Warning: Permanently added '10.128.15.203' (ECDSA) to the list of known hosts. 2020/10/20 08:19:21 fuzzer started 2020/10/20 08:19:22 dialing manager at 10.128.0.26:38919 2020/10/20 08:19:22 syscalls: 3450 2020/10/20 08:19:22 code coverage: enabled 2020/10/20 08:19:22 comparison tracing: enabled 2020/10/20 08:19:22 extra coverage: enabled 2020/10/20 08:19:22 setuid sandbox: enabled 2020/10/20 08:19:22 namespace sandbox: enabled 2020/10/20 08:19:22 Android sandbox: /sys/fs/selinux/policy does not exist 2020/10/20 08:19:22 fault injection: enabled 2020/10/20 08:19:22 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/10/20 08:19:22 net packet injection: enabled 2020/10/20 08:19:22 net device setup: enabled 2020/10/20 08:19:22 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/10/20 08:19:22 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/10/20 08:19:22 USB emulation: enabled 2020/10/20 08:19:22 hci packet injection: enabled 2020/10/20 08:19:22 wifi device emulation: enabled 08:21:25 executing program 0: 08:21:25 executing program 1: r0 = syz_io_uring_setup(0x87, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000040)=0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 08:21:25 executing program 2: r0 = io_uring_setup(0x1, &(0x7f0000000100)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x2, 0x20000000, 0x0) write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000080)) 08:21:25 executing program 3: perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) madvise(&(0x7f000005b000/0x400000)=nil, 0x400000, 0xd) 08:21:26 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000003840)={&(0x7f0000003740)={0x10, 0x0, 0x0, 0x20280}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2091}, 0x0) close(r2) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_opts(r3, 0x0, 0x4, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "0dc0609a470f6d2c24405f490d485cb63581ea"}) bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) ioctl$VFIO_CHECK_EXTENSION(0xffffffffffffffff, 0x3b65, 0x7) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x100000, 0x0) 08:21:26 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, 0x0, 0x4000) openat$nvram(0xffffff9c, 0x0, 0x2000, 0x0) close(r2) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_opts(r3, 0x0, 0x4, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) openat$ipvs(0xffffff9c, 0x0, 0x2, 0x0) ioctl$VFIO_CHECK_EXTENSION(0xffffffffffffffff, 0x3b65, 0x7) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x100000, 0x0) socket(0x0, 0x5, 0x5) syzkaller login: [ 190.400863][ T6873] IPVS: ftp: loaded support on port[0] = 21 [ 190.654042][ T6875] IPVS: ftp: loaded support on port[0] = 21 [ 190.799363][ T6873] chnl_net:caif_netlink_parms(): no params data found [ 190.945193][ T6877] IPVS: ftp: loaded support on port[0] = 21 [ 191.013860][ T6873] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.043428][ T6873] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.069490][ T6873] device bridge_slave_0 entered promiscuous mode [ 191.138834][ T6879] IPVS: ftp: loaded support on port[0] = 21 [ 191.150754][ T6873] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.162216][ T6873] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.171915][ T6873] device bridge_slave_1 entered promiscuous mode [ 191.204299][ T6873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.244854][ T6873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.398927][ T6873] team0: Port device team_slave_0 added [ 191.434984][ T6873] team0: Port device team_slave_1 added [ 191.453239][ T6875] chnl_net:caif_netlink_parms(): no params data found [ 191.460380][ T6881] IPVS: ftp: loaded support on port[0] = 21 [ 191.508171][ T6873] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.515141][ T6873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.542196][ T6873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.573722][ T6873] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.581022][ T6873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.608806][ T6873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.716952][ T6873] device hsr_slave_0 entered promiscuous mode [ 191.724273][ T6873] device hsr_slave_1 entered promiscuous mode [ 191.795814][ T6875] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.805864][ T6875] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.814096][ T6875] device bridge_slave_0 entered promiscuous mode [ 191.874533][ T6875] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.890562][ T6875] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.908507][ T6875] device bridge_slave_1 entered promiscuous mode [ 192.025002][ T6879] chnl_net:caif_netlink_parms(): no params data found [ 192.054730][ T7008] IPVS: ftp: loaded support on port[0] = 21 [ 192.062990][ T6877] chnl_net:caif_netlink_parms(): no params data found [ 192.092664][ T6875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.104584][ T6875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 192.187344][ T6875] team0: Port device team_slave_0 added [ 192.231994][ T6875] team0: Port device team_slave_1 added [ 192.378398][ T2639] Bluetooth: hci0: command 0x0409 tx timeout [ 192.390270][ T6875] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.397244][ T6875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.438098][ T6875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.486484][ T6879] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.496599][ T6879] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.506932][ T6879] device bridge_slave_0 entered promiscuous mode [ 192.520114][ T6875] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.527106][ T6875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.553833][ T6875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.572181][ T6881] chnl_net:caif_netlink_parms(): no params data found [ 192.582591][ T6879] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.591179][ T6879] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.599659][ T6879] device bridge_slave_1 entered promiscuous mode [ 192.617716][ T12] Bluetooth: hci1: command 0x0409 tx timeout [ 192.684141][ T6877] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.691535][ T6877] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.700743][ T6877] device bridge_slave_0 entered promiscuous mode [ 192.727833][ T6875] device hsr_slave_0 entered promiscuous mode [ 192.734613][ T6875] device hsr_slave_1 entered promiscuous mode [ 192.743100][ T6875] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 192.751656][ T6875] Cannot create hsr debugfs directory [ 192.763663][ T6879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.784323][ T6877] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.794428][ T6877] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.804397][ T6877] device bridge_slave_1 entered promiscuous mode [ 192.845343][ T6879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 192.858097][ T7260] Bluetooth: hci2: command 0x0409 tx timeout [ 192.924209][ T6873] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 192.948919][ T6879] team0: Port device team_slave_0 added [ 192.957286][ T6881] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.966521][ T6881] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.975915][ T6881] device bridge_slave_0 entered promiscuous mode [ 192.985630][ T6877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 193.007176][ T6877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 193.018762][ T6879] team0: Port device team_slave_1 added [ 193.024589][ T6873] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 193.085517][ T6881] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.094643][ T6881] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.110205][ T2639] Bluetooth: hci3: command 0x0409 tx timeout [ 193.111242][ T6881] device bridge_slave_1 entered promiscuous mode [ 193.141625][ T6873] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 193.192176][ T6873] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 193.214454][ T7008] chnl_net:caif_netlink_parms(): no params data found [ 193.233262][ T6877] team0: Port device team_slave_0 added [ 193.260328][ T6879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 193.267294][ T6879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.294872][ T6879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 193.313119][ T6879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 193.320186][ T6879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.346452][ T6879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 193.347587][ T7260] Bluetooth: hci4: command 0x0409 tx timeout [ 193.369895][ T6877] team0: Port device team_slave_1 added [ 193.381542][ T6881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 193.451003][ T6881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 193.473507][ T6877] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 193.480959][ T6877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.508149][ T6877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 193.529162][ T6877] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 193.536116][ T6877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.563126][ T6877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 193.596579][ T6881] team0: Port device team_slave_0 added [ 193.616444][ T6879] device hsr_slave_0 entered promiscuous mode [ 193.626904][ T6879] device hsr_slave_1 entered promiscuous mode [ 193.634095][ T6879] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 193.642075][ T6879] Cannot create hsr debugfs directory [ 193.677602][ T6881] team0: Port device team_slave_1 added [ 193.719072][ T6877] device hsr_slave_0 entered promiscuous mode [ 193.726165][ T6877] device hsr_slave_1 entered promiscuous mode [ 193.733632][ T6877] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 193.741963][ T6877] Cannot create hsr debugfs directory [ 193.802466][ T6881] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 193.810960][ T6881] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.837250][ T6881] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 193.915037][ T6881] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 193.923679][ T6881] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.950405][ T6881] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 193.973523][ T7008] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.982126][ T7008] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.989699][ T7260] Bluetooth: hci5: command 0x0409 tx timeout [ 193.996727][ T7008] device bridge_slave_0 entered promiscuous mode [ 194.035144][ T7008] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.042428][ T7008] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.051788][ T7008] device bridge_slave_1 entered promiscuous mode [ 194.082802][ T6875] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 194.145051][ T6875] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 194.171038][ T7008] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.189214][ T7008] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.210124][ T6875] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 194.226651][ T6875] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 194.244935][ T6881] device hsr_slave_0 entered promiscuous mode [ 194.252399][ T6881] device hsr_slave_1 entered promiscuous mode [ 194.259882][ T6881] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 194.268409][ T6881] Cannot create hsr debugfs directory [ 194.356425][ T7008] team0: Port device team_slave_0 added [ 194.411035][ T7008] team0: Port device team_slave_1 added [ 194.457824][ T2639] Bluetooth: hci0: command 0x041b tx timeout [ 194.534923][ T7008] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.543904][ T7008] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.581968][ T7008] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.616992][ T6873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.624006][ T6879] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 194.645612][ T6879] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 194.663043][ T7008] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.670369][ T7008] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.696971][ T7008] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.717708][ T7260] Bluetooth: hci1: command 0x041b tx timeout [ 194.733400][ T6879] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 194.769777][ T6873] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.798847][ T6879] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 194.826495][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 194.835630][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 194.868031][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 194.876659][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 194.888287][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.895525][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.905742][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 194.927163][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 194.936878][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.944002][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.947585][ T2639] Bluetooth: hci2: command 0x041b tx timeout [ 194.961231][ T7008] device hsr_slave_0 entered promiscuous mode [ 194.970167][ T7008] device hsr_slave_1 entered promiscuous mode [ 194.976638][ T7008] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 194.984533][ T7008] Cannot create hsr debugfs directory [ 195.025792][ T6875] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.044548][ T6877] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 195.055381][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 195.068166][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 195.076738][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 195.135929][ T6875] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.143024][ T6877] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 195.154097][ T6877] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 195.173900][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 195.187684][ T2639] Bluetooth: hci3: command 0x041b tx timeout [ 195.190194][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 195.204729][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 195.215574][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 195.231908][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 195.264939][ T6877] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 195.284998][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 195.296170][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 195.305582][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 195.314629][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 195.323616][ T2648] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.330746][ T2648] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.338986][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 195.347970][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 195.356322][ T2648] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.363437][ T2648] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.383984][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 195.392035][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 195.404506][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 195.414227][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 195.434630][ T7260] Bluetooth: hci4: command 0x041b tx timeout [ 195.445043][ T6873] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 195.462204][ T6873] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 195.478488][ T6881] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 195.490848][ T6881] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 195.506303][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 195.516749][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 195.527226][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 195.558641][ T6881] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 195.571832][ T6881] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 195.583418][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 195.596337][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 195.623073][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 195.633483][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 195.642565][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 195.652062][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 195.661009][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 195.669618][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 195.678323][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 195.694839][ T6873] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.739997][ T6875] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 195.762092][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 195.770150][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 195.833798][ T7260] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 195.842767][ T7260] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 195.914373][ T7260] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 195.928021][ T7260] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 195.969176][ T6875] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.982297][ T6873] device veth0_vlan entered promiscuous mode [ 196.010118][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 196.020222][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 196.035717][ T6879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.052984][ T6873] device veth1_vlan entered promiscuous mode [ 196.067934][ T2639] Bluetooth: hci5: command 0x041b tx timeout [ 196.083899][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 196.096239][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 196.104665][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 196.133952][ T7008] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 196.147619][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 196.155487][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 196.192643][ T6881] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.201563][ T6879] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.210796][ T7008] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 196.231277][ T7008] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 196.274134][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 196.283739][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 196.294042][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 196.304950][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 196.315554][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 196.323812][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 196.337145][ T7008] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 196.356663][ T6873] device veth0_macvtap entered promiscuous mode [ 196.374507][ T6881] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.385729][ T6877] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.415650][ T6873] device veth1_macvtap entered promiscuous mode [ 196.436365][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 196.447197][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 196.463291][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 196.473962][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 196.486686][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.493815][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.502297][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 196.511205][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 196.520034][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.527063][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.534882][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 196.545251][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 196.547595][ T2639] Bluetooth: hci0: command 0x040f tx timeout [ 196.553849][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.566306][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.576345][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 196.584973][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 196.605700][ T6875] device veth0_vlan entered promiscuous mode [ 196.627431][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 196.636034][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 196.646253][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.653422][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.662286][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 196.670952][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 196.680429][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 196.712277][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 196.721585][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 196.730777][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 196.740276][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 196.749675][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 196.758913][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 196.767825][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 196.792072][ T2639] Bluetooth: hci1: command 0x040f tx timeout [ 196.806663][ T6881] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 196.821599][ T6881] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 196.845477][ T6875] device veth1_vlan entered promiscuous mode [ 196.855845][ T6873] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.873986][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 196.882274][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 196.891887][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 196.900193][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 196.908479][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 196.916978][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 196.926554][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 196.935096][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 196.943953][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 196.952530][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 196.961221][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 196.970170][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 196.978887][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 196.987577][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 196.999801][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 197.010514][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 197.018856][ T2639] Bluetooth: hci2: command 0x040f tx timeout [ 197.053974][ T6877] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.078397][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 197.086403][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 197.128851][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 197.147094][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 197.155823][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 197.180731][ T6873] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.207035][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 197.216622][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 197.232568][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 197.242722][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 197.255806][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 197.264662][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 197.267578][ T8177] Bluetooth: hci3: command 0x040f tx timeout [ 197.302536][ T6873] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.312093][ T6873] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.335272][ T6873] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.352302][ T6873] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.369921][ T6881] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 197.381361][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 197.395203][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 197.404907][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.412036][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.424795][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 197.433755][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 197.442627][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.449791][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.459429][ T6879] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 197.467439][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 197.525065][ T37] Bluetooth: hci4: command 0x040f tx timeout [ 197.545004][ T6879] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 197.554432][ T8177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 197.564425][ T8177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 197.573352][ T8177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 197.582471][ T8177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 197.590513][ T8177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 197.598223][ T8177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 197.643270][ T6875] device veth0_macvtap entered promiscuous mode [ 197.659138][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 197.669750][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 197.682363][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 197.723470][ T6875] device veth1_macvtap entered promiscuous mode [ 197.742640][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 197.751932][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 197.761758][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 197.771557][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 197.781026][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 197.790736][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 197.832625][ T7008] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.847687][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 197.859299][ T2639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 197.930209][ T6877] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 197.977784][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 197.997107][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 198.076342][ T6875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 198.097503][ T6875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.123647][ T6875] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 198.138832][ T2639] Bluetooth: hci5: command 0x040f tx timeout [ 198.155835][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 198.164890][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 198.176647][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 198.185381][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 198.195599][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 198.204876][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 198.230242][ T7008] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.253348][ T6879] device veth0_vlan entered promiscuous mode [ 198.263271][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 198.272626][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 198.283779][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 198.293136][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 198.314188][ T6875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 198.325247][ T6875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.337060][ T6875] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 198.363861][ T6877] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.371497][ T386] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 198.391331][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 198.402085][ T386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.402554][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 198.417844][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 198.426292][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 198.435861][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 198.445392][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 198.454643][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 198.464367][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 198.473586][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.480713][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.490163][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 198.498652][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 198.506476][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 198.514859][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 198.532061][ T8177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 198.565528][ T8177] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 198.575295][ T8177] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.582412][ T8177] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.591880][ T6879] device veth1_vlan entered promiscuous mode [ 198.618359][ T6881] device veth0_vlan entered promiscuous mode [ 198.629037][ T2639] Bluetooth: hci0: command 0x0419 tx timeout [ 198.653446][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 198.664965][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 198.690325][ T6875] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.700609][ T6875] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.709914][ T6875] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.719474][ T6875] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.755338][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 198.764835][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 198.788185][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 198.796962][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 198.807856][ T21] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 198.815869][ T21] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.845638][ T6881] device veth1_vlan entered promiscuous mode [ 198.863274][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 198.871137][ T37] Bluetooth: hci1: command 0x0419 tx timeout [ 198.873263][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 198.886646][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 198.896313][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 198.905410][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 198.914421][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 198.922980][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 198.932034][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 198.941201][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 198.950423][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 198.960131][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 198.969784][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 198.979305][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 198.989741][ T7008] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 199.035243][ T6879] device veth0_macvtap entered promiscuous mode 08:21:35 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x17, 0x0, 0x1003ff, 0x4, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x40) [ 199.099286][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 199.110645][ T2639] Bluetooth: hci2: command 0x0419 tx timeout [ 199.118046][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 199.138446][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 199.146903][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 199.199888][ T6877] device veth0_vlan entered promiscuous mode [ 199.211124][ T6879] device veth1_macvtap entered promiscuous mode [ 199.240398][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 199.252268][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 199.272635][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 199.337473][ T37] Bluetooth: hci3: command 0x0419 tx timeout [ 199.372847][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 08:21:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) [ 199.391360][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 199.403883][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 199.426802][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 199.465827][ T8220] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 199.490777][ T6879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 199.510508][ T6879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.532214][ T6879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 199.555266][ T6879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.578213][ T37] Bluetooth: hci4: command 0x0419 tx timeout [ 199.592083][ T6879] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 199.610814][ T6881] device veth0_macvtap entered promiscuous mode [ 199.627924][ T6877] device veth1_vlan entered promiscuous mode [ 199.662646][ T7008] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.787014][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 199.801129][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 199.837966][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 199.865526][ T7] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 199.891414][ T6879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 199.904426][ T7] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 199.927003][ T6879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.945496][ T6879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 199.958267][ T6879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.971667][ T6879] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 199.985586][ T6881] device veth1_macvtap entered promiscuous mode [ 200.015105][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 200.034807][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 200.070050][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 200.099000][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 08:21:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) [ 200.131330][ T6879] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.154648][ T6879] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.170466][ T6879] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.179689][ T6879] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.225627][ T2639] Bluetooth: hci5: command 0x0419 tx timeout [ 200.281857][ T6881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 200.324360][ T6881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.356639][ T6881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 200.392683][ T6881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.411990][ T6881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 200.425989][ T6881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.444563][ T6881] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.476217][ T6877] device veth0_macvtap entered promiscuous mode [ 200.508979][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 200.525586][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 200.547828][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 200.576971][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 200.610433][ T6881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 200.628647][ T7] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.636673][ T7] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.657338][ T6881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.667154][ T6881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 08:21:36 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000003d00)={0x9, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) [ 200.678596][ T6881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.689073][ T6881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 200.707797][ T6881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 08:21:36 executing program 0: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0xe303}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x1) [ 200.742620][ T6881] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.768789][ T6877] device veth1_macvtap entered promiscuous mode [ 200.794586][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 200.808474][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 200.840497][ T8260] xt_CT: You must specify a L4 protocol and not use inversions on it [ 200.849612][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 200.864165][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 200.879588][ T8265] xt_CT: You must specify a L4 protocol and not use inversions on it 08:21:36 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) recvmmsg(r0, &(0x7f0000005b40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002061, 0x0) [ 200.903699][ T6881] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.926052][ T6881] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.940417][ T6881] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.972294][ T6881] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 08:21:37 executing program 0: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000240)=[{&(0x7f0000000180)='G', 0x1, 0x7fff}], 0x0, 0x0) [ 201.080214][ T6877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.110506][ T6877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.144261][ T6877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.162638][ T6877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.176623][ T8273] [ 201.180064][ T8273] ============================= [ 201.188573][ T8273] WARNING: suspicious RCU usage [ 201.191556][ T8276] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8276 [ 201.196186][ T8273] 5.9.0-next-20201016-syzkaller #0 Not tainted [ 201.202829][ T8276] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 201.202849][ T8276] CPU: 0 PID: 8276 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 201.202866][ T8276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.213582][ T6877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.215475][ T8276] Call Trace: [ 201.215504][ T8276] dump_stack+0x198/0x1fb [ 201.215539][ T8276] check_preemption_disabled+0x128/0x130 [ 201.226889][ T6877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.235009][ T8276] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 201.235029][ T8276] trace_hardirqs_on+0x5b/0x1c0 [ 201.235050][ T8276] __bad_area_nosemaphore+0xc6/0x4f0 [ 201.235076][ T8276] do_user_addr_fault+0x852/0xbf0 [ 201.235104][ T8276] exc_page_fault+0xa8/0x190 [ 201.248140][ T8273] ----------------------------- [ 201.248757][ T8276] ? asm_exc_page_fault+0x8/0x30 [ 201.253163][ T8273] include/linux/cgroup.h:494 suspicious rcu_dereference_check() usage! [ 201.258676][ T8276] asm_exc_page_fault+0x1e/0x30 [ 201.258690][ T8276] RIP: 0033:0x402d28 [ 201.258708][ T8276] Code: 00 00 48 89 7c 24 f8 48 89 74 24 f0 48 89 54 24 e8 48 89 4c 24 e0 48 8b 74 24 f8 4c 8b 4c 24 f0 48 8b 4c 24 e8 48 8b 54 24 e0 <8b> 86 0c 01 00 00 44 8b 86 08 01 00 00 c1 e0 04 8d b8 7f 01 00 00 [ 201.258717][ T8276] RSP: 002b:00007fb60fed2c68 EFLAGS: 00010216 [ 201.258734][ T8276] RAX: 0000000000402d00 RBX: 000000000118bfc8 RCX: 0000000020000200 [ 201.258744][ T8276] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 201.258753][ T8276] RBP: 000000000118c010 R08: 0000000000000000 R09: 0000000000000000 [ 201.258762][ T8276] R10: 0000000000000004 R11: 0000000000000246 R12: 000000000118bfd4 [ 201.258781][ T8276] R13: 00007ffe4373089f R14: 00007fb60fed39c0 R15: 000000000118bfd4 [ 201.274048][ T6877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 201.275953][ T8276] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8276 [ 201.289335][ T8273] [ 201.289335][ T8273] other info that might help us debug this: [ 201.289335][ T8273] [ 201.290307][ T8276] caller is lockdep_hardirqs_on+0x34/0x110 [ 201.299365][ T6877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.299778][ T8276] CPU: 0 PID: 8276 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 201.310245][ T8273] [ 201.310245][ T8273] rcu_scheduler_active = 2, debug_locks = 1 [ 201.312871][ T8276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.312877][ T8276] Call Trace: [ 201.312899][ T8276] dump_stack+0x198/0x1fb [ 201.312922][ T8276] check_preemption_disabled+0x128/0x130 [ 201.312952][ T8276] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 201.329325][ T6877] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.341261][ T8276] lockdep_hardirqs_on+0x34/0x110 [ 201.341282][ T8276] __bad_area_nosemaphore+0xc6/0x4f0 [ 201.341308][ T8276] do_user_addr_fault+0x852/0xbf0 [ 201.341332][ T8276] exc_page_fault+0xa8/0x190 [ 201.341353][ T8276] ? asm_exc_page_fault+0x8/0x30 [ 201.350752][ T8273] no locks held by syz-executor.1/8273. [ 201.355348][ T8276] asm_exc_page_fault+0x1e/0x30 [ 201.355362][ T8276] RIP: 0033:0x402d28 [ 201.355380][ T8276] Code: 00 00 48 89 7c 24 f8 48 89 74 24 f0 48 89 54 24 e8 48 89 4c 24 e0 48 8b 74 24 f8 4c 8b 4c 24 f0 48 8b 4c 24 e8 48 8b 54 24 e0 <8b> 86 0c 01 00 00 44 8b 86 08 01 00 00 c1 e0 04 8d b8 7f 01 00 00 [ 201.355390][ T8276] RSP: 002b:00007fb60fed2c68 EFLAGS: 00010216 [ 201.355413][ T8276] RAX: 0000000000402d00 RBX: 000000000118bfc8 RCX: 0000000020000200 [ 201.372332][ T8273] [ 201.372332][ T8273] stack backtrace: [ 201.379266][ T8276] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 201.379276][ T8276] RBP: 000000000118c010 R08: 0000000000000000 R09: 0000000000000000 [ 201.379286][ T8276] R10: 0000000000000004 R11: 0000000000000246 R12: 000000000118bfd4 [ 201.379297][ T8276] R13: 00007ffe4373089f R14: 00007fb60fed39c0 R15: 000000000118bfd4 [ 201.428363][ T8279] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8279 [ 201.476476][ T8279] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 201.476498][ T8279] CPU: 0 PID: 8279 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 201.476509][ T8279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.476515][ T8279] Call Trace: [ 201.476544][ T8279] dump_stack+0x198/0x1fb [ 201.476568][ T8279] check_preemption_disabled+0x128/0x130 [ 201.476590][ T8279] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 201.542694][ T7008] device veth0_vlan entered promiscuous mode [ 201.547958][ T8279] trace_hardirqs_on+0x5b/0x1c0 [ 201.547980][ T8279] __bad_area_nosemaphore+0xc6/0x4f0 [ 201.548006][ T8279] do_user_addr_fault+0x852/0xbf0 [ 201.548041][ T8279] exc_page_fault+0xa8/0x190 [ 201.585799][ T7008] device veth1_vlan entered promiscuous mode [ 201.591800][ T8279] ? asm_exc_page_fault+0x8/0x30 [ 201.591818][ T8279] asm_exc_page_fault+0x1e/0x30 [ 201.591831][ T8279] RIP: 0033:0x43c496 [ 201.591848][ T8279] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 201.591858][ T8279] RSP: 002b:00007f9533859a88 EFLAGS: 00010293 [ 201.591873][ T8279] RAX: 0000000000000000 RBX: 00007f9533859b20 RCX: 0000000000000000 [ 201.591890][ T8279] RDX: 0000000000000003 RSI: 00000000000001ff RDI: 0000000000000000 [ 201.684500][ T7008] device veth0_macvtap entered promiscuous mode [ 201.685592][ T8279] RBP: 00007f9533859ae0 R08: 0000000020000258 R09: 0000000000000000 [ 201.685603][ T8279] R10: 0000000000007fff R11: 0000000000000213 R12: 0000000000000000 [ 201.685613][ T8279] R13: 0000000000000000 R14: 0000000020000240 R15: 0000000000000000 [ 201.685724][ T8279] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8279 [ 201.728766][ T8273] CPU: 1 PID: 8273 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 201.733091][ T8279] caller is lockdep_hardirqs_on+0x34/0x110 [ 201.741004][ T8273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.741010][ T8273] Call Trace: [ 201.741029][ T8273] dump_stack+0x198/0x1fb [ 201.741050][ T8273] io_init_identity+0x3a9/0x450 [ 201.741069][ T8273] io_uring_alloc_task_context+0x176/0x250 [ 201.741085][ T8273] io_uring_add_task_file+0x10d/0x180 [ 201.741107][ T8273] io_uring_setup+0x2727/0x3660 [ 201.833966][ T8273] ? io_sq_thread+0x1400/0x1400 [ 201.838810][ T8273] ? io_issue_sqe+0x3d80/0x3d80 [ 201.843644][ T8273] ? io_uring_poll+0x2a0/0x2a0 [ 201.848395][ T8273] ? put_timespec64+0xcb/0x120 [ 201.853146][ T8273] ? ns_to_timespec64+0xc0/0xc0 [ 201.857998][ T8273] ? check_preemption_disabled+0x50/0x130 [ 201.863703][ T8273] ? syscall_enter_from_user_mode+0x1d/0x60 [ 201.869599][ T8273] do_syscall_64+0x2d/0x70 [ 201.874002][ T8273] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 201.879894][ T8273] RIP: 0033:0x45de59 [ 201.883777][ T8273] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 201.903470][ T8273] RSP: 002b:00007fb60fef3bf8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9 [ 201.911872][ T8273] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 000000000045de59 [ 201.919828][ T8273] RDX: 00000000206d4000 RSI: 0000000020000080 RDI: 0000000000000087 [ 201.927804][ T8273] RBP: 000000000118bf78 R08: 0000000020000040 R09: 0000000020000040 [ 201.935774][ T8273] R10: 0000000020000140 R11: 0000000000000206 R12: 00000000206d4000 [ 201.943735][ T8273] R13: 0000000020ee7000 R14: 0000000020000040 R15: 0000000020000140 [ 201.951712][ T8279] CPU: 0 PID: 8279 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 201.961166][ T8279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.971223][ T8279] Call Trace: [ 201.974524][ T8279] dump_stack+0x198/0x1fb [ 201.978871][ T8279] check_preemption_disabled+0x128/0x130 [ 201.984516][ T8279] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 201.989976][ T8279] lockdep_hardirqs_on+0x34/0x110 [ 201.994989][ T8279] __bad_area_nosemaphore+0xc6/0x4f0 [ 202.000265][ T8279] do_user_addr_fault+0x852/0xbf0 [ 202.005283][ T8279] exc_page_fault+0xa8/0x190 [ 202.009876][ T8279] ? asm_exc_page_fault+0x8/0x30 [ 202.014798][ T8279] asm_exc_page_fault+0x1e/0x30 [ 202.019629][ T8279] RIP: 0033:0x43c496 [ 202.023518][ T8279] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 202.043104][ T8279] RSP: 002b:00007f9533859a88 EFLAGS: 00010293 [ 202.049158][ T8279] RAX: 0000000000000000 RBX: 00007f9533859b20 RCX: 0000000000000000 [ 202.057112][ T8279] RDX: 0000000000000003 RSI: 00000000000001ff RDI: 0000000000000000 [ 202.065066][ T8279] RBP: 00007f9533859ae0 R08: 0000000020000258 R09: 0000000000000000 [ 202.073019][ T8279] R10: 0000000000007fff R11: 0000000000000213 R12: 0000000000000000 [ 202.080974][ T8279] R13: 0000000000000000 R14: 0000000020000240 R15: 0000000000000000 [ 202.098412][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 202.117422][ T8286] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8286 [ 202.126738][ T8286] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 202.133317][ T8286] CPU: 0 PID: 8286 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 202.142771][ T8286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.152829][ T8286] Call Trace: [ 202.156132][ T8286] dump_stack+0x198/0x1fb [ 202.160486][ T8286] check_preemption_disabled+0x128/0x130 [ 202.166137][ T8286] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 202.171874][ T8286] trace_hardirqs_on+0x5b/0x1c0 [ 202.176746][ T8286] __bad_area_nosemaphore+0xc6/0x4f0 [ 202.182055][ T8286] do_user_addr_fault+0x852/0xbf0 [ 202.187102][ T8286] exc_page_fault+0xa8/0x190 [ 202.191700][ T8286] ? asm_exc_page_fault+0x8/0x30 [ 202.196646][ T8286] asm_exc_page_fault+0x1e/0x30 [ 202.201502][ T8286] RIP: 0033:0x402d28 [ 202.205409][ T8286] Code: 00 00 48 89 7c 24 f8 48 89 74 24 f0 48 89 54 24 e8 48 89 4c 24 e0 48 8b 74 24 f8 4c 8b 4c 24 f0 48 8b 4c 24 e8 48 8b 54 24 e0 <8b> 86 0c 01 00 00 44 8b 86 08 01 00 00 c1 e0 04 8d b8 7f 01 00 00 [ 202.225018][ T8286] RSP: 002b:00007fb60fe90c68 EFLAGS: 00010216 [ 202.231098][ T8286] RAX: 0000000000402d00 RBX: 000000000118c118 RCX: 0000000020000200 [ 202.239077][ T8286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 202.247051][ T8286] RBP: 000000000118c160 R08: 0000000000000000 R09: 0000000000000000 [ 202.255028][ T8286] R10: 00007fb60fe919d0 R11: 0000000000000246 R12: 000000000118c124 [ 202.263008][ T8286] R13: 00007ffe4373089f R14: 00007fb60fe919c0 R15: 000000000118c124 [ 202.271085][ T8286] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8286 [ 202.280436][ T8286] caller is lockdep_hardirqs_on+0x34/0x110 [ 202.286249][ T8286] CPU: 0 PID: 8286 Comm: syz-executor.1 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 202.295707][ T8286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.305762][ T8286] Call Trace: [ 202.309037][ T8286] dump_stack+0x198/0x1fb [ 202.313378][ T8286] check_preemption_disabled+0x128/0x130 [ 202.319000][ T8286] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 202.324445][ T8286] lockdep_hardirqs_on+0x34/0x110 [ 202.329479][ T8286] __bad_area_nosemaphore+0xc6/0x4f0 [ 202.334761][ T8286] do_user_addr_fault+0x852/0xbf0 [ 202.339789][ T8286] exc_page_fault+0xa8/0x190 [ 202.344361][ T8286] ? asm_exc_page_fault+0x8/0x30 [ 202.349290][ T8286] asm_exc_page_fault+0x1e/0x30 [ 202.354131][ T8286] RIP: 0033:0x402d28 [ 202.358026][ T8286] Code: 00 00 48 89 7c 24 f8 48 89 74 24 f0 48 89 54 24 e8 48 89 4c 24 e0 48 8b 74 24 f8 4c 8b 4c 24 f0 48 8b 4c 24 e8 48 8b 54 24 e0 <8b> 86 0c 01 00 00 44 8b 86 08 01 00 00 c1 e0 04 8d b8 7f 01 00 00 [ 202.377611][ T8286] RSP: 002b:00007fb60fe90c68 EFLAGS: 00010216 [ 202.383662][ T8286] RAX: 0000000000402d00 RBX: 000000000118c118 RCX: 0000000020000200 [ 202.391617][ T8286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 202.399576][ T8286] RBP: 000000000118c160 R08: 0000000000000000 R09: 0000000000000000 [ 202.407539][ T8286] R10: 00007fb60fe919d0 R11: 0000000000000246 R12: 000000000118c124 [ 202.415491][ T8286] R13: 00007ffe4373089f R14: 00007fb60fe919c0 R15: 000000000118c124 [ 202.423928][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 202.436097][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 202.446909][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 202.455779][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 202.464333][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 202.473237][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 202.481474][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 202.498022][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 202.506819][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 08:21:38 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x8932, &(0x7f0000000200)={'gre0\x00', 0x0}) [ 202.541443][ T6877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 202.579940][ T6877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.614384][ T6877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 202.626946][ T6877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.639553][ T6877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 202.651504][ T6877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.663911][ T6877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 202.675277][ T6877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.686899][ T6877] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 202.713538][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 202.722243][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 202.731864][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 202.741908][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 202.752471][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 202.792078][ T7008] device veth1_macvtap entered promiscuous mode [ 202.806186][ T6877] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.821090][ T6877] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.833659][ T6877] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.847561][ T6877] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.888180][ T7] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.896143][ T7] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.986221][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.013572][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.037280][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.077272][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.087105][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.137224][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.147056][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.179400][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.197947][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.210256][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.223294][ T7008] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.266822][ T386] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.279283][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 203.288682][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 203.297258][ T386] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.305787][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 203.315302][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 203.351006][ T386] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.375928][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.393915][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.407103][ T386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.414775][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.448460][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.477429][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.490216][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.537258][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.567196][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.577019][ T7008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.606449][ T7008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.618955][ T7008] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.640627][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 203.659689][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 203.671302][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 203.685980][ T7008] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.695894][ T7008] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.704725][ T7008] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.713571][ T7008] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.764445][ T386] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.780321][ T386] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.815089][ T7962] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 203.839567][ T386] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.861219][ T386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.930618][ T2648] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 203.988375][ T21] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.996362][ T21] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.021315][ T7] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.038778][ T7] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.055585][ C1] hrtimer: interrupt took 40785 ns [ 204.142966][ T7962] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 204.165127][ T7962] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 204.230210][ T7] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.276876][ T7] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.369719][ T8182] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 08:21:40 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x2, 0x0) read$FUSE(r0, &(0x7f0000000840)={0x2020, 0x0, 0x0}, 0x2020) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x2, 0x0) read$FUSE(r2, &(0x7f0000000840)={0x2020}, 0x2020) write$FUSE_IOCTL(r2, &(0x7f00000000c0)={0x20, 0x0, r1}, 0x20) 08:21:40 executing program 0: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000002ac0)=[{&(0x7f0000002940)='v', 0x1}], 0x0, 0x0) [ 204.714966][ T8394] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8394 [ 204.724573][ T8394] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 204.731293][ T8394] CPU: 0 PID: 8394 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 204.740756][ T8394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 204.750819][ T8394] Call Trace: [ 204.754120][ T8394] dump_stack+0x198/0x1fb [ 204.758562][ T8394] check_preemption_disabled+0x128/0x130 [ 204.764224][ T8394] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 204.769960][ T8394] trace_hardirqs_on+0x5b/0x1c0 [ 204.774830][ T8394] __bad_area_nosemaphore+0xc6/0x4f0 [ 204.780140][ T8394] do_user_addr_fault+0x852/0xbf0 [ 204.785190][ T8394] exc_page_fault+0xa8/0x190 [ 204.789796][ T8394] ? asm_exc_page_fault+0x8/0x30 [ 204.794741][ T8394] asm_exc_page_fault+0x1e/0x30 [ 204.799608][ T8394] RIP: 0033:0x43c496 08:21:40 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000003840)={&(0x7f0000003740)={0x10, 0x0, 0x0, 0x20280}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2091}, 0x0) close(r2) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_opts(r3, 0x0, 0x4, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "0dc0609a470f6d2c24405f490d485cb63581ea"}) bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) ioctl$VFIO_CHECK_EXTENSION(0xffffffffffffffff, 0x3b65, 0x7) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x100000, 0x0) [ 204.803519][ T8394] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 204.823130][ T8394] RSP: 002b:00007f9533859a88 EFLAGS: 00010293 [ 204.829210][ T8394] RAX: 0000000000000000 RBX: 00007f9533859b20 RCX: 0000000000000000 [ 204.837191][ T8394] RDX: 0000000000000003 RSI: 00000000000001ff RDI: 0000000000000000 [ 204.845173][ T8394] RBP: 00007f9533859ae0 R08: 0000000020002ad8 R09: 0000000000000000 [ 204.853148][ T8394] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000000000 [ 204.861126][ T8394] R13: 0000000000000000 R14: 0000000020002ac0 R15: 0000000000000000 [ 204.869248][ T8394] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8394 [ 204.878587][ T8394] caller is lockdep_hardirqs_on+0x34/0x110 [ 204.884396][ T8394] CPU: 0 PID: 8394 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 204.893844][ T8394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 204.903893][ T8394] Call Trace: [ 204.907189][ T8394] dump_stack+0x198/0x1fb [ 204.911539][ T8394] check_preemption_disabled+0x128/0x130 [ 204.917180][ T8394] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 204.922646][ T8394] lockdep_hardirqs_on+0x34/0x110 [ 204.927680][ T8394] __bad_area_nosemaphore+0xc6/0x4f0 [ 204.932979][ T8394] do_user_addr_fault+0x852/0xbf0 [ 204.938017][ T8394] exc_page_fault+0xa8/0x190 [ 204.942617][ T8394] ? asm_exc_page_fault+0x8/0x30 [ 204.947654][ T8394] asm_exc_page_fault+0x1e/0x30 [ 204.952521][ T8394] RIP: 0033:0x43c496 [ 204.956420][ T8394] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 204.976024][ T8394] RSP: 002b:00007f9533859a88 EFLAGS: 00010293 [ 204.982101][ T8394] RAX: 0000000000000000 RBX: 00007f9533859b20 RCX: 0000000000000000 [ 204.990075][ T8394] RDX: 0000000000000003 RSI: 00000000000001ff RDI: 0000000000000000 [ 204.998049][ T8394] RBP: 00007f9533859ae0 R08: 0000000020002ad8 R09: 0000000000000000 [ 205.006023][ T8394] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000000000 [ 205.013998][ T8394] R13: 0000000000000000 R14: 0000000020002ac0 R15: 0000000000000000 [ 205.173981][ T8394] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8394 [ 205.183519][ T8394] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 205.190148][ T8394] CPU: 0 PID: 8394 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 205.199604][ T8394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.209656][ T8394] Call Trace: [ 205.212954][ T8394] dump_stack+0x198/0x1fb [ 205.217305][ T8394] check_preemption_disabled+0x128/0x130 [ 205.222952][ T8394] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 205.228681][ T8394] trace_hardirqs_on+0x5b/0x1c0 [ 205.233633][ T8394] __bad_area_nosemaphore+0xc6/0x4f0 [ 205.238936][ T8394] do_user_addr_fault+0x852/0xbf0 [ 205.243980][ T8394] exc_page_fault+0xa8/0x190 [ 205.248582][ T8394] ? asm_exc_page_fault+0x8/0x30 [ 205.253527][ T8394] asm_exc_page_fault+0x1e/0x30 [ 205.258391][ T8394] RIP: 0033:0x43c496 [ 205.262293][ T8394] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 205.281901][ T8394] RSP: 002b:00007f9533859a88 EFLAGS: 00010293 [ 205.287978][ T8394] RAX: 0000000000000000 RBX: 00007f9533859b20 RCX: 0000000000000000 [ 205.295955][ T8394] RDX: 0000000000000003 RSI: 00000000000001ff RDI: 0000000000000000 [ 205.304052][ T8394] RBP: 00007f9533859ae0 R08: 0000000020002ad8 R09: 0000000000000000 [ 205.312030][ T8394] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000000000 [ 205.320005][ T8394] R13: 0000000000000000 R14: 0000000020002ac0 R15: 0000000000000000 [ 205.329417][ T8394] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8394 [ 205.340137][ T8394] caller is lockdep_hardirqs_on+0x34/0x110 [ 205.345964][ T8394] CPU: 0 PID: 8394 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 205.355425][ T8394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.365474][ T8394] Call Trace: [ 205.368769][ T8394] dump_stack+0x198/0x1fb [ 205.373122][ T8394] check_preemption_disabled+0x128/0x130 [ 205.378764][ T8394] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 205.384247][ T8394] lockdep_hardirqs_on+0x34/0x110 [ 205.389278][ T8394] __bad_area_nosemaphore+0xc6/0x4f0 [ 205.394575][ T8394] do_user_addr_fault+0x852/0xbf0 [ 205.399619][ T8394] exc_page_fault+0xa8/0x190 [ 205.404220][ T8394] ? asm_exc_page_fault+0x8/0x30 [ 205.409164][ T8394] asm_exc_page_fault+0x1e/0x30 [ 205.414028][ T8394] RIP: 0033:0x43c496 08:21:41 executing program 5: process_vm_writev(0x0, &(0x7f0000000100)=[{0x0}], 0x1, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f0000000240)='./file0\x00', 0x3, 0x3, &(0x7f0000000540)=[{&(0x7f0000000280)="a6060948", 0x4, 0xfffffffffffffffd}, {&(0x7f00000002c0)="78edd31bcc4b947e02836f105aa546c2094378790e4f02a1a3139bc3cac4dabcbc16a78e71f1fe028d8e3c", 0x2b}, {&(0x7f0000000380)='t', 0x1, 0x94}], 0x100001, &(0x7f00000005c0)={[{@fat=@gid={'gid', 0x3d, 0xee01}}, {@uni_xlateno='uni_xlate=0'}, {@iocharset={'iocharset', 0x3d, 'cp932'}}]}) 08:21:41 executing program 1: clock_gettime(0x0, &(0x7f0000001880)) 08:21:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000100)='iso9660\x00', &(0x7f0000000140)='./file1\x00', 0x0, 0x0, &(0x7f0000001540), 0x0, &(0x7f00000021c0)=ANY=[]) 08:21:41 executing program 2: syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000280)={[{@gid={'gid'}}, {@map_off='map=off'}, {@uid={'uid'}}, {@mode={'mode'}}, {@hide='hide'}, {@uid={'uid', 0x3d, 0xffffffffffffffff}}]}) [ 205.417933][ T8394] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 205.437568][ T8394] RSP: 002b:00007f9533859a88 EFLAGS: 00010293 [ 205.443646][ T8394] RAX: 0000000000000000 RBX: 00007f9533859b20 RCX: 0000000000000000 [ 205.451618][ T8394] RDX: 0000000000000003 RSI: 00000000000001ff RDI: 0000000000000000 [ 205.459591][ T8394] RBP: 00007f9533859ae0 R08: 0000000020002ad8 R09: 0000000000000000 [ 205.467568][ T8394] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000000000 [ 205.475567][ T8394] R13: 0000000000000000 R14: 0000000020002ac0 R15: 0000000000000000 08:21:41 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) read$FUSE(r0, &(0x7f0000000d80)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LSEEK(r1, &(0x7f0000000080)={0x18, 0x0, r2}, 0x18) [ 205.634706][ T8414] ISOFS: Unable to identify CD-ROM format. 08:21:41 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000040)=0x8) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000040000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000001000000000000000000000000000000000000000000000001100000000000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000000000000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff728d4d0dbe4db65d4ee7"], 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x20e, 0x69, 0x20000000, &(0x7f00000004c0)="b95b03b700030703009e40f005dd1fff060007000000e08477fbac141436e00a0001c699da153f4f09e6e380f60102f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0xfd, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) 08:21:41 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f0, &(0x7f0000000200)={'gre0\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev}}}}) 08:21:41 executing program 0: syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000280)={[{@gid={'gid'}}, {@map_off='map=off'}, {@uid={'uid'}}, {@mode={'mode'}}, {@hide='hide'}], [{@euid_gt={'euid>', 0xee01}}]}) 08:21:41 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000003840)={&(0x7f0000003740)={0x10, 0x0, 0x0, 0x20280}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2091}, 0x0) close(r2) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_opts(r3, 0x0, 0x4, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "0dc0609a470f6d2c24405f490d485cb63581ea"}) bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) ioctl$VFIO_CHECK_EXTENSION(0xffffffffffffffff, 0x3b65, 0x7) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x100000, 0x0) [ 205.850586][ T8426] xt_NFQUEUE: number of total queues is 0 08:21:41 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x2, 0x0) write$FUSE_WRITE(r0, 0x0, 0x0) [ 205.964287][ T8426] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables [ 205.966578][ T8414] ISOFS: Unable to identify CD-ROM format. 08:21:42 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x2, 0x0) write$FUSE_WRITE(r0, &(0x7f0000000440)={0x18}, 0x18) 08:21:42 executing program 3: syz_mount_image$vfat(0x0, &(0x7f00000028c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000002d40)='./file0\x00', &(0x7f0000002d80)='fuse\x00', 0x0, &(0x7f0000002e00)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@default_permissions='default_permissions'}]}}) 08:21:42 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x8922, &(0x7f0000000200)={'gre0\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev}}}}) 08:21:42 executing program 0: syz_genetlink_get_family_id$netlbl_unlabel(0x0) sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, 0x0, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000ec0)='/dev/vcsu\x00', 0x10200, 0x0) [ 206.440929][ T8452] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8452 [ 206.450441][ T8452] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 206.456954][ T8452] CPU: 1 PID: 8452 Comm: syz-executor.3 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 206.466405][ T8452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.476463][ T8452] Call Trace: [ 206.479773][ T8452] dump_stack+0x198/0x1fb [ 206.484121][ T8452] check_preemption_disabled+0x128/0x130 [ 206.489795][ T8452] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 206.495536][ T8452] trace_hardirqs_on+0x5b/0x1c0 [ 206.500397][ T8452] __bad_area_nosemaphore+0xc6/0x4f0 [ 206.505701][ T8452] do_user_addr_fault+0x852/0xbf0 [ 206.510741][ T8452] exc_page_fault+0xa8/0x190 [ 206.515341][ T8452] ? asm_exc_page_fault+0x8/0x30 [ 206.520285][ T8452] asm_exc_page_fault+0x1e/0x30 [ 206.525139][ T8452] RIP: 0033:0x43c496 [ 206.529045][ T8452] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 206.548826][ T8452] RSP: 002b:00007fd3c2fdaa88 EFLAGS: 00010293 [ 206.554903][ T8452] RAX: 0000000000000000 RBX: 00007fd3c2fdab20 RCX: 0000000000000000 [ 206.562879][ T8452] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000000000000 [ 206.570855][ T8452] RBP: 00007fd3c2fdaae0 R08: 0000000000000000 R09: 0000000000000000 [ 206.578833][ T8452] R10: 00007fd3c2fdb9d0 R11: 0000000000000246 R12: 0000000000000000 08:21:42 executing program 2: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 206.586809][ T8452] R13: 00000000200028c0 R14: 0000000000000000 R15: 0000000000000000 [ 206.596285][ T8452] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.3/8452 [ 206.606206][ T8452] caller is lockdep_hardirqs_on+0x34/0x110 [ 206.612063][ T8452] CPU: 1 PID: 8452 Comm: syz-executor.3 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 206.621507][ T8452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.631549][ T8452] Call Trace: [ 206.634826][ T8452] dump_stack+0x198/0x1fb [ 206.639150][ T8452] check_preemption_disabled+0x128/0x130 [ 206.644772][ T8452] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 206.650215][ T8452] lockdep_hardirqs_on+0x34/0x110 [ 206.655227][ T8452] __bad_area_nosemaphore+0xc6/0x4f0 [ 206.660504][ T8452] do_user_addr_fault+0x852/0xbf0 [ 206.665518][ T8452] exc_page_fault+0xa8/0x190 [ 206.670101][ T8452] ? asm_exc_page_fault+0x8/0x30 [ 206.675035][ T8452] asm_exc_page_fault+0x1e/0x30 [ 206.679882][ T8452] RIP: 0033:0x43c496 [ 206.683761][ T8452] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 206.703347][ T8452] RSP: 002b:00007fd3c2fdaa88 EFLAGS: 00010293 [ 206.709399][ T8452] RAX: 0000000000000000 RBX: 00007fd3c2fdab20 RCX: 0000000000000000 [ 206.717470][ T8452] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000000000000 [ 206.725425][ T8452] RBP: 00007fd3c2fdaae0 R08: 0000000000000000 R09: 0000000000000000 [ 206.733383][ T8452] R10: 00007fd3c2fdb9d0 R11: 0000000000000246 R12: 0000000000000000 [ 206.741336][ T8452] R13: 00000000200028c0 R14: 0000000000000000 R15: 0000000000000000 [ 206.770225][ T8430] xt_NFQUEUE: number of total queues is 0 [ 206.836284][ T8461] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8461 [ 206.836698][ T8460] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/8460 [ 206.846300][ T8461] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 206.855600][ T8460] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 206.855620][ T8460] CPU: 0 PID: 8460 Comm: syz-executor.2 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 206.855631][ T8460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.855637][ T8460] Call Trace: [ 206.855658][ T8460] dump_stack+0x198/0x1fb [ 206.855690][ T8460] check_preemption_disabled+0x128/0x130 [ 206.901396][ T8460] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 206.907110][ T8460] trace_hardirqs_on+0x5b/0x1c0 [ 206.911948][ T8460] __bad_area_nosemaphore+0xc6/0x4f0 [ 206.917224][ T8460] do_user_addr_fault+0x852/0xbf0 [ 206.922251][ T8460] exc_page_fault+0xa8/0x190 [ 206.926824][ T8460] ? asm_exc_page_fault+0x8/0x30 [ 206.931748][ T8460] asm_exc_page_fault+0x1e/0x30 [ 206.936580][ T8460] RIP: 0033:0x43c496 [ 206.940460][ T8460] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 206.960046][ T8460] RSP: 002b:00007f0763681a88 EFLAGS: 00010293 [ 206.966097][ T8460] RAX: 0000000000000000 RBX: 00007f0763681b20 RCX: 0000000000000000 [ 206.974051][ T8460] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000000000000 [ 206.983828][ T8460] RBP: 00007f0763681ae0 R08: 0000000000000000 R09: 0000000000000000 [ 206.991783][ T8460] R10: 00007f07636829d0 R11: 0000000000000246 R12: 0000000000000000 [ 206.999799][ T8460] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 207.007775][ T8461] CPU: 1 PID: 8461 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 207.007826][ T8460] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/8460 [ 207.017221][ T8461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.017227][ T8461] Call Trace: [ 207.017246][ T8461] dump_stack+0x198/0x1fb [ 207.017277][ T8461] check_preemption_disabled+0x128/0x130 [ 207.026524][ T8460] caller is lockdep_hardirqs_on+0x34/0x110 [ 207.036570][ T8461] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 207.036589][ T8461] trace_hardirqs_on+0x5b/0x1c0 [ 207.036610][ T8461] __bad_area_nosemaphore+0xc6/0x4f0 [ 207.071412][ T8461] do_user_addr_fault+0x852/0xbf0 [ 207.076432][ T8461] exc_page_fault+0xa8/0x190 [ 207.081020][ T8461] ? asm_exc_page_fault+0x8/0x30 [ 207.085948][ T8461] asm_exc_page_fault+0x1e/0x30 [ 207.090782][ T8461] RIP: 0033:0x43c650 [ 207.094662][ T8461] Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 [ 207.114246][ T8461] RSP: 002b:00007f9533858ba8 EFLAGS: 00010246 [ 207.120300][ T8461] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.128254][ T8461] RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 [ 207.136208][ T8461] RBP: 0000000000000003 R08: 0000000000000004 R09: 00007f9533858bb0 [ 207.144163][ T8461] R10: 0000000000000000 R11: 000000000000000f R12: 00007f9533858bf0 [ 207.152120][ T8461] R13: 00007ffd0495ddbf R14: 00007f953385a9c0 R15: 000000000118bf2c [ 207.160096][ T8460] CPU: 0 PID: 8460 Comm: syz-executor.2 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 207.160134][ T8461] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8461 [ 207.169536][ T8460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.169542][ T8460] Call Trace: [ 207.169560][ T8460] dump_stack+0x198/0x1fb [ 207.169584][ T8460] check_preemption_disabled+0x128/0x130 [ 207.178848][ T8461] caller is lockdep_hardirqs_on+0x34/0x110 [ 207.188861][ T8460] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 207.188878][ T8460] lockdep_hardirqs_on+0x34/0x110 [ 207.188903][ T8460] __bad_area_nosemaphore+0xc6/0x4f0 [ 207.223501][ T8460] do_user_addr_fault+0x852/0xbf0 [ 207.228517][ T8460] exc_page_fault+0xa8/0x190 [ 207.233092][ T8460] ? asm_exc_page_fault+0x8/0x30 [ 207.238019][ T8460] asm_exc_page_fault+0x1e/0x30 [ 207.242852][ T8460] RIP: 0033:0x43c496 [ 207.246732][ T8460] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 207.266329][ T8460] RSP: 002b:00007f0763681a88 EFLAGS: 00010293 [ 207.272387][ T8460] RAX: 0000000000000000 RBX: 00007f0763681b20 RCX: 0000000000000000 [ 207.280345][ T8460] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000000000000 [ 207.288303][ T8460] RBP: 00007f0763681ae0 R08: 0000000000000000 R09: 0000000000000000 [ 207.296269][ T8460] R10: 00007f07636829d0 R11: 0000000000000246 R12: 0000000000000000 [ 207.304230][ T8460] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 207.312217][ T8461] CPU: 1 PID: 8461 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 207.321675][ T8461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.331737][ T8461] Call Trace: [ 207.335037][ T8461] dump_stack+0x198/0x1fb [ 207.339381][ T8461] check_preemption_disabled+0x128/0x130 [ 207.345020][ T8461] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 207.350488][ T8461] lockdep_hardirqs_on+0x34/0x110 [ 207.355522][ T8461] __bad_area_nosemaphore+0xc6/0x4f0 [ 207.360829][ T8461] do_user_addr_fault+0x852/0xbf0 [ 207.365870][ T8461] exc_page_fault+0xa8/0x190 [ 207.370470][ T8461] ? asm_exc_page_fault+0x8/0x30 [ 207.375411][ T8461] asm_exc_page_fault+0x1e/0x30 [ 207.380262][ T8461] RIP: 0033:0x43c650 08:21:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f00000028c0)='./file0\x00', 0x0, 0x3, &(0x7f0000002ac0)=[{&(0x7f0000002900)='?', 0x1, 0x3}, {&(0x7f0000002940)='v', 0x1, 0x100}, {&(0x7f00000029c0)="91", 0x1}], 0x4882, 0x0) 08:21:43 executing program 4: syz_mount_image$iso9660(&(0x7f0000000100)='iso9660\x00', &(0x7f0000000140)='./file1\x00', 0x0, 0x0, &(0x7f0000001540), 0x0, &(0x7f00000021c0)=ANY=[@ANYBLOB='unhide,check=strict,gid=', @ANYRESHEX=0xee00]) [ 207.384158][ T8461] Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 [ 207.403766][ T8461] RSP: 002b:00007f9533858ba8 EFLAGS: 00010246 [ 207.409847][ T8461] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.417822][ T8461] RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 [ 207.425803][ T8461] RBP: 0000000000000003 R08: 0000000000000004 R09: 00007f9533858bb0 [ 207.433781][ T8461] R10: 0000000000000000 R11: 000000000000000f R12: 00007f9533858bf0 [ 207.441754][ T8461] R13: 00007ffd0495ddbf R14: 00007f953385a9c0 R15: 000000000118bf2c [ 207.619465][ T8468] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/8468 [ 207.629066][ T8468] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 207.635582][ T8468] CPU: 1 PID: 8468 Comm: syz-executor.2 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 207.641259][ T8462] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8462 [ 207.645027][ T8468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.645040][ T8468] Call Trace: [ 207.654410][ T8462] caller is lockdep_hardirqs_on_prepare+0x5e/0x450 [ 207.664388][ T8468] dump_stack+0x198/0x1fb [ 207.664417][ T8468] check_preemption_disabled+0x128/0x130 [ 207.664440][ T8468] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 207.664460][ T8468] trace_hardirqs_on+0x5b/0x1c0 [ 207.664482][ T8468] __bad_area_nosemaphore+0xc6/0x4f0 [ 207.664508][ T8468] do_user_addr_fault+0x852/0xbf0 [ 207.664535][ T8468] exc_page_fault+0xa8/0x190 [ 207.664549][ T8468] ? asm_exc_page_fault+0x8/0x30 [ 207.664562][ T8468] asm_exc_page_fault+0x1e/0x30 [ 207.664574][ T8468] RIP: 0033:0x43c496 [ 207.664591][ T8468] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 207.664602][ T8468] RSP: 002b:00007f0763660a88 EFLAGS: 00010293 [ 207.664619][ T8468] RAX: 0000000000000000 RBX: 00007f0763660b20 RCX: 0000000000000000 [ 207.664629][ T8468] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000000000000 [ 207.664641][ T8468] RBP: 00007f0763660ae0 R08: 0000000000000000 R09: 0000000000000000 [ 207.664652][ T8468] R10: 00007f07636619d0 R11: 0000000000000246 R12: 0000000000000000 [ 207.664661][ T8468] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 207.664736][ T8468] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/8468 [ 207.664754][ T8468] caller is lockdep_hardirqs_on+0x34/0x110 [ 207.664779][ T8468] CPU: 1 PID: 8468 Comm: syz-executor.2 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 207.664789][ T8468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.664795][ T8468] Call Trace: [ 207.664812][ T8468] dump_stack+0x198/0x1fb [ 207.664835][ T8468] check_preemption_disabled+0x128/0x130 [ 207.664854][ T8468] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 207.664875][ T8468] lockdep_hardirqs_on+0x34/0x110 [ 207.664894][ T8468] __bad_area_nosemaphore+0xc6/0x4f0 [ 207.664919][ T8468] do_user_addr_fault+0x852/0xbf0 [ 207.664945][ T8468] exc_page_fault+0xa8/0x190 [ 207.664962][ T8468] ? asm_exc_page_fault+0x8/0x30 [ 207.664978][ T8468] asm_exc_page_fault+0x1e/0x30 [ 207.664990][ T8468] RIP: 0033:0x43c496 [ 207.665005][ T8468] Code: 00 0f 1f 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83 [ 207.665015][ T8468] RSP: 002b:00007f0763660a88 EFLAGS: 00010293 [ 207.665032][ T8468] RAX: 0000000000000000 RBX: 00007f0763660b20 RCX: 0000000000000000 [ 207.665042][ T8468] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000000000000 [ 207.665052][ T8468] RBP: 00007f0763660ae0 R08: 0000000000000000 R09: 0000000000000000 [ 207.665063][ T8468] R10: 00007f07636619d0 R11: 0000000000000246 R12: 0000000000000000 [ 207.665072][ T8468] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 207.942936][ T8462] CPU: 0 PID: 8462 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 207.952383][ T8462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.962439][ T8462] Call Trace: [ 207.965742][ T8462] dump_stack+0x198/0x1fb [ 207.970085][ T8462] check_preemption_disabled+0x128/0x130 [ 207.975725][ T8462] lockdep_hardirqs_on_prepare+0x5e/0x450 [ 207.981452][ T8462] trace_hardirqs_on+0x5b/0x1c0 [ 207.986309][ T8462] __bad_area_nosemaphore+0xc6/0x4f0 [ 207.991602][ T8462] do_user_addr_fault+0x852/0xbf0 [ 207.996639][ T8462] exc_page_fault+0xa8/0x190 [ 208.001233][ T8462] ? asm_exc_page_fault+0x8/0x30 [ 208.006194][ T8462] asm_exc_page_fault+0x1e/0x30 [ 208.011041][ T8462] RIP: 0033:0x43c650 [ 208.014938][ T8462] Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 [ 208.034539][ T8462] RSP: 002b:00007f9533837ba8 EFLAGS: 00010246 [ 208.040610][ T8462] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.048577][ T8462] RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 [ 208.056546][ T8462] RBP: 0000000000000003 R08: 0000000000000004 R09: 00007f9533837bb0 [ 208.064520][ T8462] R10: 0000000000000000 R11: 000000000000000f R12: 00007f9533837bf0 [ 208.072492][ T8462] R13: 00007ffd0495ddbf R14: 00007f95338399c0 R15: 000000000118bfd4 [ 208.080572][ T8462] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/8462 [ 208.089913][ T8462] caller is lockdep_hardirqs_on+0x34/0x110 [ 208.095720][ T8462] CPU: 0 PID: 8462 Comm: syz-executor.0 Not tainted 5.9.0-next-20201016-syzkaller #0 [ 208.105167][ T8462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.115214][ T8462] Call Trace: [ 208.118510][ T8462] dump_stack+0x198/0x1fb [ 208.122849][ T8462] check_preemption_disabled+0x128/0x130 [ 208.128484][ T8462] ? __bad_area_nosemaphore+0xc6/0x4f0 [ 208.133950][ T8462] lockdep_hardirqs_on+0x34/0x110 [ 208.138981][ T8462] __bad_area_nosemaphore+0xc6/0x4f0 [ 208.144276][ T8462] do_user_addr_fault+0x852/0xbf0 [ 208.149315][ T8462] exc_page_fault+0xa8/0x190 [ 208.153913][ T8462] ? asm_exc_page_fault+0x8/0x30 [ 208.158852][ T8462] asm_exc_page_fault+0x1e/0x30 [ 208.163703][ T8462] RIP: 0033:0x43c650 [ 208.167600][ T8462] Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 [ 208.187202][ T8462] RSP: 002b:00007f9533837ba8 EFLAGS: 00010246 [ 208.193274][ T8462] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.201240][ T8462] RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 [ 208.209214][ T8462] RBP: 0000000000000003 R08: 0000000000000004 R09: 00007f9533837bb0 [ 208.217190][ T8462] R10: 0000000000000000 R11: 000000000000000f R12: 00007f9533837bf0 [ 208.225158][ T8462] R13: 00007ffd0495ddbf R14: 00007f95338399c0 R15: 000000000118bfd4 [ 208.307133][ T8466] ISOFS: Unable to identify CD-ROM format. [ 208.346852][ T8456] fuse: Bad value for 'fd' [ 208.392386][ T8452] fuse: Bad value for 'fd' [ 208.534479][ T8466] ISOFS: Unable to identify CD-ROM format. 08:21:45 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000040)=0x8) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000040000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000001000000000000000000000000000000000000000000000001100000000000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000000000000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff728d4d0dbe4db65d4ee7"], 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x20e, 0x69, 0x20000000, &(0x7f00000004c0)="b95b03b700030703009e40f005dd1fff060007000000e08477fbac141436e00a0001c699da153f4f09e6e380f60102f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0xfd, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) 08:21:45 executing program 3: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, &(0x7f0000000540), 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 08:21:45 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300"/452], 0x1) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x20e, 0x1, 0x0, &(0x7f00000004c0)="b9", 0x0, 0xfd, 0x6000000000000000}, 0x40) 08:21:45 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x8943, &(0x7f0000000200)={'gre0\x00', 0x0}) 08:21:45 executing program 0: syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0x8000d5, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="040014d79cd2000066617400040409000200027400f8", 0x16}], 0x0, &(0x7f0000000280)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r0 = open(&(0x7f0000000240)='./file0\x00', 0x188c5, 0x0) r1 = open$dir(&(0x7f0000000340)='./file0\x00', 0x16d900, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) r4 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$cgroup_type(r4, &(0x7f0000001180)='threaded\x00', 0xfc9a) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendfile(r0, r1, 0x0, 0xee000000) 08:21:45 executing program 4: syz_mount_image$tmpfs(&(0x7f0000001640)='tmpfs\x00', 0x0, 0x0, 0x0, &(0x7f0000001a40), 0x0, &(0x7f0000001ac0)) execveat(0xffffffffffffffff, &(0x7f0000001b80)='./file1\x00', 0x0, 0x0, 0x1000) 08:21:45 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300"/452], 0x1) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x20e, 0x1, 0x0, &(0x7f00000004c0)="b9", 0x0, 0xfd, 0x6000000000000000}, 0x40) [ 209.859216][ T8494] xt_NFQUEUE: number of total queues is 0 [ 209.874497][ T8498] xt_NFQUEUE: number of total queues is 0 08:21:45 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000040)=0x8) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000040000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000001000000000000000000000000000000000000000000000001100000000000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000000000000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff728d4d0dbe4db65d4ee7"], 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x20e, 0x69, 0x20000000, &(0x7f00000004c0)="b95b03b700030703009e40f005dd1fff060007000000e08477fbac141436e00a0001c699da153f4f09e6e380f60102f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0xfd, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) [ 209.944429][ T8504] xt_NFQUEUE: number of total queues is 0 08:21:46 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f0, &(0x7f0000000200)={'gre0\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0x7800, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev}}}}) [ 210.007903][ T8496] FAT-fs (loop0): bogus number of FAT sectors [ 210.035663][ T8496] FAT-fs (loop0): Can't find a valid FAT filesystem 08:21:46 executing program 3: io_uring_setup(0x3289, &(0x7f00000003c0)={0x0, 0x0, 0x23}) 08:21:46 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000040)=0x8) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000040000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000001000000000000000000000000000000000000000000000001100000000000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000000000000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff728d4d0dbe4db65d4ee7"], 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x20e, 0x69, 0x20000000, &(0x7f00000004c0)="b95b03b700030703009e40f005dd1fff060007000000e08477fbac141436e00a0001c699da153f4f09e6e380f60102f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0xfd, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) [ 210.091635][ T8514] xt_NFQUEUE: number of total queues is 0 [ 210.116098][ T8516] xt_NFQUEUE: number of total queues is 0 08:21:46 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300"/452], 0x1) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x20e, 0x1, 0x0, &(0x7f00000004c0)="b9", 0x0, 0xfd, 0x6000000000000000}, 0x40) 08:21:46 executing program 1: clock_gettime(0x7, &(0x7f0000001880)) [ 210.197786][ T8496] FAT-fs (loop0): bogus number of FAT sectors [ 210.226843][ T8496] FAT-fs (loop0): Can't find a valid FAT filesystem 08:21:46 executing program 4: syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mknod$loop(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) 08:21:46 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000040)=0x8) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000040000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000001000000000000000000000000000000000000000000000001100000000000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000000000000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff728d4d0dbe4db65d4ee7"], 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000010c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x20e, 0x69, 0x20000000, &(0x7f00000004c0)="b95b03b700030703009e40f005dd1fff060007000000e08477fbac141436e00a0001c699da153f4f09e6e380f60102f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0xfd, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) [ 210.350184][ T8528] xt_NFQUEUE: number of total queues is 0 [ 210.363657][ T8532] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables 08:21:46 executing program 3: syz_mount_image$vfat(0x0, &(0x7f00000028c0)='./file0\x00', 0x8, 0x3, &(0x7f0000002ac0)=[{&(0x7f0000002900)="3fe34347cd1fb88f88fd65cde4", 0xd, 0x3}, {&(0x7f0000002940)='v', 0x1}, {&(0x7f00000029c0)="9179e0f617ee8506d6d9c60ea7698bc0", 0x10}], 0x0, &(0x7f0000002b40)={[{@uni_xlateno='uni_xlate=0'}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@shortname_win95='shortname=win95'}, {@uni_xlateno='uni_xlate=0'}], [{@fsmagic={'fsmagic'}}, {@pcr={'pcr'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\'\xb0'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@subj_type={'subj_type', 0x3d, '.'}}]}) [ 210.438278][ T8535] xt_NFQUEUE: number of total queues is 0 08:21:46 executing program 0: clock_gettime(0x0, &(0x7f0000005cc0)) 08:21:46 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300"/452], 0x1) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x20e, 0x1, 0x0, &(0x7f00000004c0)="b9", 0x0, 0xfd, 0x6000000000000000}, 0x40) 08:21:46 executing program 1: pkey_mprotect(&(0x7f00003fe000/0xc00000)=nil, 0xc00000, 0x0, 0xffffffffffffffff) [ 210.619833][ T8545] xt_NFQUEUE: number of total queues is 0 08:21:46 executing program 4: syz_mount_image$vfat(0x0, &(0x7f00000028c0)='./file0\x00', 0x0, 0x2, &(0x7f0000002ac0)=[{&(0x7f0000002940)="76351c4762d015d6285b1ec0cc6ff7b1f8a1bdfbbfc6403cf529c37c01686e21db76da5e9efb63bf89f176420f0b2abe40af8e520e8bbe80e754766fc581c494802ed9a574dbe4a6", 0x48, 0x100}, {&(0x7f00000029c0)="9179e0f617ee8506d6d9c60ea7698bc060173692da7843250801b2239367ffa7db68f8073fe06459e14a3475c78b201c36cb53a3a2b944d75717922a82095386c596259d4c98a05b3175bcb7c4a522d03b98a05b4762a5244f758786e24338869ea9bda6e3704fd128e613358728d3bf0636ad0e8d710fe3ba3f9f0fe735abc90488c8931b36981ad39fc685f963c06ac44c2f5c637153802180d11165dc9b3b7fc897ff240084077b65d256acc14aea", 0xb0}], 0x4882, &(0x7f0000002b40)={[{@iocharset={'iocharset', 0x3d, 'cp949'}}, {@uni_xlate='uni_xlate=1'}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@shortname_win95='shortname=win95'}, {@uni_xlateno='uni_xlate=0'}], [{@fsuuid={'fsuuid', 0x3d, {[0x61, 0x0, 0x37, 0x65, 0x4, 0x66, 0x0, 0x65], 0x2d, [0x0, 0x0, 0x35], 0x2d, [0x63, 0x64, 0x0, 0x66], 0x2d, [0x36, 0x35, 0x39], 0x2d, [0x0, 0x0, 0x38, 0x34, 0x61, 0x35, 0x65, 0x64]}}}, {@fsmagic={'fsmagic', 0x3d, 0x100000001}}, {@pcr={'pcr'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\'\xb0'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}]}) 08:21:46 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0x64000000, 0x4, 0xd0e0000, 0x0, 0x100, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "a7a9"}}, @common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x31f) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0) sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000d00)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c100000000000000000000000000000000000000000000f3000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000002000000000000000000000000300"/452], 0x1) 08:21:46 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x17, 0x0, 0x3ff, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x2]}, 0x40) 08:21:47 executing program 1: process_vm_writev(0x0, &(0x7f0000000900)=[{&(0x7f0000000780)=""/95, 0x5f}], 0x1, &(0x7f0000000c00)=[{&(0x7f0000000940)=""/12, 0xc}, {0x0}], 0x2, 0x0) 08:21:47 executing program 0: syz_mount_image$iso9660(&(0x7f0000000100)='iso9660\x00', &(0x7f0000000140)='./file1\x00', 0x0, 0x0, &(0x7f0000001540), 0x0, &(0x7f00000021c0)=ANY=[@ANYBLOB='unhide,check=strict,gid=', @ANYRESHEX=0xee00, @ANYBLOB=',hide,hide,map=acorn'])