[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.161' (ECDSA) to the list of known hosts. 2020/10/19 23:51:12 fuzzer started 2020/10/19 23:51:12 dialing manager at 10.128.0.26:38919 2020/10/19 23:51:12 syscalls: 3450 2020/10/19 23:51:12 code coverage: enabled 2020/10/19 23:51:12 comparison tracing: enabled 2020/10/19 23:51:12 extra coverage: enabled 2020/10/19 23:51:12 setuid sandbox: enabled 2020/10/19 23:51:12 namespace sandbox: enabled 2020/10/19 23:51:12 Android sandbox: /sys/fs/selinux/policy does not exist 2020/10/19 23:51:12 fault injection: enabled 2020/10/19 23:51:12 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/10/19 23:51:12 net packet injection: enabled 2020/10/19 23:51:12 net device setup: enabled 2020/10/19 23:51:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/10/19 23:51:12 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/10/19 23:51:12 USB emulation: enabled 2020/10/19 23:51:12 hci packet injection: enabled 2020/10/19 23:51:12 wifi device emulation: enabled 23:52:42 executing program 0: openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mISDNtimer\x00', 0xa4000, 0x0) 23:52:43 executing program 1: recvmsg$can_bcm(0xffffffffffffffff, 0x0, 0x80000140) 23:52:43 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000ec0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f00000000c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000080), r1}}, 0x18) 23:52:43 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000180)='tmpfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[], [{@fscontext={'fscontext', 0x3d, 'sysadm_u'}}]}) 23:52:43 executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, 0x0) 23:52:43 executing program 5: socketpair(0xa, 0x2, 0x3, 0x0) syzkaller login: [ 159.204964][ T6904] IPVS: ftp: loaded support on port[0] = 21 [ 159.378181][ T6906] IPVS: ftp: loaded support on port[0] = 21 [ 159.646028][ T6904] chnl_net:caif_netlink_parms(): no params data found [ 159.695795][ T6908] IPVS: ftp: loaded support on port[0] = 21 [ 159.916213][ T6904] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.925353][ T6904] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.937639][ T6904] device bridge_slave_0 entered promiscuous mode [ 159.971908][ T6904] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.979092][ T6904] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.993417][ T6904] device bridge_slave_1 entered promiscuous mode [ 160.015828][ T6910] IPVS: ftp: loaded support on port[0] = 21 [ 160.025206][ T6906] chnl_net:caif_netlink_parms(): no params data found [ 160.138667][ T6904] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.143986][ T6912] IPVS: ftp: loaded support on port[0] = 21 [ 160.153282][ T6904] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.278949][ T6904] team0: Port device team_slave_0 added [ 160.291091][ T6904] team0: Port device team_slave_1 added [ 160.378086][ T6904] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 160.387878][ T6904] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.415898][ T6904] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 160.433254][ T6904] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 160.441257][ T6904] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.468970][ T6904] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 160.498770][ T6908] chnl_net:caif_netlink_parms(): no params data found [ 160.616023][ T6906] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.630093][ T6906] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.642673][ T6906] device bridge_slave_0 entered promiscuous mode [ 160.715416][ T6906] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.731876][ T6906] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.739870][ T6906] device bridge_slave_1 entered promiscuous mode [ 160.769694][ T6904] device hsr_slave_0 entered promiscuous mode [ 160.778352][ T6904] device hsr_slave_1 entered promiscuous mode [ 160.806905][ T6906] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.859101][ T6961] IPVS: ftp: loaded support on port[0] = 21 [ 160.861539][ T6906] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.993210][ T6908] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.000888][ T6908] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.008744][ T6908] device bridge_slave_0 entered promiscuous mode [ 161.055772][ T6908] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.064326][ T6908] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.073930][ T6908] device bridge_slave_1 entered promiscuous mode [ 161.096904][ T6906] team0: Port device team_slave_0 added [ 161.107950][ T6906] team0: Port device team_slave_1 added [ 161.131131][ T2589] Bluetooth: hci0: command 0x0409 tx timeout [ 161.186307][ T6910] chnl_net:caif_netlink_parms(): no params data found [ 161.205241][ T6908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 161.258376][ T6906] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 161.266155][ T6906] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.293415][ T6906] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 161.307508][ T6908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 161.356434][ T6906] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 161.363539][ T2589] Bluetooth: hci1: command 0x0409 tx timeout [ 161.369980][ T6906] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.397557][ T6906] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 161.440435][ T6912] chnl_net:caif_netlink_parms(): no params data found [ 161.463979][ T6908] team0: Port device team_slave_0 added [ 161.474422][ T6908] team0: Port device team_slave_1 added [ 161.597319][ T6908] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 161.604517][ T6908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.604525][ T2888] Bluetooth: hci2: command 0x0409 tx timeout [ 161.641440][ T6908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 161.659342][ T6908] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 161.666589][ T6908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.692895][ T6908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 161.708379][ T6906] device hsr_slave_0 entered promiscuous mode [ 161.718173][ T6906] device hsr_slave_1 entered promiscuous mode [ 161.725250][ T6906] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 161.739759][ T6906] Cannot create hsr debugfs directory [ 161.797840][ T6910] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.805921][ T6910] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.816040][ T6910] device bridge_slave_0 entered promiscuous mode [ 161.826239][ T6904] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 161.840444][ T12] Bluetooth: hci3: command 0x0409 tx timeout [ 161.897364][ T6908] device hsr_slave_0 entered promiscuous mode [ 161.905051][ T6908] device hsr_slave_1 entered promiscuous mode [ 161.914171][ T6908] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 161.923708][ T6908] Cannot create hsr debugfs directory [ 161.929929][ T6910] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.940305][ T6910] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.950064][ T6910] device bridge_slave_1 entered promiscuous mode [ 161.969565][ T6904] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 161.986109][ T6904] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 162.061441][ T6904] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 162.080189][ T2589] Bluetooth: hci4: command 0x0409 tx timeout [ 162.113424][ T6910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.143424][ T6912] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.157672][ T6912] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.175055][ T6912] device bridge_slave_0 entered promiscuous mode [ 162.186304][ T6910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.221512][ T6912] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.229245][ T6912] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.239430][ T6912] device bridge_slave_1 entered promiscuous mode [ 162.299082][ T6961] chnl_net:caif_netlink_parms(): no params data found [ 162.324426][ T6910] team0: Port device team_slave_0 added [ 162.378732][ T6910] team0: Port device team_slave_1 added [ 162.404965][ T6912] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.455558][ T6912] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.506001][ T6910] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 162.515107][ T6910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.544646][ T6910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 162.599227][ T6912] team0: Port device team_slave_0 added [ 162.627689][ T6912] team0: Port device team_slave_1 added [ 162.650861][ T5] Bluetooth: hci5: command 0x0409 tx timeout [ 162.664338][ T6910] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 162.673473][ T6910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.703520][ T6910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 162.723287][ T6961] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.732058][ T6961] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.740847][ T6961] device bridge_slave_0 entered promiscuous mode [ 162.780706][ T6912] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 162.787893][ T6912] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.817358][ T6912] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 162.851725][ T6961] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.859607][ T6961] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.871550][ T6961] device bridge_slave_1 entered promiscuous mode [ 162.896331][ T6906] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 162.918741][ T6906] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 162.939324][ T6912] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 162.948826][ T6912] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.984302][ T6912] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 163.003408][ T6910] device hsr_slave_0 entered promiscuous mode [ 163.012806][ T6910] device hsr_slave_1 entered promiscuous mode [ 163.019455][ T6910] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 163.027900][ T6910] Cannot create hsr debugfs directory [ 163.060888][ T6961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 163.072688][ T6906] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 163.112736][ T6961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 163.143753][ T6906] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 163.200444][ T2589] Bluetooth: hci0: command 0x041b tx timeout [ 163.224525][ T6912] device hsr_slave_0 entered promiscuous mode [ 163.234030][ T6912] device hsr_slave_1 entered promiscuous mode [ 163.242444][ T6912] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 163.253932][ T6912] Cannot create hsr debugfs directory [ 163.262888][ T6961] team0: Port device team_slave_0 added [ 163.292758][ T6961] team0: Port device team_slave_1 added [ 163.352517][ T6908] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 163.397653][ T6961] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 163.405610][ T6961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 163.436731][ T6961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 163.450424][ T2589] Bluetooth: hci1: command 0x041b tx timeout [ 163.453280][ T6908] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 163.469975][ T6961] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 163.477547][ T6961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 163.506343][ T6961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 163.535256][ T6904] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.564000][ T6908] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 163.622533][ T6908] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 163.645660][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.657323][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.680610][ T17] Bluetooth: hci2: command 0x041b tx timeout [ 163.692394][ T6904] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.725865][ T6961] device hsr_slave_0 entered promiscuous mode [ 163.737769][ T6961] device hsr_slave_1 entered promiscuous mode [ 163.745913][ T6961] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 163.755106][ T6961] Cannot create hsr debugfs directory [ 163.875674][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.886318][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.898293][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.906471][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.920181][ T2888] Bluetooth: hci3: command 0x041b tx timeout [ 163.947850][ T6910] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 163.980573][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 163.989205][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 164.009921][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 164.022580][ T2589] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.030576][ T2589] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.038492][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 164.100233][ T6910] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 164.137917][ T6912] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 164.160315][ T2888] Bluetooth: hci4: command 0x041b tx timeout [ 164.171070][ T6906] 8021q: adding VLAN 0 to HW filter on device bond0 [ 164.182717][ T6910] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 164.203193][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 164.225365][ T6912] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 164.238449][ T6912] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 164.258864][ T6910] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 164.268921][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 164.280110][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 164.322109][ T6912] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 164.334703][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 164.345762][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 164.355816][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 164.364963][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 164.375306][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 164.386931][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 164.397528][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 164.442750][ T6904] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 164.453962][ T6906] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.468815][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 164.479168][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 164.487920][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 164.497708][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 164.507237][ T2589] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.515466][ T2589] bridge0: port 1(bridge_slave_0) entered forwarding state [ 164.578502][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 164.587625][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 164.600438][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 164.609841][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.617030][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.663156][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 164.685658][ T6908] 8021q: adding VLAN 0 to HW filter on device bond0 [ 164.717254][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 164.729002][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 164.737783][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 164.746756][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 164.757166][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 164.787632][ T2589] Bluetooth: hci5: command 0x041b tx timeout [ 164.798991][ T6961] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 164.825701][ T6961] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 164.846152][ T6961] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 164.862468][ T6961] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 164.881362][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 164.889740][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 164.907772][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 164.918005][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 164.934243][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 164.951355][ T6906] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 164.972130][ T6906] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 164.984115][ T6904] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 165.005165][ T6908] 8021q: adding VLAN 0 to HW filter on device team0 [ 165.014264][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 165.024297][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 165.034994][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 165.046551][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 165.126871][ T6906] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 165.152894][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 165.165874][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 165.175645][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 165.190808][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 165.199372][ T2888] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.207173][ T2888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 165.222483][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 165.236523][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 165.248318][ T2888] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.255768][ T2888] bridge0: port 2(bridge_slave_1) entered forwarding state [ 165.269833][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 165.300153][ T12] Bluetooth: hci0: command 0x040f tx timeout [ 165.338088][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.349588][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 165.359818][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 165.371956][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 165.381585][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 165.391018][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 165.437821][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 165.447443][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 165.457533][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 165.502018][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 165.513949][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 165.524030][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 165.534504][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 165.550608][ T2589] Bluetooth: hci1: command 0x040f tx timeout [ 165.590805][ T6912] 8021q: adding VLAN 0 to HW filter on device bond0 [ 165.598938][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 165.608289][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 165.618034][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 165.627350][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 165.636766][ T6904] device veth0_vlan entered promiscuous mode [ 165.661401][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 165.680416][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 165.732571][ T6908] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 165.761072][ T12] Bluetooth: hci2: command 0x040f tx timeout [ 165.794630][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 165.842028][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 165.859587][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 165.868523][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 165.877715][ T6906] device veth0_vlan entered promiscuous mode [ 165.892412][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 165.900316][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 165.913672][ T6904] device veth1_vlan entered promiscuous mode [ 165.927313][ T6910] 8021q: adding VLAN 0 to HW filter on device bond0 [ 165.946836][ T6912] 8021q: adding VLAN 0 to HW filter on device team0 [ 165.999490][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 166.011384][ T2589] Bluetooth: hci3: command 0x040f tx timeout [ 166.018883][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 166.029900][ T2888] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.037852][ T2888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.051783][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 166.064450][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 166.076048][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 166.116054][ T6910] 8021q: adding VLAN 0 to HW filter on device team0 [ 166.129322][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 166.145585][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 166.157916][ T2888] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.165585][ T2888] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.180978][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 166.190574][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 166.199758][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 166.209271][ T2888] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.216785][ T2888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.232233][ T6906] device veth1_vlan entered promiscuous mode [ 166.241729][ T2589] Bluetooth: hci4: command 0x040f tx timeout [ 166.259329][ T6961] 8021q: adding VLAN 0 to HW filter on device bond0 [ 166.274777][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 166.290371][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 166.329666][ T6961] 8021q: adding VLAN 0 to HW filter on device team0 [ 166.352741][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 166.367208][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 166.379203][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 166.389567][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 166.397615][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 166.406904][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 166.416261][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 166.428571][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 166.439268][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.446544][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.455692][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 166.464478][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 166.474594][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 166.488555][ T6908] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 166.529055][ T6904] device veth0_macvtap entered promiscuous mode [ 166.538595][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 166.549444][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 166.560779][ T2888] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.568780][ T2888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.578343][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 166.587561][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 166.596606][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 166.611348][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 166.620288][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 166.629332][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 166.643544][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 166.652596][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 166.700544][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 166.709435][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 166.719743][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 166.734149][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 166.745204][ T2888] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.752946][ T2888] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.763235][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 166.772697][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 166.783117][ T6912] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 166.801112][ T2589] Bluetooth: hci5: command 0x040f tx timeout [ 166.810845][ T6904] device veth1_macvtap entered promiscuous mode [ 166.833932][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 166.843832][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 166.854131][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 166.864633][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 166.875463][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 166.887684][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 166.897207][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 166.907751][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 166.918926][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 166.935735][ T6910] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 166.953096][ T6910] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 166.989671][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 167.001783][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 167.026077][ T6904] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 167.078505][ T6906] device veth0_macvtap entered promiscuous mode [ 167.087858][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 167.099109][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 167.109749][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 167.119754][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 167.130318][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.139599][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 167.150752][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 167.160689][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 167.170551][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 167.183853][ T6904] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 167.217709][ T6906] device veth1_macvtap entered promiscuous mode [ 167.232417][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 167.241456][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 167.251108][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 167.259418][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 167.268670][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 167.279459][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 167.289602][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 167.299125][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 167.309093][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 167.323837][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 167.335196][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 167.349447][ T6908] device veth0_vlan entered promiscuous mode [ 167.362864][ T5] Bluetooth: hci0: command 0x0419 tx timeout [ 167.370948][ T6904] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.382416][ T6904] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.392379][ T6904] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.401458][ T6904] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.425913][ T6961] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 167.439144][ T6961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 167.448161][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 167.457263][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 167.466054][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 167.475451][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 167.515364][ T6906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 167.528244][ T6906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.541228][ T6906] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 167.581080][ T6908] device veth1_vlan entered promiscuous mode [ 167.598942][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 167.609225][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 167.616948][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 167.625084][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 167.634129][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 167.645765][ T5] Bluetooth: hci1: command 0x0419 tx timeout [ 167.658684][ T6910] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.673225][ T6912] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.691205][ T6906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 167.702872][ T6906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.716039][ T6906] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 167.734813][ T6906] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.744241][ T6906] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.768132][ T6906] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.779408][ T6906] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.805616][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 167.818987][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 167.829720][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 167.850292][ T2589] Bluetooth: hci2: command 0x0419 tx timeout [ 167.850723][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 167.875038][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 167.915520][ T6961] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.956888][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 167.981423][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 168.072084][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 168.088957][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 168.090525][ T8195] Bluetooth: hci3: command 0x0419 tx timeout [ 168.143484][ T6908] device veth0_macvtap entered promiscuous mode [ 168.227171][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 168.235965][ T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 168.236031][ T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.274067][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 168.284699][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 168.296083][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 168.314574][ T6908] device veth1_macvtap entered promiscuous mode [ 168.320474][ T2888] Bluetooth: hci4: command 0x0419 tx timeout [ 168.352892][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 168.363029][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 168.383384][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 168.401432][ T6910] device veth0_vlan entered promiscuous mode [ 168.468046][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 168.479042][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 168.489540][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 168.498384][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 168.515412][ T6910] device veth1_vlan entered promiscuous mode [ 168.557073][ T21] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 168.558183][ T6912] device veth0_vlan entered promiscuous mode [ 168.581165][ T21] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.591440][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 168.602623][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 168.615182][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 168.627003][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 168.675883][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 168.702641][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 168.711856][ T21] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 168.717879][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.738890][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 168.759741][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.779924][ T21] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.792923][ T6908] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 168.811498][ T6912] device veth1_vlan entered promiscuous mode [ 168.843264][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 168.852593][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 168.861949][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 168.872292][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 168.883176][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 168.893650][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 168.906636][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 168.917845][ T17] Bluetooth: hci5: command 0x0419 tx timeout [ 168.925878][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.936558][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 168.948240][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.962552][ T6908] batman_adv: batadv0: Interface activated: batadv_slave_1 23:52:54 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x17) [ 169.051622][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 169.070866][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 169.090693][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 169.114467][ T6908] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.136606][ T6908] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.163052][ T6908] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.173635][ T6908] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.216425][ T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 169.246755][ T6961] device veth0_vlan entered promiscuous mode 23:52:54 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x17) [ 169.262183][ T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 169.276038][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 169.285926][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 169.297790][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 169.312161][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 169.328321][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 23:52:54 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x17) [ 169.388666][ T6961] device veth1_vlan entered promiscuous mode [ 169.419983][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 169.428067][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 169.479509][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 169.505378][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready 23:52:54 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000540)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000580)={0x0, 0x1}) 23:52:54 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x17) [ 169.540689][ T2589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 169.582159][ T6910] device veth0_macvtap entered promiscuous mode [ 169.606010][ T6912] device veth0_macvtap entered promiscuous mode 23:52:54 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x17) [ 169.687101][ T6912] device veth1_macvtap entered promiscuous mode 23:52:54 executing program 1: request_key(&(0x7f0000000440)='syzkaller\x00', &(0x7f0000000480)={'syz', 0x0}, &(0x7f00000004c0)='\x00', 0xfffffffffffffffc) 23:52:54 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3) [ 169.727965][ T6910] device veth1_macvtap entered promiscuous mode [ 169.854801][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 169.874519][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.910005][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 169.941360][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.973540][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 169.984981][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.998356][ T6912] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.016780][ T6961] device veth0_macvtap entered promiscuous mode [ 170.036101][ T6910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.051130][ T6910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.061986][ T6910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.073461][ T6910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.085343][ T6910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.097366][ T6910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.108218][ T6910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.120230][ T6910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.133580][ T6910] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.163307][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 170.174415][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 170.207814][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 170.241009][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 170.249432][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 170.261588][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 170.272469][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 170.283024][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 170.293149][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 170.303464][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 170.324844][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 170.338907][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 170.354617][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.366197][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 170.377712][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.388566][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 170.401727][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.414626][ T6912] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 170.440558][ T6961] device veth1_macvtap entered promiscuous mode [ 170.473786][ T6910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 170.500468][ T6910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.512181][ T6910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 170.524340][ T6910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.537057][ T6910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 170.548511][ T6910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.559568][ T6910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 170.573595][ T6910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.587229][ T6910] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 170.604413][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 170.614877][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 170.625292][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 170.636443][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 170.651394][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 170.675818][ T6912] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.701230][ T6912] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.711977][ T6912] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.723087][ T6912] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.746056][ T6910] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.752928][ T7] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 170.764879][ T6910] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.780005][ T7] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 170.784494][ T6910] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.808429][ T6910] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.829695][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.846443][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.857832][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.869308][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.881169][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.892158][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.903904][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.915596][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.926234][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 170.938683][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.952582][ T6961] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.988129][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 171.012011][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 171.030832][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 171.088224][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 171.100268][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.114687][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 171.126486][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.137009][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 171.148654][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.160711][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 171.171244][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.181288][ T6961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 171.192122][ T6961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.204957][ T6961] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 171.230486][ T6961] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.239249][ T6961] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.255520][ T6961] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.267567][ T6961] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.295940][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 171.306313][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 171.337257][ T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.350090][ T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.432123][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 171.539300][ T634] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.565917][ T634] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.618660][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 171.643672][ T21] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.671663][ T21] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.672239][ T7] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.696478][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 171.712196][ T7] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 23:52:56 executing program 2: bpf$BPF_PROG_GET_NEXT_ID(0x2, 0x0, 0x0) [ 171.737053][ T21] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.763778][ T21] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.782942][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 171.794805][ T2888] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 171.853636][ T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.892736][ T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.914851][ T346] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.926631][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 171.962782][ T346] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.978631][ T8382] tmpfs: Unknown parameter 'fscontext' [ 171.995211][ T8382] tmpfs: Unknown parameter 'fscontext' [ 171.999016][ T8195] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 23:52:56 executing program 3: pselect6(0x40, &(0x7f0000000180), 0x0, &(0x7f0000000200)={0xf91c}, 0x0, &(0x7f00000002c0)={0x0}) 23:52:57 executing program 4: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r0, 0xc0045003, 0x0) 23:52:57 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x17) 23:52:57 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)) 23:52:57 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x4b44, &(0x7f0000000000)) 23:52:57 executing program 5: socket$caif_seqpacket(0x25, 0x5, 0x0) 23:52:57 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x17) 23:52:57 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x6) 23:52:57 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)) 23:52:57 executing program 5: r0 = socket(0x2, 0xa, 0x0) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 23:52:57 executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)) 23:52:57 executing program 4: request_key(&(0x7f0000000440)='syzkaller\x00', &(0x7f0000000480)={'syz', 0x0}, 0x0, 0xfffffffffffffffc) [ 172.412923][ T8406] syz-executor.5 uses obsolete (PF_INET,SOCK_PACKET) 23:52:57 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffd, 0x0, "11592f0200000000000000ff00"}) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)) 23:52:57 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x11) syz_open_pts(r0, 0x0) 23:52:57 executing program 0: syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x17) 23:52:57 executing program 1: bpf$BPF_PROG_GET_NEXT_ID(0x9, 0x0, 0x0) 23:52:57 executing program 2: bpf$OBJ_GET_PROG(0x7, &(0x7f00000012c0)={&(0x7f0000001280)='./file0\x00', 0x0, 0x8}, 0x10) 23:52:57 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) 23:52:57 executing program 0: syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x17) 23:52:57 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r0, 0xc0045005, &(0x7f00000000c0)) 23:52:57 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000100), &(0x7f0000000140)=0x8) 23:52:57 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x4b3a, &(0x7f0000000000)) 23:52:57 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') sendmsg$NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b"], 0x50}}, 0x0) 23:52:57 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000040)={{0x0, 0x3}}) 23:52:57 executing program 1: perf_event_open(&(0x7f0000000380)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43210, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 173.024601][ T8465] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'. 23:52:58 executing program 0: syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x17) 23:52:58 executing program 5: getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, 0x0) 23:52:58 executing program 2: perf_event_open(&(0x7f00000000c0)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xbe}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 23:52:58 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r0, &(0x7f00000007c0)={&(0x7f00000001c0)={0x2, 0x82, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10, 0x0}, 0x0) 23:52:58 executing program 3: socket(0x15, 0x5, 0x2000000) 23:52:58 executing program 1: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0) getsockopt$rose(r0, 0x104, 0x0, 0x0, 0x0) 23:52:58 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, 0x0) 23:52:58 executing program 5: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x4b41, &(0x7f0000000000)) 23:52:58 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/seq\x00', 0x22082) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000040)={{0x9, 0x3}, {0x7, 0x10}, 0x1, 0x1}) write$sndseq(0xffffffffffffffff, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='freezer.state\x00', 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000180)={0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000001c0)={r2}) syz_usbip_server_init(0x5) 23:52:58 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x800016) 23:52:58 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) 23:52:58 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r0, 0x40045010, &(0x7f00000000c0)) 23:52:58 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, 0x0) [ 173.466203][ T8490] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 173.473082][ T8490] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) 23:52:58 executing program 5: pselect6(0x40, &(0x7f0000000180), 0x0, &(0x7f0000000200)={0xf91c}, &(0x7f0000000240), &(0x7f00000002c0)={&(0x7f0000000280)={[0xdacc]}, 0x8}) [ 173.588178][ T8494] vhci_hcd: connection closed [ 173.593886][ T27] vhci_hcd: stop threads [ 173.623263][ T27] vhci_hcd: release socket 23:52:58 executing program 4: [ 173.641004][ T27] vhci_hcd: disconnect device 23:52:58 executing program 3: 23:52:58 executing program 1: openat$null(0xffffffffffffff9c, &(0x7f0000000700)='/dev/null\x00', 0x400, 0x0) 23:52:58 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, 0x0) 23:52:58 executing program 5: pselect6(0x40, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000240), &(0x7f00000002c0)={&(0x7f0000000280), 0x8}) 23:52:58 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000a80)=0x1, 0x4) 23:52:59 executing program 2: 23:52:59 executing program 4: openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x40000, 0x0) 23:52:59 executing program 1: 23:52:59 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)) 23:52:59 executing program 3: 23:52:59 executing program 5: [ 174.094312][ T8518] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(4) [ 174.100877][ T8518] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 174.126873][ T8520] vhci_hcd: connection closed [ 174.129776][ T346] vhci_hcd: stop threads [ 174.138762][ T346] vhci_hcd: release socket 23:52:59 executing program 1: [ 174.185106][ T346] vhci_hcd: disconnect device 23:52:59 executing program 2: 23:52:59 executing program 3: 23:52:59 executing program 2: 23:52:59 executing program 5: 23:52:59 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)) 23:52:59 executing program 4: 23:52:59 executing program 1: 23:52:59 executing program 3: 23:52:59 executing program 2: 23:52:59 executing program 5: 23:52:59 executing program 4: 23:52:59 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)) 23:52:59 executing program 1: 23:52:59 executing program 3: 23:52:59 executing program 2: 23:52:59 executing program 5: 23:52:59 executing program 4: 23:52:59 executing program 1: 23:52:59 executing program 0: 23:52:59 executing program 3: 23:52:59 executing program 2: 23:52:59 executing program 5: 23:52:59 executing program 0: 23:52:59 executing program 4: 23:52:59 executing program 3: 23:52:59 executing program 1: 23:53:00 executing program 5: 23:53:00 executing program 2: 23:53:00 executing program 0: 23:53:00 executing program 4: 23:53:00 executing program 3: 23:53:00 executing program 1: 23:53:00 executing program 5: 23:53:00 executing program 0: 23:53:00 executing program 4: 23:53:00 executing program 3: 23:53:00 executing program 2: 23:53:00 executing program 1: 23:53:00 executing program 0: 23:53:00 executing program 5: 23:53:00 executing program 3: 23:53:00 executing program 2: 23:53:00 executing program 4: 23:53:00 executing program 1: 23:53:00 executing program 0: 23:53:00 executing program 2: 23:53:00 executing program 5: 23:53:00 executing program 3: 23:53:00 executing program 4: 23:53:00 executing program 1: 23:53:00 executing program 0: 23:53:00 executing program 5: 23:53:00 executing program 2: 23:53:00 executing program 3: 23:53:00 executing program 4: 23:53:00 executing program 1: 23:53:00 executing program 0: 23:53:00 executing program 5: 23:53:01 executing program 2: 23:53:01 executing program 3: 23:53:01 executing program 4: 23:53:01 executing program 1: 23:53:01 executing program 0: 23:53:01 executing program 5: 23:53:01 executing program 2: 23:53:01 executing program 3: 23:53:01 executing program 1: 23:53:01 executing program 4: 23:53:01 executing program 0: 23:53:01 executing program 2: 23:53:01 executing program 5: 23:53:01 executing program 3: 23:53:01 executing program 1: 23:53:01 executing program 4: 23:53:01 executing program 0: 23:53:01 executing program 5: 23:53:01 executing program 2: 23:53:01 executing program 1: 23:53:01 executing program 3: 23:53:01 executing program 4: 23:53:01 executing program 0: 23:53:01 executing program 2: 23:53:01 executing program 5: 23:53:01 executing program 3: 23:53:01 executing program 1: 23:53:02 executing program 4: 23:53:02 executing program 0: 23:53:02 executing program 2: 23:53:02 executing program 5: 23:53:02 executing program 3: 23:53:02 executing program 1: 23:53:02 executing program 4: 23:53:02 executing program 0: 23:53:02 executing program 2: 23:53:02 executing program 3: 23:53:02 executing program 5: 23:53:02 executing program 1: 23:53:02 executing program 4: 23:53:02 executing program 0: 23:53:02 executing program 2: 23:53:02 executing program 5: 23:53:02 executing program 3: 23:53:02 executing program 1: 23:53:02 executing program 4: 23:53:02 executing program 2: 23:53:02 executing program 0: 23:53:02 executing program 5: 23:53:02 executing program 4: 23:53:02 executing program 1: 23:53:02 executing program 3: 23:53:02 executing program 0: 23:53:02 executing program 2: 23:53:02 executing program 5: 23:53:02 executing program 1: 23:53:02 executing program 4: 23:53:02 executing program 3: 23:53:03 executing program 0: 23:53:03 executing program 2: 23:53:03 executing program 5: 23:53:03 executing program 1: 23:53:03 executing program 4: 23:53:03 executing program 3: 23:53:03 executing program 0: 23:53:03 executing program 2: 23:53:03 executing program 5: 23:53:03 executing program 1: 23:53:03 executing program 4: 23:53:03 executing program 3: 23:53:03 executing program 0: 23:53:03 executing program 2: 23:53:03 executing program 3: 23:53:03 executing program 1: 23:53:03 executing program 5: 23:53:03 executing program 4: 23:53:03 executing program 0: 23:53:03 executing program 2: 23:53:03 executing program 3: 23:53:03 executing program 5: 23:53:03 executing program 1: 23:53:03 executing program 4: 23:53:03 executing program 0: 23:53:03 executing program 1: 23:53:03 executing program 3: 23:53:04 executing program 2: 23:53:04 executing program 5: 23:53:04 executing program 4: 23:53:04 executing program 0: 23:53:04 executing program 1: 23:53:04 executing program 3: 23:53:04 executing program 2: 23:53:04 executing program 5: 23:53:04 executing program 4: 23:53:04 executing program 1: 23:53:04 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5414, &(0x7f0000000000)=0x1000000) 23:53:04 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe) 23:53:04 executing program 2: 23:53:04 executing program 5: 23:53:04 executing program 4: 23:53:04 executing program 3: 23:53:04 executing program 1: 23:53:04 executing program 0: 23:53:04 executing program 5: 23:53:04 executing program 2: 23:53:04 executing program 1: 23:53:04 executing program 0: 23:53:04 executing program 4: 23:53:04 executing program 5: 23:53:04 executing program 3: 23:53:04 executing program 2: 23:53:04 executing program 1: 23:53:04 executing program 4: 23:53:04 executing program 5: 23:53:04 executing program 0: 23:53:04 executing program 3: 23:53:05 executing program 4: 23:53:05 executing program 1: 23:53:05 executing program 2: 23:53:05 executing program 3: 23:53:05 executing program 5: 23:53:05 executing program 0: 23:53:05 executing program 1: 23:53:05 executing program 4: 23:53:05 executing program 2: 23:53:05 executing program 3: 23:53:05 executing program 5: 23:53:05 executing program 0: 23:53:05 executing program 1: 23:53:05 executing program 4: 23:53:05 executing program 2: 23:53:05 executing program 3: 23:53:05 executing program 5: 23:53:05 executing program 0: 23:53:05 executing program 4: 23:53:05 executing program 1: 23:53:05 executing program 2: 23:53:05 executing program 5: 23:53:05 executing program 3: 23:53:05 executing program 0: 23:53:05 executing program 4: 23:53:05 executing program 1: 23:53:05 executing program 2: 23:53:05 executing program 5: 23:53:05 executing program 4: 23:53:05 executing program 3: 23:53:06 executing program 0: 23:53:06 executing program 1: 23:53:06 executing program 5: 23:53:06 executing program 2: 23:53:06 executing program 4: 23:53:06 executing program 0: 23:53:06 executing program 1: 23:53:06 executing program 3: 23:53:06 executing program 5: 23:53:06 executing program 2: 23:53:06 executing program 1: 23:53:06 executing program 4: 23:53:06 executing program 0: 23:53:06 executing program 3: 23:53:06 executing program 5: 23:53:06 executing program 2: 23:53:06 executing program 1: 23:53:06 executing program 4: 23:53:06 executing program 0: 23:53:06 executing program 3: 23:53:06 executing program 2: 23:53:06 executing program 5: 23:53:06 executing program 4: 23:53:06 executing program 1: 23:53:06 executing program 0: 23:53:06 executing program 3: 23:53:06 executing program 5: 23:53:06 executing program 2: 23:53:06 executing program 4: 23:53:06 executing program 0: 23:53:07 executing program 1: 23:53:07 executing program 3: 23:53:07 executing program 2: 23:53:07 executing program 5: 23:53:07 executing program 4: 23:53:07 executing program 0: 23:53:07 executing program 1: 23:53:07 executing program 5: 23:53:07 executing program 3: 23:53:07 executing program 2: 23:53:07 executing program 4: 23:53:07 executing program 0: 23:53:07 executing program 5: 23:53:07 executing program 1: 23:53:07 executing program 3: 23:53:07 executing program 2: 23:53:07 executing program 4: 23:53:07 executing program 0: 23:53:07 executing program 1: 23:53:07 executing program 5: 23:53:07 executing program 3: 23:53:07 executing program 4: 23:53:07 executing program 2: 23:53:07 executing program 0: 23:53:07 executing program 1: 23:53:07 executing program 5: 23:53:07 executing program 3: 23:53:07 executing program 4: 23:53:07 executing program 2: 23:53:07 executing program 0: 23:53:08 executing program 1: 23:53:08 executing program 3: 23:53:08 executing program 5: 23:53:08 executing program 4: 23:53:08 executing program 0: 23:53:08 executing program 2: 23:53:08 executing program 1: 23:53:08 executing program 3: 23:53:08 executing program 0: 23:53:08 executing program 4: 23:53:08 executing program 5: 23:53:08 executing program 1: 23:53:08 executing program 2: 23:53:08 executing program 3: 23:53:08 executing program 0: 23:53:08 executing program 5: 23:53:08 executing program 4: 23:53:08 executing program 1: 23:53:08 executing program 2: 23:53:08 executing program 0: 23:53:08 executing program 3: 23:53:08 executing program 5: 23:53:08 executing program 4: 23:53:08 executing program 1: 23:53:08 executing program 2: 23:53:08 executing program 0: 23:53:08 executing program 3: 23:53:08 executing program 5: 23:53:08 executing program 1: 23:53:08 executing program 4: 23:53:09 executing program 0: 23:53:09 executing program 3: 23:53:09 executing program 5: 23:53:09 executing program 2: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x1, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x989680}}, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000000)={{0x0, 0x3938700}}, 0x0) 23:53:09 executing program 1: 23:53:09 executing program 4: 23:53:09 executing program 0: 23:53:09 executing program 3: 23:53:09 executing program 5: 23:53:09 executing program 1: openat$procfs(0xffffff9c, &(0x7f0000000180)='/proc/diskstats\x00', 0x0, 0x0) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100)={0x7}, 0x0, 0x0, 0x0) 23:53:09 executing program 2: 23:53:09 executing program 4: 23:53:09 executing program 3: pselect6(0x54, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200), 0x0) 23:53:09 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000180)={@multicast, @dev, @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9d55cc", 0x44, 0x4, 0x0, @empty, @mcast2}}}}, 0x0) 23:53:09 executing program 0: r0 = getpid() r1 = getpid() rt_tgsigqueueinfo(r0, r1, 0xfffffffa, &(0x7f00000001c0)={0x0, 0x0, 0xfffff800}) 23:53:09 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x10, 0x4, 0x4, 0x2, 0x2}, 0x40) 23:53:09 executing program 2: pselect6(0x89, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000040), 0x0) 23:53:09 executing program 1: creat(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f00000000c0)={[{@nfs_export_off='nfs_export=off'}], [{@euid_gt={'euid>', 0xee00}}]}) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, 0x0) 23:53:09 executing program 5: syz_io_uring_setup(0x7ed1, &(0x7f00000000c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000), 0x0) syz_io_uring_setup(0x6144, &(0x7f00000002c0), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000380)) 23:53:09 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x12, 0x0, 0x0, 0x5}, 0x40) [ 184.746480][ T8903] overlayfs: unrecognized mount option "euid>00000000000000060928" or missing value [ 184.779168][ T8905] overlayfs: unrecognized mount option "euid>00000000000000060928" or missing value 23:53:09 executing program 0: migrate_pages(0x0, 0x200, &(0x7f0000000100)=0x4fb6f671, 0x0) 23:53:09 executing program 2: socket(0x26, 0x5, 0xffffffff) 23:53:09 executing program 1: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f0000000000)={{0x0, 0x3938700}}, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) 23:53:09 executing program 0: r0 = timerfd_create(0x0, 0x0) fsetxattr(r0, &(0x7f0000000380)=@known='user.syz\x00', 0x0, 0x0, 0x0) [ 184.913069][ T8911] [ 184.915610][ T8911] ============================= [ 184.925654][ T8911] WARNING: suspicious RCU usage [ 184.945512][ T8911] 5.9.0-next-20201016-syzkaller #0 Not tainted [ 184.987329][ T8911] ----------------------------- [ 185.022728][ T8911] include/linux/cgroup.h:494 suspicious rcu_dereference_check() usage! [ 185.062488][ T8911] [ 185.062488][ T8911] other info that might help us debug this: [ 185.062488][ T8911] [ 185.096832][ T8911] [ 185.096832][ T8911] rcu_scheduler_active = 2, debug_locks = 1 [ 185.115375][ T8911] no locks held by syz-executor.5/8911. [ 185.130704][ T8911] [ 185.130704][ T8911] stack backtrace: [ 185.148157][ T8911] CPU: 1 PID: 8911 Comm: syz-executor.5 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 185.157649][ T8911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 185.167722][ T8911] Call Trace: [ 185.171049][ T8911] dump_stack+0x198/0x1fb [ 185.175408][ T8911] io_init_identity+0x3a9/0x450 [ 185.180288][ T8911] io_uring_alloc_task_context+0x176/0x250 [ 185.186121][ T8911] io_uring_add_task_file+0x10d/0x180 [ 185.191532][ T8911] io_uring_setup+0x2727/0x3660 [ 185.196468][ T8911] ? io_sq_thread+0x1400/0x1400 [ 185.201342][ T8911] ? io_issue_sqe+0x3d80/0x3d80 [ 185.206404][ T8911] ? io_uring_poll+0x2a0/0x2a0 [ 185.211276][ T8911] ? put_timespec64+0xcb/0x120 [ 185.216073][ T8911] ? ns_to_timespec64+0xc0/0xc0 [ 185.220971][ T8911] ? check_preemption_disabled+0x50/0x130 [ 185.226727][ T8911] ? syscall_enter_from_user_mode+0x1d/0x60 [ 185.232650][ T8911] do_syscall_64+0x2d/0x70 [ 185.237090][ T8911] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 185.246039][ T8911] RIP: 0033:0x45de59 [ 185.249965][ T8911] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 185.269568][ T8911] RSP: 002b:00007f4934dfdbf8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9 [ 185.277977][ T8911] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 000000000045de59 [ 185.286026][ T8911] RDX: 0000000020ffc000 RSI: 00000000200000c0 RDI: 0000000000007ed1 23:53:10 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x1a, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) 23:53:10 executing program 4: r0 = timerfd_create(0x7, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000000)={{0x0, 0x3938700}, {0x77359400}}, 0x0) 23:53:10 executing program 2: r0 = getpgid(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x80003, 0x7) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x2551, 0x4) sendmmsg(r1, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x2) 23:53:10 executing program 1: set_mempolicy(0x0, &(0x7f0000000280), 0x97) 23:53:10 executing program 0: set_mempolicy(0x0, 0xffffffffffffffff, 0x8) [ 185.294010][ T8911] RBP: 000000000118bf78 R08: 0000000000000000 R09: 0000000000000000 [ 185.302073][ T8911] R10: 0000000020000000 R11: 0000000000000206 R12: 0000000020ffc000 [ 185.310041][ T8911] R13: 0000000020ffb000 R14: 0000000000000000 R15: 0000000020000000 23:53:10 executing program 1: r0 = socket$inet(0x2, 0x3, 0x3) getsockopt$inet_mtu(r0, 0x0, 0x9, 0x0, &(0x7f0000000080)) [ 185.489267][ C0] hrtimer: interrupt took 61311 ns 23:53:10 executing program 5: r0 = socket$inet(0x2, 0xa, 0x0) close(r0) 23:53:10 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, 0x0) perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x21, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) 23:53:10 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fsetxattr(r0, &(0x7f0000000040)=@random={'security.', '%\\\\$\x00'}, 0x0, 0x0, 0x0) 23:53:10 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, r2}) 23:53:10 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{}]}) socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, 0x0) clone(0x4340100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x20712, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000640)=ANY=[@ANYBLOB="700000000007010200000000000000000c0000020c00024000000000000000000000080005ec000000010c00034000000000000000030c000240fffffffffffff17624000780410001400000000808d80321200002ef080002400000636a08000140fffffffa650d636cb627fbe06521aa1e56d8de5f836808"], 0x70}}, 0x400c800) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000040)) waitid(0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x9], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000800)="7f3e1386bfa28886e3a742724199887f43cbda927c38f65d1453b88ccc84a91e6abfdf45502cf42a2cc0eaa134e5a79971d3834f9e5ab61f16e53cfbf7fbcc294a7b0dab5f1180c9a841eacefde4cfc5e36e3e5403500a504cda4935c95589426700f399f998f0404192ebf4ee11ae836f15385afc77421390c4b4ff6e14ac56896575585bd7cede2ad5754ecfe5d5fe5ad7e64ff4a6", 0x96) ioctl$KVM_GET_NR_MMU_PAGES(0xffffffffffffffff, 0xae45, 0x0) ioctl$EVIOCSABS2F(r1, 0x401845ef, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f0000004240)=ANY=[], 0x11a4}}, 0x48844) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000), 0x4) recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x0, 0x2, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0) shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000) 23:53:10 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{}]}) socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, 0x0) clone(0x4340100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x20712, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000640)=ANY=[@ANYBLOB="700000000007010200000000000000000c0000020c00024000000000000000000000080005ec000000010c00034000000000000000030c000240fffffffffffff17624000780410001400000000808d80321200002ef080002400000636a08000140fffffffa650d636cb627fbe06521aa1e56d8de5f836808"], 0x70}}, 0x400c800) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000040)) waitid(0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x9], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000800)="7f3e1386bfa28886e3a742724199887f43cbda927c38f65d1453b88ccc84a91e6abfdf45502cf42a2cc0eaa134e5a79971d3834f9e5ab61f16e53cfbf7fbcc294a7b0dab5f1180c9a841eacefde4cfc5e36e3e5403500a504cda4935c95589426700f399f998f0404192ebf4ee11ae836f15385afc77421390c4b4ff6e14ac56896575585bd7cede2ad5754ecfe5d5fe5ad7e64ff4a6", 0x96) ioctl$KVM_GET_NR_MMU_PAGES(0xffffffffffffffff, 0xae45, 0x0) ioctl$EVIOCSABS2F(r1, 0x401845ef, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f0000004240)=ANY=[], 0x11a4}}, 0x48844) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000), 0x4) recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x0, 0x2, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0) shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000) 23:53:11 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)={0x14, 0x0, 0x3, 0x301}, 0x14}}, 0x0) 23:53:11 executing program 4: r0 = syz_io_uring_setup(0x7ed1, &(0x7f00000000c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000140)) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000003c0), 0x0) [ 186.283145][ T8973] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8973 [ 186.292653][ T8973] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 186.299872][ T8973] CPU: 1 PID: 8973 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 186.309348][ T8973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 186.319426][ T8973] Call Trace: [ 186.322738][ T8973] dump_stack+0x198/0x1fb [ 186.327186][ T8973] check_preemption_disabled+0x128/0x130 [ 186.332936][ T8973] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 186.338682][ T8973] trace_hardirqs_on+0x5b/0x1c0 [ 186.343555][ T8973] __bad_area_nosemaphore+0xc6/0x4f0 [ 186.348870][ T8973] do_user_addr_fault+0x852/0xbf0 [ 186.353926][ T8973] exc_page_fault+0xa8/0x190 [ 186.358540][ T8973] ? asm_exc_page_fault+0x8/0x30 [ 186.363499][ T8973] asm_exc_page_fault+0x1e/0x30 [ 186.368358][ T8973] RIP: 0033:0x402497 [ 186.372269][ T8973] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 186.391892][ T8973] RSP: 002b:00007f236556ec00 EFLAGS: 00010286 [ 186.397987][ T8973] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 186.405984][ T8973] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.413985][ T8973] RBP: 000000000118bf78 R08: 0000000000000000 R09: 0000000000000000 [ 186.421977][ T8973] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 23:53:11 executing program 2: r0 = getpgid(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x80003, 0x7) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x2551, 0x4) sendmmsg(r1, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x2) 23:53:11 executing program 0: r0 = timerfd_create(0x9, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000000)={{0x0, 0x3938700}, {0x77359400}}, 0x0) 23:53:11 executing program 5: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x2, 0x0, 0x0) 23:53:11 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{}]}) socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, 0x0) clone(0x4340100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x20712, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000640)=ANY=[@ANYBLOB="700000000007010200000000000000000c0000020c00024000000000000000000000080005ec000000010c00034000000000000000030c000240fffffffffffff17624000780410001400000000808d80321200002ef080002400000636a08000140fffffffa650d636cb627fbe06521aa1e56d8de5f836808"], 0x70}}, 0x400c800) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000040)) waitid(0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x9], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000800)="7f3e1386bfa28886e3a742724199887f43cbda927c38f65d1453b88ccc84a91e6abfdf45502cf42a2cc0eaa134e5a79971d3834f9e5ab61f16e53cfbf7fbcc294a7b0dab5f1180c9a841eacefde4cfc5e36e3e5403500a504cda4935c95589426700f399f998f0404192ebf4ee11ae836f15385afc77421390c4b4ff6e14ac56896575585bd7cede2ad5754ecfe5d5fe5ad7e64ff4a6", 0x96) ioctl$KVM_GET_NR_MMU_PAGES(0xffffffffffffffff, 0xae45, 0x0) ioctl$EVIOCSABS2F(r1, 0x401845ef, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f0000004240)=ANY=[], 0x11a4}}, 0x48844) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000), 0x4) recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x0, 0x2, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0) shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000) 23:53:11 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{}]}) socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, 0x0) clone(0x4340100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x20712, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={0x0, 0x70}}, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, 0x0) waitid(0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x6d8, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) ioctl$EVIOCSABS2F(0xffffffffffffffff, 0x401845ef, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f0000004240)=ANY=[], 0x11a4}}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x0, 0x2, 0x0) [ 186.429965][ T8973] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 [ 186.441970][ T8973] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/8973 [ 186.451697][ T8973] caller is lockdep_hardirqs_on+0x34/0x110 [ 186.457525][ T8973] CPU: 1 PID: 8973 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 186.467022][ T8973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 186.477089][ T8973] Call Trace: [ 186.480401][ T8973] dump_stack+0x198/0x1fb [ 186.484758][ T8973] check_preemption_disabled+0x128/0x130 [ 186.490409][ T8973] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 186.495870][ T8973] lockdep_hardirqs_on+0x34/0x110 [ 186.500890][ T8973] __bad_area_nosemaphore+0xc6/0x4f0 [ 186.506358][ T8973] do_user_addr_fault+0x852/0xbf0 [ 186.511411][ T8973] exc_page_fault+0xa8/0x190 [ 186.515995][ T8973] ? asm_exc_page_fault+0x8/0x30 [ 186.520929][ T8973] asm_exc_page_fault+0x1e/0x30 [ 186.525766][ T8973] RIP: 0033:0x402497 [ 186.529651][ T8973] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 186.549241][ T8973] RSP: 002b:00007f236556ec00 EFLAGS: 00010286 [ 186.555296][ T8973] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 186.563252][ T8973] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.571317][ T8973] RBP: 000000000118bf78 R08: 0000000000000000 R09: 0000000000000000 [ 186.579283][ T8973] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 186.587265][ T8973] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 23:53:11 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{}]}) socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, 0x0) clone(0x4340100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x20712, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000640)=ANY=[@ANYBLOB="700000000007010200000000000000000c0000020c00024000000000000000000000080005ec000000010c00034000000000000000030c000240fffffffffffff17624000780410001400000000808d80321200002ef080002400000636a08000140fffffffa650d636cb627fbe06521aa1e56d8de5f836808"], 0x70}}, 0x400c800) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000040)) waitid(0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x9], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000800)="7f3e1386bfa28886e3a742724199887f43cbda927c38f65d1453b88ccc84a91e6abfdf45502cf42a2cc0eaa134e5a79971d3834f9e5ab61f16e53cfbf7fbcc294a7b0dab5f1180c9a841eacefde4cfc5e36e3e5403500a504cda4935c95589426700f399f998f0404192ebf4ee11ae836f15385afc77421390c4b4ff6e14ac56896575585bd7cede2ad5754ecfe5d5fe5ad7e64ff4a6", 0x96) ioctl$KVM_GET_NR_MMU_PAGES(0xffffffffffffffff, 0xae45, 0x0) ioctl$EVIOCSABS2F(r1, 0x401845ef, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f0000004240)=ANY=[], 0x11a4}}, 0x48844) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000), 0x4) recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x0, 0x2, 0x0) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0) shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000) 23:53:11 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, 0x0, 0x0) r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) 23:53:11 executing program 5: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x2, 0x0, 0x0) 23:53:11 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000011c0)={0x3, 0x0, 0x4}, 0x40) 23:53:11 executing program 3: syz_io_uring_setup(0x6b57, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0xfffffffe}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000200)) 23:53:12 executing program 1: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f0000000000)={{0x0, 0x3938700}}, 0x0) [ 187.181870][ T9026] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/9026 [ 187.191364][ T9026] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 187.197889][ T9026] CPU: 1 PID: 9026 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 187.207359][ T9026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 187.217425][ T9026] Call Trace: [ 187.220786][ T9026] dump_stack+0x198/0x1fb [ 187.225144][ T9026] check_preemption_disabled+0x128/0x130 [ 187.230811][ T9026] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 187.236556][ T9026] trace_hardirqs_on+0x5b/0x1c0 [ 187.241445][ T9026] __bad_area_nosemaphore+0xc6/0x4f0 [ 187.246851][ T9026] do_user_addr_fault+0x852/0xbf0 [ 187.251912][ T9026] exc_page_fault+0xa8/0x190 [ 187.256564][ T9026] ? asm_exc_page_fault+0x8/0x30 [ 187.261525][ T9026] asm_exc_page_fault+0x1e/0x30 [ 187.266394][ T9026] RIP: 0033:0x402497 [ 187.270304][ T9026] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 187.290073][ T9026] RSP: 002b:00007f236552cc00 EFLAGS: 00010286 [ 187.296178][ T9026] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 187.304176][ T9026] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.312522][ T9026] RBP: 000000000118c0c8 R08: 0000000000000000 R09: 0000000000000000 [ 187.320517][ T9026] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 187.328506][ T9026] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 [ 187.338186][ T9026] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/9026 [ 187.348657][ T9026] caller is lockdep_hardirqs_on+0x34/0x110 [ 187.354592][ T9026] CPU: 1 PID: 9026 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 187.364054][ T9026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 187.374121][ T9026] Call Trace: [ 187.377433][ T9026] dump_stack+0x198/0x1fb [ 187.381832][ T9026] check_preemption_disabled+0x128/0x130 [ 187.387496][ T9026] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 187.392978][ T9026] lockdep_hardirqs_on+0x34/0x110 [ 187.398035][ T9026] __bad_area_nosemaphore+0xc6/0x4f0 [ 187.403349][ T9026] do_user_addr_fault+0x852/0xbf0 [ 187.408402][ T9026] exc_page_fault+0xa8/0x190 [ 187.413014][ T9026] ? asm_exc_page_fault+0x8/0x30 [ 187.417972][ T9026] asm_exc_page_fault+0x1e/0x30 [ 187.422841][ T9026] RIP: 0033:0x402497 [ 187.426757][ T9026] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 187.446482][ T9026] RSP: 002b:00007f236552cc00 EFLAGS: 00010286 [ 187.452583][ T9026] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 187.460574][ T9026] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.468599][ T9026] RBP: 000000000118c0c8 R08: 0000000000000000 R09: 0000000000000000 [ 187.476600][ T9026] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 187.484598][ T9026] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 23:53:12 executing program 4: r0 = syz_io_uring_setup(0x7ed1, &(0x7f00000000c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000140)) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000003c0), 0x0) 23:53:12 executing program 5: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x2, 0x0, 0x0) 23:53:12 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000180)='fuseblk\x00', 0x0, 0x0) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0) r0 = getpgid(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x80003, 0x7) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x2551, 0x4) sendmmsg(r1, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x300, 0xff00, 0x0) socket$inet6(0xa, 0x0, 0x0) 23:53:12 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, 0x0, 0x0) r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) 23:53:12 executing program 3: creat(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@privport='privport'}]}}) 23:53:12 executing program 2: r0 = getpgid(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x80003, 0x7) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x2551, 0x4) sendmmsg(r1, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x2) [ 188.005101][ T9056] 9pnet: Insufficient options for proto=fd 23:53:12 executing program 3: set_robust_list(&(0x7f00000001c0)={&(0x7f0000000040)}, 0xc) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x4}, {0x0, [0x0, 0x0]}}, &(0x7f00000002c0)=""/242, 0x5e, 0xf2}, 0x84) [ 188.091445][ T9071] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/9071 [ 188.100980][ T9071] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 188.107514][ T9071] CPU: 0 PID: 9071 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 188.116979][ T9071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 188.127048][ T9071] Call Trace: [ 188.130359][ T9071] dump_stack+0x198/0x1fb [ 188.134910][ T9071] check_preemption_disabled+0x128/0x130 [ 188.140608][ T9071] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 188.146362][ T9071] trace_hardirqs_on+0x5b/0x1c0 [ 188.151242][ T9071] __bad_area_nosemaphore+0xc6/0x4f0 [ 188.156564][ T9071] do_user_addr_fault+0x852/0xbf0 [ 188.161622][ T9071] exc_page_fault+0xa8/0x190 [ 188.166236][ T9071] ? asm_exc_page_fault+0x8/0x30 [ 188.171194][ T9071] asm_exc_page_fault+0x1e/0x30 [ 188.176061][ T9071] RIP: 0033:0x402497 [ 188.183836][ T9071] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 188.203492][ T9071] RSP: 002b:00007f236554dc00 EFLAGS: 00010286 [ 188.209586][ T9071] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 188.217580][ T9071] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 188.225571][ T9071] RBP: 000000000118c020 R08: 0000000000000000 R09: 0000000000000000 [ 188.233560][ T9071] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 188.241984][ T9071] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 [ 188.251182][ T9071] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/9071 [ 188.260772][ T9071] caller is lockdep_hardirqs_on+0x34/0x110 [ 188.266602][ T9071] CPU: 0 PID: 9071 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 188.276066][ T9071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 188.286133][ T9071] Call Trace: [ 188.289586][ T9071] dump_stack+0x198/0x1fb [ 188.293945][ T9071] check_preemption_disabled+0x128/0x130 [ 188.299689][ T9071] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 188.305259][ T9071] lockdep_hardirqs_on+0x34/0x110 [ 188.310308][ T9071] __bad_area_nosemaphore+0xc6/0x4f0 [ 188.315630][ T9071] do_user_addr_fault+0x852/0xbf0 [ 188.320688][ T9071] exc_page_fault+0xa8/0x190 [ 188.325302][ T9071] ? asm_exc_page_fault+0x8/0x30 [ 188.330254][ T9071] asm_exc_page_fault+0x1e/0x30 [ 188.335100][ T9071] RIP: 0033:0x402497 [ 188.338987][ T9071] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 188.358586][ T9071] RSP: 002b:00007f236554dc00 EFLAGS: 00010286 [ 188.364653][ T9071] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 188.372642][ T9071] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 188.380623][ T9071] RBP: 000000000118c020 R08: 0000000000000000 R09: 0000000000000000 23:53:13 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, 0x0, 0x0) r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) [ 188.388579][ T9071] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 188.396566][ T9071] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 23:53:13 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x2000}, 0x40) 23:53:13 executing program 3: syz_emit_ethernet(0x7e, &(0x7f0000000180)={@multicast, @dev, @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9d55cc", 0x44, 0x2f, 0x0, @empty, @mcast2={0xff, 0x3}}}}}, 0x0) 23:53:13 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, 0x0, 0x0) r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) 23:53:13 executing program 3: syz_emit_ethernet(0x2c, &(0x7f0000000180)={@multicast, @dev, @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9d55cc", 0x44, 0x2f, 0x0, @empty, @mcast2}}}}, 0x0) 23:53:14 executing program 4: r0 = syz_io_uring_setup(0x7ed1, &(0x7f00000000c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000140)) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000003c0), 0x0) 23:53:14 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000380)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x44}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stat\x00') preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) ioctl$TCSETXF(0xffffffffffffffff, 0x5434, &(0x7f0000000600)={0xff81, 0x0, [0x0, 0x0, 0x0, 0x3ff]}) [ 189.877316][ T9114] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/9114 [ 189.887386][ T9114] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 189.894224][ T9114] CPU: 1 PID: 9114 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 189.903867][ T9114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 189.913937][ T9114] Call Trace: [ 189.917246][ T9114] dump_stack+0x198/0x1fb [ 189.921611][ T9114] check_preemption_disabled+0x128/0x130 [ 189.927263][ T9114] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 189.932979][ T9114] trace_hardirqs_on+0x5b/0x1c0 [ 189.937823][ T9114] __bad_area_nosemaphore+0xc6/0x4f0 [ 189.943110][ T9114] do_user_addr_fault+0x852/0xbf0 [ 189.948130][ T9114] exc_page_fault+0xa8/0x190 [ 189.952705][ T9114] ? asm_exc_page_fault+0x8/0x30 [ 189.957630][ T9114] asm_exc_page_fault+0x1e/0x30 [ 189.962553][ T9114] RIP: 0033:0x402497 [ 189.967144][ T9114] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 189.986737][ T9114] RSP: 002b:00007f236554dc00 EFLAGS: 00010286 [ 189.992885][ T9114] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 190.000847][ T9114] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 190.008828][ T9114] RBP: 000000000118c020 R08: 0000000000000000 R09: 0000000000000000 [ 190.016788][ T9114] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 190.024756][ T9114] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 [ 190.032845][ T9114] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/9114 [ 190.042202][ T9114] caller is lockdep_hardirqs_on+0x34/0x110 [ 190.048028][ T9114] CPU: 1 PID: 9114 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 190.057510][ T9114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 190.068042][ T9114] Call Trace: [ 190.071356][ T9114] dump_stack+0x198/0x1fb [ 190.075719][ T9114] check_preemption_disabled+0x128/0x130 [ 190.081364][ T9114] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 190.090779][ T9114] lockdep_hardirqs_on+0x34/0x110 [ 190.095872][ T9114] __bad_area_nosemaphore+0xc6/0x4f0 [ 190.101190][ T9114] do_user_addr_fault+0x852/0xbf0 [ 190.106239][ T9114] exc_page_fault+0xa8/0x190 [ 190.110841][ T9114] ? asm_exc_page_fault+0x8/0x30 [ 190.115789][ T9114] asm_exc_page_fault+0x1e/0x30 [ 190.120686][ T9114] RIP: 0033:0x402497 23:53:15 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000180)='fuseblk\x00', 0x0, 0x0) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0) r0 = getpgid(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x80003, 0x7) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x2551, 0x4) sendmmsg(r1, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x300, 0xff00, 0x0) socket$inet6(0xa, 0x0, 0x0) 23:53:15 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, 0x0, 0x0) close(0xffffffffffffffff) 23:53:15 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) 23:53:15 executing program 2: r0 = getpgid(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x80003, 0x7) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x2551, 0x4) sendmmsg(r1, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x2) [ 190.124595][ T9114] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 190.144399][ T9114] RSP: 002b:00007f236554dc00 EFLAGS: 00010286 [ 190.150524][ T9114] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 190.158513][ T9114] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 190.167108][ T9114] RBP: 000000000118c020 R08: 0000000000000000 R09: 0000000000000000 [ 190.175102][ T9114] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 190.183092][ T9114] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 23:53:15 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, 0x0, 0x0) close(0xffffffffffffffff) 23:53:15 executing program 5: syz_emit_ethernet(0x7e, &(0x7f0000000180)={@multicast, @dev, @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9d55cc", 0x44, 0x2c, 0x0, @empty, @mcast2}}}}, 0x0) 23:53:15 executing program 3: r0 = socket(0x10, 0x3, 0x9) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0) 23:53:15 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, 0x0, 0x0) close(0xffffffffffffffff) 23:53:15 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)={0x14, 0x0, 0xf6, 0x301}, 0x14}}, 0x0) 23:53:15 executing program 3: r0 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timerfd_settime(r0, 0x1, &(0x7f00000000c0)={{}, {0x0, r1+60000000}}, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000000)={{0x0, 0x3938700}}, 0x0) 23:53:16 executing program 4: r0 = syz_io_uring_setup(0x7ed1, &(0x7f00000000c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000140)) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000003c0), 0x0) 23:53:16 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) 23:53:16 executing program 3: r0 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timerfd_settime(r0, 0x3, &(0x7f0000000000)={{0x77359400}, {0x0, r1+10000000}}, 0x0) 23:53:16 executing program 5: mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0xa418755267467d3b, 0xffffffffffffffff, 0x10000000) 23:53:16 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000180)='fuseblk\x00', 0x0, 0x0) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0) r0 = getpgid(0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x80003, 0x7) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x2551, 0x4) sendmmsg(r1, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) recvmmsg(r1, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x300, 0xff00, 0x0) socket$inet6(0xa, 0x0, 0x0) [ 191.858344][ T9169] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/9169 [ 191.867895][ T9169] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 191.874545][ T9169] CPU: 0 PID: 9169 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 191.884057][ T9169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 191.894130][ T9169] Call Trace: [ 191.897449][ T9169] dump_stack+0x198/0x1fb [ 191.902006][ T9169] check_preemption_disabled+0x128/0x130 [ 191.907672][ T9169] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 191.913417][ T9169] trace_hardirqs_on+0x5b/0x1c0 [ 191.918291][ T9169] __bad_area_nosemaphore+0xc6/0x4f0 [ 191.923620][ T9169] do_user_addr_fault+0x852/0xbf0 [ 191.928685][ T9169] exc_page_fault+0xa8/0x190 [ 191.933298][ T9169] ? asm_exc_page_fault+0x8/0x30 [ 191.938253][ T9169] asm_exc_page_fault+0x1e/0x30 [ 191.943118][ T9169] RIP: 0033:0x402497 [ 191.947030][ T9169] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 191.967890][ T9169] RSP: 002b:00007f236554dc00 EFLAGS: 00010286 [ 191.974064][ T9169] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 191.982050][ T9169] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 191.990041][ T9169] RBP: 000000000118c020 R08: 0000000000000000 R09: 0000000000000000 [ 191.998054][ T9169] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 192.006129][ T9169] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 [ 192.015046][ T9169] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.4/9169 [ 192.029554][ T9169] caller is lockdep_hardirqs_on+0x34/0x110 [ 192.035393][ T9169] CPU: 0 PID: 9169 Comm: syz-executor.4 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 192.044891][ T9169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 192.054953][ T9169] Call Trace: [ 192.059915][ T9169] dump_stack+0x198/0x1fb [ 192.064280][ T9169] check_preemption_disabled+0x128/0x130 [ 192.069938][ T9169] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 192.075420][ T9169] lockdep_hardirqs_on+0x34/0x110 [ 192.081019][ T9169] __bad_area_nosemaphore+0xc6/0x4f0 [ 192.086339][ T9169] do_user_addr_fault+0x852/0xbf0 [ 192.091398][ T9169] exc_page_fault+0xa8/0x190 [ 192.096015][ T9169] ? asm_exc_page_fault+0x8/0x30 [ 192.100977][ T9169] asm_exc_page_fault+0x1e/0x30 [ 192.105928][ T9169] RIP: 0033:0x402497 [ 192.109840][ T9169] Code: 08 4c 89 0c 24 48 8b 74 24 28 48 8b 5c 24 20 4c 8b 6c 24 18 4c 8b 64 24 10 4c 8b 7c 24 08 4c 8b 34 24 48 89 da e8 a9 b9 05 00 <8b> 73 04 48 89 c5 8b 13 8b 43 40 41 89 e8 4c 89 ef b9 11 80 00 00 [ 192.129488][ T9169] RSP: 002b:00007f236554dc00 EFLAGS: 00010286 [ 192.135551][ T9169] RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 000000000045de59 [ 192.143517][ T9169] RDX: 0000000020ffd000 RSI: 0000000000000000 RDI: 0000000000000000 [ 192.151498][ T9169] RBP: 000000000118c020 R08: 0000000000000000 R09: 0000000000000000 23:53:17 executing program 2: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r1) 23:53:17 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x14, 0x5, 0x1, 0x301}, 0x14}}, 0x0) 23:53:17 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0x301}, 0x14}}, 0x0) 23:53:17 executing program 0: r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) [ 192.159456][ T9169] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffd000 [ 192.167414][ T9169] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 23:53:17 executing program 5: r0 = openat$vhost_vsock(0xffffff9c, &(0x7f00000000c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x5452, &(0x7f0000000100)) 23:53:17 executing program 0: r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) 23:53:17 executing program 3: syz_emit_ethernet(0x7e, &(0x7f0000000180)={@multicast, @dev, @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9d55cc", 0x44, 0x2f, 0x0, @empty, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x8}}}}}}}, 0x0) 23:53:17 executing program 4: r0 = syz_io_uring_setup(0x7ed1, &(0x7f00000000c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000003c0), 0x0) 23:53:17 executing program 2: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r1) 23:53:17 executing program 5: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x166}) close(r0) 23:53:17 executing program 0: r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) 23:53:18 executing program 1: syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, [0x2]}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0) 23:53:18 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c) socket$packet(0x11, 0x0, 0x300) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31d41e44f96f67971b8ed8a3dc9eb4123a903d58da02dd1eca653150422bc91e9585fbf8", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x400000a) 23:53:18 executing program 2: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r1) 23:53:18 executing program 0: r0 = io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) 23:53:18 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000011c0)={0x3, 0x0, 0x4, 0x0, 0xc3}, 0x40) 23:53:18 executing program 4: r0 = syz_io_uring_setup(0x7ed1, &(0x7f00000000c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000003c0), 0x0) [ 193.227347][ T9242] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9242 [ 193.236907][ T9242] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 193.243628][ T9242] CPU: 1 PID: 9242 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 193.253105][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 193.263207][ T9242] Call Trace: [ 193.266552][ T9242] dump_stack+0x198/0x1fb [ 193.270999][ T9242] check_preemption_disabled+0x128/0x130 [ 193.276748][ T9242] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 193.287336][ T9242] trace_hardirqs_on+0x5b/0x1c0 [ 193.292220][ T9242] __bad_area_nosemaphore+0xc6/0x4f0 [ 193.296142][ T9246] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 193.297530][ T9242] do_user_addr_fault+0x852/0xbf0 [ 193.297560][ T9242] exc_page_fault+0xa8/0x190 [ 193.297585][ T9242] ? asm_exc_page_fault+0x8/0x30 [ 193.330717][ T9242] asm_exc_page_fault+0x1e/0x30 [ 193.335582][ T9242] RIP: 0033:0x4024cb [ 193.340275][ T9242] Code: 40 41 89 e8 4c 89 ef b9 11 80 00 00 c1 e6 04 03 73 64 8d 14 90 39 f2 48 0f 43 f2 45 31 c9 ba 03 00 00 00 e8 a7 b9 05 00 8b 33 <49> 89 07 41 89 e8 4c 89 e7 41 b9 00 00 00 10 b9 11 80 00 00 ba 03 [ 193.359896][ T9242] RSP: 002b:00007f733d969c00 EFLAGS: 00010217 [ 193.365988][ T9242] RAX: ffffffffffffffff RBX: 0000000020000040 RCX: 000000000045deaa [ 193.373976][ T9242] RDX: ffffffffffffffd4 RSI: 0000000000000000 RDI: 0000000020ffd000 [ 193.381974][ T9242] RBP: ffffffffffffffff R08: ffffffffffffffff R09: 0000000000000000 [ 193.389962][ T9242] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020ffd000 [ 193.397955][ T9242] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 [ 193.409034][ T9242] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9242 [ 193.418364][ T9242] caller is lockdep_hardirqs_on+0x34/0x110 [ 193.425538][ T9242] CPU: 1 PID: 9242 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 193.435015][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 193.445083][ T9242] Call Trace: [ 193.448398][ T9242] dump_stack+0x198/0x1fb [ 193.452760][ T9242] check_preemption_disabled+0x128/0x130 [ 193.458416][ T9242] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 193.465489][ T9242] lockdep_hardirqs_on+0x34/0x110 [ 193.470625][ T9242] __bad_area_nosemaphore+0xc6/0x4f0 [ 193.475943][ T9242] do_user_addr_fault+0x852/0xbf0 [ 193.481003][ T9242] exc_page_fault+0xa8/0x190 [ 193.485614][ T9242] ? asm_exc_page_fault+0x8/0x30 [ 193.490592][ T9242] asm_exc_page_fault+0x1e/0x30 [ 193.495462][ T9242] RIP: 0033:0x4024cb [ 193.499372][ T9242] Code: 40 41 89 e8 4c 89 ef b9 11 80 00 00 c1 e6 04 03 73 64 8d 14 90 39 f2 48 0f 43 f2 45 31 c9 ba 03 00 00 00 e8 a7 b9 05 00 8b 33 <49> 89 07 41 89 e8 4c 89 e7 41 b9 00 00 00 10 b9 11 80 00 00 ba 03 [ 193.518992][ T9242] RSP: 002b:00007f733d969c00 EFLAGS: 00010217 23:53:18 executing program 0: r0 = io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) [ 193.525083][ T9242] RAX: ffffffffffffffff RBX: 0000000020000040 RCX: 000000000045deaa [ 193.533084][ T9242] RDX: ffffffffffffffd4 RSI: 0000000000000000 RDI: 0000000020ffd000 [ 193.541071][ T9242] RBP: ffffffffffffffff R08: ffffffffffffffff R09: 0000000000000000 [ 193.549059][ T9242] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020ffd000 [ 193.557044][ T9242] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 [ 193.582508][ T9242] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9242 [ 193.591977][ T9242] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 193.598850][ T9242] CPU: 1 PID: 9242 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 193.608346][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 193.618418][ T9242] Call Trace: [ 193.621765][ T9242] dump_stack+0x198/0x1fb [ 193.626128][ T9242] check_preemption_disabled+0x128/0x130 [ 193.631790][ T9242] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 193.637531][ T9242] trace_hardirqs_on+0x5b/0x1c0 [ 193.642404][ T9242] __bad_area_nosemaphore+0xc6/0x4f0 [ 193.648250][ T9242] do_user_addr_fault+0x852/0xbf0 [ 193.653295][ T9242] exc_page_fault+0xa8/0x190 [ 193.657888][ T9242] ? asm_exc_page_fault+0x8/0x30 [ 193.662810][ T9242] asm_exc_page_fault+0x1e/0x30 [ 193.667646][ T9242] RIP: 0033:0x4024cb [ 193.671533][ T9242] Code: 40 41 89 e8 4c 89 ef b9 11 80 00 00 c1 e6 04 03 73 64 8d 14 90 39 f2 48 0f 43 f2 45 31 c9 ba 03 00 00 00 e8 a7 b9 05 00 8b 33 <49> 89 07 41 89 e8 4c 89 e7 41 b9 00 00 00 10 b9 11 80 00 00 ba 03 [ 193.691925][ T9242] RSP: 002b:00007f733d969c00 EFLAGS: 00010217 [ 193.697998][ T9242] RAX: ffffffffffffffff RBX: 0000000020000040 RCX: 000000000045deaa [ 193.706104][ T9242] RDX: ffffffffffffffd4 RSI: 0000000000000000 RDI: 0000000020ffd000 [ 193.717726][ T9242] RBP: ffffffffffffffff R08: ffffffffffffffff R09: 0000000000000000 [ 193.725692][ T9242] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020ffd000 [ 193.733791][ T9242] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 [ 193.742936][ T9242] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9242 [ 193.752658][ T9242] caller is lockdep_hardirqs_on+0x34/0x110 [ 193.758483][ T9242] CPU: 1 PID: 9242 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 193.767943][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 193.778022][ T9242] Call Trace: [ 193.781342][ T9242] dump_stack+0x198/0x1fb [ 193.785700][ T9242] check_preemption_disabled+0x128/0x130 [ 193.791366][ T9242] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 193.796848][ T9242] lockdep_hardirqs_on+0x34/0x110 [ 193.801899][ T9242] __bad_area_nosemaphore+0xc6/0x4f0 [ 193.807302][ T9242] do_user_addr_fault+0x852/0xbf0 [ 193.812370][ T9242] exc_page_fault+0xa8/0x190 [ 193.816979][ T9242] ? asm_exc_page_fault+0x8/0x30 [ 193.821949][ T9242] asm_exc_page_fault+0x1e/0x30 [ 193.826818][ T9242] RIP: 0033:0x4024cb [ 193.830726][ T9242] Code: 40 41 89 e8 4c 89 ef b9 11 80 00 00 c1 e6 04 03 73 64 8d 14 90 39 f2 48 0f 43 f2 45 31 c9 ba 03 00 00 00 e8 a7 b9 05 00 8b 33 <49> 89 07 41 89 e8 4c 89 e7 41 b9 00 00 00 10 b9 11 80 00 00 ba 03 [ 193.850356][ T9242] RSP: 002b:00007f733d969c00 EFLAGS: 00010217 [ 193.856445][ T9242] RAX: ffffffffffffffff RBX: 0000000020000040 RCX: 000000000045deaa [ 193.864455][ T9242] RDX: ffffffffffffffd4 RSI: 0000000000000000 RDI: 0000000020ffd000 [ 193.872437][ T9242] RBP: ffffffffffffffff R08: ffffffffffffffff R09: 0000000000000000 23:53:18 executing program 0: r0 = io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x856c, 0x9}) close(r0) 23:53:18 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000240)={@local, @random="37bed7386494", @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, 'on&', 0x0, 0x2f, 0x0, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x0, [0x0, 0x0], "823a8128e7570a1b86dd03b7c86f7767d253f4d732eff5541a04e143dbbe6f6d730178c51d7c2e4b62e8a8e10f3f2fe0281995364a1255d96ed66b4d92381c969332503fcdc3e7b19bb7b2556acdc6052401d9768fd314463218212024479ef76697570cf573cf4bd10aa6fdba100958660aaa564616f5c509c64320e8e807dad53d3b8e14aa5fd92b39475adfce7869bf5b5f60f84d0c11e4afedf3b4d00420d58b0cdfb14beaadb52b20874cc361e465ca645ad76d2f408a4674b8232c1ac1846a942a6883bcf25a2f3e54b94cd861ee"}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [], "5bbda687d6ac4d21234e268af0b23b76ba275ce380c116551e344b1ea1a65c587edb508ffe7a4d5b70bbd03c113289dc4dd5895622c7c0dc0b89f9e8daac69043e5b8353dbeb0bd6ee85815af0edd7f5bd990bee3166e935f94c4d099f41e997820394869bcb88cc65b2e4d3a0c7b44c5a8833602f6967002cfef1ecdf0f72c8d152c5b7d9e05a16ddd6510d2e2dac1baefff21b2dab4fa583fb26673fcc9de1d9802ca196eaa9a323b47517b67fdc28701a7bd68080257bee08756e9ad8df4e159345bd9ce46ace05b960c924bff072b06867443396f4ec8c133dd385864435cbc051191d881fd041b34c5d7875ea9dab9421c771fc1e5ddb804415f92e394ba40b04910099acc3820805942e79cc24c59b1bb0a12363d1dd7665fbc93390e5ad5186099338ee6255ead6d1723cec64719ea7ad03d018c5adf7c708f4c91d5c0ae7c653bd48c61caa2543125849d24642a976cea1ff9897cc3afc85b209f028e52071deb7ae681a3d047e621a0d310b97e1546239c234594fa0340dbaf8d2cfd2388beb289fe0ced380f3c91ecf04c6e3d6340992984fc78adf4e172aaa5bf77d96a7d42b6cdb2fce9d905db25121774fafeb7a33ce063f365505b5e57a678dc428cdd0404d462aa0efe2ecfe6dec25812eb465e2e48361359d116dbe978f3c44ba0f65fe44a04c5397be941a9b7c093f92037101068ff9a67eefdb7223d5c3c8e5db7ba74075881c37dfa50e463b4a2f54f9f745d19dcc980e15e4467a637adaf0bca2fd64854736a7dbc0d33762d170f3c63e2dbf53b0e7c07e003af6f9debfa0dcfc6650a879b30f467d1d09146d071fbd141401614787e3837eb62ec62e03e8304d7bef21bbe6f2c5ed37ee80aa4f4203f29fcd04864f882320087765b0e6e77052dd871da51520dc454044d41fa45c8eaeb2e97cec58cc68ce7587d44322662a0ff59e6e3e4c0c3a3f04029f19908984d93b15a2d47c1ca6309e9ce9a47ae4368745bc9b6cf21b28a57c99c6c116f888fc3aa84e732992dcc2fb7136be7847e58e453cfa613887aa3f9a6ab23d3b36d63c104eea234879fefd60b77c558a6c339a5caaa9b3ae1b96a55b4e4c46de44bb5bfbccbc639092a6797eed9550dd741296dcb0a0a386f9d739a436ec14e34135ef39f151115b747b6047176c2d91c10ce3c74c8f9463341df7762493a472e0674df985ad84f9f82440ab5655b8790cb1beadc0c4e3508c77b2f783538bc91f99d271dfc0fe324bed8e20c8d42dfcd54c972a8e305971265a965cf5dbd74e8d947422f54ccb9cdc28d10e5da0df066ab04bf6790526129cdfc01748ce16ec9835cc0f8d353a784891ed48f52a853901673c87a330dfd9fa7ec13dd0a88086cf466f497a16ea0c2628e39d4e6899f9a1e4b09b1b7721f41d5bfa9100381995ac50782794038440869ed5e9f66130d3e20b01a9eb7eb9c0d9d6b14e822ecc0476e6676963eae009b3d07b20c2dc106fab14fca842f75d53737fa5e66b13177f92daf47a5f12d540976696d0337231cff2a63434d93ea4a8190995fbc321acbf95330dea574635125210901b4ce75c8a4e5b0e8e6e0dcabbd99d3287e6a1850d7304f6904b8d5cf26570bd2d5bfd2d7c85c29636f627f7a60d0cc1c582994420c21479567d3e1819f026948c56d49a772a89fbc4cb6f00dae35946db23cba8ffc37fc44d58c18c0a951a95efde76d2fe1de6b1bc30481b2c3d35c9dbc9a07ac73df407098b2a7f68fc1b8738a3808f67f72124f767202b0be96c6828726d0df6875096991707d0ee5cebd08265435a80bfbc451695d250907ac6a3d7890ff2b958bc46164cc0fad56709754d3827a9b03bfd2c2304cfdcfb32584c14e684f209f7a74fa4f6b620ef2f357b161d298b5e65211f3074c04a5debd600008270ad68a52fb7831efd861da716694d7718ab18f32f8fb8940af451a9f86bde6793c5a045a957db4ad19e5d61521b201c377efa1f09e0a630ef1355c99f14f41a6fe16fb175fb888808826c216d53d932b02b062da6dbc5e612a24c37e79db81ffb467bdf788381724f68f8ff23059d30dc45b4b0812d85113c11198248111942693ff297ef57907d2f7b671acb5692b0f69c4f13d41e963ae59ba5c292787c147ace1dfc6c44194432bd0833ba7ac5c8517378a6d3460f9f3e196ccd1d0218517b30f3b68bcbd24cd04a9822670f98020e48f3219443ea462c99f554284645f5b8ad78f7ab46a73aefdc032415f69b7d807d94eda8436a1c18aa3e4a29c67b4f37bf37aedd48b434f900d1fbc0c0f762b3439073a6d8a301d7be5ff45965ec7c441d22ff5a98f2a37513a72124182eba770271b542529ad2a72511dc0639863334b611d4138340b80630abbc606f48674b3ed416e5a9d5c62cb19c75b76816fadf70c0393b91320b1c25f45cc703eaa07c8595d7ed06f18e3c0b429532aaec3eb5e9b8b8a61179126e2e778940756c176fe5c5b42e264eb874d58873dc91d82bf4175f648d2b9cd452fe8bcc561fce50aff1f9a6f7310f88440da06279959e91705036f86b209ed12c48af86630de08e237a4dd96747fc1b67fd88ceec43d8397dd686e7299ecf14c6949611dc61eac58520a49a1ba2aec766fac56f8c3e68088a7605e484415b72ec0607291aac2cbfaab77ef4f4f4de87848a7b979f984906546d9c4cbabd2463fcad26686aa69d1325f4581f2c7e9dc1807145006e39ffb2ad81fa1804e74950f3965447571d56b0bf921b32f444f80003631b82bd61f2b815b3e303cd68c7d24d4959b3df05e02ea6f764f0c9f3253d006dceedc8a66a7e661cca3e2fc851c32d996d94b152c723bdaf08c2984d426826c3f8179e348fdcf8de973bafb6ae563be1f7f6c6b5c48957fa4506405311af779e36736a0f3fc9972ad1712a79a35ff13d0cc46716c67ad62400b825f132dae245cbf8977d4f4ace16113c31f8c42b97cf1854247ef3cfd6cdea5a06bfd8b5af6c56288a58756494a21d11de35e7e1846e2e7fea5206b97b031dd92a94e19a8c58d4252b33fda8ef9e6e0abfc640afd21dade3a6389a584f488e3190a40451fdf2014eafb09c56c19eec0366d3b98d9e83955bf709b68030416fa25c6f0361fb31e17e0ed36d8d6ff741f97ba978f201d45fdb42b4c4a5fca6268adc716a9f91ad3eb219cb81254bc8f6bf88bb979a51a78ff206f761e281d7d10d90c99af9e83e7674ce3886fbdace841b45d9064899d1805886e69cda1accf47ce4847dda08d757ae5fdcb0a3fa17348097735f2dd46cfbfd7654b0bb4e2c01be781b07df6a33d33e6f53557b638edda7ca9f03a0085acf0b6e0494bf3094ca3f637fb039011f42f4e6fdaae8e735317785a3942ab43b38ad4758a924568d491542eebd2bee25d0a71588e3770ab2fb89f9c9650de33cde37320cc221223d78d652bbe2a8ac5aeb99267f71172ed530b7cf60b9cae59304ddb09a752176663907a6159b1f8763f321995f1141f73525f3e4b8e1ef68025afb2a3a921745eeeb35ed5930fc7c7c6bfe738cbb181298f3e14701d4674cb716a958b6dea719a4e8233d267d170b96a8fe2b05aa0e637bf0d6f4d9198e903c85cd9224e9468ef601795f3ed909acb4533db9789fb18efed0c2e5ac57cb24618b36b3400b569a5e07fd74bcb05f9ba259c4a3e0d316d7196b3087cade3579d8c884913777122b6c5076f50c082a6401716d3ffde08d9dc7cf7af611d6eb1bf81609a9aa8701e22c3b71ca97520bc8eaaea2bd8622414e27ff738ee54eaf69fbea38bedb03b99c0a6a207a2ba44852ae3476b581579037347aa9ce17e77978c5ae10171a4e47e419303777a71668363cbb8e3625ff0ac39377173c8df6208db5e3dd73a0198d44140e5088c5526e473c27862f27e282b6b3f9aafc2e080219296012360ee50a61a1ca84864b52d15a4e06c659f50d9f4605a84ff6f6b31b9ba1f29f07e286da4fd21d4d45f73a14bf71ba93a1ffb2593dcfef7c22d830dbde0b9096f17d1e9b57b588ad33504be8786313a4013565561f911d90b80b5701062b955fbb05c254eea927fbfa22c3c773ef4c96bd183351e0b088964ffb55a1fbe459f854dcd8fa5a9244b3ff74ecdec372a775e55a4d811816acd3e429c52777c4e824f76d42716e50e6778e95c5b8e33c3a598b1357664879b235c07eccada321b9a27b494087240273dd287f51e899bab9950ec102357d1690b5da0bd2caa46fe903e7e04a56980ca8b906fab9e5455e5df8665717243f3f9e0819edd236aa26745a92f14904bf2e8a4b66ded7b55d05c28692a82613e0925999e53f1637645e2bb660cf1783057f0d4e6492163a7e8ec28cfe19237d0f75c6010527e7a217196de5ce3417f8472805ddd652d4ac58490a0422ac9630344a96d0ae08b898a08e0c6c5be0dc7ffb08b55bb635226398ae29c065651326cfde801bd414b05303f9bddebba65ec147e129e8d4280501564f211371f48d66f92a552960563f113f4ea85bb5f0b0e8e02013208f958860c9d0888b05cb841a8bd9816d416dcb3e91abc1cc91032582d398efa741c8a830ae158ff9a05bd6de4ef37c6aefff6b6ce1afc3633f95c2e561b8885b4c2d179bb45212a78a0922997e977f369e54aa22e130961cd36910b32eaa601834bd3524e4de9d29dbea82813839d758634d584f7a0c15daa1e0ef0b2d10c9d041fba84d7420ec62dc5fd9db177c974adc5ab2a3f0616c362c18a767921ec54ec658952edf3e9f9c0cb0b6cdac40d3010bde55eed6b85c411307b7f8d2fecf1c1b01da12e6a6546562687f2385a357ab526951be048b4e30a3eb4063f8ed2cc6130f286fc5be8d5fde6eff9b91375e4bc00504e30ce7e513908f8fe51b81d7897aac3fb77452f3aa901b47d07afdb0cc2be7978f8b5e304491c81f72c3b2d57b9005343f2edd427ee4c45406325b2f3fa3966aa414070de4d57956307192a77bdedbdd2edf8825a9bd8d17dbfb0e8b6d8411548e5f9d770a14cc7b91e9640f0ecc640d8d5f1b8a222f2ad0582de1df2096006bd9459d8118721c71a683ac1700d8b436f10a34a1249ba3166d21bdc6a4db13c54cbd5e24d34326b571e8c0369d459540f8014e5ad28e443ce6a63027df3b998e40555398328e56b576fb368c3ae0e394b2f3993eeee9391b978a2b98b45c32393f70115db53579eb85a292f1bb3d68a4cf4cc7174d4ac6694fd8beee32eefab2408932a35c93f56647c49614349e95b15c2d17ec08c027c0c430b25186923244df4680bf4e8a6d9a43d82f5967024e4b2f3eb41f96aaa4eeee5144ceaa9040583839ecbcfd2443869ce85c430468a998c1f3361a7fd862df4f5bc7bc08d21dec1c7d87e3db9a6e75f7fb0f2e1b020d721e5fe8297cd599e6066a6bd2507b97a29e3920e71b2555ada3f11c8921e93f3019eed596227449fbbf9a001706ff432117a1ce98e0b95e887825aa1813d1f3ae7a9ecf05afdd65bf330967f7d5f1efb82128976a2d3c9ef76b9107495b9d71bd721ff37d741c10d7eeb0d38fef8838330ebf0973e0cfd94548a853fbd9af0480ad5f5d7439140e54030239ddcd16f00c9531b8fe4465f12dfb6e9e0cb58a8429917f29cfb00d4ac3138798982012f38388148a58ff10781f93c2ffcf6d876c442a869be621b60a901fe630dbacd1530c4fbb8ce5c282ea08e6dc7d0be1b9b8b01df7c64b9a6c24de17d346a704096c8ca5a8d94aab0e6748fbd0335036b411d5616f703174f6e23ff0f5acdb5a03999dfe7d902dba44f40baab840"}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x0], "21fbb96c9bca7a6d52427bf5e2dd72009fc678566ed1398486b1179d2526810e1816d91a7b58f6a9981876c339ff7d173cb2ba99580df7244d7127df5c084a0310a00bf091"}, {0x8, 0x88be, 0x3, {{0x6, 0x1, 0xad, 0x2, 0x0, 0x1, 0x7, 0x16}, 0x1, {0x8000}}}, {0x8, 0x22eb, 0x1, {{0x7, 0x2, 0x3, 0x3, 0x1, 0x1, 0x1, 0x49}, 0x2, {0x7f, 0x20, 0x2, 0x17, 0x0, 0x0, 0x2, 0x0, 0x1}}}, {0x8, 0x6558, 0x1, "ae22b9e269f8f11ce22fbebce2912518204e14dda94ec9dcb39c26d75e33e35def87ea77a3afe810be387ac30f6517433c4325c3d55014d67c3c7a91ce7a19d6340e4a4d13cffaef8883a112c5e3c83593b5cd19ab9744e1f74193afb3625e61156a69f15bdc9db73724cddfef05b0e941d692111e8d2238"}}}}}}}, 0x0) [ 193.880419][ T9242] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020ffd000 [ 193.888404][ T9242] R13: 0000000020ffd000 R14: 0000000000000000 R15: 0000000000000000 23:53:18 executing program 4: r0 = syz_io_uring_setup(0x7ed1, &(0x7f00000000c0), &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000003c0), 0x0) 23:53:18 executing program 2: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r1) 23:53:18 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20) 23:53:19 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x17, 0x0, 0x0, 0x9}, 0x40) 23:53:19 executing program 0: r0 = io_uring_setup(0x537c, 0x0) close(r0) 23:53:19 executing program 5: r0 = openat$vcs(0xffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x81, 0x0) write$nbd(r0, &(0x7f00000000c0)={0x67446698, 0x0, 0x0, 0x0, 0x0, "1a7ad69fc5342c5aa2711818efe4d4840af5d76c476bf8722e155cf451c79ab324e8b8a4f89bbce604c8af1bebcde26f583ff2e2f5f08988c6ef4e17f800d50977"}, 0x51) 23:53:19 executing program 4: io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f00000003c0), 0x0) 23:53:19 executing program 2: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0) 23:53:19 executing program 3: syz_emit_ethernet(0x7e, &(0x7f00000000c0)={@local, @empty, @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9d55cc", 0x44, 0x2f, 0x0, @private1, @private0}}}}, 0x0) 23:53:19 executing program 5: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$NL80211_CMD_LEAVE_IBSS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 23:53:19 executing program 2: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0) 23:53:19 executing program 0: r0 = io_uring_setup(0x537c, 0x0) close(r0) 23:53:19 executing program 3: set_mempolicy(0x2, &(0x7f0000000000)=0x7, 0x8) sync() 23:53:19 executing program 4: io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f00000003c0), 0x0) 23:53:19 executing program 1: syz_emit_ethernet(0x7e, &(0x7f0000000180)={@multicast, @dev, @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9d55cc", 0x44, 0x6, 0x0, @empty, @mcast2}}}}, 0x0) 23:53:19 executing program 5: perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x20712, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x12, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0) 23:53:19 executing program 0: r0 = io_uring_setup(0x537c, 0x0) close(r0) 23:53:19 executing program 2: r0 = syz_io_uring_setup(0x6b54, &(0x7f0000000040), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0) 23:53:19 executing program 3: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = timerfd_create(0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xb0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x400000000001, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = dup(r0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x6b}}) 23:53:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)={0x14, 0x0, 0x6, 0x301}, 0x14}}, 0x0) 23:53:19 executing program 4: io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f00000003c0), 0x0) 23:53:19 executing program 5: perf_event_open(&(0x7f0000000540)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bb, 0x20712, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x12, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x2d8, 0x1a4, 0x1a4, 0x40000, 0x1a4, 0x1a4, 0x244, 0x244, 0x244, 0x244, 0x244, 0x3, 0x0, {[{{@uncond=[0x0, 0xff, 0x48, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d], 0x0, 0x164, 0x1a4, 0xa, {0x9000000}, [@common=@inet=@recent0={{0xf4, 'recent\x00'}, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0xff00000000000000}}, @common=@inet=@SET2={0x30, 'SET\x00'}}], {{[], 0x1a8, 0x70, 0x94, 0x0, {0x4402}}, {0x24}}}}, 0x334) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0) 23:53:19 executing program 0: r0 = io_uring_setup(0x537c, &(0x7f0000000000)={0x0, 0x0, 0x9}) close(r0)