last executing test programs: 1m54.580566641s ago: executing program 0 (id=565): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x3, 0x0, &(0x7f0000000340)) timer_delete(0x0) 1m54.135041604s ago: executing program 0 (id=572): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) setitimer(0x2, &(0x7f00000000c0)={{0x0, 0xea60}, {0xffffffff}}, 0x0) 1m53.855617106s ago: executing program 0 (id=577): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000200)={@private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, @private1, 0x2000001, 0x6, 0x0, 0x500, 0x0, 0x58010a}) 1m53.469643328s ago: executing program 0 (id=583): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x10, &(0x7f0000000000)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0xffffff1f}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0x2}}, [@alu={0x4, 0x1, 0x1, 0x8, 0x6}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1m53.181247642s ago: executing program 0 (id=587): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8}) 1m52.992421204s ago: executing program 0 (id=590): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) 1m36.839597629s ago: executing program 32 (id=590): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) 20.008854268s ago: executing program 3 (id=1465): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000080)="390000001300090468fe0700200000000000ff3f08000000480100100000000019002b000a0001000500000000000072080000002000030000", 0x39}], 0x1) 19.64835761s ago: executing program 1 (id=1469): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_buf(r2, 0x29, 0x1c, 0x0, 0x0) 19.314500822s ago: executing program 3 (id=1473): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r2, 0x0, 0x8008000000010, &(0x7f0000000000)="17000000020001000003d68c5ee1768812002b08020300ecff3f0002000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ab65761407a681f009cee4a5acb3da400001fb700674f39b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/184, 0xb8) 19.263566251s ago: executing program 1 (id=1474): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xd4000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000040)=@ethtool_regs={0x4, 0x0, 0xc, "f42a97b96d02674f51eae4da"}}) 18.940613356s ago: executing program 3 (id=1477): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000000200)) ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000580)={0x60, 0x1, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x6, 0x0, 0x0, 0x3ff, 0x3, 0x20, 0x8, 0x31}) 18.817546178s ago: executing program 1 (id=1478): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000a00)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) r2 = syz_io_uring_setup(0x10d2, &(0x7f0000000340)={0x0, 0x6bf6, 0x100, 0x5, 0x12}, &(0x7f00000000c0)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000040)=[0xffffffffffffffff, r2, r1, r0, r1, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2], 0x5) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0) 18.582953233s ago: executing program 3 (id=1480): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x2) fcntl$setlease(r2, 0x400, 0x300) 18.215106539s ago: executing program 3 (id=1485): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) prctl$PR_SET_MM_EXE_FILE(0x39, 0xd, 0xffffffffffffffff) 17.91925s ago: executing program 3 (id=1488): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009}) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009}) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000300)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xede, 0x0, 0x0, 0x4, 0x88000000000}, 0x0, &(0x7f0000000100)={0x8, 0x3, 0x0, 0x0, 0x2}, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r3, 0x0, 0x0, 0x1f5, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4bc323ef77d1f000071849800000000dfff00"}}) 17.643992393s ago: executing program 4 (id=1490): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48) 17.440426826s ago: executing program 4 (id=1493): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9]}}, 0x5c) 17.384005299s ago: executing program 5 (id=1494): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000002, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$can_raw(0x1d, 0x3, 0x1) close(r2) 17.222608488s ago: executing program 5 (id=1496): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) setxattr$system_posix_acl(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000580)=ANY=[@ANYBLOB="0200000001000200000000000400070000000000080000000000000020"], 0x24, 0x3) 17.17515537s ago: executing program 4 (id=1497): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x7ffffffe, 0xa, 0x0) 17.095915789s ago: executing program 4 (id=1498): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x4]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=@getsadinfo={0x14, 0x23, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x800) 17.065640953s ago: executing program 1 (id=1500): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) setreuid(0xee01, 0x0) setresuid(0x0, 0x0, 0x0) 16.999381473s ago: executing program 5 (id=1501): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x4]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r2, 0x0, 0x8008000000010, &(0x7f00000004c0)="170000000a0001000003be8c5ee17688a20032000203000a0292000098fc5ad90a00bb6a880000d6c8db0000dba67e06020000e28900000200df018002000000fc0607bdff59100ac45761547a681f009cee4a5a2d8f89814bc6c252674f00c88ebb01005033bf79ac2dfc060115003901000000000000ea0000000000000800b59bd2b8e50ce5af649a702202ffff02dfccebf6ba000840024f0298e9e90554062a80e605007f71174aa951f3c63e5a1b47b6806323deb3", 0xb8) 16.888123366s ago: executing program 4 (id=1502): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES8=r1, @ANYRES8=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) fchdir(0xffffffffffffffff) 16.824906133s ago: executing program 1 (id=1503): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000040)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_open_dev$loop(&(0x7f0000000080), 0x7, 0x28000) ioctl$BLKCRYPTOGENERATEKEY(r2, 0x4c07, 0x0) 16.818972698s ago: executing program 2 (id=1504): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x1b, 0x0, 0x0) 16.785642903s ago: executing program 5 (id=1505): rt_sigaction(0xd, &(0x7f00000001c0)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xd4000005, 0x0, {[0x9]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000080)={0xb, {'syz0\x00', 'syz1\x00', 'syz1\x00', 0x2, 0x9, 0x4, 0xd, 0x6, 0x7ff, "1b2f"}}, 0x11a) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone3(&(0x7f0000000140)={0x4000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x2}, 0x7a) 16.668016866s ago: executing program 4 (id=1506): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@index_on}]}) 16.58326491s ago: executing program 5 (id=1507): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88) 16.545499085s ago: executing program 2 (id=1508): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000040)="d88401", 0x3}, {0x0}], 0x2, 0x86, 0xfff) 16.540857819s ago: executing program 1 (id=1509): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000040)=0x4000000) 16.379098017s ago: executing program 2 (id=1510): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='+', 0x1}], 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}}], 0x1, 0x11) 16.378472976s ago: executing program 5 (id=1511): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) io_setup(0xb, &(0x7f0000000080)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffda4, 0x3, 0x0, 0x2}]) 16.289447581s ago: executing program 2 (id=1512): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = fsopen(&(0x7f0000000500)='9p\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000380)='}\x00', &(0x7f0000000880)='\xc1J\xaf\xfd,\x86\xbc\xa9\x02\xf2\xf6\xe2\xcd\x9f\xf6\x83\xeb\xba_6\xfdR\xd0\x8d\xc1\xf6.$w\xab|*`\x11H+^\xbb\x8ar\xb1\x8ec\xecQ\x94\x15\xbe\x80E\x9c\x93Hq?<(+\xceb0\xcc\xad\xdd\x1c\xee\x19\x1b\x91Z\x85\xb7\x04\xe7\xaf\xe0W,G\xc8\xc0\xbcR\x90\x17\x19@m\xa5\x19\x16i\xc8\x99)\xa5\xb0\xba\xbc\xe0rV\x06\xd0B\x0f\xcdF\xbc\x8e\x8a^%8k\x849@\x15=kxS\x1c\xc1\xdaT\x9c\b\xb6\xd8\xa0st~\xf1\x93\xb8\xba\xa5gV\x18F\x8f\xf4b\xdc\x19_P\x81\xa4\xc3\\g\x11\xd1\xc8 U\xba\x03\xc9\xf17\x88\r\xb99]\xdfM\xc8AQB\xc3\xf0\xf7t\xee\x95&w\xc3;\xf1C\xea!J\x19\xe1\xfe\x0f\x84\xdfY\x10\xed\x1c\xb2n\xc0ME\xaa\x9e\xd1f\x92q\xeb\xdb)\xcd1(>\x8e\x0f}\x03\xdd\xf8\x84\x9bz!\x80F\xc5ls< \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x98\x1c\x9f\xbd\xcd\xea\xc3w\xa3\xf5\x1d.\x00\x00\x00\xa0\xf4\xe9\xe2\x83\xac\xde\x95cmvM\x12\xc1O\x1f#\xcd\x90\x1e\x03\x1e}\xe7w\xe7\"Oh`\xed\bM9\xaf\xa3BQ\xbf\xfd1\x1cG\xb5\xed\x86\xb9Q(\x19dZ\x8da\x008e*\x928\xcf\x0f\x0e\x05\x1dM?\x11$E\xc3\x12\x1e\xffI\x84t0D\xec\xf3T\xe2\xddJm\x87\xc9\xb1\xff\n\xa1\x13\xcbo\xc6\xda\x84\x02\xa3\x14\xf2q\x96\xa8Sa\xe4\x1f\x01\xa2]\xb2\xc9\xd5\xff\xfd\xf2\xb5\xf5\xef \xc7\x02\x927\xdb\xa5\a\x9eS\xb6\xe2\xbaL\x99n\xb4\xe3\xf7\x0eU\xc0', 0x0) 16.22009025s ago: executing program 2 (id=1513): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000001c0)={'xfrm0\x00', &(0x7f0000000140)=@ethtool_gstrings={0x16, 0x1}}) 16.140257075s ago: executing program 2 (id=1514): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x2}, &(0x7f0000000040), &(0x7f0000000080)) poll(&(0x7f0000000000)=[{r2, 0xd010}], 0x1, 0x9) 1.624655617s ago: executing program 33 (id=1488): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009}) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009}) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000300)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xede, 0x0, 0x0, 0x4, 0x88000000000}, 0x0, &(0x7f0000000100)={0x8, 0x3, 0x0, 0x0, 0x2}, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r3, 0x0, 0x0, 0x1f5, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4bc323ef77d1f000071849800000000dfff00"}}) 621.816952ms ago: executing program 34 (id=1506): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@index_on}]}) 112.985631ms ago: executing program 35 (id=1511): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) io_setup(0xb, &(0x7f0000000080)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffda4, 0x3, 0x0, 0x2}]) 64.92331ms ago: executing program 36 (id=1509): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000040)=0x4000000) 0s ago: executing program 37 (id=1514): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x2}, &(0x7f0000000040), &(0x7f0000000080)) poll(&(0x7f0000000000)=[{r2, 0xd010}], 0x1, 0x9) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.140' (ED25519) to the list of known hosts. [ 87.784378][ T5790] cgroup: Unknown subsys name 'net' [ 88.025762][ T5790] cgroup: Unknown subsys name 'cpuset' [ 88.080298][ T5790] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 90.070154][ T5790] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.192824][ T991] cfg80211: failed to load regulatory.db [ 92.945161][ T5802] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.947230][ T5802] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.964837][ T5802] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.966307][ T5802] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.967154][ T5802] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.082086][ T61] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.086093][ T61] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.086871][ T61] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.088139][ T61] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.089384][ T61] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.093695][ T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.094611][ T61] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.096016][ T61] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.096988][ T61] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 93.155820][ T5802] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.184159][ T5802] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.186109][ T5802] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.189153][ T5802] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.220488][ T5802] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.237382][ T5802] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.329388][ T5121] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 93.337828][ T5121] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 93.352146][ T5121] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 93.358218][ T5121] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 93.375379][ T5121] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 94.166063][ T5801] chnl_net:caif_netlink_parms(): no params data found [ 94.177719][ T5805] chnl_net:caif_netlink_parms(): no params data found [ 94.500926][ T5804] chnl_net:caif_netlink_parms(): no params data found [ 94.615407][ T5809] chnl_net:caif_netlink_parms(): no params data found [ 95.050877][ T5814] chnl_net:caif_netlink_parms(): no params data found [ 95.061931][ T5802] Bluetooth: hci0: command tx timeout [ 95.130605][ T5802] Bluetooth: hci2: command tx timeout [ 95.132479][ T5801] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.133477][ T5801] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.133938][ T5801] bridge_slave_0: entered allmulticast mode [ 95.136038][ T5801] bridge_slave_0: entered promiscuous mode [ 95.143041][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.143265][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.143854][ T5805] bridge_slave_0: entered allmulticast mode [ 95.147015][ T5805] bridge_slave_0: entered promiscuous mode [ 95.204954][ T5801] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.205049][ T5801] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.205213][ T5801] bridge_slave_1: entered allmulticast mode [ 95.207359][ T5801] bridge_slave_1: entered promiscuous mode [ 95.208326][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.209075][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.209250][ T5805] bridge_slave_1: entered allmulticast mode [ 95.209940][ T5802] Bluetooth: hci1: command tx timeout [ 95.263641][ T5805] bridge_slave_1: entered promiscuous mode [ 95.291742][ T5802] Bluetooth: hci3: command tx timeout [ 95.449751][ T5802] Bluetooth: hci4: command tx timeout [ 95.748137][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.748320][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.748462][ T5804] bridge_slave_0: entered allmulticast mode [ 95.751912][ T5804] bridge_slave_0: entered promiscuous mode [ 95.854580][ T5801] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.858738][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.881247][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.881357][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.881526][ T5804] bridge_slave_1: entered allmulticast mode [ 95.883646][ T5804] bridge_slave_1: entered promiscuous mode [ 95.953508][ T5801] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.956158][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.050664][ T5809] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.050854][ T5809] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.051009][ T5809] bridge_slave_0: entered allmulticast mode [ 96.052949][ T5809] bridge_slave_0: entered promiscuous mode [ 96.320755][ T5809] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.320891][ T5809] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.321085][ T5809] bridge_slave_1: entered allmulticast mode [ 96.323381][ T5809] bridge_slave_1: entered promiscuous mode [ 96.714238][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.792557][ T5801] team0: Port device team_slave_0 added [ 96.794845][ T5805] team0: Port device team_slave_0 added [ 96.795415][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.795548][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.795735][ T5814] bridge_slave_0: entered allmulticast mode [ 96.797854][ T5814] bridge_slave_0: entered promiscuous mode [ 96.805840][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.952456][ T5801] team0: Port device team_slave_1 added [ 96.954734][ T5805] team0: Port device team_slave_1 added [ 96.955522][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.955613][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.955982][ T5814] bridge_slave_1: entered allmulticast mode [ 96.958195][ T5814] bridge_slave_1: entered promiscuous mode [ 97.034086][ T5809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.129737][ T5802] Bluetooth: hci0: command tx timeout [ 97.209859][ T5802] Bluetooth: hci2: command tx timeout [ 97.289752][ T5802] Bluetooth: hci1: command tx timeout [ 97.293869][ T5809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.369900][ T5802] Bluetooth: hci3: command tx timeout [ 97.529696][ T5802] Bluetooth: hci4: command tx timeout [ 97.532944][ T5804] team0: Port device team_slave_0 added [ 97.601597][ T5801] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.601612][ T5801] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.601632][ T5801] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.803270][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.803289][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.803310][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.807154][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.809106][ T5804] team0: Port device team_slave_1 added [ 97.911836][ T5801] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.911852][ T5801] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.911876][ T5801] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.913347][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.913359][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.913379][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.916492][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.000619][ T5809] team0: Port device team_slave_0 added [ 98.222915][ T5809] team0: Port device team_slave_1 added [ 98.311545][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.311565][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.311593][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.414721][ T5814] team0: Port device team_slave_0 added [ 98.415944][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.415960][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.415990][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.654459][ T5814] team0: Port device team_slave_1 added [ 98.761752][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.761771][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 98.761800][ T5809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.038677][ T5801] hsr_slave_0: entered promiscuous mode [ 99.040601][ T5801] hsr_slave_1: entered promiscuous mode [ 99.044125][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.044144][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 99.044177][ T5809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.060295][ T5805] hsr_slave_0: entered promiscuous mode [ 99.062027][ T5805] hsr_slave_1: entered promiscuous mode [ 99.063456][ T5805] debugfs: 'hsr0' already exists in 'hsr' [ 99.063600][ T5805] Cannot create hsr debugfs directory [ 99.152627][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.152645][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 99.152674][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.219908][ T5802] Bluetooth: hci0: command tx timeout [ 99.264216][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.264230][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 99.264251][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.301350][ T5802] Bluetooth: hci2: command tx timeout [ 99.369780][ T5802] Bluetooth: hci1: command tx timeout [ 99.449789][ T5802] Bluetooth: hci3: command tx timeout [ 99.535058][ T5804] hsr_slave_0: entered promiscuous mode [ 99.536129][ T5804] hsr_slave_1: entered promiscuous mode [ 99.536824][ T5804] debugfs: 'hsr0' already exists in 'hsr' [ 99.536849][ T5804] Cannot create hsr debugfs directory [ 99.609807][ T5802] Bluetooth: hci4: command tx timeout [ 99.858320][ T5809] hsr_slave_0: entered promiscuous mode [ 99.859337][ T5809] hsr_slave_1: entered promiscuous mode [ 99.862156][ T5809] debugfs: 'hsr0' already exists in 'hsr' [ 99.862189][ T5809] Cannot create hsr debugfs directory [ 100.263284][ T5814] hsr_slave_0: entered promiscuous mode [ 100.264289][ T5814] hsr_slave_1: entered promiscuous mode [ 100.264966][ T5814] debugfs: 'hsr0' already exists in 'hsr' [ 100.264990][ T5814] Cannot create hsr debugfs directory [ 101.289785][ T5802] Bluetooth: hci0: command tx timeout [ 101.370088][ T5802] Bluetooth: hci2: command tx timeout [ 101.459765][ T5802] Bluetooth: hci1: command tx timeout [ 101.483194][ T5801] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 101.518132][ T5801] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 101.529883][ T5802] Bluetooth: hci3: command tx timeout [ 101.555621][ T5801] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 101.608510][ T5801] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 101.689741][ T5802] Bluetooth: hci4: command tx timeout [ 101.718073][ T5805] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 101.756839][ T5805] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 101.776436][ T5805] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 101.838840][ T5805] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 101.960413][ T5804] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 101.994075][ T5804] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 102.034281][ T5804] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 102.102217][ T5804] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 102.253052][ T5809] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 102.304600][ T5809] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 102.341238][ T5809] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 102.401302][ T5809] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 102.546979][ T5814] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 102.597567][ T5814] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 102.631619][ T5814] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 102.671961][ T5814] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 102.713538][ T5801] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.782084][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.812020][ T5801] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.848375][ T4147] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.848901][ T4147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.899016][ T4147] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.909980][ T4147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.918844][ T5805] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.975349][ T162] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.975487][ T162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.996406][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.025137][ T162] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.025264][ T162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.097348][ T5804] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.128871][ T5809] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.139738][ T162] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.139887][ T162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.186999][ T162] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.187227][ T162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.263479][ T5809] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.285424][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.324200][ T1054] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.324432][ T1054] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.382204][ T4147] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.389872][ T4147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.464596][ T5814] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.507506][ T3529] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.507737][ T3529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.560306][ T162] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.560456][ T162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.812537][ T5801] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.989459][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.125016][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.174962][ T5801] veth0_vlan: entered promiscuous mode [ 104.262646][ T5801] veth1_vlan: entered promiscuous mode [ 104.297810][ T5805] veth0_vlan: entered promiscuous mode [ 104.327761][ T5809] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.356391][ T5805] veth1_vlan: entered promiscuous mode [ 104.407412][ T5804] veth0_vlan: entered promiscuous mode [ 104.421319][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.462741][ T5801] veth0_macvtap: entered promiscuous mode [ 104.485801][ T5804] veth1_vlan: entered promiscuous mode [ 104.514133][ T5801] veth1_macvtap: entered promiscuous mode [ 104.577556][ T5805] veth0_macvtap: entered promiscuous mode [ 104.609357][ T5805] veth1_macvtap: entered promiscuous mode [ 104.619208][ T5801] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.662298][ T5809] veth0_vlan: entered promiscuous mode [ 104.667336][ T5801] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.714158][ T5804] veth0_macvtap: entered promiscuous mode [ 104.716833][ T1054] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.735556][ T1054] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.752493][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.752845][ T1054] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.754282][ T5809] veth1_vlan: entered promiscuous mode [ 104.795564][ T1054] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.800868][ T5804] veth1_macvtap: entered promiscuous mode [ 104.821460][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.924165][ T3529] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.940365][ T3529] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.944713][ T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.004017][ T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.016656][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.093474][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.206236][ T5809] veth0_macvtap: entered promiscuous mode [ 105.218043][ T1054] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.281699][ T1054] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.311037][ T162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.311064][ T162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.333739][ T1054] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.347665][ T1054] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.349125][ T5809] veth1_macvtap: entered promiscuous mode [ 105.454401][ T5814] veth0_vlan: entered promiscuous mode [ 105.458687][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.458710][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.615605][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.615628][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.652598][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.678000][ T5814] veth1_vlan: entered promiscuous mode [ 105.709660][ T4147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.709682][ T4147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.716782][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.798714][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.809718][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.810061][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.810079][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.837743][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.857112][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.998197][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.998218][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.145890][ T5814] veth0_macvtap: entered promiscuous mode [ 106.228270][ T5814] veth1_macvtap: entered promiscuous mode [ 106.288006][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.288028][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.407786][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.407810][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.457597][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.515283][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.580017][ T37] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.593961][ T37] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.620353][ T37] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.643455][ T37] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.396209][ T5939] usb usb9: usbfs: process 5939 (syz.0.12) did not claim interface 0 before use [ 107.782873][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.782896][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.934273][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.934295][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.021675][ T5949] netlink: 'syz.1.15': attribute type 4 has an invalid length. [ 108.021794][ T5949] netlink: 17 bytes leftover after parsing attributes in process `syz.1.15'. [ 108.097999][ T5951] Bluetooth: MGMT ver 1.23 [ 109.674825][ T5984] random: crng reseeded on system resumption [ 110.074922][ T5991] 9pnet: Unknown protocol version 9 [ 110.111781][ T5992] netlink: 20 bytes leftover after parsing attributes in process `syz.0.35'. [ 110.391305][ T5998] netlink: 'syz.2.37': attribute type 6 has an invalid length. [ 110.555794][ T6001] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 111.023869][ T6004] mmap: syz.1.40 (6004) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 111.562259][ T3118] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 111.673874][ T3118] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 112.361723][ T5873] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 112.522561][ T5873] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 112.529399][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 112.530642][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 112.530678][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 112.530704][ T5873] usb 5-1: config 0 interface 0 has no altsetting 0 [ 112.532211][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 112.532537][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 112.532569][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 112.532595][ T5873] usb 5-1: config 0 interface 0 has no altsetting 0 [ 112.534074][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 112.534137][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 112.534168][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 112.534194][ T5873] usb 5-1: config 0 interface 0 has no altsetting 0 [ 112.535647][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 112.535706][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 112.535736][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 112.535762][ T5873] usb 5-1: config 0 interface 0 has no altsetting 0 [ 112.537818][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 112.537886][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 112.537913][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 112.537935][ T5873] usb 5-1: config 0 interface 0 has no altsetting 0 [ 112.551676][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 112.551747][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 112.551781][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 112.551809][ T5873] usb 5-1: config 0 interface 0 has no altsetting 0 [ 112.644530][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 112.644603][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 112.644637][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 112.644665][ T5873] usb 5-1: config 0 interface 0 has no altsetting 0 [ 112.658881][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 112.658957][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 112.658990][ T5873] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 112.659018][ T5873] usb 5-1: config 0 interface 0 has no altsetting 0 [ 112.700734][ T5873] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 112.700840][ T5873] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 112.700876][ T5873] usb 5-1: Product: syz [ 112.700894][ T5873] usb 5-1: Manufacturer: syz [ 112.700911][ T5873] usb 5-1: SerialNumber: syz [ 112.836454][ T5873] usb 5-1: config 0 descriptor?? [ 112.916955][ T5873] yurex 5-1:0.0: Could not submitting URB [ 112.917260][ T5873] yurex 5-1:0.0: probe with driver yurex failed with error -5 [ 113.547955][ T991] usb 5-1: USB disconnect, device number 2 [ 114.257002][ T38] audit: type=1326 audit(1763377089.702:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.257063][ T38] audit: type=1326 audit(1763377089.702:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.313570][ T38] audit: type=1326 audit(1763377089.752:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.313629][ T38] audit: type=1326 audit(1763377089.752:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.313676][ T38] audit: type=1326 audit(1763377089.752:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.333713][ T6075] capability: warning: `syz.0.69' uses deprecated v2 capabilities in a way that may be insecure [ 114.334245][ T38] audit: type=1326 audit(1763377089.782:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.334306][ T38] audit: type=1326 audit(1763377089.782:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.334359][ T38] audit: type=1326 audit(1763377089.782:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.416170][ T38] audit: type=1326 audit(1763377089.852:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 114.416241][ T38] audit: type=1326 audit(1763377089.852:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6074 comm="syz.0.69" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ffc0000 [ 115.865615][ T6116] netlink: 80 bytes leftover after parsing attributes in process `syz.1.85'. [ 117.335950][ T6125] syz.0.90 (6125) used greatest stack depth: 15816 bytes left [ 117.647949][ T991] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 117.840300][ T991] usb 2-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 117.840334][ T991] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.840356][ T991] usb 2-1: Product: syz [ 117.840372][ T991] usb 2-1: Manufacturer: syz [ 117.840388][ T991] usb 2-1: SerialNumber: syz [ 117.897665][ T991] usb 2-1: config 0 descriptor?? [ 117.918964][ T991] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 118.157645][ T6167] netlink: 'syz.3.106': attribute type 63 has an invalid length. [ 118.157733][ T6167] netlink: 5 bytes leftover after parsing attributes in process `syz.3.106'. [ 118.157768][ T6167] gretap0: entered allmulticast mode [ 118.196616][ T6167] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 119.046604][ T6181] binder: 6180:6181 ioctl c0046209 0 returned -22 [ 119.474741][ T6185] netlink: 20 bytes leftover after parsing attributes in process `syz.3.114'. [ 119.621424][ T6188] overlayfs: conflicting options: userxattr,redirect_dir=on [ 119.717829][ T5873] usb 2-1: USB disconnect, device number 2 [ 120.227339][ T38] kauditd_printk_skb: 13 callbacks suppressed [ 120.227360][ T38] audit: type=1326 audit(1763377095.336:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227410][ T38] audit: type=1326 audit(1763377095.336:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227460][ T38] audit: type=1326 audit(1763377095.336:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227696][ T38] audit: type=1326 audit(1763377095.336:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227746][ T38] audit: type=1326 audit(1763377095.336:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227794][ T38] audit: type=1326 audit(1763377095.336:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227843][ T38] audit: type=1326 audit(1763377095.336:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227891][ T38] audit: type=1326 audit(1763377095.336:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227941][ T38] audit: type=1326 audit(1763377095.336:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.227990][ T38] audit: type=1326 audit(1763377095.336:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6199 comm="syz.0.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f983ed4f6c9 code=0x7ff00000 [ 120.779422][ T6209] sit0: entered promiscuous mode [ 120.889415][ T6209] netlink: 'syz.2.125': attribute type 1 has an invalid length. [ 120.889439][ T6209] netlink: 1 bytes leftover after parsing attributes in process `syz.2.125'. [ 121.314083][ T5886] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 121.473904][ T5886] usb 2-1: Using ep0 maxpacket: 16 [ 121.476490][ T5886] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 121.479963][ T5886] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 121.479995][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.480025][ T5886] usb 2-1: Product: syz [ 121.480041][ T5886] usb 2-1: Manufacturer: syz [ 121.480172][ T5886] usb 2-1: SerialNumber: syz [ 121.543236][ T5886] usb 2-1: config 0 descriptor?? [ 121.565721][ T5886] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 121.565762][ T5886] em28xx 2-1:0.0: DVB interface 0 found: bulk [ 121.689019][ T6224] netlink: 24 bytes leftover after parsing attributes in process `syz.3.132'. [ 122.211966][ T5886] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 122.465345][ T5866] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 122.628767][ T5866] usb 4-1: too many configurations: 9, using maximum allowed: 8 [ 122.634423][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.634557][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.634587][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 122.634613][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.669687][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.669749][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.669776][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 122.669800][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.672110][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.672170][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.672199][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 122.672223][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.687226][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.687293][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.687322][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 122.687346][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.752821][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.752877][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.752903][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 122.752924][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.806019][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.806085][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.806116][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 122.806140][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.889582][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.889649][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.889679][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 122.889712][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.895368][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 122.895430][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 122.895459][ T5866] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 122.895484][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.923961][ T5866] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 122.923994][ T5866] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 122.924015][ T5866] usb 4-1: Product: syz [ 122.924031][ T5866] usb 4-1: Manufacturer: syz [ 122.924047][ T5866] usb 4-1: SerialNumber: syz [ 123.010903][ T5866] usb 4-1: config 0 descriptor?? [ 123.034456][ T5866] yurex 4-1:0.0: Could not submitting URB [ 123.034662][ T5866] yurex 4-1:0.0: probe with driver yurex failed with error -5 [ 123.062291][ T5886] em28xx 2-1:0.0: read from i2c device at 0xa0 failed with unknown error (status=147) [ 123.062344][ T5886] em28xx 2-1:0.0: board has no eeprom [ 123.168704][ T5802] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 123.347739][ T5886] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 123.347770][ T5886] em28xx 2-1:0.0: dvb set to bulk mode. [ 123.369772][ T5866] em28xx 2-1:0.0: Binding DVB extension [ 123.429015][ T5886] usb 2-1: USB disconnect, device number 3 [ 123.462319][ T5886] em28xx 2-1:0.0: Disconnecting em28xx [ 123.537774][ T6243] sit0: entered promiscuous mode [ 123.572279][ T991] usb 4-1: USB disconnect, device number 2 [ 123.627124][ T6243] netlink: 'syz.4.139': attribute type 1 has an invalid length. [ 123.627148][ T6243] netlink: 1 bytes leftover after parsing attributes in process `syz.4.139'. [ 123.722002][ T5866] em28xx 2-1:0.0: Registering input extension [ 123.733619][ T5886] em28xx 2-1:0.0: Closing input extension [ 123.787446][ T5886] em28xx 2-1:0.0: Freeing device [ 124.113524][ T6253] netlink: 'syz.1.143': attribute type 1 has an invalid length. [ 124.598022][ T6264] 8021q: VLANs not supported on ip6tnl0 [ 124.824656][ T6270] comedi comedi3: comedi_test: 3879 microvolt, 2147483645 microsecond waveform attached [ 126.546770][ T5866] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 126.743187][ T5866] usb 5-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 126.743223][ T5866] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.743246][ T5866] usb 5-1: Product: syz [ 126.743263][ T5866] usb 5-1: Manufacturer: syz [ 126.743279][ T5866] usb 5-1: SerialNumber: syz [ 126.785575][ T5866] usb 5-1: config 0 descriptor?? [ 126.818777][ T5866] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 128.678035][ T10] usb 5-1: USB disconnect, device number 3 [ 128.706403][ T38] kauditd_printk_skb: 54 callbacks suppressed [ 128.706423][ T38] audit: type=1326 audit(1763377103.293:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.706475][ T38] audit: type=1326 audit(1763377103.293:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.744802][ T38] audit: type=1326 audit(1763377103.340:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.744872][ T38] audit: type=1326 audit(1763377103.340:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.744924][ T38] audit: type=1326 audit(1763377103.340:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.756794][ T38] audit: type=1326 audit(1763377103.349:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.777897][ T38] audit: type=1326 audit(1763377103.368:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.777962][ T38] audit: type=1326 audit(1763377103.368:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.778015][ T38] audit: type=1326 audit(1763377103.368:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 128.778066][ T38] audit: type=1326 audit(1763377103.368:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 131.226683][ T6411] IPv4: Oversized IP packet from 127.202.26.0 [ 132.342692][ T6452] netlink: 24 bytes leftover after parsing attributes in process `syz.3.229'. [ 132.742277][ T6462] netlink: 196 bytes leftover after parsing attributes in process `syz.1.234'. [ 133.014151][ T6471] IPv6: sit1: Disabled Multicast RS [ 133.051997][ T6471] sit1: entered allmulticast mode [ 133.897229][ T6500] overlayfs: failed to resolve './file0': -2 [ 134.071780][ T6507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.255'. [ 134.496537][ T6521] netlink: 260 bytes leftover after parsing attributes in process `syz.1.262'. [ 134.496617][ T6521] netlink: 104 bytes leftover after parsing attributes in process `syz.1.262'. [ 134.496632][ T6521] netlink: 16 bytes leftover after parsing attributes in process `syz.1.262'. [ 135.346064][ T6552] netlink: 8 bytes leftover after parsing attributes in process `syz.0.277'. [ 136.277922][ T6584] netlink: 96 bytes leftover after parsing attributes in process `syz.1.292'. [ 138.248517][ T991] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 138.423497][ T991] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 138.423529][ T991] usb 5-1: config 0 has no interface number 0 [ 138.423589][ T991] usb 5-1: config 0 interface 184 altsetting 8 has an invalid descriptor for endpoint zero, skipping [ 138.423612][ T991] usb 5-1: config 0 interface 184 has no altsetting 0 [ 138.427337][ T991] usb 5-1: New USB device found, idVendor=1b3d, idProduct=4701, bcdDevice=53.f1 [ 138.427369][ T991] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.427392][ T991] usb 5-1: Product: syz [ 138.427409][ T991] usb 5-1: Manufacturer: syz [ 138.427425][ T991] usb 5-1: SerialNumber: syz [ 138.465586][ T991] usb 5-1: config 0 descriptor?? [ 138.741216][ T991] ftdi_sio 5-1:0.184: FTDI USB Serial Device converter detected [ 138.744399][ T991] ftdi_sio ttyUSB0: unknown device type: 0x53f1 [ 138.752601][ T991] usb 5-1: USB disconnect, device number 4 [ 138.757689][ T991] ftdi_sio 5-1:0.184: device disconnected [ 139.365308][ T6674] overlayfs: failed to resolve './file0': -2 [ 139.804184][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.811618][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.496256][ T38] kauditd_printk_skb: 16 callbacks suppressed [ 140.496278][ T38] audit: type=1326 audit(1763377114.356:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.3.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 140.504858][ T38] audit: type=1326 audit(1763377114.365:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.3.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 140.504916][ T38] audit: type=1326 audit(1763377114.365:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.3.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 140.504965][ T38] audit: type=1326 audit(1763377114.365:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.3.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 144.628021][ T6819] netlink: 'syz.1.398': attribute type 1 has an invalid length. [ 144.628047][ T6819] netlink: 9 bytes leftover after parsing attributes in process `syz.1.398'. [ 144.732542][ T6823] tc_dump_action: action bad kind [ 145.077631][ T6809] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 145.077793][ T6809] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 145.250800][ T6809] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 145.413102][ T6809] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 145.413310][ T6809] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 145.565210][ T6809] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 145.775205][ T6809] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 145.775341][ T6809] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 146.086433][ T6809] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 146.247667][ T6809] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 146.247813][ T6809] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 146.434181][ T6809] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 146.477968][ T6865] binder: 6864:6865 ioctl 400c620e 0 returned -14 [ 146.599854][ T6809] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 146.600047][ T6809] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 146.614745][ T5121] Bluetooth: hci0: command 0x0c1a tx timeout [ 146.674684][ T6871] netlink: 'syz.2.421': attribute type 12 has an invalid length. [ 146.724339][ T6809] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 147.302818][ T6884] syz.1.428 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 147.552474][ T5121] Bluetooth: hci1: command 0x0c1a tx timeout [ 147.638621][ T6890] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 147.981431][ T5121] Bluetooth: hci2: command 0x0c1a tx timeout [ 148.034967][ T6904] cgroup2: Unknown parameter 'me' [ 148.407042][ T5121] Bluetooth: hci3: command 0x0c1a tx timeout [ 148.470404][ T6920] netlink: 'syz.2.445': attribute type 25 has an invalid length. [ 148.661009][ T991] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 148.746283][ T5121] Bluetooth: hci4: command 0x0c1a tx timeout [ 148.823474][ T991] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 148.823538][ T991] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 148.823564][ T991] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.831431][ T5121] Bluetooth: hci0: command 0x0c1a tx timeout [ 148.902614][ T991] usb 2-1: config 0 descriptor?? [ 149.016746][ T991] pwc: Askey VC010 type 2 USB webcam detected. [ 149.406749][ T991] pwc: recv_control_msg error -32 req 02 val 2b00 [ 149.410296][ T991] pwc: recv_control_msg error -32 req 02 val 2700 [ 149.413048][ T991] pwc: recv_control_msg error -32 req 02 val 2c00 [ 149.414228][ T6947] netlink: 4 bytes leftover after parsing attributes in process `syz.0.457'. [ 149.415459][ T991] pwc: recv_control_msg error -32 req 04 val 1000 [ 149.421361][ T991] pwc: recv_control_msg error -32 req 04 val 1300 [ 149.425268][ T991] pwc: recv_control_msg error -32 req 04 val 1400 [ 149.660397][ T991] pwc: recv_control_msg error -71 req 02 val 2100 [ 149.660937][ T991] pwc: recv_control_msg error -71 req 04 val 1500 [ 149.662289][ T991] pwc: recv_control_msg error -71 req 02 val 2500 [ 149.668044][ T991] pwc: recv_control_msg error -71 req 02 val 2400 [ 149.669329][ T991] pwc: recv_control_msg error -71 req 02 val 2600 [ 149.670376][ T991] pwc: recv_control_msg error -71 req 02 val 2900 [ 149.671126][ T991] pwc: recv_control_msg error -71 req 02 val 2800 [ 149.672090][ T991] pwc: recv_control_msg error -71 req 04 val 1100 [ 149.684717][ T991] pwc: recv_control_msg error -71 req 04 val 1200 [ 149.703335][ T991] pwc: Registered as video103. [ 149.743033][ T991] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input8 [ 149.769261][ T5121] Bluetooth: hci1: command 0x0c1a tx timeout [ 149.862586][ T991] usb 2-1: USB disconnect, device number 4 [ 150.195752][ T5121] Bluetooth: hci2: command 0x0c1a tx timeout [ 150.275566][ T38] audit: type=1326 audit(1763377123.532:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6968 comm="syz.3.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 150.276310][ T38] audit: type=1326 audit(1763377123.532:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6968 comm="syz.3.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 150.276365][ T38] audit: type=1326 audit(1763377123.532:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6968 comm="syz.3.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 150.621752][ T5121] Bluetooth: hci3: command 0x0c1a tx timeout [ 150.962823][ T5121] Bluetooth: hci4: command 0x0c1a tx timeout [ 151.048090][ T5121] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.271048][ T6994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.478'. [ 151.271076][ T6994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.478'. [ 151.986110][ T5121] Bluetooth: hci1: command 0x0c1a tx timeout [ 152.412229][ T5121] Bluetooth: hci2: command 0x0c1a tx timeout [ 152.490353][ T7036] netlink: 20 bytes leftover after parsing attributes in process `syz.0.495'. [ 152.838505][ T5121] Bluetooth: hci3: command 0x0c1a tx timeout [ 153.179902][ T5121] Bluetooth: hci4: command 0x0c1a tx timeout [ 153.386408][ T7057] XFS (nullb0): Invalid superblock magic number [ 153.399039][ T7068] tipc: Can't bind to reserved service type 2 [ 154.264426][ T5873] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 154.418950][ T5873] usb 5-1: Using ep0 maxpacket: 32 [ 154.421878][ T5873] usb 5-1: config 0 has an invalid interface number: 217 but max is 0 [ 154.421909][ T5873] usb 5-1: config 0 has no interface number 0 [ 154.421961][ T5873] usb 5-1: config 0 interface 217 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 154.437078][ T5873] usb 5-1: New USB device found, idVendor=1532, idProduct=d2a2, bcdDevice=f7.ed [ 154.437112][ T5873] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.437134][ T5873] usb 5-1: Product: syz [ 154.437150][ T5873] usb 5-1: Manufacturer: syz [ 154.437165][ T5873] usb 5-1: SerialNumber: syz [ 154.524142][ T5873] usb 5-1: config 0 descriptor?? [ 154.575353][ T7101] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 154.800665][ T5873] usb 5-1: USB disconnect, device number 5 [ 155.129782][ T7117] netlink: 'syz.3.527': attribute type 4 has an invalid length. [ 155.698499][ T7135] netlink: 'syz.1.536': attribute type 1 has an invalid length. [ 155.861381][ T7135] 8021q: adding VLAN 0 to HW filter on device bond1 [ 155.951261][ T7141] bond1: (slave dummy0): making interface the new active one [ 155.963937][ T7141] bond1: (slave dummy0): Enslaving as an active interface with an up link [ 155.964109][ T7142] bond1: entered promiscuous mode [ 155.964131][ T7142] dummy0: entered promiscuous mode [ 156.097430][ T7131] bond1: left promiscuous mode [ 156.097593][ T7131] dummy0: left promiscuous mode [ 157.618597][ T7193] netlink: 196 bytes leftover after parsing attributes in process `syz.2.563'. [ 157.855861][ T7201] tipc: Started in network mode [ 157.855884][ T7201] tipc: Node identity 4, cluster identity 4711 [ 157.855898][ T7201] tipc: Node number set to 4 [ 160.063088][ T7247] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 160.695832][ T7263] netlink: 'syz.3.595': attribute type 1 has an invalid length. [ 160.695857][ T7263] netlink: 14436 bytes leftover after parsing attributes in process `syz.3.595'. [ 160.987560][ T7267] netlink: 16 bytes leftover after parsing attributes in process `syz.3.596'. [ 160.987597][ T7267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.596'. [ 161.032040][ T7267] sit1: entered allmulticast mode [ 161.380852][ T7275] netlink: 8 bytes leftover after parsing attributes in process `syz.4.600'. [ 162.378189][ T7300] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 164.389259][ T7344] netlink: 324 bytes leftover after parsing attributes in process `syz.4.627'. [ 164.389323][ T7344] netlink: 12 bytes leftover after parsing attributes in process `syz.4.627'. [ 164.652954][ T7349] binder: 7348:7349 ioctl c00c6211 0 returned -14 [ 165.854510][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.880021][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.880179][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.880310][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.880447][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.880583][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.880714][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.880855][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.880994][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 165.881139][ T7372] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 166.502198][ T7385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.646'. [ 167.379408][ T7399] : renamed from bond_slave_0 (while UP) [ 167.391393][ T7400] netlink: 32 bytes leftover after parsing attributes in process `syz.1.653'. [ 168.456663][ T38] audit: type=1326 audit(1763377140.600:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.2.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 168.457019][ T38] audit: type=1326 audit(1763377140.600:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.2.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 168.460784][ T38] audit: type=1326 audit(1763377140.600:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.2.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 168.460848][ T38] audit: type=1326 audit(1763377140.600:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.2.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f05dcf6c9 code=0x7ffc0000 [ 168.537988][ T7419] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 168.538024][ T7419] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 168.581379][ T7419] vhci_hcd vhci_hcd.0: Device attached [ 168.586109][ T7420] netlink: 'syz.3.663': attribute type 10 has an invalid length. [ 168.658858][ T7422] vhci_hcd: connection closed [ 168.671433][ T4147] vhci_hcd: stop threads [ 168.672812][ T4147] vhci_hcd: release socket [ 168.672895][ T4147] vhci_hcd: disconnect device [ 168.810070][ T7420] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 169.386513][ T7437] overlayfs: conflicting options: metacopy=on,redirect_dir=follow [ 169.421830][ T7441] bridge0: port 3(syz_tun) entered blocking state [ 169.423284][ T7441] bridge0: port 3(syz_tun) entered disabled state [ 169.423521][ T7441] syz_tun: entered allmulticast mode [ 169.454937][ T7441] syz_tun: entered promiscuous mode [ 169.456302][ T7441] bridge0: port 3(syz_tun) entered blocking state [ 169.462007][ T7441] bridge0: port 3(syz_tun) entered forwarding state [ 171.985583][ T7503] binder: 7502:7503 ioctl c0306201 200000000080 returned -14 [ 175.203660][ T7567] tmpfs: Bad value for 'mpol' [ 175.851756][ T7582] syz.3.742 uses obsolete (PF_INET,SOCK_PACKET) [ 176.563749][ T5802] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 176.583325][ T5802] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 176.585853][ T5802] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 176.597318][ T5802] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 176.598990][ T5802] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 177.774277][ T69] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.464917][ T69] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.842339][ T5121] Bluetooth: hci3: command tx timeout [ 178.949389][ T7670] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 179.011199][ T69] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.560868][ T69] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.889455][ T7699] netlink: 'syz.1.794': attribute type 5 has an invalid length. [ 179.889481][ T7699] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.794'. [ 179.941090][ T7702] syz.4.796 (7702): /proc/7701/oom_adj is deprecated, please use /proc/7701/oom_score_adj instead. [ 180.462968][ T7715] netlink: 'syz.4.801': attribute type 4 has an invalid length. [ 180.462992][ T7715] netlink: 3581 bytes leftover after parsing attributes in process `syz.4.801'. [ 180.641090][ T7594] chnl_net:caif_netlink_parms(): no params data found [ 181.060736][ T5121] Bluetooth: hci3: command tx timeout [ 181.357939][ T69] bridge_slave_1: left allmulticast mode [ 181.358154][ T69] bridge_slave_1: left promiscuous mode [ 181.380810][ T69] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.553257][ T69] bridge_slave_0: left allmulticast mode [ 181.553290][ T69] bridge_slave_0: left promiscuous mode [ 181.553553][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.412501][ T5873] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 182.607759][ T5873] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 182.607797][ T5873] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 182.607821][ T5873] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 182.607849][ T5873] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 182.607878][ T5873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 is Bulk; changing to Interrupt [ 182.607894][ T5873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 182.607910][ T5873] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 33 [ 182.612227][ T5873] usb 5-1: string descriptor 0 read error: -22 [ 182.612451][ T5873] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 182.612473][ T5873] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 182.640284][ T5873] usb 5-1: config 0 descriptor?? [ 182.689009][ T5873] hub 5-1:0.0: bad descriptor, ignoring hub [ 182.689057][ T5873] hub 5-1:0.0: probe with driver hub failed with error -5 [ 183.024836][ T5873] usb 5-1: USB disconnect, device number 6 [ 183.275786][ T5121] Bluetooth: hci3: command tx timeout [ 183.529773][ T7766] netlink: 20 bytes leftover after parsing attributes in process `syz.4.826'. [ 184.331669][ T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 184.416886][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 184.462405][ T69] bond0 (unregistering): Released all slaves [ 185.131216][ T7802] netlink: 8 bytes leftover after parsing attributes in process `syz.1.842'. [ 185.492665][ T5121] Bluetooth: hci3: command tx timeout [ 185.820174][ T7818] kAFS: No cell specified [ 185.979764][ T7823] netlink: 64 bytes leftover after parsing attributes in process `syz.3.852'. [ 186.029273][ T7594] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.032213][ T7594] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.032475][ T7594] bridge_slave_0: entered allmulticast mode [ 186.068157][ T7594] bridge_slave_0: entered promiscuous mode [ 186.086441][ T7594] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.086581][ T7594] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.086835][ T7594] bridge_slave_1: entered allmulticast mode [ 186.113701][ T7594] bridge_slave_1: entered promiscuous mode [ 186.774214][ T7845] trusted_key: encrypted_key: keyword 'new0default' not recognized [ 187.409681][ T7594] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.462812][ T7594] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.487085][ T7867] netlink: 20 bytes leftover after parsing attributes in process `syz.1.874'. [ 187.502234][ T7869] netlink: 'syz.4.875': attribute type 9 has an invalid length. [ 188.002403][ T7594] team0: Port device team_slave_0 added [ 188.245118][ T69] hsr_slave_0: left promiscuous mode [ 188.308022][ T69] hsr_slave_1: left promiscuous mode [ 188.309333][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 188.309618][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 188.391261][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 188.391292][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 188.507167][ T7900] qnx4: no qnx4 filesystem (no root dir). [ 188.693244][ T69] veth1_macvtap: left promiscuous mode [ 188.693561][ T69] veth0_macvtap: left promiscuous mode [ 188.697260][ T69] veth1_vlan: left promiscuous mode [ 188.697668][ T69] veth0_vlan: left promiscuous mode [ 189.110362][ T7921] netlink: 'syz.3.898': attribute type 32 has an invalid length. [ 189.588582][ T7933] netlink: 'syz.2.904': attribute type 21 has an invalid length. [ 191.738552][ T69] team0 (unregistering): Port device team_slave_1 removed [ 191.953592][ T69] team0 (unregistering): Port device team_slave_0 removed [ 194.131918][ T7594] team0: Port device team_slave_1 added [ 194.659101][ T7594] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.659120][ T7594] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 194.659246][ T7594] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.665088][ T7594] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.665105][ T7594] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 194.679235][ T7594] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 195.247537][ T7594] hsr_slave_0: entered promiscuous mode [ 195.261347][ T7594] hsr_slave_1: entered promiscuous mode [ 195.262577][ T7594] debugfs: 'hsr0' already exists in 'hsr' [ 195.262601][ T7594] Cannot create hsr debugfs directory [ 196.984032][ T8014] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 197.507480][ T7594] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 197.587796][ T7594] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 197.617263][ T8030] netlink: 260 bytes leftover after parsing attributes in process `syz.2.942'. [ 197.697568][ T7594] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 197.780802][ T7594] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 198.123658][ T5121] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 198.613472][ T5873] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 198.794544][ T5873] usb 3-1: Using ep0 maxpacket: 32 [ 198.801054][ T5873] usb 3-1: config index 0 descriptor too short (expected 28486, got 36) [ 198.801086][ T5873] usb 3-1: config 15 has too many interfaces: 240, using maximum allowed: 32 [ 198.801108][ T5873] usb 3-1: config 15 has an invalid descriptor of length 34, skipping remainder of the config [ 198.801129][ T5873] usb 3-1: config 15 has 0 interfaces, different from the descriptor's value: 240 [ 198.808111][ T5873] usb 3-1: New USB device found, idVendor=108c, idProduct=0168, bcdDevice=84.b2 [ 198.808147][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.808181][ T5873] usb 3-1: Product: syz [ 198.808199][ T5873] usb 3-1: Manufacturer: syz [ 198.808217][ T5873] usb 3-1: SerialNumber: syz [ 199.137701][ T5873] usb 3-1: USB disconnect, device number 2 [ 200.614926][ T7594] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.737213][ T7594] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.801202][ T3529] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.801365][ T3529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.860005][ T4147] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.868035][ T4147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 201.149660][ T8101] netlink: 24 bytes leftover after parsing attributes in process `syz.1.961'. [ 201.248851][ T8104] netlink: 12 bytes leftover after parsing attributes in process `syz.2.962'. [ 202.359090][ T7594] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.547919][ T7594] veth0_vlan: entered promiscuous mode [ 203.592308][ T7594] veth1_vlan: entered promiscuous mode [ 203.978177][ T7594] veth0_macvtap: entered promiscuous mode [ 204.050989][ T7594] veth1_macvtap: entered promiscuous mode [ 204.346655][ T7594] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 204.721373][ T7594] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 204.775983][ T69] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.776239][ T69] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.776298][ T69] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.776337][ T69] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.278573][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.278659][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.474727][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.474752][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.681477][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.681501][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.060287][ T8214] netlink: 'syz.1.997': attribute type 1 has an invalid length. [ 206.060312][ T8214] netlink: 'syz.1.997': attribute type 2 has an invalid length. [ 206.060326][ T8214] netlink: 20 bytes leftover after parsing attributes in process `syz.1.997'. [ 206.531238][ T8223] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1000'. [ 207.154232][ T8232] overlayfs: conflicting options: userxattr,redirect_dir=on [ 207.606141][ T8245] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1009'. [ 208.107274][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 208.360543][ T8262] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1015'. [ 208.360564][ T8262] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1015'. [ 208.360574][ T8262] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1015'. [ 208.938780][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 208.946563][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 210.602953][ T5887] usb 2-1: new low-speed USB device number 5 using dummy_hcd [ 210.784456][ T5887] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 210.784486][ T5887] usb 2-1: config 0 has no interface number 0 [ 210.784538][ T5887] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 210.784568][ T5887] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 210.784613][ T5887] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 210.784638][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.850515][ T5887] usb 2-1: config 0 descriptor?? [ 210.851624][ T8297] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 210.944841][ T8313] netlink: 'syz.4.1038': attribute type 12 has an invalid length. [ 211.043419][ T5887] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 211.140545][ T5866] usb 2-1: USB disconnect, device number 5 [ 211.284925][ T38] audit: type=1326 audit(1763377180.789:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8319 comm="syz.5.1043" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f39f551f6c9 code=0x0 [ 211.635394][ T8331] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 211.635425][ T8331] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 211.635522][ T8331] vhci_hcd vhci_hcd.0: Device attached [ 211.677694][ T8332] vhci_hcd: connection closed [ 211.691729][ T69] vhci_hcd: stop threads [ 211.691752][ T69] vhci_hcd: release socket [ 211.691785][ T69] vhci_hcd: disconnect device [ 213.236392][ T38] audit: type=1326 audit(1763377182.618:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8362 comm="syz.3.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 213.236754][ T38] audit: type=1326 audit(1763377182.618:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8362 comm="syz.3.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 213.254238][ T38] audit: type=1326 audit(1763377182.628:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8362 comm="syz.3.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 213.254318][ T38] audit: type=1326 audit(1763377182.628:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8362 comm="syz.3.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 213.254373][ T38] audit: type=1326 audit(1763377182.628:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8362 comm="syz.3.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f387de1f6c9 code=0x7ffc0000 [ 213.707198][ T38] audit: type=1326 audit(1763377183.059:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8372 comm="syz.4.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ac5f6c9 code=0x7ffc0000 [ 213.707551][ T38] audit: type=1326 audit(1763377183.059:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8372 comm="syz.4.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f788ac5f6c9 code=0x7ffc0000 [ 213.707837][ T38] audit: type=1326 audit(1763377183.059:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8372 comm="syz.4.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ac5f6c9 code=0x7ffc0000 [ 213.783466][ T8374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1065'. [ 213.783495][ T8374] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1065'. [ 214.372092][ T8386] [U] ÿ [ 215.187435][ T8410] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1082'. [ 215.187465][ T8410] netlink: 59 bytes leftover after parsing attributes in process `syz.4.1082'. [ 215.187483][ T8410] netlink: 59 bytes leftover after parsing attributes in process `syz.4.1082'. [ 215.469966][ T8424] syz_tun: entered allmulticast mode [ 216.335077][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 216.336330][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 216.338158][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 216.339366][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 216.367077][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 216.647339][ T8447] Device name cannot be null; rc = [-22] [ 216.844333][ T8449] overlayfs: failed to resolve './file0redirect_dir=follow': -2 [ 217.574961][ T38] audit: type=1326 audit(1763377186.690:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8460 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ca4cef6c9 code=0x7ffc0000 [ 217.575019][ T38] audit: type=1326 audit(1763377186.690:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8460 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ca4cef6c9 code=0x7ffc0000 [ 217.575068][ T38] audit: type=1326 audit(1763377186.690:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8460 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f4ca4cef6c9 code=0x7ffc0000 [ 217.575115][ T38] audit: type=1326 audit(1763377186.690:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8460 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ca4cef6c9 code=0x7ffc0000 [ 217.575163][ T38] audit: type=1326 audit(1763377186.690:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8460 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ca4cef6c9 code=0x7ffc0000 [ 218.189711][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 218.988813][ T8498] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1115'. [ 219.364713][ T8508] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1120'. [ 219.364736][ T8508] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1120'. [ 221.008000][ T8541] warning: `syz.1.1130' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 222.054560][ T8573] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1142'. [ 222.056149][ T8573] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1142'. [ 222.122577][ T8576] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1144'. [ 222.296758][ T8576] gretap0: entered promiscuous mode [ 222.320115][ T8576] netlink: 'syz.4.1144': attribute type 1 has an invalid length. [ 222.320138][ T8576] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1144'. [ 222.776258][ T8599] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1149'. [ 223.100098][ T38] audit: type=1107 audit(1763377191.841:140): pid=8605 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 224.998811][ T8663] mkiss: ax0: crc mode is auto. [ 225.571744][ T8687] netlink: 84 bytes leftover after parsing attributes in process `syz.5.1185'. [ 229.547623][ T8755] binder: 8754:8755 ioctl c0306201 200000000940 returned -22 [ 231.780209][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 232.451880][ T8799] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1230'. [ 232.451908][ T8799] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1230'. [ 232.451926][ T8799] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1230'. [ 232.990135][ T8806] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 234.685215][ T38] audit: type=1326 audit(1763377202.724:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8839 comm="syz.5.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f551f6c9 code=0x7ffc0000 [ 234.685275][ T38] audit: type=1326 audit(1763377202.733:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8839 comm="syz.5.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f39f551e17f code=0x7ffc0000 [ 234.685323][ T38] audit: type=1326 audit(1763377202.733:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8839 comm="syz.5.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39f551f6c9 code=0x7ffc0000 [ 235.472783][ T3118] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 235.630005][ T3118] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 235.630032][ T3118] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 235.636470][ T3118] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 235.636502][ T3118] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 235.636522][ T3118] usb 5-1: SerialNumber: syz [ 235.933176][ T8858] Bluetooth: hci3: Opcode 0x0401 failed: -4 [ 236.012913][ T3118] usb 5-1: 0:2 : does not exist [ 236.371918][ T3118] usb 5-1: USB disconnect, device number 7 [ 236.762954][ T8016] udevd[8016]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 237.107983][ T8905] overlayfs: failed to clone lowerpath [ 237.247703][ T5121] Bluetooth: hci3: command 0x0401 tx timeout [ 238.575402][ T8928] binder: 8927:8928 ioctl c0306201 200000000940 returned -22 [ 238.579972][ T3118] usb 5-1: new low-speed USB device number 8 using dummy_hcd [ 238.746524][ T3118] usb 5-1: unable to get BOS descriptor or descriptor too short [ 238.747805][ T3118] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 238.747861][ T3118] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 is Bulk; changing to Interrupt [ 238.747886][ T3118] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 238.797228][ T3118] usb 5-1: string descriptor 0 read error: -22 [ 238.797441][ T3118] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 238.797469][ T3118] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.853358][ T8920] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 239.104414][ T5873] usb 5-1: USB disconnect, device number 8 [ 239.366527][ T8954] IPv6: NLM_F_CREATE should be specified when creating new route [ 240.300703][ T8988] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1320'. [ 240.392458][ T8988] 8021q: adding VLAN 0 to HW filter on device bond2 [ 240.697316][ T9000] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1325'. [ 241.723659][ T9036] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1343'. [ 242.269384][ T9057] net_ratelimit: 3320 callbacks suppressed [ 242.269405][ T9057] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 242.727952][ T9069] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1358'. [ 243.078264][ T9079] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1363'. [ 245.908899][ T9140] netlink: 'syz.4.1388': attribute type 1 has an invalid length. [ 245.908923][ T9140] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1388'. [ 246.310821][ T9150] fuse: Bad value for 'fd' [ 246.683034][ T9135] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 246.683652][ T9135] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 246.683943][ T9135] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 246.684240][ T9135] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 246.684520][ T9135] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 246.685296][ T9135] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 246.837065][ T9135] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 247.000373][ T9164] cgroup: No subsys list or none specified [ 247.164392][ T9170] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 247.164412][ T9170] overlayfs: missing 'lowerdir' [ 247.294796][ T991] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 247.351982][ T38] audit: type=1326 audit(1763377214.611:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9171 comm="syz.4.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ac5f6c9 code=0x7ffc0000 [ 247.352043][ T38] audit: type=1326 audit(1763377214.611:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9171 comm="syz.4.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ac5f6c9 code=0x7ffc0000 [ 247.352090][ T38] audit: type=1326 audit(1763377214.611:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9171 comm="syz.4.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f788ac5f6c9 code=0x7ffc0000 [ 247.352138][ T38] audit: type=1326 audit(1763377214.611:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9171 comm="syz.4.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ac5f6c9 code=0x7ffc0000 [ 247.352183][ T38] audit: type=1326 audit(1763377214.611:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9171 comm="syz.4.1406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788ac5f6c9 code=0x7ffc0000 [ 247.495516][ T991] usb 4-1: config 0 has no interfaces? [ 247.499389][ T991] usb 4-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 247.499422][ T991] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 247.499444][ T991] usb 4-1: Product: syz [ 247.499460][ T991] usb 4-1: SerialNumber: syz [ 247.586622][ T991] usb 4-1: config 0 descriptor?? [ 247.818413][ T9157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 247.819004][ T9157] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 247.856811][ T5873] usb 4-1: USB disconnect, device number 3 [ 248.250655][ T9193] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1417'. [ 248.253816][ T9193] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1417'. [ 248.253838][ T9193] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1417'. [ 248.846045][ T5121] Bluetooth: hci3: command 0x0401 tx timeout [ 248.846071][ T5802] Bluetooth: hci4: command 0x0c1a tx timeout [ 248.846089][ T5121] Bluetooth: hci2: command 0x0c1a tx timeout [ 248.846105][ T5802] Bluetooth: hci1: command 0x0c1a tx timeout [ 250.657134][ T9247] ======================================================= [ 250.657134][ T9247] WARNING: The mand mount option has been deprecated and [ 250.657134][ T9247] and is ignored by this kernel. Remove the mand [ 250.657134][ T9247] option from the mount to silence this warning. [ 250.657134][ T9247] ======================================================= [ 250.790918][ T9253] openvswitch: netlink: IP tunnel dst address not specified [ 250.882780][ T9258] netlink: 'syz.1.1446': attribute type 12 has an invalid length. [ 251.074162][ T61] Bluetooth: hci3: command 0x0401 tx timeout [ 251.334419][ T9265] sit0: entered promiscuous mode [ 251.355292][ T9265] netlink: 'syz.1.1449': attribute type 1 has an invalid length. [ 251.355316][ T9265] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1449'. [ 252.526313][ T9301] sit0: entered promiscuous mode [ 252.560968][ T9301] netlink: 'syz.3.1465': attribute type 1 has an invalid length. [ 252.560993][ T9301] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1465'. [ 252.943993][ T9311] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1471'. [ 252.944021][ T9311] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1471'. [ 253.034376][ T9312] tc_dump_action: action bad kind [ 253.125779][ T9314] bridge0: port 3(ip6gretap0) entered blocking state [ 253.126017][ T9314] bridge0: port 3(ip6gretap0) entered disabled state [ 253.126240][ T9314] ip6gretap0: entered allmulticast mode [ 253.157008][ T9314] ip6gretap0: entered promiscuous mode [ 253.157855][ T9314] bridge0: port 3(ip6gretap0) entered blocking state [ 253.158541][ T9314] bridge0: port 3(ip6gretap0) entered forwarding state [ 253.279000][ T61] Bluetooth: hci3: command 0x0401 tx timeout [ 255.694356][ T9381] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 255.694375][ T9381] overlayfs: missing 'lowerdir' [ 270.821715][ T5121] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 270.836299][ T5121] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 270.841967][ T5121] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 270.843169][ T5121] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 270.860585][ T5121] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 271.161394][ T9399] chnl_net:caif_netlink_parms(): no params data found [ 271.828930][ T61] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 271.832575][ T61] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 271.833703][ T61] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 271.842425][ T61] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 271.845240][ T61] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 272.572888][ T61] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 272.575584][ T61] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 272.580598][ T61] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 272.585897][ T61] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 272.586705][ T61] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 272.754444][ T61] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 272.760044][ T61] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 272.761904][ T61] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 272.765291][ T61] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 272.766218][ T61] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 272.838123][ T61] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 272.847001][ T61] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 272.849669][ T61] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 272.851581][ T61] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 272.852500][ T61] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 274.936803][ T61] Bluetooth: hci8: command tx timeout [ 275.022037][ T61] Bluetooth: hci9: command tx timeout [ 334.886575][ T5121] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 334.889082][ T5121] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 334.897202][ T5121] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 334.899028][ T5121] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 334.901849][ T5121] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 335.880920][ T5121] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 335.893501][ T5121] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 335.897333][ T5121] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 335.899194][ T5121] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 335.900703][ T5121] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 336.500965][ T5121] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 336.512412][ T5121] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 336.514844][ T5121] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 336.516070][ T5121] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 336.516901][ T5121] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 336.606393][ T61] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 336.618591][ T61] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 336.620649][ T61] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 336.631196][ T61] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 336.636072][ T61] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 336.926470][ T61] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 336.936763][ T61] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 336.938689][ T61] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 336.939991][ T61] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 336.941483][ T61] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 337.098297][ T61] Bluetooth: hci10: command tx timeout [ 338.121519][ T61] Bluetooth: hci11: command tx timeout [ 338.718430][ T61] Bluetooth: hci12: command tx timeout [ 339.144756][ T61] Bluetooth: hci14: command tx timeout [ 366.484165][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 366.484194][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P9347/4:b..l P29/3:b..l [ 366.484233][ C1] rcu: (detected by 1, t=10502 jiffies, g=25993, q=15017 ncpus=2) [ 366.484250][ C1] task:ktimers/1 state:D stack:19608 pid:29 tgid:29 ppid:2 task_flags:0x4208040 flags:0x00080000 [ 366.484297][ C1] Call Trace: [ 366.484306][ C1] [ 366.484318][ C1] __schedule+0x16f3/0x4c20 [ 366.484358][ C1] ? update_load_avg+0xfb3/0x1880 [ 366.484388][ C1] ? __pfx___schedule+0x10/0x10 [ 366.484411][ C1] ? irqentry_exit+0x74/0x90 [ 366.484434][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.484470][ C1] schedule_rtlock+0x30/0x70 [ 366.484492][ C1] rtlock_slowlock_locked+0x3819/0x4010 [ 366.484523][ C1] ? __lock_acquire+0xab9/0xd20 [ 366.484550][ C1] ? rtlock_slowlock_locked+0x286/0x4010 [ 366.484569][ C1] ? do_raw_spin_lock+0x121/0x290 [ 366.484592][ C1] ? __pfx_rtlock_slowlock_locked+0x10/0x10 [ 366.484621][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 366.484653][ C1] rt_spin_lock+0x158/0x3e0 [ 366.484674][ C1] ? __pfx_rt_spin_lock+0x10/0x10 [ 366.484691][ C1] ? rt_spin_lock+0x1f4/0x3e0 [ 366.484711][ C1] ? __pfx_rt_spin_lock+0x10/0x10 [ 366.484732][ C1] drm_handle_vblank+0xc1/0x630 [ 366.484749][ C1] ? read_tsc+0x9/0x20 [ 366.484766][ C1] ? __pfx_vkms_vblank_simulate+0x10/0x10 [ 366.484785][ C1] vkms_vblank_simulate+0x97/0x2f0 [ 366.484808][ C1] ? __pfx_vkms_vblank_simulate+0x10/0x10 [ 366.484864][ C1] __hrtimer_run_queues+0x552/0xd40 [ 366.484903][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 366.484926][ C1] ? ktime_get_update_offsets_now+0x3b2/0x3d0 [ 366.484954][ C1] hrtimer_run_softirq+0x1a3/0x2e0 [ 366.484972][ C1] handle_softirqs+0x22f/0x710 [ 366.485000][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 366.485027][ C1] run_ktimerd+0xcf/0x190 [ 366.485048][ C1] ? __pfx_run_ktimerd+0x10/0x10 [ 366.485070][ C1] ? schedule+0x91/0x360 [ 366.485096][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 366.485116][ C1] smpboot_thread_fn+0x542/0xa60 [ 366.485137][ C1] ? smpboot_thread_fn+0x4d/0xa60 [ 366.485163][ C1] kthread+0x711/0x8a0 [ 366.485191][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 366.485210][ C1] ? __pfx_kthread+0x10/0x10 [ 366.485231][ C1] ? rt_spin_unlock+0x150/0x200 [ 366.485253][ C1] ? rt_spin_unlock+0x161/0x200 [ 366.485270][ C1] ? __pfx_kthread+0x10/0x10 [ 366.485294][ C1] ret_from_fork+0x4bc/0x870 [ 366.485315][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 366.485339][ C1] ? __switch_to_asm+0x39/0x70 [ 366.485354][ C1] ? __switch_to_asm+0x33/0x70 [ 366.485369][ C1] ? __pfx_kthread+0x10/0x10 [ 366.485393][ C1] ret_from_fork_asm+0x1a/0x30 [ 366.485422][ C1] [ 366.485428][ C1] task:syz.3.1488 state:D stack:27424 pid:9347 tgid:9341 ppid:5805 task_flags:0x400040 flags:0x00080003 [ 366.485476][ C1] Call Trace: [ 366.485481][ C1] [ 366.485489][ C1] __schedule+0x16f3/0x4c20 [ 366.485529][ C1] ? __pfx___schedule+0x10/0x10 [ 366.485552][ C1] ? irqentry_exit+0x74/0x90 [ 366.485574][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.485609][ C1] schedule_rtlock+0x30/0x70 [ 366.485630][ C1] rtlock_slowlock_locked+0x3819/0x4010 [ 366.485660][ C1] ? __lock_acquire+0xab9/0xd20 [ 366.485686][ C1] ? rtlock_slowlock_locked+0x286/0x4010 [ 366.485705][ C1] ? do_raw_spin_lock+0x121/0x290 [ 366.485727][ C1] ? __pfx_rtlock_slowlock_locked+0x10/0x10 [ 366.485755][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 366.485777][ C1] ? rcu_is_watching+0x15/0xb0 [ 366.485793][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.485825][ C1] rt_spin_lock+0x158/0x3e0 [ 366.485845][ C1] ? __pfx_rt_spin_lock+0x10/0x10 [ 366.485864][ C1] ? __pfx_drm_update_vblank_count+0x10/0x10 [ 366.485891][ C1] ? hrtimer_cancel_wait_running+0xe5/0x180 [ 366.485915][ C1] hrtimer_cancel_wait_running+0xfa/0x180 [ 366.485940][ C1] ? __pfx_vkms_disable_vblank+0x10/0x10 [ 366.485958][ C1] hrtimer_cancel+0x39/0x60 [ 366.485980][ C1] drm_vblank_disable_and_save+0x1bf/0x380 [ 366.486009][ C1] drm_crtc_vblank_off+0x22e/0x820 [ 366.486028][ C1] ? drm_atomic_bridge_chain_disable+0x157/0x180 [ 366.486050][ C1] ? __pfx_vkms_crtc_atomic_disable+0x10/0x10 [ 366.486071][ C1] drm_atomic_helper_commit_modeset_disables+0xc99/0x2040 [ 366.486110][ C1] vkms_atomic_commit_tail+0x51/0x210 [ 366.486125][ C1] ? read_tsc+0x9/0x20 [ 366.486140][ C1] ? __pfx_vkms_atomic_commit_tail+0x10/0x10 [ 366.486155][ C1] commit_tail+0x284/0x3a0 [ 366.486176][ C1] drm_atomic_helper_commit+0xa6b/0xb10 [ 366.486196][ C1] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 366.486211][ C1] drm_atomic_commit+0x262/0x2c0 [ 366.486236][ C1] ? __pfx_drm_atomic_commit+0x10/0x10 [ 366.486257][ C1] ? __pfx___drm_printfn_info+0x10/0x10 [ 366.486277][ C1] ? drm_atomic_state_init+0x231/0x310 [ 366.486302][ C1] drm_atomic_helper_set_config+0xe2/0x160 [ 366.486321][ C1] drm_mode_setcrtc+0x9a7/0x1c50 [ 366.486361][ C1] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 366.486384][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.486410][ C1] ? __pfx_drm_mode_setcrtc+0x10/0x10 [ 366.486450][ C1] ? rt_spin_unlock+0x161/0x200 [ 366.486470][ C1] ? drm_is_current_master+0x1a2/0x210 [ 366.486487][ C1] drm_ioctl_kernel+0x2d2/0x3a0 [ 366.486506][ C1] ? __pfx_drm_mode_setcrtc+0x10/0x10 [ 366.486524][ C1] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 366.486549][ C1] drm_ioctl+0x685/0xb20 [ 366.486570][ C1] ? __pfx_drm_mode_setcrtc+0x10/0x10 [ 366.486593][ C1] ? __pfx_drm_ioctl+0x10/0x10 [ 366.486620][ C1] ? __fget_files+0x3a6/0x420 [ 366.486641][ C1] ? __fget_files+0x2a/0x420 [ 366.486664][ C1] ? bpf_lsm_file_ioctl+0x9/0x20 [ 366.486679][ C1] ? __pfx_drm_ioctl+0x10/0x10 [ 366.486696][ C1] __se_sys_ioctl+0xff/0x170 [ 366.486716][ C1] do_syscall_64+0xfa/0xfa0 [ 366.486737][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.486759][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.486774][ C1] ? clear_bhb_loop+0x60/0xb0 [ 366.486793][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.486808][ C1] RIP: 0033:0x7f387de1f6c9 [ 366.486834][ C1] RSP: 002b:00007f387c065038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 366.486848][ C1] RAX: ffffffffffffffda RBX: 00007f387e076090 RCX: 00007f387de1f6c9 [ 366.486860][ C1] RDX: 0000200000000400 RSI: 00000000c06864a2 RDI: 0000000000000003 [ 366.486869][ C1] RBP: 00007f387dea1f91 R08: 0000000000000000 R09: 0000000000000000 [ 366.486879][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.486888][ C1] R13: 00007f387e076128 R14: 00007f387e076090 R15: 00007ffc6deb3218 [ 366.486913][ C1] [ 366.486918][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g25993 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 366.486943][ C1] rcu: Possible timer handling issue on cpu=1 timer-softirq=18725 [ 366.486951][ C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g25993 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 366.486967][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 366.486974][ C1] rcu: RCU grace-period kthread stack dump: [ 366.486979][ C1] task:rcu_preempt state:I stack:27240 pid:18 tgid:18 ppid:2 task_flags:0x208040 flags:0x00080000 [ 366.487025][ C1] Call Trace: [ 366.487029][ C1] [ 366.487038][ C1] __schedule+0x16f3/0x4c20 [ 366.487066][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 366.487094][ C1] ? __lock_acquire+0xab9/0xd20 [ 366.487115][ C1] ? __pfx___schedule+0x10/0x10 [ 366.487149][ C1] ? schedule+0x91/0x360 [ 366.487172][ C1] schedule+0x165/0x360 [ 366.487194][ C1] schedule_timeout+0x12b/0x270 [ 366.487215][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 366.487237][ C1] ? __pfx_process_timeout+0x10/0x10 [ 366.487257][ C1] ? prepare_to_swait_event+0x341/0x380 [ 366.487281][ C1] rcu_gp_fqs_loop+0x301/0x1540 [ 366.487310][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 366.487331][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.487354][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 366.487374][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 366.487400][ C1] ? finish_swait+0xcd/0x1f0 [ 366.487421][ C1] rcu_gp_kthread+0x99/0x390 [ 366.487444][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 366.487467][ C1] ? __kthread_parkme+0x7b/0x200 [ 366.487487][ C1] ? __kthread_parkme+0x1a1/0x200 [ 366.487512][ C1] kthread+0x711/0x8a0 [ 366.487537][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 366.487558][ C1] ? __pfx_kthread+0x10/0x10 [ 366.487579][ C1] ? rt_spin_unlock+0x150/0x200 [ 366.487600][ C1] ? rt_spin_unlock+0x161/0x200 [ 366.487617][ C1] ? __pfx_kthread+0x10/0x10 [ 366.487641][ C1] ret_from_fork+0x4bc/0x870 [ 366.487660][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 366.487684][ C1] ? __switch_to_asm+0x39/0x70 [ 366.487699][ C1] ? __switch_to_asm+0x33/0x70 [ 366.487715][ C1] ? __pfx_kthread+0x10/0x10 [ 366.487746][ C1] ret_from_fork_asm+0x1a/0x30 [ 366.487774][ C1] [ 366.487780][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 366.487806][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 366.487830][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 366.487839][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 366.487861][ C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 63 b7 27 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 366.487876][ C1] RSP: 0018:ffffc900001d7de0 EFLAGS: 000002c2 [ 366.487888][ C1] RAX: 9119da0eadafaa00 RBX: ffffffff81953c47 RCX: 9119da0eadafaa00 [ 366.487900][ C1] RDX: 0000000000000001 RSI: ffffffff8cd8e5db RDI: ffffffff8b3ddde0 [ 366.487910][ C1] RBP: ffffc900001d7f10 R08: ffff8880b89334db R09: 1ffff1101712669b [ 366.487921][ C1] R10: dffffc0000000000 R11: ffffed101712669c R12: ffffffff8ed63e70 [ 366.487932][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110036d2b40 [ 366.487941][ C1] FS: 0000000000000000(0000) GS:ffff888126ef7000(0000) knlGS:0000000000000000 [ 366.487953][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 366.487963][ C1] CR2: 00007fd956e4a015 CR3: 000000003de62000 CR4: 00000000003526f0 [ 366.487976][ C1] Call Trace: [ 366.487982][ C1] [ 366.487986][ C1] default_idle+0x13/0x20 [ 366.488001][ C1] default_idle_call+0x73/0xb0 [ 366.488016][ C1] do_idle+0x1e7/0x510 [ 366.488031][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 366.488048][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.488072][ C1] ? __pfx_do_idle+0x10/0x10 [ 366.488094][ C1] ? do_idle+0x4ed/0x510 [ 366.488111][ C1] cpu_startup_entry+0x44/0x60 [ 366.488126][ C1] start_secondary+0x101/0x110 [ 366.488142][ C1] common_startup_64+0x13e/0x147 [ 366.488179][ C1]