 3124.446100][ T37] audit: type=1326 audit(1625347011.675:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=26632 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 3124.468045][ C0] vkms_vblank_simulate: vblank timer overrun 21:16:51 executing program 4: socketpair(0x0, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept$inet(r0, 0x0, &(0x7f0000000040)) [ 3124.489586][T22176] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface 21:16:51 executing program 4: socketpair(0x0, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept$inet(r0, 0x0, &(0x7f0000000040)) 21:16:51 executing program 1: syz_80211_inject_frame(&(0x7f0000000080)=@broadcast, 0x0, 0xfd39) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f0000000040)={0x9, 0x1, 0xfffff800, 0x6f, 'syz0\x00', 0xb}) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) 21:16:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) write$P9_RSETATTR(0xffffffffffffffff, &(0x7f00000002c0)={0x7, 0x1b, 0x2}, 0x7) r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000180)={0x5, &(0x7f0000000140)=[{}, {}, {}, {}, {}]}) clock_gettime(0x0, &(0x7f0000000000)) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={r2, r3+10000000}, &(0x7f00000000c0)) r4 = socket(0x29, 0x2, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r4, 0x400443c8, &(0x7f0000000000)) accept$inet(r4, &(0x7f0000000240)={0x2, 0x0, @multicast2}, &(0x7f0000000280)=0x10) clock_gettime(0x2, &(0x7f00000001c0)={0x0, 0x0}) clock_nanosleep(0x6, 0x0, &(0x7f0000000200)={r5, r6+60000000}, 0x0) 21:16:51 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x6, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:52 executing program 4: socketpair(0x0, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept$inet(r0, 0x0, &(0x7f0000000040)) [ 3124.745747][T22176] bond0 (unregistering): Released all slaves 21:16:52 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x7, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:52 executing program 4: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept$inet(r0, 0x0, &(0x7f0000000040)) [ 3125.213020][ T37] audit: type=1326 audit(1625347012.445:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=26632 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 [ 3125.234868][ C0] vkms_vblank_simulate: vblank timer overrun 21:16:52 executing program 2: prctl$PR_SET_SECCOMP(0x59616d61, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0x8, 0x9, 0x10001}]}) 21:16:52 executing program 0: socketpair(0x9, 0x1, 0xfffffffd, &(0x7f0000000000)) syz_open_dev$rtc(&(0x7f0000000080), 0x10000, 0x220000) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) socket(0x6, 0x4, 0x9) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_UIE_OFF(r0, 0x7004) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000040)={0xfff9, 0x1ff, 0x9e65}) 21:16:52 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x300, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:52 executing program 4: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept$inet(r0, 0x0, &(0x7f0000000040)) 21:16:52 executing program 1: syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x0) syz_80211_inject_frame(&(0x7f0000000040), &(0x7f0000000100)=@mgmt_frame=@beacon={@with_ht={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, @device_b, @broadcast, @from_mac=@broadcast, {0x6, 0x8}}, @ver_80211n={0x0, 0x3, 0x3, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}}, 0x81, @default, 0x4100, @void, @val, @void, @void, @val={0x6, 0x2, 0x7}, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x20, 0x3, 0x4, 0x0, {0x80000000, 0x80, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1}, 0x401, 0x3c3, 0x1}}, @void, @void, @void, [{0xdd, 0xfa, "261c71ae06cc804be3e4325f010dcdfd718f1bafd64164169c00066ca10d5e00a5b280f20cef1fda264d0939932dcfc7df56a083aa07a69deeeb75687c0289b7cbdd65bd94ea241799edc58382fa1857d215050c0de47bade7e1187e2e34f7388d7265ac033a2ea373a6c86dbb9b191c6faaee9314635c503957dd437b475f4578467dc7d5f9cdf48cf6b29b81ad40054a31feca0824fd69d7abbb7829f29aba46aa7be5aa571a4337cc132912c746cde66c1e0a802a54ceb9187171f30266a56c3fee00be3919fed9278338a8219b31f83162211678d6f4c1cab99d5ed8c675054ad5bbc2d25184105a06b3ccb3dbaec3d6db978a2930876333"}]}, 0x146) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3125.344049][ T37] audit: type=1326 audit(1625347012.575:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=26713 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x0 21:16:52 executing program 0: socketpair(0x26, 0x1, 0x0, &(0x7f0000000000)) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) 21:16:52 executing program 4: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept$inet(r0, 0x0, &(0x7f0000000040)) [ 3125.579720][T22176] ------------[ cut here ]------------ [ 3125.585342][T22176] WARNING: CPU: 1 PID: 22176 at kernel/ucount.c:246 dec_ucount+0x10d/0x130 [ 3125.594757][T22176] Modules linked in: [ 3125.598910][T22176] CPU: 1 PID: 22176 Comm: kworker/u4:3 Tainted: G W 5.13.0-syzkaller #0 [ 3125.609253][T22176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3125.619993][T22176] Workqueue: netns cleanup_net [ 3125.624862][T22176] RIP: 0010:dec_ucount+0x10d/0x130 21:16:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x118080, 0x0) ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xc42c2, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000040)=""/14) openat$ptmx(0xffffffffffffff9c, 0x0, 0x163001, 0x0) 21:16:52 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000100)={0x0, 0x8, 0x500, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "845c86128cb76dcaa832e316dd442374"}) 21:16:52 executing program 4: socketpair(0x1e, 0x4, 0x0, 0x0) accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000040)) 21:16:52 executing program 0: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, @rc={0x1f, @none, 0x3}, @nfc={0x27, 0x0, 0x0, 0x7}, @sco, 0x1, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='vlan0\x00', 0x4, 0x800, 0xe3}) r1 = socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(r1, &(0x7f0000000180), 0x18) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSERGETLSR(r2, 0x5459, &(0x7f00000001c0)) setsockopt$SO_J1939_SEND_PRIO(r1, 0x6b, 0x3, &(0x7f0000000100)=0x6, 0x4) [ 3125.641097][T22176] Code: 4d 85 e4 0f 85 52 ff ff ff e8 0f f7 26 00 48 8b 3c 24 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f e9 28 f5 ff ff e8 f3 f6 26 00 <0f> 0b eb 99 48 89 ef e8 97 b4 6c 00 e9 48 ff ff ff e8 8d b4 6c 00 21:16:52 executing program 1: syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, 0x0, 0x0) sched_yield() syz_80211_inject_frame(0x0, 0x0, 0x0) [ 3125.688450][T22176] RSP: 0018:ffffc90023a1fc38 EFLAGS: 00010293 [ 3125.706722][T22176] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 3125.740150][T22176] RDX: ffff8881626354c0 RSI: ffffffff814e933d RDI: 0000000000000003 [ 3125.774032][T22176] RBP: ffff8880192d3240 R08: 0000000000000000 R09: ffff8880192d3247 [ 3125.789348][T22176] R10: ffffffff814e92ad R11: 0000000000000000 R12: ffff8880192d3200 [ 3125.807458][T22176] R13: dffffc0000000000 R14: 0000000000000040 R15: ffffffffffffffff [ 3125.824065][T22176] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 3125.846401][T22176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3125.855124][T22176] CR2: 0000000000000000 CR3: 000000014a401000 CR4: 00000000001506e0 [ 3125.864202][T22176] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3125.874576][T22176] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3125.883908][T22176] Call Trace: [ 3125.887310][T22176] cleanup_net+0x6f3/0xb10 [ 3125.892208][T22176] ? ops_free_list.part.0+0x3d0/0x3d0 [ 3125.897716][T22176] process_one_work+0x98d/0x1630 [ 3125.903047][T22176] ? pwq_dec_nr_in_flight+0x320/0x320 [ 3125.908536][T22176] ? rwlock_bug.part.0+0x90/0x90 [ 3125.913905][T22176] ? schedule+0xea/0x270 [ 3125.918268][T22176] worker_thread+0x658/0x11f0 [ 3125.923351][T22176] ? process_one_work+0x1630/0x1630 [ 3125.928669][T22176] kthread+0x3e5/0x4d0 [ 3125.933117][T22176] ? _raw_spin_unlock_irq+0x1f/0x40 [ 3125.938459][T22176] ? set_kthread_struct+0x130/0x130 [ 3125.949552][T22176] ret_from_fork+0x1f/0x30 [ 3125.954136][T22176] Kernel panic - not syncing: panic_on_warn set ... [ 3125.960773][T22176] CPU: 1 PID: 22176 Comm: kworker/u4:3 Tainted: G W 5.13.0-syzkaller #0 [ 3125.970416][T22176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3125.980575][T22176] Workqueue: netns cleanup_net [ 3125.985348][T22176] Call Trace: [ 3125.988622][T22176] dump_stack_lvl+0xcd/0x134 [ 3125.993200][T22176] panic+0x306/0x73d [ 3125.997115][T22176] ? __warn_printk+0xf3/0xf3 [ 3126.001695][T22176] ? __warn.cold+0x1a/0x44 [ 3126.006099][T22176] ? dec_ucount+0x10d/0x130 [ 3126.010674][T22176] __warn.cold+0x35/0x44 [ 3126.014942][T22176] ? dec_ucount+0x10d/0x130 [ 3126.019444][T22176] report_bug+0x1bd/0x210 [ 3126.023939][T22176] handle_bug+0x3c/0x60 [ 3126.028083][T22176] exc_invalid_op+0x14/0x40 [ 3126.032588][T22176] asm_exc_invalid_op+0x12/0x20 [ 3126.037423][T22176] RIP: 0010:dec_ucount+0x10d/0x130 [ 3126.042537][T22176] Code: 4d 85 e4 0f 85 52 ff ff ff e8 0f f7 26 00 48 8b 3c 24 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f e9 28 f5 ff ff e8 f3 f6 26 00 <0f> 0b eb 99 48 89 ef e8 97 b4 6c 00 e9 48 ff ff ff e8 8d b4 6c 00 [ 3126.062147][T22176] RSP: 0018:ffffc90023a1fc38 EFLAGS: 00010293 [ 3126.068217][T22176] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 3126.076197][T22176] RDX: ffff8881626354c0 RSI: ffffffff814e933d RDI: 0000000000000003 [ 3126.084154][T22176] RBP: ffff8880192d3240 R08: 0000000000000000 R09: ffff8880192d3247 [ 3126.092111][T22176] R10: ffffffff814e92ad R11: 0000000000000000 R12: ffff8880192d3200 [ 3126.100066][T22176] R13: dffffc0000000000 R14: 0000000000000040 R15: ffffffffffffffff [ 3126.108024][T22176] ? dec_ucount+0x7d/0x130 [ 3126.112429][T22176] ? dec_ucount+0x10d/0x130 [ 3126.116943][T22176] ? dec_ucount+0x10d/0x130 [ 3126.121433][T22176] cleanup_net+0x6f3/0xb10 [ 3126.125841][T22176] ? ops_free_list.part.0+0x3d0/0x3d0 [ 3126.131216][T22176] process_one_work+0x98d/0x1630 [ 3126.136231][T22176] ? pwq_dec_nr_in_flight+0x320/0x320 [ 3126.141589][T22176] ? rwlock_bug.part.0+0x90/0x90 [ 3126.146517][T22176] ? schedule+0xea/0x270 [ 3126.150749][T22176] worker_thread+0x658/0x11f0 [ 3126.155428][T22176] ? process_one_work+0x1630/0x1630 [ 3126.160653][T22176] kthread+0x3e5/0x4d0 [ 3126.164710][T22176] ? _raw_spin_unlock_irq+0x1f/0x40 [ 3126.169900][T22176] ? set_kthread_struct+0x130/0x130 [ 3126.175088][T22176] ret_from_fork+0x1f/0x30 [ 3126.180996][T22176] Kernel Offset: disabled [ 3126.187480][T22176] Rebooting in 86400 seconds..