syzkaller login: [ 65.312478][ T38] audit: type=1400 audit(1575100349.386:41): avc: denied { map } for pid=7936 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '[localhost]:31016' (ECDSA) to the list of known hosts. [ 67.027738][ T38] audit: type=1400 audit(1575100351.096:42): avc: denied { map } for pid=7946 comm="syz-fuzzer" path="/syz-fuzzer" dev="sda1" ino=16526 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2019/11/30 07:52:31 fuzzer started 2019/11/30 07:52:31 dialing manager at 10.0.2.10:40921 2019/11/30 07:52:31 syscalls: 2533 2019/11/30 07:52:31 code coverage: enabled 2019/11/30 07:52:31 comparison tracing: enabled 2019/11/30 07:52:31 extra coverage: extra coverage is not supported by the kernel 2019/11/30 07:52:31 setuid sandbox: enabled 2019/11/30 07:52:31 namespace sandbox: enabled 2019/11/30 07:52:31 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/30 07:52:31 fault injection: enabled 2019/11/30 07:52:31 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/30 07:52:31 net packet injection: enabled 2019/11/30 07:52:31 net device setup: enabled 2019/11/30 07:52:31 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/30 07:52:31 devlink PCI setup: PCI device 0000:00:10.0 is not available 07:52:42 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) [ 78.879813][ T38] audit: type=1400 audit(1575100362.956:43): avc: denied { map } for pid=7968 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=52 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 07:52:43 executing program 1: unshare(0x2040400) r0 = syz_open_dev$cec(&(0x7f0000000200)='/dev/cec#\x00', 0x2, 0x2) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r0, 0x5452, 0x0) [ 79.045277][ T7969] IPVS: ftp: loaded support on port[0] = 21 [ 79.055892][ T7971] IPVS: ftp: loaded support on port[0] = 21 [ 79.135770][ T7969] chnl_net:caif_netlink_parms(): no params data found [ 79.173675][ T7971] chnl_net:caif_netlink_parms(): no params data found [ 79.196610][ T7969] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.204036][ T7969] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.211463][ T7969] device bridge_slave_0 entered promiscuous mode [ 79.223171][ T7969] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.229586][ T7969] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.236863][ T7969] device bridge_slave_1 entered promiscuous mode [ 79.256810][ T7971] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.264784][ T7971] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.272286][ T7971] device bridge_slave_0 entered promiscuous mode [ 79.283703][ T7971] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.290546][ T7971] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.298161][ T7971] device bridge_slave_1 entered promiscuous mode [ 79.306756][ T7969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.321610][ T7969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.339007][ T7971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.353168][ T7971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.363656][ T7969] team0: Port device team_slave_0 added [ 79.373945][ T7969] team0: Port device team_slave_1 added [ 79.385425][ T7971] team0: Port device team_slave_0 added [ 79.393056][ T7971] team0: Port device team_slave_1 added [ 79.471377][ T7969] device hsr_slave_0 entered promiscuous mode [ 79.529579][ T7969] device hsr_slave_1 entered promiscuous mode [ 79.661230][ T7971] device hsr_slave_0 entered promiscuous mode [ 79.729635][ T7971] device hsr_slave_1 entered promiscuous mode [ 79.789395][ T7971] debugfs: Directory 'hsr0' with parent '/' already present! [ 79.821944][ T38] audit: type=1400 audit(1575100363.896:44): avc: denied { create } for pid=7969 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 79.822538][ T38] audit: type=1400 audit(1575100363.896:45): avc: denied { write } for pid=7969 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 79.873098][ T38] audit: type=1400 audit(1575100363.896:46): avc: denied { read } for pid=7969 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 79.898384][ T7969] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.991069][ T7971] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.050964][ T7971] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.110733][ T7969] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.161260][ T7971] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.220910][ T7971] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 80.270678][ T7969] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.337232][ T7969] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.454643][ T7971] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.465520][ T7969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.477866][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.486988][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.498412][ T7971] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.506189][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.514784][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.525263][ T7969] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.533692][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 80.542802][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 80.551750][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.559652][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.569661][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 80.577998][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 80.587342][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 80.596268][ T1204] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.603944][ T1204] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.616487][ T3857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 80.626181][ T3857] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 80.635197][ T3857] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.643056][ T3857] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.653683][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 80.661909][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 80.670938][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 80.679627][ T3928] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.687216][ T3928] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.695413][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 80.709412][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 80.718513][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 80.731000][ T3338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 80.739955][ T3338] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.747835][ T3338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 80.758094][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 80.765395][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 80.773429][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.781894][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 80.790624][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 80.799066][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 80.810660][ T3338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 80.818893][ T3338] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 80.830148][ T3857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 80.838875][ T3857] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 80.847851][ T3857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 80.856465][ T3857] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 80.869847][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 80.877942][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 80.886119][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 80.894081][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 80.903973][ T7969] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 80.912419][ T7971] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 80.930681][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 80.938066][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 80.945692][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 80.953118][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 80.963899][ T7971] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.971808][ T7969] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.983116][ T38] audit: type=1400 audit(1575100365.056:47): avc: denied { associate } for pid=7969 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 07:52:45 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0}}], 0x1, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='pagemap\x00') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) poll(&(0x7f0000000240)=[{}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) poll(&(0x7f0000000240)=[{}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) poll(&(0x7f0000000240)=[{}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) ppoll(&(0x7f0000000180)=[{}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 1: unshare(0x2040400) ppoll(&(0x7f0000000180)=[{}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) ppoll(&(0x7f0000000180)=[{}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000200)) r0 = syz_open_pts(0xffffffffffffffff, 0x0) poll(&(0x7f0000000240)=[{r0}], 0x1, 0x0) 07:52:45 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000200)) r0 = syz_open_pts(0xffffffffffffffff, 0x0) poll(&(0x7f0000000240)=[{r0}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x0) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000200)) r0 = syz_open_pts(0xffffffffffffffff, 0x0) poll(&(0x7f0000000240)=[{r0}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x0) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x0) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180), 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180), 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180), 0x0, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, 0x0) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, 0x0) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, 0x0) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:45 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(0xffffffffffffffff, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:46 executing program 1: unshare(0x2040400) syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{}], 0x1, &(0x7f00000001c0)={0x0, 0x989680}, 0x0, 0x0) 07:52:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(0xffffffffffffffff, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:46 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, 0x0, 0x0, 0x0) 07:52:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(0xffffffffffffffff, 0x0) poll(&(0x7f0000000240)=[{r1}], 0x1, 0x0) 07:52:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(0x0, 0x0, 0x0) 07:52:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(0x0, 0x0, 0x0) 07:52:46 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, 0x0, 0x0, 0x0) 07:52:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(0x0, 0x0, 0x0) 07:52:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(&(0x7f0000000240), 0x0, 0x0) 07:52:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(&(0x7f0000000240), 0x0, 0x0) 07:52:47 executing program 1: unshare(0x2040400) r0 = syz_open_dev$sndctrl(&(0x7f00000006c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, 0x0, 0x0, 0x0) 07:52:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(&(0x7f0000000240), 0x0, 0x0) 07:52:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{}], 0x1, 0x0) 07:52:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{}], 0x1, 0x0) 07:52:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffa}) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) syz_open_pts(r0, 0x0) poll(&(0x7f0000000240)=[{}], 0x1, 0x0) 07:52:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_msfilter(r0, 0x0, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1) 07:52:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:52:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:52:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:52:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 86.519906][ T3338] Bluetooth: hci0: command 0x1003 tx timeout [ 86.527126][ T8215] Bluetooth: hci0: sending frame failed (-49) [ 87.309515][ T2956] Bluetooth: hci1: command 0x1003 tx timeout [ 87.316990][ T8215] Bluetooth: hci1: sending frame failed (-49) [ 88.589498][ T2956] Bluetooth: hci0: command 0x1001 tx timeout [ 88.595854][ T8215] Bluetooth: hci0: sending frame failed (-49) [ 89.389487][ T61] Bluetooth: hci1: command 0x1001 tx timeout [ 89.398355][ T8215] Bluetooth: hci1: sending frame failed (-49) [ 90.669585][ T61] Bluetooth: hci0: command 0x1009 tx timeout [ 91.469532][ T1204] Bluetooth: hci1: command 0x1009 tx timeout 07:52:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:52:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) [ 95.910450][ T44] Bluetooth: hci0: Frame reassembly failed (-84) 07:53:00 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:00 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:00 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 97.949426][ T2956] Bluetooth: hci0: command 0x1003 tx timeout [ 97.955777][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 100.029564][ T5] Bluetooth: hci0: command 0x1001 tx timeout [ 100.035868][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 102.109564][ T2956] Bluetooth: hci0: command 0x1009 tx timeout 07:53:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 106.140023][ T44] Bluetooth: hci0: Frame reassembly failed (-84) 07:53:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 108.189391][ T3338] Bluetooth: hci0: command 0x1003 tx timeout [ 108.196349][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 110.269640][ T2956] Bluetooth: hci0: command 0x1001 tx timeout [ 110.276675][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 112.349536][ T3338] Bluetooth: hci0: command 0x1009 tx timeout 07:53:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 118.429378][ T2956] Bluetooth: hci0: command 0x1003 tx timeout [ 118.436563][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 120.509460][ T3857] Bluetooth: hci0: command 0x1001 tx timeout [ 120.516970][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 122.589462][ T3338] Bluetooth: hci0: command 0x1009 tx timeout 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) [ 127.069473][ T44] Bluetooth: hci0: Frame reassembly failed (-84) 07:53:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) [ 129.069572][ T3857] Bluetooth: hci0: command 0x1003 tx timeout [ 129.077357][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 131.149488][ T3338] Bluetooth: hci0: command 0x1001 tx timeout [ 131.157482][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 133.229492][ T3857] Bluetooth: hci0: command 0x1009 tx timeout 07:53:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:53:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) [ 137.513351][ T86] Bluetooth: hci0: Frame reassembly failed (-84) 07:53:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:53:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) [ 139.549549][ T2956] Bluetooth: hci0: command 0x1003 tx timeout [ 139.556968][ T8215] Bluetooth: hci0: sending frame failed (-49) [ 139.629639][ T1204] Bluetooth: hci1: command 0x1003 tx timeout [ 139.636907][ T8215] Bluetooth: hci1: sending frame failed (-49) [ 141.629751][ T1204] Bluetooth: hci0: command 0x1001 tx timeout [ 141.639722][ T8215] Bluetooth: hci0: sending frame failed (-49) [ 141.709508][ T3857] Bluetooth: hci1: command 0x1001 tx timeout [ 141.716947][ T8215] Bluetooth: hci1: sending frame failed (-49) [ 143.709455][ T3857] Bluetooth: hci0: command 0x1009 tx timeout [ 143.789418][ T1204] Bluetooth: hci1: command 0x1009 tx timeout 07:53:51 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) 07:53:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 149.789441][ T1204] Bluetooth: hci0: command 0x1003 tx timeout [ 149.797205][ T8215] Bluetooth: hci0: sending frame failed (-49) [ 149.803875][ T2956] Bluetooth: hci1: command 0x1003 tx timeout [ 149.811140][ T8215] Bluetooth: hci1: sending frame failed (-49) [ 151.869459][ T2956] Bluetooth: hci0: command 0x1001 tx timeout [ 151.869593][ T28] Bluetooth: hci1: command 0x1001 tx timeout [ 151.877006][ T8215] Bluetooth: hci0: sending frame failed (-49) [ 151.883656][ T8228] Bluetooth: hci1: sending frame failed (-49) [ 153.949466][ T1204] Bluetooth: hci0: command 0x1009 tx timeout [ 153.949491][ T2956] Bluetooth: hci1: command 0x1009 tx timeout 07:54:02 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) 07:54:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:02 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 160.029535][ T1204] Bluetooth: hci0: command 0x1003 tx timeout [ 160.035643][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 162.109544][ T61] Bluetooth: hci0: command 0x1001 tx timeout [ 162.116754][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 164.189506][ T1204] Bluetooth: hci0: command 0x1009 tx timeout 07:54:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 07:54:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) [ 170.269612][ T1204] Bluetooth: hci0: command 0x1003 tx timeout [ 170.277826][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 172.349494][ T18] Bluetooth: hci0: command 0x1001 tx timeout [ 172.356022][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 174.429642][ T1204] Bluetooth: hci0: command 0x1009 tx timeout 07:54:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:54:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 07:54:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:54:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, 0x0) 07:54:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, 0x0) [ 180.509602][ T18] Bluetooth: hci0: command 0x1003 tx timeout [ 180.516605][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 182.589561][ T1204] Bluetooth: hci0: command 0x1001 tx timeout [ 182.596468][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 184.669514][ T18] Bluetooth: hci0: command 0x1009 tx timeout 07:54:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 07:54:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, 0x0) [ 188.698227][ T86] Bluetooth: hci0: Frame reassembly failed (-84) 07:54:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 190.749447][ T18] Bluetooth: hci0: command 0x1003 tx timeout [ 190.756168][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 192.829502][ T3857] Bluetooth: hci0: command 0x1001 tx timeout [ 192.836991][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 194.909470][ T1204] Bluetooth: hci0: command 0x1009 tx timeout 07:54:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:43 executing program 0: perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/arp\x00') lseek(r0, 0x80000000000000, 0x0) 07:54:43 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) r1 = syz_open_dev$audion(0x0, 0xf335, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000140)=0x4) syz_mount_image$cifs(0x0, &(0x7f0000000180)='./file0\x00', 0x3, 0x0, 0x0, 0x0, &(0x7f0000000200)='fd/3\x00') write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x8}, 0x10) [ 198.968058][ T38] audit: type=1400 audit(1575100483.036:48): avc: denied { open } for pid=8487 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 [ 198.992076][ T38] audit: type=1400 audit(1575100483.036:49): avc: denied { kernel } for pid=8487 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1 07:54:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:54:43 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) r1 = syz_open_dev$audion(0x0, 0xf335, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000140)=0x4) syz_mount_image$cifs(0x0, &(0x7f0000000180)='./file0\x00', 0x3, 0x0, 0x0, 0x0, &(0x7f0000000200)='fd/3\x00') write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x8}, 0x10) 07:54:43 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) r1 = syz_open_dev$audion(0x0, 0xf335, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000140)=0x4) syz_mount_image$cifs(0x0, &(0x7f0000000180)='./file0\x00', 0x3, 0x0, 0x0, 0x0, &(0x7f0000000200)='fd/3\x00') write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x8}, 0x10) 07:54:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) [ 199.619352][ C0] hrtimer: interrupt took 25128 ns 07:54:44 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) r1 = syz_open_dev$audion(0x0, 0xf335, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000140)=0x4) syz_mount_image$cifs(0x0, &(0x7f0000000180)='./file0\x00', 0x3, 0x0, 0x0, 0x0, &(0x7f0000000200)='fd/3\x00') write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x8}, 0x10) 07:54:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) 07:54:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:45 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) r1 = syz_open_dev$audion(0x0, 0xf335, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000140)=0x4) syz_mount_image$cifs(0x0, &(0x7f0000000180)='./file0\x00', 0x3, 0x0, 0x0, 0x0, &(0x7f0000000200)='fd/3\x00') 07:54:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:54:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:51 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) r1 = syz_open_dev$audion(0x0, 0xf335, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000140)=0x4) 07:55:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:51 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:55:51 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) [ 268.527061][ T8565] IPVS: ftp: loaded support on port[0] = 21 [ 268.580748][ T8565] chnl_net:caif_netlink_parms(): no params data found [ 268.606568][ T8565] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.614709][ T8565] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.623129][ T8565] device bridge_slave_0 entered promiscuous mode [ 268.631506][ T8565] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.638902][ T8565] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.647046][ T8565] device bridge_slave_1 entered promiscuous mode [ 268.663441][ T8565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 268.674602][ T8565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 268.694028][ T8565] team0: Port device team_slave_0 added [ 268.702020][ T8565] team0: Port device team_slave_1 added [ 268.761498][ T8565] device hsr_slave_0 entered promiscuous mode [ 268.810082][ T8565] device hsr_slave_1 entered promiscuous mode [ 268.869413][ T8565] debugfs: Directory 'hsr0' with parent '/' already present! [ 268.896089][ T8565] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.903426][ T8565] bridge0: port 2(bridge_slave_1) entered forwarding state [ 268.910953][ T8565] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.917823][ T8565] bridge0: port 1(bridge_slave_0) entered forwarding state [ 268.961503][ T8565] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.975019][ T3857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 268.984477][ T3857] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.002147][ T3857] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.020831][ T1964] tipc: TX() has been purged, node left! [ 269.027059][ T3857] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 269.039613][ T8565] 8021q: adding VLAN 0 to HW filter on device team0 [ 269.071275][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 269.082779][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.089394][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 269.096728][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 269.129643][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.136539][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.190667][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 269.211522][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 269.218791][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 269.241676][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 269.252286][ T8565] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 269.263239][ T8565] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 269.270892][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 269.285596][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 269.293314][ T1204] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 269.304807][ T8565] 8021q: adding VLAN 0 to HW filter on device batadv0 07:55:53 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:55:53 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) syz_open_dev$audion(0x0, 0xf335, 0x0) 07:55:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:54 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) 07:55:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:54 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 07:55:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 0: sysfs$1(0x1, &(0x7f0000000040)='vfat\x00') 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 0: sysfs$1(0x1, 0x0) 07:55:55 executing program 0: sysfs$1(0x1, 0x0) 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:55:55 executing program 0: sysfs$1(0x1, 0x0) 07:55:55 executing program 0: unshare(0x2040400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) poll(&(0x7f0000000380)=[{}], 0x5, 0x0) 07:55:55 executing program 0: r0 = socket(0x1e, 0x2, 0x0) r1 = eventfd2(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r3 = dup3(r2, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0xff37) r4 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10) ftruncate(0xffffffffffffffff, 0x0) sendmmsg(r4, &(0x7f0000000a40), 0x8000000000000b0, 0x0) [ 273.949381][ T3928] Bluetooth: hci0: command 0x1003 tx timeout [ 273.955545][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 274.212251][ T1964] device bridge_slave_1 left promiscuous mode [ 274.218363][ T1964] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.301983][ T1964] device bridge_slave_0 left promiscuous mode [ 274.307882][ T1964] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.810654][ T1964] device hsr_slave_0 left promiscuous mode [ 274.859754][ T1964] device hsr_slave_1 left promiscuous mode [ 274.948256][ T1964] team0 (unregistering): Port device team_slave_1 removed [ 274.959386][ T1964] team0 (unregistering): Port device team_slave_0 removed [ 274.970746][ T1964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 275.063866][ T1964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 275.244680][ T1964] bond0 (unregistering): Released all slaves [ 276.029538][ T36] Bluetooth: hci0: command 0x1001 tx timeout [ 276.035476][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 278.109712][ T3928] Bluetooth: hci0: command 0x1009 tx timeout 07:56:06 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 282.128449][ T8702] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.0'. [ 282.153588][ T8707] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.0'. 07:56:06 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) [ 282.193846][ T8711] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.0'. 07:56:06 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) [ 282.245846][ T8714] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.0'. 07:56:06 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) [ 282.294948][ T8717] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.0'. [ 284.189534][ T8395] Bluetooth: hci0: command 0x1003 tx timeout [ 284.197158][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 286.269475][ T61] Bluetooth: hci0: command 0x1001 tx timeout [ 286.275695][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 288.349488][ T1204] Bluetooth: hci0: command 0x1009 tx timeout 07:56:16 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r1) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) [ 292.372966][ T8720] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.0'. [ 292.385520][ T2759] Bluetooth: hci0: Frame reassembly failed (-84) 07:56:16 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) [ 292.422189][ T8727] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.0'. 07:56:16 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) [ 292.461652][ T8731] netlink: 18 bytes leftover after parsing attributes in process `syz-executor.0'. 07:56:16 executing program 0: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) [ 294.429520][ T3928] Bluetooth: hci0: command 0x1003 tx timeout [ 294.435761][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 296.509516][ T8395] Bluetooth: hci0: command 0x1001 tx timeout [ 296.516035][ T1619] Bluetooth: hci0: sending frame failed (-49) [ 298.589465][ T1204] Bluetooth: hci0: command 0x1009 tx timeout 07:56:26 executing program 0: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:56:26 executing program 0: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:26 executing program 0: r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:26 executing program 0: r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:26 executing program 0: r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:56:26 executing program 0: socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:26 executing program 0: socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:26 executing program 0: socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0) 07:56:26 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, 0x0, 0x0) 07:56:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:56:26 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, 0x0, 0x0) 07:56:26 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, 0x0, 0x0) 07:56:26 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 07:56:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)}, 0x0) 07:56:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) 07:56:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000000)) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb080018", 0x17}], 0x1}, 0x0) 07:56:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb080018", 0x17}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb080018", 0x17}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f", 0x23}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f", 0x23}], 0x1}, 0x0) 07:56:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f", 0x23}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028", 0x29}], 0x1}, 0x0) 07:56:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000)) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028", 0x29}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028", 0x29}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc", 0x2c}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc", 0x2c}], 0x1}, 0x0) 07:56:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$TIOCGETD(r0, 0x5424, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc", 0x2c}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c", 0x2d}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c", 0x2d}], 0x1}, 0x0) 07:56:27 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eb0800180009ac0f000586f9835b3f2f009148790028f85acc7c", 0x2d}], 0x1}, 0x0) 07:56:27 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) listen(0xffffffffffffffff, 0x0) syz_open_dev$video4linux(0x0, 0x0, 0x0) r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x4, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000040)={0x0, 0x1, 0x0, [], &(0x7f0000000000)={0xf0f041, 0x4000, [], @p_u8=0x0}}) write(0xffffffffffffffff, 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, &(0x7f0000000100)={0x0, @adiantum}) 07:56:27 executing program 0: socket$inet6(0xa, 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_open_dev$video4linux(&(0x7f0000000a80)='/dev/v4l-subdev#\x00', 0x0, 0x0) r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x4, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000040)={0x0, 0x1, 0x0, [], &(0x7f0000000000)={0xf0f041, 0x0, [], @p_u8=0x0}}) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000200)={0x33, 0x5, 0x6, 0x6, 0xb, 0x8, 0x5}) [ 303.901367][ T8888] vivid-000: disconnect [ 303.923981][ T38] audit: type=1800 audit(1575100587.996:50): pid=8889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16615 res=0 [ 303.948848][ T38] audit: type=1804 audit(1575100588.006:51): pid=8889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir908299233/syzkaller.KlbYVo/60/file0" dev="sda1" ino=16615 res=1 [ 304.653735][ T8882] vivid-000: reconnect [ 453.244330][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 116s! [syz-executor.0:8887] [ 453.249271][ C0] Modules linked in: [ 453.249271][ C0] irq event stamp: 5423819 [ 453.249271][ C0] hardirqs last enabled at (5423818): [] trace_hardirqs_on_thunk+0x1a/0x1c [ 453.249271][ C0] hardirqs last disabled at (5423819): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 453.249271][ C0] softirqs last enabled at (994168): [] __do_softirq+0x6cd/0x98c [ 453.249271][ C0] softirqs last disabled at (994511): [] irq_exit+0x19b/0x1e0 [ 453.249271][ C0] CPU: 0 PID: 8887 Comm: syz-executor.0 Not tainted 5.4.0-syzkaller #0 [ 453.249271][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 453.249271][ C0] RIP: 0010:clocksource_watchdog+0x31c/0x9a0 [ 453.249271][ C0] Code: c1 ea 03 42 0f b6 14 32 89 4d ac 84 d2 74 09 80 fa 03 0f 8e 5e 06 00 00 8b 40 10 89 45 a8 49 8d 45 08 48 89 45 98 48 c1 e8 03 <42> 80 3c 30 00 0f 85 bf 05 00 00 49 8d bd 98 00 00 00 49 8b 5d 08 [ 453.249271][ C0] RSP: 0018:ffff88802d209c88 EFLAGS: 00010a02 ORIG_RAX: ffffffffffffff13 [ 453.249271][ C0] RAX: 1ffffffff12a0df1 RBX: 0000000000000000 RCX: 0000000000000017 [ 453.249271][ C0] RDX: 0000000000000000 RSI: ffffffff81661f9e RDI: ffffffff89532e70 [ 453.249271][ C0] RBP: ffff88802d209d00 R08: ffff88802b755000 R09: fffffbfff164093d [ 453.249271][ C0] R10: fffffbfff164093c R11: 0000000000000003 R12: ffffffff89506fe0 [ 453.249271][ C0] R13: ffffffff89506f80 R14: dffffc0000000000 R15: 0000006aab2c1977 [ 453.249271][ C0] FS: 00007ffa909ac700(0000) GS:ffff88802d200000(0000) knlGS:0000000000000000 [ 453.249271][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 453.249271][ C0] CR2: 000000000071c000 CR3: 0000000074840000 CR4: 00000000003406f0 [ 453.249271][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 453.249271][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 453.249271][ C0] Call Trace: [ 453.249271][ C0] [ 453.249271][ C0] call_timer_fn+0x1ac/0x780 [ 453.249271][ C0] ? __clocksource_unstable+0x190/0x190 [ 453.249271][ C0] ? msleep_interruptible+0x150/0x150 [ 453.249271][ C0] ? run_timer_softirq+0x6b1/0x1790 [ 453.249271][ C0] ? trace_hardirqs_on+0x67/0x240 [ 453.249271][ C0] ? __clocksource_unstable+0x190/0x190 [ 453.249271][ C0] ? __clocksource_unstable+0x190/0x190 [ 453.249271][ C0] run_timer_softirq+0x6c3/0x1790 [ 453.249271][ C0] ? add_timer+0x930/0x930 [ 453.249271][ C0] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 453.249271][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 453.249271][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 453.491625][ C0] __do_softirq+0x262/0x98c [ 453.491625][ C0] ? sched_clock_cpu+0x14e/0x1b0 [ 453.491625][ C0] irq_exit+0x19b/0x1e0 [ 453.491625][ C0] smp_apic_timer_interrupt+0x1a3/0x610 [ 453.491625][ C0] apic_timer_interrupt+0xf/0x20 [ 453.491625][ C0] [ 453.491625][ C0] RIP: 0010:_raw_spin_unlock_irq+0x4f/0x80 [ 453.491625][ C0] Code: c0 68 34 53 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 12 2a 99 01 00 74 20 fb 66 0f 1f 44 00 00 01 00 00 00 e8 e7 6b 96 f9 65 8b 05 18 14 48 78 85 c0 74 06 41 [ 453.491625][ C0] RSP: 0018:ffff88806a58f8d8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 453.491625][ C0] RAX: 1ffffffff12a668d RBX: ffff88802b755000 RCX: 0000000000000006 [ 453.491625][ C0] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88802b755894 [ 453.491625][ C0] RBP: ffff88806a58f8e0 R08: 1ffffffff15d29b9 R09: fffffbfff15d29ba [ 453.491625][ C0] R10: fffffbfff15d29b9 R11: ffffffff8ae94dcf R12: ffff88802d237380 [ 453.491625][ C0] R13: ffff88802b97c800 R14: ffff8880116a6c40 R15: 0000000000000402 [ 453.491625][ C0] ? _raw_spin_unlock_irq+0x23/0x80 [ 453.491625][ C0] finish_task_switch+0x147/0x750 [ 453.491625][ C0] ? finish_task_switch+0x119/0x750 [ 453.491625][ C0] __schedule+0x8e9/0x1f30 [ 453.491625][ C0] ? __sched_text_start+0x8/0x8 [ 453.491625][ C0] ? __this_cpu_preempt_check+0x35/0x190 [ 453.491625][ C0] ? retint_kernel+0x2b/0x2b [ 453.491625][ C0] ? perf_duration_warn+0x40/0x40 [ 453.491625][ C0] ? preempt_schedule+0x4b/0x60 [ 453.491625][ C0] preempt_schedule_common+0x4f/0xe0 [ 453.491625][ C0] ? __perf_event_enable+0x930/0x930 [ 453.491625][ C0] preempt_schedule+0x4b/0x60 [ 453.491625][ C0] ___preempt_schedule+0x16/0x18 [ 453.491625][ C0] ? smp_call_function_single+0x40b/0x480 [ 453.491625][ C0] smp_call_function_single+0x410/0x480 [ 453.491625][ C0] ? perf_duration_warn+0x40/0x40 [ 453.491625][ C0] ? generic_exec_single+0x4c0/0x4c0 [ 453.491625][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 453.491625][ C0] ? __perf_event_enable+0x930/0x930 [ 453.491625][ C0] task_function_call+0xe9/0x180 [ 453.491625][ C0] ? perf_event_addr_filters_exec+0x310/0x310 [ 453.491625][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 453.491625][ C0] ? __perf_event_enable+0x930/0x930 [ 453.491625][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 453.491625][ C0] ? exclusive_event_installable+0x257/0x320 [ 453.491625][ C0] perf_install_in_context+0x308/0x5a0 [ 453.491625][ C0] ? list_add_event+0xed0/0xed0 [ 453.491625][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 453.491625][ C0] ? __perf_event_header_size.isra.0+0x166/0x1c0 [ 453.491625][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 453.491625][ C0] __do_sys_perf_event_open+0x1cbc/0x2c70 [ 453.491625][ C0] ? perf_event_set_output+0x4e0/0x4e0 [ 453.491625][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 453.491625][ C0] ? put_timespec64+0xda/0x140 [ 453.491625][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 453.491625][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 453.491625][ C0] ? do_syscall_64+0x26/0x790 [ 453.491625][ C0] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 453.491625][ C0] ? do_syscall_64+0x26/0x790 [ 453.491625][ C0] __x64_sys_perf_event_open+0xbe/0x150 [ 453.491625][ C0] do_syscall_64+0xfa/0x790 [ 453.491625][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 453.491625][ C0] RIP: 0033:0x45a759 [ 453.491625][ C0] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 453.491625][ C0] RSP: 002b:00007ffa909abc88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 453.491625][ C0] RAX: ffffffffffffffda RBX: 000000000071bf00 RCX: 000000000045a759 [ 453.491625][ C0] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 453.491625][ C0] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 453.491625][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007ffa909ac6d4 [ 453.491625][ C0] R13: 00000000004aec2b R14: 00000000006f1ca8 R15: 00000000ffffffff [ 453.491625][ C0] Sending NMI from CPU 0 to CPUs 1-3: [ 453.883404][ C1] NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0xe/0x10 [ 453.883413][ C2] NMI backtrace for cpu 2 skipped: idling at native_safe_halt+0xe/0x10 [ 453.883873][ C3] NMI backtrace for cpu 3 [ 453.883878][ C3] CPU: 3 PID: 8884 Comm: syz-executor.1 Not tainted 5.4.0-syzkaller #0 [ 453.883883][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 453.883886][ C3] RIP: 0010:native_write_msr+0x6/0x30 [ 453.883894][ C3] Code: d0 c3 0f 21 d8 c3 0f 21 f0 c3 0f 0b 0f 1f 84 00 00 00 00 00 0f 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 89 f9 89 f0 0f 30 <0f> 1f 44 00 00 c3 55 48 c1 e2 20 89 f6 48 89 e5 48 09 d6 31 d2 e8 [ 453.883897][ C3] RSP: 0018:ffff88802d509ce8 EFLAGS: 00000082 [ 453.883902][ C3] RAX: 00000000a92e9ac2 RBX: 0000000000000000 RCX: 00000000000006e0 [ 453.883906][ C3] RDX: 00000000000000d5 RSI: 00000000a92e9ac2 RDI: 00000000000006e0 [ 453.883909][ C3] RBP: ffff88802d509d00 R08: ffff88801b504d40 R09: ffff88801b5055d0 [ 453.883912][ C3] R10: fffffbfff146dba0 R11: ffffffff8a36dd07 R12: ffff88802d5227c0 [ 453.883916][ C3] R13: 00000000000005c5 R14: 0000000000000000 R15: 0000000000000001 [ 453.883920][ C3] FS: 00007f26edee4700(0000) GS:ffff88802d500000(0000) knlGS:0000000000000000 [ 453.883923][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 453.883926][ C3] CR2: ffffffffff600400 CR3: 000000006b011000 CR4: 00000000003406e0 [ 453.883930][ C3] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 453.883933][ C3] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 453.883935][ C3] Call Trace: [ 453.883936][ C3] [ 453.883939][ C3] ? lapic_next_deadline+0x4d/0x80 [ 453.883942][ C3] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 453.883944][ C3] clockevents_program_event+0x25c/0x370 [ 453.883947][ C3] tick_program_event+0xb4/0x130 [ 453.883949][ C3] hrtimer_interrupt+0x369/0x770 [ 453.883952][ C3] smp_apic_timer_interrupt+0x160/0x610 [ 453.883954][ C3] apic_timer_interrupt+0xf/0x20 [ 453.883957][ C3] RIP: 0010:__do_softirq+0x227/0x98c [ 453.883964][ C3] Code: c7 c0 68 34 53 89 48 c1 e8 03 42 80 3c 30 00 0f 85 b1 06 00 00 48 83 3d 4e 32 73 01 00 0f 84 d6 05 00 00 fb 66 0f 1f 44 00 00 ff ff ff ff 48 c7 45 c8 00 91 40 89 0f bc 45 d4 83 c0 01 89 45 [ 453.883967][ C3] RSP: 0018:ffff88802d509f18 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 453.883973][ C3] RAX: 1ffffffff12a668d RBX: ffff88801b504d40 RCX: 0000000000000002 [ 453.883976][ C3] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88801b5055d4 [ 453.883987][ C3] RBP: ffff88802d509f98 R08: 1ffffffff15d29b9 R09: fffffbfff15d29ba [ 453.883990][ C3] R10: fffffbfff15d29b9 R11: ffffffff8ae94dcf R12: 0000000000000000 [ 453.883994][ C3] R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000000 [ 453.883996][ C3] ? apic_timer_interrupt+0xa/0x20 [ 453.883998][ C3] ? __do_softirq+0x1fc/0x98c [ 453.884001][ C3] ? sched_clock_cpu+0x14e/0x1b0 [ 453.884003][ C3] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 453.884006][ C3] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 453.884009][ C3] ? __this_cpu_preempt_check+0x35/0x190 [ 453.884011][ C3] irq_exit+0x19b/0x1e0 [ 453.884014][ C3] smp_apic_timer_interrupt+0x1a3/0x610 [ 453.884016][ C3] apic_timer_interrupt+0xf/0x20 [ 453.884018][ C3] [ 453.884020][ C3] RIP: 0010:_raw_spin_unlock_irq+0x4f/0x80 [ 453.884028][ C3] Code: c0 68 34 53 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 12 2a 99 01 00 74 20 fb 66 0f 1f 44 00 00 01 00 00 00 e8 e7 6b 96 f9 65 8b 05 18 14 48 78 85 c0 74 06 41 [ 453.884031][ C3] RSP: 0018:ffff88806bdd7b20 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 453.884037][ C3] RAX: 1ffffffff12a668d RBX: ffff88801b504d40 RCX: 0000000000000006 [ 453.884040][ C3] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88801b5055d4 [ 453.884044][ C3] RBP: ffff88806bdd7b28 R08: 1ffffffff15d29b9 R09: fffffbfff15d29ba [ 453.884047][ C3] R10: fffffbfff15d29b9 R11: ffffffff8ae94dcf R12: ffff88802d537380 [ 453.884051][ C3] R13: ffff88802c6c8800 R14: ffff8880223a8f40 R15: 0000000000000001 [ 453.884053][ C3] finish_task_switch+0x147/0x750 [ 453.884056][ C3] ? finish_task_switch+0x119/0x750 [ 453.884058][ C3] __schedule+0x8e9/0x1f30 [ 453.884061][ C3] ? __sched_text_start+0x8/0x8 [ 453.884063][ C3] ? preempt_schedule_irq+0x8d/0x160 [ 453.884066][ C3] ? lockdep_hardirqs_on+0x421/0x5e0 [ 453.884068][ C3] ? trace_hardirqs_on+0x67/0x240 [ 453.884071][ C3] preempt_schedule_irq+0xb5/0x160 [ 453.884073][ C3] retint_kernel+0x1b/0x2b [ 453.884076][ C3] RIP: 0010:__do_sys_perf_event_open+0x1cbc/0x2c70 [ 453.884084][ C3] Code: c0 03 38 d0 7c 08 84 d2 0f 85 99 0f 00 00 48 8b b5 c8 fe ff ff 48 8b 9d 88 fe ff ff 8b 96 dc 02 00 00 48 89 df e8 b4 43 fe ff <48> 89 df e8 6c b1 fc ff e8 57 30 e6 ff 48 8b bd 90 fe ff ff e8 9b [ 453.884086][ C3] RSP: 0018:ffff88806bdd7d40 EFLAGS: 00010282 ORIG_RAX: ffffffffffffff13 [ 453.884092][ C3] RAX: 0000000000000000 RBX: ffff88802a2afc00 RCX: ffffc900062ad000 [ 453.884095][ C3] RDX: 0000000000040000 RSI: ffffffff818cf4c7 RDI: 0000000000000005 [ 453.884099][ C3] RBP: ffff88806bdd7ed8 R08: ffff88801b504d40 R09: fffffbfff15d29ba [ 453.884102][ C3] R10: fffffbfff15d29b9 R11: ffffffff8ae94dcf R12: ffff88802a2afc00 [ 453.884106][ C3] R13: ffff8880144e7000 R14: ffff8880144e715a R15: 1ffff1100d7bafb6 [ 453.884108][ C3] ? perf_install_in_context+0x357/0x5a0 [ 453.884111][ C3] ? perf_event_set_output+0x4e0/0x4e0 [ 453.884114][ C3] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 453.884116][ C3] ? put_timespec64+0xda/0x140 [ 453.884119][ C3] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 453.884121][ C3] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 453.884124][ C3] ? do_syscall_64+0x26/0x790 [ 453.884126][ C3] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 453.884129][ C3] ? do_syscall_64+0x26/0x790 [ 453.884131][ C3] __x64_sys_perf_event_open+0xbe/0x150 [ 453.884133][ C3] do_syscall_64+0xfa/0x790 [ 453.884136][ C3] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 453.884138][ C3] RIP: 0033:0x45a759 [ 453.884146][ C3] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 453.884148][ C3] RSP: 002b:00007f26edee3c88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 453.884154][ C3] RAX: ffffffffffffffda RBX: 000000000071bf00 RCX: 000000000045a759 [ 453.884158][ C3] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 453.884161][ C3] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 453.884165][ C3] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f26edee46d4 [ 453.884168][ C3] R13: 00000000004aec2b R14: 00000000006f1ca8 R15: 00000000ffffffff [ 453.491625][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 454.477691][ C0] CPU: 0 PID: 8887 Comm: syz-executor.0 Tainted: G L 5.4.0-syzkaller #0 [ 454.477691][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 454.477691][ C0] Call Trace: [ 454.477691][ C0] [ 454.477691][ C0] dump_stack+0x197/0x210 [ 454.477691][ C0] panic+0x2e3/0x75c [ 454.477691][ C0] ? add_taint.cold+0x16/0x16 [ 454.477691][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 454.477691][ C0] ? printk_safe_flush+0xf2/0x140 [ 454.477691][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 454.477691][ C0] ? watchdog_timer_fn.cold+0x5/0x33 [ 454.477691][ C0] ? watchdog_timer_fn+0x56e/0x5c0 [ 454.477691][ C0] watchdog_timer_fn.cold+0x16/0x33 [ 454.477691][ C0] __hrtimer_run_queues+0x364/0xe40 [ 454.477691][ C0] ? lockup_detector_update_enable+0xa0/0xa0 [ 454.477691][ C0] ? hrtimer_init+0x330/0x330 [ 454.477691][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 454.477691][ C0] ? ktime_get_update_offsets_now+0x2ce/0x430 [ 454.477691][ C0] hrtimer_interrupt+0x314/0x770 [ 454.477691][ C0] smp_apic_timer_interrupt+0x160/0x610 [ 454.477691][ C0] apic_timer_interrupt+0xf/0x20 [ 454.477691][ C0] RIP: 0010:clocksource_watchdog+0x31c/0x9a0 [ 454.477691][ C0] Code: c1 ea 03 42 0f b6 14 32 89 4d ac 84 d2 74 09 80 fa 03 0f 8e 5e 06 00 00 8b 40 10 89 45 a8 49 8d 45 08 48 89 45 98 48 c1 e8 03 <42> 80 3c 30 00 0f 85 bf 05 00 00 49 8d bd 98 00 00 00 49 8b 5d 08 [ 454.477691][ C0] RSP: 0018:ffff88802d209c88 EFLAGS: 00010a02 ORIG_RAX: ffffffffffffff13 [ 454.477691][ C0] RAX: 1ffffffff12a0df1 RBX: 0000000000000000 RCX: 0000000000000017 [ 454.477691][ C0] RDX: 0000000000000000 RSI: ffffffff81661f9e RDI: ffffffff89532e70 [ 454.477691][ C0] RBP: ffff88802d209d00 R08: ffff88802b755000 R09: fffffbfff164093d [ 454.477691][ C0] R10: fffffbfff164093c R11: 0000000000000003 R12: ffffffff89506fe0 [ 454.477691][ C0] R13: ffffffff89506f80 R14: dffffc0000000000 R15: 0000006aab2c1977 [ 454.477691][ C0] ? apic_timer_interrupt+0xa/0x20 [ 454.477691][ C0] ? clocksource_watchdog+0x2be/0x9a0 [ 454.477691][ C0] ? clocksource_watchdog+0x2be/0x9a0 [ 454.477691][ C0] call_timer_fn+0x1ac/0x780 [ 454.477691][ C0] ? __clocksource_unstable+0x190/0x190 [ 454.477691][ C0] ? msleep_interruptible+0x150/0x150 [ 454.477691][ C0] ? run_timer_softirq+0x6b1/0x1790 [ 454.477691][ C0] ? trace_hardirqs_on+0x67/0x240 [ 454.477691][ C0] ? __clocksource_unstable+0x190/0x190 [ 454.477691][ C0] ? __clocksource_unstable+0x190/0x190 [ 454.477691][ C0] run_timer_softirq+0x6c3/0x1790 [ 454.477691][ C0] ? add_timer+0x930/0x930 [ 454.477691][ C0] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 454.477691][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 454.477691][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 454.477691][ C0] __do_softirq+0x262/0x98c [ 454.477691][ C0] ? sched_clock_cpu+0x14e/0x1b0 [ 454.477691][ C0] irq_exit+0x19b/0x1e0 [ 454.477691][ C0] smp_apic_timer_interrupt+0x1a3/0x610 [ 454.477691][ C0] apic_timer_interrupt+0xf/0x20 [ 454.477691][ C0] [ 454.477691][ C0] RIP: 0010:_raw_spin_unlock_irq+0x4f/0x80 [ 454.477691][ C0] Code: c0 68 34 53 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 12 2a 99 01 00 74 20 fb 66 0f 1f 44 00 00 01 00 00 00 e8 e7 6b 96 f9 65 8b 05 18 14 48 78 85 c0 74 06 41 [ 454.477691][ C0] RSP: 0018:ffff88806a58f8d8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 454.477691][ C0] RAX: 1ffffffff12a668d RBX: ffff88802b755000 RCX: 0000000000000006 [ 454.477691][ C0] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88802b755894 [ 454.477691][ C0] RBP: ffff88806a58f8e0 R08: 1ffffffff15d29b9 R09: fffffbfff15d29ba [ 454.477691][ C0] R10: fffffbfff15d29b9 R11: ffffffff8ae94dcf R12: ffff88802d237380 [ 454.477691][ C0] R13: ffff88802b97c800 R14: ffff8880116a6c40 R15: 0000000000000402 [ 454.477691][ C0] ? _raw_spin_unlock_irq+0x23/0x80 [ 454.477691][ C0] finish_task_switch+0x147/0x750 [ 454.477691][ C0] ? finish_task_switch+0x119/0x750 [ 454.477691][ C0] __schedule+0x8e9/0x1f30 [ 454.477691][ C0] ? __sched_text_start+0x8/0x8 [ 454.477691][ C0] ? __this_cpu_preempt_check+0x35/0x190 [ 454.477691][ C0] ? retint_kernel+0x2b/0x2b [ 454.477691][ C0] ? perf_duration_warn+0x40/0x40 [ 454.477691][ C0] ? preempt_schedule+0x4b/0x60 [ 454.477691][ C0] preempt_schedule_common+0x4f/0xe0 [ 454.477691][ C0] ? __perf_event_enable+0x930/0x930 [ 454.477691][ C0] preempt_schedule+0x4b/0x60 [ 454.477691][ C0] ___preempt_schedule+0x16/0x18 [ 454.477691][ C0] ? smp_call_function_single+0x40b/0x480 [ 454.477691][ C0] smp_call_function_single+0x410/0x480 [ 454.477691][ C0] ? perf_duration_warn+0x40/0x40 [ 454.477691][ C0] ? generic_exec_single+0x4c0/0x4c0 [ 454.477691][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 454.477691][ C0] ? __perf_event_enable+0x930/0x930 [ 454.477691][ C0] task_function_call+0xe9/0x180 [ 454.477691][ C0] ? perf_event_addr_filters_exec+0x310/0x310 [ 454.477691][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 454.477691][ C0] ? __perf_event_enable+0x930/0x930 [ 454.477691][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 454.477691][ C0] ? exclusive_event_installable+0x257/0x320 [ 454.477691][ C0] perf_install_in_context+0x308/0x5a0 [ 454.477691][ C0] ? list_add_event+0xed0/0xed0 [ 454.477691][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 454.477691][ C0] ? __perf_event_header_size.isra.0+0x166/0x1c0 [ 454.477691][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 454.477691][ C0] __do_sys_perf_event_open+0x1cbc/0x2c70 [ 454.477691][ C0] ? perf_event_set_output+0x4e0/0x4e0 [ 454.477691][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 454.477691][ C0] ? put_timespec64+0xda/0x140 [ 454.477691][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 454.477691][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 454.477691][ C0] ? do_syscall_64+0x26/0x790 [ 454.477691][ C0] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 454.477691][ C0] ? do_syscall_64+0x26/0x790 [ 454.477691][ C0] __x64_sys_perf_event_open+0xbe/0x150 [ 454.477691][ C0] do_syscall_64+0xfa/0x790 [ 455.053143][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 455.053143][ C0] RIP: 0033:0x45a759 [ 455.053143][ C0] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 455.053143][ C0] RSP: 002b:00007ffa909abc88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 455.053143][ C0] RAX: ffffffffffffffda RBX: 000000000071bf00 RCX: 000000000045a759 [ 455.053143][ C0] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 455.053143][ C0] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 455.053143][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007ffa909ac6d4 [ 455.053143][ C0] R13: 00000000004aec2b R14: 00000000006f1ca8 R15: 00000000ffffffff [ 455.053143][ C0] ------------[ cut here ]------------ [ 455.053143][ C0] WARNING: CPU: 0 PID: 8887 at kernel/locking/mutex.c:1419 mutex_trylock+0x279/0x2f0 [ 455.053143][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 455.053143][ C0] ------------[ cut here ]------------ [ 455.053143][ C0] WARNING: CPU: 0 PID: 8887 at kernel/locking/mutex.c:1419 mutex_trylock+0x279/0x2f0 [ 455.053143][ C0] Modules linked in: [ 455.053143][ C0] CPU: 0 PID: 8887 Comm: syz-executor.0 Tainted: G L 5.4.0-syzkaller #0 [ 455.053143][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 455.053143][ C0] RIP: 0010:mutex_trylock+0x279/0x2f0 [ 455.053143][ C0] Code: c9 41 b8 01 00 00 00 31 c9 ba 01 00 00 00 31 f6 e8 fc 92 a1 f9 58 48 8d 65 d8 b8 01 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 <0f> 0b e9 0c fe ff ff 48 c7 c7 e0 24 20 8b 48 89 4d d0 e8 00 d7 f8 [ 455.053143][ C0] RSP: 0018:ffff88802d2092d8 EFLAGS: 00010006 [ 455.053143][ C0] RAX: 0000000000010105 RBX: 1ffff11005a41263 RCX: 0000000000000004 [ 455.053143][ C0] RDX: 0000000000010100 RSI: ffffffff816bc9c5 RDI: ffffffff895c25a0 [ 455.053143][ C0] RBP: ffff88802d209308 R08: 0000000000000002 R09: fffffbfff12b381d [ 455.053143][ C0] R10: fffffbfff12b381c R11: ffffffff8959c0e3 R12: ffffffff8b2024e0 [ 455.053143][ C0] R13: 0000000000000000 R14: ffffffff87b93400 R15: ffffffff895c25a0 [ 455.053143][ C0] FS: 00007ffa909ac700(0000) GS:ffff88802d200000(0000) knlGS:0000000000000000 [ 455.053143][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 455.053143][ C0] CR2: 000000000071c000 CR3: 0000000074840000 CR4: 00000000003406f0 [ 455.053143][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 455.053143][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 455.053143][ C0] Call Trace: [ 455.053143][ C0] [ 455.053143][ C0] ? mutex_trylock+0x1f0/0x2f0 [ 455.053143][ C0] __crash_kexec+0x91/0x200 [ 455.053143][ C0] ? kexec_crash_loaded+0x20/0x20 [ 455.053143][ C0] ? trace_hardirqs_off+0x62/0x240 [ 455.053143][ C0] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 455.053143][ C0] ? __printk_safe_flush+0x31e/0x3a0 [ 455.053143][ C0] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 455.053143][ C0] ? find_next_bit+0x107/0x130 [ 455.053143][ C0] ? cpumask_next+0x41/0x50 [ 455.053143][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 455.053143][ C0] ? printk_safe_flush+0xf2/0x140 [ 455.053143][ C0] ? mutex_trylock+0x1f0/0x2f0 [ 455.053143][ C0] panic+0x308/0x75c [ 455.053143][ C0] ? add_taint.cold+0x16/0x16 [ 455.053143][ C0] ? printk+0xba/0xed [ 455.053143][ C0] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 455.053143][ C0] ? __warn.cold+0x14/0x3e [ 455.053143][ C0] ? __warn+0xd9/0x1cf [ 455.053143][ C0] ? mutex_trylock+0x279/0x2f0 [ 455.053143][ C0] __warn.cold+0x2f/0x3e [ 455.053143][ C0] ? report_bug.cold+0x63/0xb2 [ 455.053143][ C0] ? mutex_trylock+0x279/0x2f0 [ 455.053143][ C0] report_bug+0x289/0x300 [ 455.053143][ C0] do_error_trap+0x11b/0x200 [ 455.053143][ C0] do_invalid_op+0x37/0x50 [ 455.053143][ C0] ? mutex_trylock+0x279/0x2f0 [ 455.053143][ C0] invalid_op+0x23/0x30 [ 455.053143][ C0] RIP: 0010:mutex_trylock+0x279/0x2f0 [ 455.053143][ C0] Code: c9 41 b8 01 00 00 00 31 c9 ba 01 00 00 00 31 f6 e8 fc 92 a1 f9 58 48 8d 65 d8 b8 01 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 <0f> 0b e9 0c fe ff ff 48 c7 c7 e0 24 20 8b 48 89 4d d0 e8 00 d7 f8 [ 455.053143][ C0] RSP: 0018:ffff88802d209710 EFLAGS: 00010006 [ 455.053143][ C0] RAX: 0000000000010104 RBX: 1ffff11005a412ea RCX: 0000000000000004 [ 455.053143][ C0] RDX: 0000000000010100 RSI: ffffffff816bc9c5 RDI: ffffffff895c25a0 [ 455.053143][ C0] RBP: ffff88802d209740 R08: 0000000000000001 R09: fffffbfff12b381d [ 455.053143][ C0] R10: fffffbfff12b381c R11: ffffffff8959c0e3 R12: ffffffff8b2024e0 [ 455.053143][ C0] R13: 0000000000000000 R14: ffff88802d209b00 R15: ffffffff895c25a0 [ 455.053143][ C0] ? __crash_kexec+0x85/0x200 [ 455.053143][ C0] __crash_kexec+0x91/0x200 [ 455.053143][ C0] ? kexec_crash_loaded+0x20/0x20 [ 455.053143][ C0] ? trace_hardirqs_off+0x62/0x240 [ 455.053143][ C0] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 455.053143][ C0] ? __printk_safe_flush+0x31e/0x3a0 [ 455.053143][ C0] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 455.053143][ C0] ? find_next_bit+0x107/0x130 [ 455.053143][ C0] ? cpumask_next+0x41/0x50 [ 455.053143][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 455.053143][ C0] ? printk_safe_flush+0xf2/0x140 [ 455.053143][ C0] panic+0x308/0x75c [ 455.053143][ C0] ? add_taint.cold+0x16/0x16 [ 455.053143][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 455.053143][ C0] ? printk_safe_flush+0xf2/0x140 [ 455.053143][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 455.053143][ C0] ? watchdog_timer_fn.cold+0x5/0x33 [ 455.053143][ C0] ? watchdog_timer_fn+0x56e/0x5c0 [ 455.053143][ C0] watchdog_timer_fn.cold+0x16/0x33 [ 455.053143][ C0] __hrtimer_run_queues+0x364/0xe40 [ 455.053143][ C0] ? lockup_detector_update_enable+0xa0/0xa0 [ 455.053143][ C0] ? hrtimer_init+0x330/0x330 [ 455.053143][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 455.053143][ C0] ? ktime_get_update_offsets_now+0x2ce/0x430 [ 455.053143][ C0] hrtimer_interrupt+0x314/0x770 [ 455.053143][ C0] smp_apic_timer_interrupt+0x160/0x610 [ 455.053143][ C0] apic_timer_interrupt+0xf/0x20 [ 455.053143][ C0] RIP: 0010:clocksource_watchdog+0x31c/0x9a0 [ 455.053143][ C0] Code: c1 ea 03 42 0f b6 14 32 89 4d ac 84 d2 74 09 80 fa 03 0f 8e 5e 06 00 00 8b 40 10 89 45 a8 49 8d 45 08 48 89 45 98 48 c1 e8 03 <42> 80 3c 30 00 0f 85 bf 05 00 00 49 8d bd 98 00 00 00 49 8b 5d 08 [ 455.053143][ C0] RSP: 0018:ffff88802d209c88 EFLAGS: 00010a02 ORIG_RAX: ffffffffffffff13 [ 455.053143][ C0] RAX: 1ffffffff12a0df1 RBX: 0000000000000000 RCX: 0000000000000017 [ 455.053143][ C0] RDX: 0000000000000000 RSI: ffffffff81661f9e RDI: ffffffff89532e70 [ 455.053143][ C0] RBP: ffff88802d209d00 R08: ffff88802b755000 R09: fffffbfff164093d [ 455.053143][ C0] R10: fffffbfff164093c R11: 0000000000000003 R12: ffffffff89506fe0 [ 455.053143][ C0] R13: ffffffff89506f80 R14: dffffc0000000000 R15: 0000006aab2c1977 [ 455.053143][ C0] ? apic_timer_interrupt+0xa/0x20 [ 455.053143][ C0] ? clocksource_watchdog+0x2be/0x9a0 [ 455.053143][ C0] ? clocksource_watchdog+0x2be/0x9a0 [ 455.053143][ C0] call_timer_fn+0x1ac/0x780 [ 455.053143][ C0] ? __clocksource_unstable+0x190/0x190 [ 455.053143][ C0] ? msleep_interruptible+0x150/0x150 [ 455.053143][ C0] ? run_timer_softirq+0x6b1/0x1790 [ 455.053143][ C0] ? trace_hardirqs_on+0x67/0x240 [ 455.053143][ C0] ? __clocksource_unstable+0x190/0x190 [ 455.053143][ C0] ? __clocksource_unstable+0x190/0x190 [ 455.053143][ C0] run_timer_softirq+0x6c3/0x1790 [ 455.053143][ C0] ? add_timer+0x930/0x930 [ 455.053143][ C0] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 455.053143][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 455.053143][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 455.053143][ C0] __do_softirq+0x262/0x98c [ 455.053143][ C0] ? sched_clock_cpu+0x14e/0x1b0 [ 455.053143][ C0] irq_exit+0x19b/0x1e0 [ 455.053143][ C0] smp_apic_timer_interrupt+0x1a3/0x610 [ 455.053143][ C0] apic_timer_interrupt+0xf/0x20 [ 455.053143][ C0] [ 455.053143][ C0] RIP: 0010:_raw_spin_unlock_irq+0x4f/0x80 [ 455.053143][ C0] Code: c0 68 34 53 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 12 2a 99 01 00 74 20 fb 66 0f 1f 44 00 00 01 00 00 00 e8 e7 6b 96 f9 65 8b 05 18 14 48 78 85 c0 74 06 41 [ 455.053143][ C0] RSP: 0018:ffff88806a58f8d8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 455.053143][ C0] RAX: 1ffffffff12a668d RBX: ffff88802b755000 RCX: 0000000000000006 [ 455.053143][ C0] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88802b755894 [ 455.053143][ C0] RBP: ffff88806a58f8e0 R08: 1ffffffff15d29b9 R09: fffffbfff15d29ba [ 455.053143][ C0] R10: fffffbfff15d29b9 R11: ffffffff8ae94dcf R12: ffff88802d237380 [ 455.053143][ C0] R13: ffff88802b97c800 R14: ffff8880116a6c40 R15: 0000000000000402 [ 455.053143][ C0] ? _raw_spin_unlock_irq+0x23/0x80 [ 455.053143][ C0] finish_task_switch+0x147/0x750 [ 455.053143][ C0] ? finish_task_switch+0x119/0x750 [ 455.053143][ C0] __schedule+0x8e9/0x1f30 [ 455.053143][ C0] ? __sched_text_start+0x8/0x8 [ 455.053143][ C0] ? __this_cpu_preempt_check+0x35/0x190 [ 455.053143][ C0] ? retint_kernel+0x2b/0x2b [ 455.053143][ C0] ? perf_duration_warn+0x40/0x40 [ 455.053143][ C0] ? preempt_schedule+0x4b/0x60 [ 455.053143][ C0] preempt_schedule_common+0x4f/0xe0 [ 455.053143][ C0] ? __perf_event_enable+0x930/0x930 [ 455.053143][ C0] preempt_schedule+0x4b/0x60 [ 455.053143][ C0] ___preempt_schedule+0x16/0x18 [ 455.053143][ C0] ? smp_call_function_single+0x40b/0x480 [ 455.053143][ C0] smp_call_function_single+0x410/0x480 [ 455.053143][ C0] ? perf_duration_warn+0x40/0x40 [ 455.053143][ C0] ? generic_exec_single+0x4c0/0x4c0 [ 455.053143][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 455.053143][ C0] ? __perf_event_enable+0x930/0x930 [ 455.053143][ C0] task_function_call+0xe9/0x180 [ 455.053143][ C0] ? perf_event_addr_filters_exec+0x310/0x310 [ 455.053143][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 455.053143][ C0] ? __perf_event_enable+0x930/0x930 [ 455.053143][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 455.053143][ C0] ? exclusive_event_installable+0x257/0x320 [ 455.053143][ C0] perf_install_in_context+0x308/0x5a0 [ 455.053143][ C0] ? list_add_event+0xed0/0xed0 [ 455.053143][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 455.053143][ C0] ? __perf_event_header_size.isra.0+0x166/0x1c0 [ 455.053143][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 455.053143][ C0] __do_sys_perf_event_open+0x1cbc/0x2c70 [ 455.053143][ C0] ? perf_event_set_output+0x4e0/0x4e0 [ 455.053143][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 455.053143][ C0] ? put_timespec64+0xda/0x140 [ 455.053143][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 455.053143][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 456.052979][ C0] ? do_syscall_64+0x26/0x790 [ 456.052979][ C0] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 456.052979][ C0] ? do_syscall_64+0x26/0x790 [ 456.052979][ C0] __x64_sys_perf_event_open+0xbe/0x150 [ 456.052979][ C0] do_syscall_64+0xfa/0x790 [ 456.052979][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 456.052979][ C0] RIP: 0033:0x45a759 [ 456.052979][ C0] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 456.052979][ C0] RSP: 002b:00007ffa909abc88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 456.052979][ C0] RAX: ffffffffffffffda RBX: 000000000071bf00 RCX: 000000000045a759 [ 456.052979][ C0] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 456.052979][ C0] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 456.052979][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007ffa909ac6d4 [ 456.052979][ C0] R13: 00000000004aec2b R14: 00000000006f1ca8 R15: 00000000ffffffff [ 456.052979][ C0] irq event stamp: 5423819 [ 456.052979][ C0] hardirqs last enabled at (5423818): [] trace_hardirqs_on_thunk+0x1a/0x1c [ 456.052979][ C0] hardirqs last disabled at (5423819): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 456.052979][ C0] softirqs last enabled at (994168): [] __do_softirq+0x6cd/0x98c [ 456.052979][ C0] softirqs last disabled at (994511): [] irq_exit+0x19b/0x1e0 [ 456.052979][ C0] ---[ end trace 1e264897f2cad8be ]--- [ 456.052979][ C0] ------------[ cut here ]------------ [ 456.052979][ C0] WARNING: CPU: 0 PID: 8887 at kernel/locking/mutex.c:737 mutex_unlock+0x1d/0x30 [ 456.052979][ C0] Modules linked in: [ 456.052979][ C0] CPU: 0 PID: 8887 Comm: syz-executor.0 Tainted: G W L 5.4.0-syzkaller #0 [ 456.052979][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 456.052979][ C0] RIP: 0010:mutex_unlock+0x1d/0x30 [ 456.052979][ C0] Code: 4c 89 ff e8 55 e2 f8 f9 e9 8c fb ff ff 55 65 8b 05 10 f5 48 78 a9 00 ff 1f 00 48 89 e5 75 0b 48 8b 75 08 e8 45 f9 ff ff 5d c3 <0f> 0b 48 8b 75 08 e8 38 f9 ff ff 5d c3 66 0f 1f 44 00 00 48 b8 00 [ 456.052979][ C0] RSP: 0018:ffff88802d209308 EFLAGS: 00010006 [ 456.052979][ C0] RAX: 0000000000010105 RBX: 1ffff11005a41263 RCX: ffffffff816bc9dd [ 456.052979][ C0] RDX: 0000000000010100 RSI: ffffffff816bca3f RDI: ffffffff895c25a0 [ 456.052979][ C0] RBP: ffff88802d209308 R08: ffff88802b755000 R09: fffffbfff15d29be [ 456.052979][ C0] R10: ffff88802b755938 R11: ffff88802b755000 R12: 0000000000000001 [ 456.052979][ C0] R13: 0000000000000000 R14: ffffffff87b93400 R15: 000000000000058b [ 456.052979][ C0] FS: 00007ffa909ac700(0000) GS:ffff88802d200000(0000) knlGS:0000000000000000 [ 456.052979][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 456.052979][ C0] CR2: 000000000071c000 CR3: 0000000074840000 CR4: 00000000003406f0 [ 456.052979][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 456.052979][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 456.052979][ C0] Call Trace: [ 456.052979][ C0] [ 456.052979][ C0] __crash_kexec+0x10b/0x200 [ 456.052979][ C0] ? kexec_crash_loaded+0x20/0x20 [ 456.052979][ C0] ? trace_hardirqs_off+0x62/0x240 [ 456.052979][ C0] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 456.052979][ C0] ? __printk_safe_flush+0x31e/0x3a0 [ 456.052979][ C0] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 456.052979][ C0] ? find_next_bit+0x107/0x130 [ 456.052979][ C0] ? cpumask_next+0x41/0x50 [ 456.052979][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 456.052979][ C0] ? printk_safe_flush+0xf2/0x140 [ 456.052979][ C0] ? mutex_trylock+0x1f0/0x2f0 [ 456.052979][ C0] panic+0x308/0x75c [ 456.052979][ C0] ? add_taint.cold+0x16/0x16 [ 456.052979][ C0] ? printk+0xba/0xed [ 456.052979][ C0] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 456.052979][ C0] ? __warn.cold+0x14/0x3e [ 456.052979][ C0] ? __warn+0xd9/0x1cf [ 456.052979][ C0] ? mutex_trylock+0x279/0x2f0 [ 456.052979][ C0] __warn.cold+0x2f/0x3e [ 456.052979][ C0] ? report_bug.cold+0x63/0xb2 [ 456.052979][ C0] ? mutex_trylock+0x279/0x2f0 [ 456.052979][ C0] report_bug+0x289/0x300 [ 456.052979][ C0] do_error_trap+0x11b/0x200 [ 456.052979][ C0] do_invalid_op+0x37/0x50 [ 456.052979][ C0] ? mutex_trylock+0x279/0x2f0 [ 456.052979][ C0] invalid_op+0x23/0x30 [ 456.052979][ C0] RIP: 0010:mutex_trylock+0x279/0x2f0 [ 456.052979][ C0] Code: c9 41 b8 01 00 00 00 31 c9 ba 01 00 00 00 31 f6 e8 fc 92 a1 f9 58 48 8d 65 d8 b8 01 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 <0f> 0b e9 0c fe ff ff 48 c7 c7 e0 24 20 8b 48 89 4d d0 e8 00 d7 f8 [ 456.052979][ C0] RSP: 0018:ffff88802d209710 EFLAGS: 00010006 [ 456.052979][ C0] RAX: 0000000000010104 RBX: 1ffff11005a412ea RCX: 0000000000000004 [ 456.052979][ C0] RDX: 0000000000010100 RSI: ffffffff816bc9c5 RDI: ffffffff895c25a0 [ 456.052979][ C0] RBP: ffff88802d209740 R08: 0000000000000001 R09: fffffbfff12b381d [ 456.052979][ C0] R10: fffffbfff12b381c R11: ffffffff8959c0e3 R12: ffffffff8b2024e0 [ 456.052979][ C0] R13: 0000000000000000 R14: ffff88802d209b00 R15: ffffffff895c25a0 [ 456.052979][ C0] ? __crash_kexec+0x85/0x200 [ 456.052979][ C0] __crash_kexec+0x91/0x200 [ 456.052979][ C0] ? kexec_crash_loaded+0x20/0x20 [ 456.052979][ C0] ? trace_hardirqs_off+0x62/0x240 [ 456.052979][ C0] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 456.052979][ C0] ? __printk_safe_flush+0x31e/0x3a0 [ 456.052979][ C0] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 456.052979][ C0] ? find_next_bit+0x107/0x130 [ 456.052979][ C0] ? cpumask_next+0x41/0x50 [ 456.052979][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 456.052979][ C0] ? printk_safe_flush+0xf2/0x140 [ 456.052979][ C0] panic+0x308/0x75c [ 456.052979][ C0] ? add_taint.cold+0x16/0x16 [ 456.052979][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 456.052979][ C0] ? printk_safe_flush+0xf2/0x140 [ 456.052979][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 456.052979][ C0] ? watchdog_timer_fn.cold+0x5/0x33 [ 456.052979][ C0] ? watchdog_timer_fn+0x56e/0x5c0 [ 456.052979][ C0] watchdog_timer_fn.cold+0x16/0x33 [ 456.052979][ C0] __hrtimer_run_queues+0x364/0xe40 [ 456.052979][ C0] ? lockup_detector_update_enable+0xa0/0xa0 [ 456.052979][ C0] ? hrtimer_init+0x330/0x330 [ 456.052979][ C0] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 456.052979][ C0] ? ktime_get_update_offsets_now+0x2ce/0x430 [ 456.052979][ C0] hrtimer_interrupt+0x314/0x770 [ 456.052979][ C0] smp_apic_timer_interrupt+0x160/0x610 [ 456.052979][ C0] apic_timer_interrupt+0xf/0x20 [ 456.052979][ C0] RIP: 0010:clocksource_watchdog+0x31c/0x9a0 [ 456.052979][ C0] Code: c1 ea 03 42 0f b6 14 32 89 4d ac 84 d2 74 09 80 fa 03 0f 8e 5e 06 00 00 8b 40 10 89 45 a8 49 8d 45 08 48 89 45 98 48 c1 e8 03 <42> 80 3c 30 00 0f 85 bf 05 00 00 49 8d bd 98 00 00 00 49 8b 5d 08 [ 456.052979][ C0] RSP: 0018:ffff88802d209c88 EFLAGS: 00010a02 ORIG_RAX: ffffffffffffff13 [ 456.052979][ C0] RAX: 1ffffffff12a0df1 RBX: 0000000000000000 RCX: 0000000000000017 [ 456.052979][ C0] RDX: 0000000000000000 RSI: ffffffff81661f9e RDI: ffffffff89532e70 [ 456.052979][ C0] RBP: ffff88802d209d00 R08: ffff88802b755000 R09: fffffbfff164093d [ 456.052979][ C0] R10: fffffbfff164093c R11: 0000000000000003 R12: ffffffff89506fe0 [ 456.052979][ C0] R13: ffffffff89506f80 R14: dffffc0000000000 R15: 0000006aab2c1977 [ 456.052979][ C0] ? apic_timer_interrupt+0xa/0x20 [ 456.052979][ C0] ? clocksource_watchdog+0x2be/0x9a0 [ 456.052979][ C0] ? clocksource_watchdog+0x2be/0x9a0 [ 456.052979][ C0] call_timer_fn+0x1ac/0x780 [ 456.052979][ C0] ? __clocksource_unstable+0x190/0x190 [ 456.052979][ C0] ? msleep_interruptible+0x150/0x150 [ 456.052979][ C0] ? run_timer_softirq+0x6b1/0x1790 [ 456.052979][ C0] ? trace_hardirqs_on+0x67/0x240 [ 456.052979][ C0] ? __clocksource_unstable+0x190/0x190 [ 456.052979][ C0] ? __clocksource_unstable+0x190/0x190 [ 456.052979][ C0] run_timer_softirq+0x6c3/0x1790 [ 456.052979][ C0] ? add_timer+0x930/0x930 [ 456.052979][ C0] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 456.052979][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 456.052979][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 456.052979][ C0] __do_softirq+0x262/0x98c [ 456.052979][ C0] ? sched_clock_cpu+0x14e/0x1b0 [ 456.052979][ C0] irq_exit+0x19b/0x1e0 [ 456.052979][ C0] smp_apic_timer_interrupt+0x1a3/0x610 [ 456.052979][ C0] apic_timer_interrupt+0xf/0x20 [ 456.052979][ C0] [ 456.052979][ C0] RIP: 0010:_raw_spin_unlock_irq+0x4f/0x80 [ 456.052979][ C0] Code: c0 68 34 53 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 12 2a 99 01 00 74 20 fb 66 0f 1f 44 00 00 01 00 00 00 e8 e7 6b 96 f9 65 8b 05 18 14 48 78 85 c0 74 06 41 [ 456.052979][ C0] RSP: 0018:ffff88806a58f8d8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 456.052979][ C0] RAX: 1ffffffff12a668d RBX: ffff88802b755000 RCX: 0000000000000006 [ 456.052979][ C0] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88802b755894 [ 456.052979][ C0] RBP: ffff88806a58f8e0 R08: 1ffffffff15d29b9 R09: fffffbfff15d29ba [ 456.052979][ C0] R10: fffffbfff15d29b9 R11: ffffffff8ae94dcf R12: ffff88802d237380 [ 456.052979][ C0] R13: ffff88802b97c800 R14: ffff8880116a6c40 R15: 0000000000000402 [ 456.052979][ C0] ? _raw_spin_unlock_irq+0x23/0x80 [ 456.052979][ C0] finish_task_switch+0x147/0x750 [ 456.052979][ C0] ? finish_task_switch+0x119/0x750 [ 456.052979][ C0] __schedule+0x8e9/0x1f30 [ 456.052979][ C0] ? __sched_text_start+0x8/0x8 [ 456.052979][ C0] ? __this_cpu_preempt_check+0x35/0x190 [ 456.052979][ C0] ? retint_kernel+0x2b/0x2b [ 456.052979][ C0] ? perf_duration_warn+0x40/0x40 [ 456.052979][ C0] ? preempt_schedule+0x4b/0x60 [ 456.052979][ C0] preempt_schedule_common+0x4f/0xe0 [ 456.052979][ C0] ? __perf_event_enable+0x930/0x930 [ 456.052979][ C0] preempt_schedule+0x4b/0x60 [ 456.052979][ C0] ___preempt_schedule+0x16/0x18 [ 456.052979][ C0] ? smp_call_function_single+0x40b/0x480 [ 456.052979][ C0] smp_call_function_single+0x410/0x480 [ 456.052979][ C0] ? perf_duration_warn+0x40/0x40 [ 456.052979][ C0] ? generic_exec_single+0x4c0/0x4c0 [ 456.052979][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 456.052979][ C0] ? __perf_event_enable+0x930/0x930 [ 456.052979][ C0] task_function_call+0xe9/0x180 [ 456.052979][ C0] ? perf_event_addr_filters_exec+0x310/0x310 [ 456.996872][ C0] ? __do_sys_perf_event_open+0x174c/0x2c70 [ 456.996872][ C0] ? __perf_event_enable+0x930/0x930 [ 456.996872][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 456.996872][ C0] ? exclusive_event_installable+0x257/0x320 [ 456.996872][ C0] perf_install_in_context+0x308/0x5a0 [ 456.996872][ C0] ? list_add_event+0xed0/0xed0 [ 456.996872][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 456.996872][ C0] ? __perf_event_header_size.isra.0+0x166/0x1c0 [ 456.996872][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 456.996872][ C0] __do_sys_perf_event_open+0x1cbc/0x2c70 [ 457.053111][ C0] ? perf_event_set_output+0x4e0/0x4e0 [ 457.053111][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 457.053111][ C0] ? put_timespec64+0xda/0x140 [ 457.053111][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 457.053111][ C0] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 457.053111][ C0] ? do_syscall_64+0x26/0x790 [ 457.053111][ C0] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 457.053111][ C0] ? do_syscall_64+0x26/0x790 [ 457.053111][ C0] __x64_sys_perf_event_open+0xbe/0x150 [ 457.053111][ C0] do_syscall_64+0xfa/0x790 [ 457.053111][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 457.053111][ C0] RIP: 0033:0x45a759 [ 457.053111][ C0] Code: bd b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b b1 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 457.053111][ C0] RSP: 002b:00007ffa909abc88 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 457.053111][ C0] RAX: ffffffffffffffda RBX: 000000000071bf00 RCX: 000000000045a759 [ 457.053111][ C0] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 457.053111][ C0] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 457.053111][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007ffa909ac6d4 [ 457.053111][ C0] R13: 00000000004aec2b R14: 00000000006f1ca8 R15: 00000000ffffffff [ 457.053111][ C0] irq event stamp: 5423819 [ 457.053111][ C0] hardirqs last enabled at (5423818): [] trace_hardirqs_on_thunk+0x1a/0x1c [ 457.053111][ C0] hardirqs last disabled at (5423819): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 457.053111][ C0] softirqs last enabled at (994168): [] __do_softirq+0x6cd/0x98c [ 457.053111][ C0] softirqs last disabled at (994511): [] irq_exit+0x19b/0x1e0 [ 457.053111][ C0] ---[ end trace 1e264897f2cad8bf ]--- [ 457.053111][ C0] Kernel Offset: disabled [ 457.053111][ C0] Rebooting in 86400 seconds..