last executing test programs: 346.572126ms ago: executing program 1 (id=2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000200)={0xb, 0x0, [{0xfb, 0x0, 0x8}, {0xeb, 0x0, 0x8}, {0x1000, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x7}, {0x74, 0x0, 0x8}, {0xa39d, 0x0, 0x200}, {0x840, 0x0, 0x7fffffff}, {0x80, 0x0, 0x8000000000000001}, {0x8, 0x0, 0x3}, {0x9, 0x0, 0x1000000000003}, {0xffffffff, 0x0, 0x18}, {0x80000001, 0x0, 0x1}, {0x2, 0x0, 0x2}, {0xfff, 0x0, 0x2}, {0x2ac46eb, 0x0, 0x800}, {0x5689, 0x0, 0x401}]}) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000300)={0x2, 0x0, [{0x40000001, 0x7, 0x1, 0x5, 0x7, 0x70, 0x9fe00000}, {0xd, 0xa, 0x0, 0x7, 0x3, 0xe701, 0x5}]}) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f00000003c0)={0x2, 0x240, 0x380, 0x0}) 223.111972ms ago: executing program 0 (id=1): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220f000000560900a1004daf25cee2d5d1c1"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGUCODE(r1, 0xc018480d, 0x0) ioctl$HIDIOCSUSAGE(r1, 0x4018480c, &(0x7f0000000040)={0x3, 0x1, 0x0, 0x7, 0x8, 0x4d10}) 90.365792ms ago: executing program 2 (id=3): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000040)={0x1, 0x3c0, 0xc0, &(0x7f0000000340)=[0x5, 0x0, 0xe, 0x80, 0xe6b4, 0x0, 0xfffffffffffffffa, 0x1, 0x8, 0x2, 0x2, 0x700000000000000, 0x3, 0xffff, 0xfffffffffffffffe, 0x5, 0x7fffffff, 0x5, 0x4, 0x9883, 0x5, 0x6, 0x8, 0x2, 0x4, 0x9, 0x2, 0x1fd, 0x8, 0x81, 0x7, 0x5, 0x5, 0x2, 0x101, 0x40, 0xfffffffffffffff8, 0xaa3, 0xa, 0x81, 0x0, 0x6, 0x8, 0x2e2, 0x101, 0x6, 0x8000000000000005, 0xfffffffffffffff9, 0x8, 0x401, 0x5, 0x9, 0x7fff, 0xec, 0x8000000000000000, 0x8, 0x94f, 0x7, 0x7fffffffffffffff, 0x6, 0xffffffffffffffff, 0xa, 0x11, 0xa, 0x5, 0xa8, 0x1, 0x7, 0x7fffffffffffffff, 0x87f, 0x7, 0x7, 0xae8f, 0x1e30fa4c, 0xa, 0xfffffffffffffffd, 0x4, 0x49f, 0x3, 0x7, 0x1, 0x4, 0xba00, 0x3, 0xd, 0xad65, 0x1, 0x100, 0x7, 0xe, 0x3, 0x1000000003ff, 0x5, 0x21, 0xfffffffffffffc01, 0xfffffffffffffffe, 0x401, 0x8, 0x1e4b, 0x2, 0x77, 0xf, 0x10000, 0xe, 0x2, 0x3, 0x3, 0x6, 0x0, 0x4, 0xa, 0x1, 0x9, 0x2, 0xfff, 0x80, 0x3, 0xd, 0x200000000000004, 0x2, 0x2000000006, 0x8, 0x401, 0x7f, 0x4, 0x7, 0xea7, 0x1]}) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 38.220584ms ago: executing program 3 (id=4): r0 = msgget$private(0x0, 0x1c0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000258f88)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x96}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) msgsnd(r0, &(0x7f0000000080)=ANY=[@ANYRES8], 0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000258f88)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x9, 0xff, 0x5, 0xe8}) 0s ago: executing program 1 (id=5): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) socket$igmp(0x2, 0x3, 0x2) close(0x3) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.85' (ED25519) to the list of known hosts. [ 67.898045][ T5849] cgroup: Unknown subsys name 'net' [ 68.036202][ T5849] cgroup: Unknown subsys name 'cpuset' [ 68.044634][ T5849] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 69.312291][ T5849] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 71.344991][ T5863] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.352364][ T5863] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.359849][ T5863] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.366863][ T5870] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.367415][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.374080][ T5870] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.381183][ T5863] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.394798][ T5863] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.395360][ T5870] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.404065][ T5863] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.416601][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.429697][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.436851][ T5863] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.439224][ T5871] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.451043][ T5863] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.454571][ T5871] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.465218][ T5863] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.465686][ T5871] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 71.472826][ T5863] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.487477][ T5863] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.497485][ T5863] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 71.511319][ T5871] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.812551][ T5864] chnl_net:caif_netlink_parms(): no params data found [ 71.828661][ T5858] chnl_net:caif_netlink_parms(): no params data found [ 71.894510][ T5859] chnl_net:caif_netlink_parms(): no params data found [ 71.929134][ T5873] chnl_net:caif_netlink_parms(): no params data found [ 71.978986][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.986332][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.993669][ T5858] bridge_slave_0: entered allmulticast mode [ 72.000409][ T5858] bridge_slave_0: entered promiscuous mode [ 72.025302][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.032460][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.039868][ T5858] bridge_slave_1: entered allmulticast mode [ 72.046802][ T5858] bridge_slave_1: entered promiscuous mode [ 72.060172][ T5864] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.067344][ T5864] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.074638][ T5864] bridge_slave_0: entered allmulticast mode [ 72.081375][ T5864] bridge_slave_0: entered promiscuous mode [ 72.106152][ T5864] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.113254][ T5864] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.120776][ T5864] bridge_slave_1: entered allmulticast mode [ 72.127603][ T5864] bridge_slave_1: entered promiscuous mode [ 72.168742][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.193474][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.201878][ T5859] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.209317][ T5859] bridge_slave_0: entered allmulticast mode [ 72.217106][ T5859] bridge_slave_0: entered promiscuous mode [ 72.225926][ T5864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.235163][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.242266][ T5859] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.249680][ T5859] bridge_slave_1: entered allmulticast mode [ 72.256460][ T5859] bridge_slave_1: entered promiscuous mode [ 72.264435][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.280349][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.287620][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.294933][ T5873] bridge_slave_0: entered allmulticast mode [ 72.301599][ T5873] bridge_slave_0: entered promiscuous mode [ 72.310663][ T5864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.336496][ T5859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.345793][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.352947][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.360314][ T5873] bridge_slave_1: entered allmulticast mode [ 72.367197][ T5873] bridge_slave_1: entered promiscuous mode [ 72.389426][ T5859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.423644][ T5858] team0: Port device team_slave_0 added [ 72.438749][ T5859] team0: Port device team_slave_0 added [ 72.452669][ T5864] team0: Port device team_slave_0 added [ 72.459773][ T5858] team0: Port device team_slave_1 added [ 72.475065][ T5859] team0: Port device team_slave_1 added [ 72.482546][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.494215][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.505035][ T5864] team0: Port device team_slave_1 added [ 72.540644][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.547771][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.574271][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.606902][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.614116][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.640566][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.656601][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.663707][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.689719][ T5859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.701777][ T5873] team0: Port device team_slave_0 added [ 72.708378][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.715383][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.741515][ T5864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.753984][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.761126][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.787057][ T5864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.798521][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.805539][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.832198][ T5859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.847956][ T5873] team0: Port device team_slave_1 added [ 72.893047][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.900324][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.926969][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.938882][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.946091][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.973408][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.997323][ T5858] hsr_slave_0: entered promiscuous mode [ 73.003464][ T5858] hsr_slave_1: entered promiscuous mode [ 73.049418][ T5864] hsr_slave_0: entered promiscuous mode [ 73.055783][ T5864] hsr_slave_1: entered promiscuous mode [ 73.061733][ T5864] debugfs: 'hsr0' already exists in 'hsr' [ 73.067674][ T5864] Cannot create hsr debugfs directory [ 73.088905][ T5859] hsr_slave_0: entered promiscuous mode [ 73.095308][ T5859] hsr_slave_1: entered promiscuous mode [ 73.101329][ T5859] debugfs: 'hsr0' already exists in 'hsr' [ 73.107115][ T5859] Cannot create hsr debugfs directory [ 73.150095][ T5873] hsr_slave_0: entered promiscuous mode [ 73.156348][ T5873] hsr_slave_1: entered promiscuous mode [ 73.162316][ T5873] debugfs: 'hsr0' already exists in 'hsr' [ 73.168224][ T5873] Cannot create hsr debugfs directory [ 73.400520][ T5858] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 73.410363][ T5858] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 73.422923][ T5858] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 73.436221][ T5858] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 73.461798][ T5864] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 73.473210][ T5864] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 73.491659][ T5864] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 73.501681][ T5864] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 73.508869][ T5871] Bluetooth: hci2: command tx timeout [ 73.547791][ T5859] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.557768][ T5859] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.584078][ T5866] Bluetooth: hci1: command tx timeout [ 73.589525][ T5863] Bluetooth: hci0: command tx timeout [ 73.590446][ T5859] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 73.595347][ T5871] Bluetooth: hci3: command tx timeout [ 73.613201][ T5859] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 73.638853][ T5873] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.648676][ T5873] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.659109][ T5873] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.669701][ T5873] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.724471][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.779806][ T5858] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.792932][ T5864] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.809695][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.816912][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.837342][ T3508] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.844484][ T3508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.868923][ T5864] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.886094][ T3508] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.893207][ T3508] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.907706][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.923290][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.930440][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.957800][ T5873] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.966828][ T5859] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.001126][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.008257][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.019038][ T5859] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.037905][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.045054][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.058529][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.065671][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.086165][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.093445][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.356657][ T5864] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.432215][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.460962][ T5864] veth0_vlan: entered promiscuous mode [ 74.477121][ T5864] veth1_vlan: entered promiscuous mode [ 74.487743][ T5859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.499944][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.576200][ T5859] veth0_vlan: entered promiscuous mode [ 74.582747][ T5873] veth0_vlan: entered promiscuous mode [ 74.591645][ T5858] veth0_vlan: entered promiscuous mode [ 74.606286][ T5873] veth1_vlan: entered promiscuous mode [ 74.615495][ T5864] veth0_macvtap: entered promiscuous mode [ 74.625120][ T5859] veth1_vlan: entered promiscuous mode [ 74.635053][ T5864] veth1_macvtap: entered promiscuous mode [ 74.642308][ T5858] veth1_vlan: entered promiscuous mode [ 74.668261][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.691372][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.708890][ T5873] veth0_macvtap: entered promiscuous mode [ 74.721273][ T5873] veth1_macvtap: entered promiscuous mode [ 74.729080][ T3508] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.739540][ T3508] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.753325][ T5859] veth0_macvtap: entered promiscuous mode [ 74.761218][ T3508] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.770340][ T3508] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.786515][ T5858] veth0_macvtap: entered promiscuous mode [ 74.797116][ T5859] veth1_macvtap: entered promiscuous mode [ 74.808277][ T5858] veth1_macvtap: entered promiscuous mode [ 74.821728][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.847879][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.861338][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.872344][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.890433][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.899569][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.908883][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.918675][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.941299][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.951987][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.962182][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.972091][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.981515][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.994431][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.002333][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.013751][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.040782][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.060993][ T3508] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.069153][ T3508] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.081053][ T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.090832][ T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.100699][ T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.150965][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.166131][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.176760][ T5864] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 75.213203][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.221055][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.221075][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.256174][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.299035][ T5947] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 75.342278][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.370363][ T3571] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.383452][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.404017][ T3571] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.439150][ T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.463703][ T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.529644][ T5954] ------------[ cut here ]------------ [ 75.550507][ T5954] UBSAN: shift-out-of-bounds in fs/9p/vfs_super.c:57:22 [ 75.565660][ T5954] shift exponent 32 is too large for 32-bit type 'int' [ 75.584655][ T5871] Bluetooth: hci2: command tx timeout [ 75.592421][ T5954] CPU: 0 UID: 0 PID: 5954 Comm: syz.2.3 Not tainted syzkaller #0 PREEMPT(full) [ 75.592451][ T5954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 75.592464][ T5954] Call Trace: [ 75.592472][ T5954] [ 75.592480][ T5954] dump_stack_lvl+0x189/0x250 [ 75.592518][ T5954] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.592559][ T5954] ? __pfx__printk+0x10/0x10 [ 75.592595][ T5954] ubsan_epilogue+0xa/0x40 [ 75.592620][ T5954] __ubsan_handle_shift_out_of_bounds+0x386/0x410 [ 75.592650][ T5954] ? __pfx_v9fs_set_super+0x10/0x10 [ 75.592675][ T5954] v9fs_get_tree+0x957/0xa90 [ 75.592701][ T5954] ? __pfx_v9fs_get_tree+0x10/0x10 [ 75.592729][ T5954] vfs_get_tree+0x8f/0x2b0 [ 75.592752][ T5954] do_new_mount+0x2a2/0xa30 [ 75.592777][ T5954] ? ns_capable+0x8a/0xf0 [ 75.592799][ T5954] ? __pfx_do_new_mount+0x10/0x10 [ 75.592822][ T5954] ? path_mount+0x61c/0xfe0 [ 75.592843][ T5954] ? user_path_at+0x44/0x60 [ 75.592876][ T5954] __se_sys_mount+0x317/0x410 [ 75.592903][ T5954] ? __pfx___se_sys_mount+0x10/0x10 [ 75.592928][ T5954] ? rcu_is_watching+0x15/0xb0 [ 75.592950][ T5954] ? __x64_sys_mount+0x20/0xc0 [ 75.592974][ T5954] do_syscall_64+0xfa/0xfa0 [ 75.593002][ T5954] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.593022][ T5954] ? clear_bhb_loop+0x60/0xb0 [ 75.593044][ T5954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.593063][ T5954] RIP: 0033:0x7f866098ebe9 [ 75.593097][ T5954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.593114][ T5954] RSP: 002b:00007f86618f2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 75.593136][ T5954] RAX: ffffffffffffffda RBX: 00007f8660bc5fa0 RCX: 00007f866098ebe9 [ 75.593151][ T5954] RDX: 0000200000000b80 RSI: 0000200000000040 RDI: 0000000000000000 [ 75.593164][ T5954] RBP: 00007f8660a11e19 R08: 00002000000004c0 R09: 0000000000000000 [ 75.593177][ T5954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.593189][ T5954] R13: 00007f8660bc6038 R14: 00007f8660bc5fa0 R15: 00007ffeea6ee118 [ 75.593212][ T5954] [ 75.593220][ T5954] ---[ end trace ]--- [ 75.676933][ T981] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 75.683249][ T5954] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 75.683272][ T5954] CPU: 0 UID: 0 PID: 5954 Comm: syz.2.3 Not tainted syzkaller #0 PREEMPT(full) [ 75.683300][ T5954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 75.683315][ T5954] Call Trace: [ 75.683325][ T5954] [ 75.683335][ T5954] dump_stack_lvl+0x99/0x250 [ 75.683377][ T5954] ? __asan_memcpy+0x40/0x70 [ 75.683410][ T5954] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.683446][ T5954] ? __pfx__printk+0x10/0x10 [ 75.683486][ T5954] vpanic+0x281/0x750 [ 75.683530][ T5954] ? __pfx_vpanic+0x10/0x10 [ 75.683572][ T5954] panic+0xb9/0xc0 [ 75.683599][ T5954] ? __pfx_panic+0x10/0x10 [ 75.683628][ T5954] ? __pfx__printk+0x10/0x10 [ 75.683666][ T5954] check_panic_on_warn+0x89/0xb0 [ 75.683706][ T5954] __ubsan_handle_shift_out_of_bounds+0x386/0x410 [ 75.683741][ T5954] ? __pfx_v9fs_set_super+0x10/0x10 [ 75.683769][ T5954] v9fs_get_tree+0x957/0xa90 [ 75.683798][ T5954] ? __pfx_v9fs_get_tree+0x10/0x10 [ 75.683829][ T5954] vfs_get_tree+0x8f/0x2b0 [ 75.683856][ T5954] do_new_mount+0x2a2/0xa30 [ 75.683884][ T5954] ? ns_capable+0x8a/0xf0 [ 75.683910][ T5954] ? __pfx_do_new_mount+0x10/0x10 [ 75.683932][ T5954] ? path_mount+0x61c/0xfe0 [ 75.683953][ T5954] ? user_path_at+0x44/0x60 [ 75.683985][ T5954] __se_sys_mount+0x317/0x410 [ 75.684012][ T5954] ? __pfx___se_sys_mount+0x10/0x10 [ 75.684038][ T5954] ? rcu_is_watching+0x15/0xb0 [ 75.684060][ T5954] ? __x64_sys_mount+0x20/0xc0 [ 75.684085][ T5954] do_syscall_64+0xfa/0xfa0 [ 75.684114][ T5954] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.684134][ T5954] ? clear_bhb_loop+0x60/0xb0 [ 75.684157][ T5954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.684177][ T5954] RIP: 0033:0x7f866098ebe9 [ 75.684195][ T5954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.684213][ T5954] RSP: 002b:00007f86618f2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 75.684235][ T5954] RAX: ffffffffffffffda RBX: 00007f8660bc5fa0 RCX: 00007f866098ebe9 [ 75.684251][ T5954] RDX: 0000200000000b80 RSI: 0000200000000040 RDI: 0000000000000000 [ 75.684265][ T5954] RBP: 00007f8660a11e19 R08: 00002000000004c0 R09: 0000000000000000 [ 75.684279][ T5954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.684291][ T5954] R13: 00007f8660bc6038 R14: 00007f8660bc5fa0 R15: 00007ffeea6ee118 [ 76.055095][ T5954] [ 76.058283][ T5954] Kernel Offset: disabled [ 76.062619][ T5954] Rebooting in 86400 seconds..