last executing test programs: 7.109203073s ago: executing program 4 (id=180): r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000200)=[{0x15, 0x0, 0x1, 0xffff0001}, {0x6, 0xff, 0x9, 0x6}, {0x6, 0xff, 0x4, 0x100005e}]}, 0x10) 6.827598817s ago: executing program 4 (id=183): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0) 6.505625121s ago: executing program 4 (id=185): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000000000)={0x9, "e241e8542bf2d9bc990fee2381754b0e08ab71e625046ac023cd92ea7b17bf8234a16f454f87298f426d3b49ef79fcdaac11ab9501697b299a2e3197c9cafeceaf3cd8bcb5295c26ae2976bb3e0e158b686b0e42ee2da7ffca37082a70c0f69ffb1adadd13537f68ce62166ec95a593683c991dbcb005890f17fbbc648169d2fb3ca6fbf68168471052a758c8c8f4a8cbde394ea31d1e560f2b929bf87aa352b16f28b9487e5c95ca2d378f3a4566c99cd1f7a33b771490a1f70f0b1af53e42cb6eb3b45e72e5bba4cde4ec5ec8ee35eac87d3542ac0d9a7a23883aff86ae9dcfc4b19e1a269a775fb9510b4fe9a7bdd3ebd2f7a3a9406db7bd46698c9f412a777d28994c498f04060c99ccb9d1d83f5aa4302d118dd8227ba5e6248305e31c85db8affc037a611f371fd205e02dac1b7d36cdf98d9b580186b9e262d7717cf8347955ea5c36c48261d196b884337521cba7bbf339f31a2a358416e079c608c0776413598ff9f5833631e60e13c0cbcf3e30f6b199f21ca71244fd27acfccd8e304c82420f5668f725b8612dfade8586a71e7d2f813000047a1da0960313ac905ee78144f1bcb0b77916c6e7278159ad8688b07161df584a30d068a64540c7b7f9a88a3332859b0c3e8fa0dedcce3fa5ea3c058f50ca5eb9ddf895e592d69743e794d4ca7c63cba76416271b81c73c578b143e7798010ffb5be0af5879c80a48"}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_clone(0x80100, 0x0, 0x62, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) 5.761917445s ago: executing program 4 (id=191): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) 5.349578563s ago: executing program 4 (id=195): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x7, 0x4, 0xd2}) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000500)={"34b30f02c5ccf6e3b71cda04b68b6891370cd0a442844b737a7254514f9ff20d0954650127067cd50d8f25db5fc9ccd4dbb2ecc29dc8dc51bcd2291a6a12912a3ce524ba851af6d1366d2b46f9f063dde6bea45fb0f4ab6a35088ea81c8a5ea6d0c3fbc6a89ae582119699a04f2be00b3aa3766c9f658af98e3122b00522a2ee14e3746ec2266e538c13710185ec5a7e4936e212c07483e1798957ffbb6311f2a13a7109d4293b216f78d59d41eb3af775e48d7a82a6c8f6476e2456a1a4288c672fbf1072ae9c51060f80707d1bc48eb1802a805df2ee990bcece5fe8b0ebba31c4d5efa47b3353aa02663aca26e817c88dc094d75330fbe2fea0037d4f92435d2eed5585bfaeddfdb50bb10bed6860313613f4a96d7d0b263cb0930f155ed09f2ff433f90d5065a376d43502ac8f17257c0fe5f448d9805a835286f2ff887e02e8a243902c124d3d52a1057f20a29ca1c012869a6d606e3440cc51cca66021bae0cf8c0a5af7a21c79481b1a31b98fe0c29fb5dfc5737442cdfad6421ec95345bd0165c6f6123e616873d97282e5098add56b95e805782aa67f237269b5b2b3e24edd1dc78f25130926496f5623ae306bc3d72d2b80f8939e60526330f873d00360441d906627f0183607151b1f03602050670984a3640871c2690496bbc8949fb63abd5033e508055dc0dd759913beba87e39e7af72170d622e2ecf9aeb4e479bbff8ad292a3a5bd70f8f433bc4b89be144ace57501f8f016868ed7dd8bab97f4f3feb242f4f620913c478058c036df363abbf7c239d340017c2de6b688e322c9b51c269aa110def3ad16337d197f3c452ac661bac7c0531c4d98618f99d750b0c3d8539051188a0f4583dd3538982e8a84121055cd721571ca98bb0c3ec3e446c4c7bc5c9b800367a859a00ef3a505327f9f2da247ce118a82deeb04ad22eeaf97dbd454518defd5adeb288a7842e9e2839ec587e3275abf3a812154080aa60182e60cb73b2020d2865551141ac1e077a3a3a764fff1b024346594f3a004197673c896069dc253f81dac7ca4e906bf2c0d241f59e4b8dad8549871e94b33755db2526223d1e290e300701a0a926033d515429f751f72a87f2eb0336cc72be75af2b75b82c70807718604aa9c6b3c2bc27551f1a0dcffc5eef025f86c13f1fbb426de372b15e4d6a63c4754cecd5071e25e8d6f5796830e7ef62b65c5c076ad2a9ab0850f97c5765ece5885caf0ca0d63a56c45d09c77553ba254983c05d7c722bd7e2061bb71e8e9a7cc444a24643ff32bb80f95ddf50455ed9b59288df68da87510cc3ff08521b39002fe8ea04ee30135324934c286cebc277a9189ac3322b96e8df8bd2a00a0a3da54b3dbe4e9cd46b762ac7f2c7ded1aa8c9741b675f7fe2dc699ab9a2615924fda6e879fc2ae27030d149ed88482945304447d8d027"}) 4.224903867s ago: executing program 4 (id=199): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000280)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() syz_pidfd_open(r2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="120141014813442024040075ee69010203010902120001000010000904b807f7c6d1ca00906b69a2ac8041567018f4ed6cafa1ccfb974f"], 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000005b80)={0x2020}, 0x2020) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="0001"]) r6 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c0000001800ffffffff7bfbfcdbdf250a148000ff01fd07"], 0x1c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r7, 0x29, 0x39, &(0x7f0000000000)=@fragment={0x3b, 0x0, 0x1, 0x0, 0x0, 0x6, 0x68}, 0x8) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000080)={0x4, @vbi={0x9, 0x8000, 0x5, 0x20385655, [0x1, 0x9], [0x722, 0x3], 0x2}}) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e24, @local}, 0x64) 2.932473884s ago: executing program 3 (id=204): r0 = socket$inet(0xa, 0x801, 0x84) listen(r0, 0xfffffffd) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80022061, 0x0) ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, 0x0) r4 = socket$inet(0xa, 0x801, 0x84) listen(r4, 0xfffffffd) r5 = socket$inet(0xa, 0x801, 0x84) listen(r5, 0x8) r6 = socket$inet(0xa, 0x801, 0x84) r7 = socket$inet6(0xa, 0x5, 0x0) listen(r7, 0x400) listen(r6, 0x8) r8 = socket$netlink(0x10, 0x3, 0x4) writev(r8, &(0x7f00000002c0)=[{&(0x7f00000004c0)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) syz_genetlink_get_family_id$tipc(&(0x7f0000001480), r8) 2.719972769s ago: executing program 0 (id=206): bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e20, @loopback}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000002c0)='macvlan1\x00', 0x10) r0 = io_uring_setup(0x6001, &(0x7f0000000000)={0x0, 0xeec2, 0x800, 0x2, 0x10a}) close_range(r0, r0, 0x0) recvfrom(0xffffffffffffffff, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb) 2.35088905s ago: executing program 0 (id=208): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xd, r0, 0xfffffffffffffffc, &(0x7f00000003c0)) r1 = memfd_secret(0x80000) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r1, 0x0) ftruncate(r1, 0x3) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 2.220790759s ago: executing program 3 (id=210): r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) readv(r1, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/109, 0x6d}], 0x1) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) syz_memcpy_off$KVM_EXIT_MMIO(r0, 0x20, &(0x7f00000004c0)="9266b709b6a124c788f903c38e5f6f0102c2de5d1cb867eb", 0x0, 0x18) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}}) 1.981249212s ago: executing program 1 (id=212): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x401f5, 0x4) 1.784689151s ago: executing program 1 (id=214): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x483, 0x0, 0xfff}]}) 1.659563043s ago: executing program 2 (id=215): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) write$P9_RSETATTR(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x20000000000002, 0x2) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x2, 0x30}, 0xc) write$FUSE_BMAP(r2, &(0x7f0000000580)={0x18, 0xffffffffffffffda, 0x0, {0x6}}, 0x18) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 1.622956057s ago: executing program 3 (id=216): openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x40000073, 0x0, 0x81}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x5, 0x400000, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x200000000005, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x99e, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1.473698828s ago: executing program 0 (id=217): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10) read$FUSE(r0, &(0x7f00000057c0)={0x2020}, 0xfffc) 1.381507411s ago: executing program 2 (id=218): r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_group_source_req(r1, 0x0, 0x2f, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.279296415s ago: executing program 0 (id=219): mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x188) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a0"], 0x50) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b0000000700000002"], 0x50) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="10"], 0x10) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[], 0xa8) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x10, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 1.125635678s ago: executing program 0 (id=220): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r3, 0x0, r2, 0x0, 0x6, 0x0) write$binfmt_script(r2, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffe) read$FUSE(r1, &(0x7f0000001600)={0x2020}, 0x2020) socket$nl_route(0x10, 0x3, 0x0) 1.125241919s ago: executing program 2 (id=221): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000000240), 0x1a7c, r0}, 0x38) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x901800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil}) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.065694798s ago: executing program 1 (id=222): r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x2008000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc042, 0x1ff) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000140)=0x80000) 949.920142ms ago: executing program 1 (id=223): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x7, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) 756.354961ms ago: executing program 1 (id=224): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x2005}], 0x1c) sendmsg$inet6(r0, 0x0, 0x4048043) r2 = dup(r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x84, &(0x7f00000008c0)={0x0, @in={{0x2, 0x4e24, @loopback}}, 0x651, 0x5}, 0x90) 633.714506ms ago: executing program 3 (id=225): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) r3 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000)={0x2000}) fcntl$dupfd(r2, 0x406, r1) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000080)) close_range(r0, 0xffffffffffffffff, 0x0) 598.325643ms ago: executing program 1 (id=226): r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e24, 0x3, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x3}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001980)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x64}, 0x10}, 0x1c, 0x0}}], 0x40000000000024e, 0x20002040) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c) 575.317606ms ago: executing program 2 (id=227): r0 = fanotify_init(0x200, 0x0) r1 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1) r2 = dup(r1) fanotify_mark(r0, 0x1, 0x48000047, r2, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x2c0, 0x300, &(0x7f0000000180)=[0x6bd1a312, 0xec63, 0xff, 0x8, 0x98b9, 0x80000000000000c, 0x0, 0x100000000000004, 0x10000, 0x100, 0xfe51, 0x0, 0x3, 0x5, 0x5, 0x49, 0x3fc, 0x4, 0x0, 0x9, 0x8, 0x7, 0x1c1, 0x1000000003, 0x2, 0x2, 0x6, 0x7, 0x96, 0x1, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x3, 0x4, 0x8, 0x6, 0x6, 0x8000003, 0xa3de, 0x4e, 0x8, 0x5c3e, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffff8, 0x4, 0xe, 0x7, 0x0, 0xe6, 0x200000000000101, 0x5, 0x100004, 0x63, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0xc, 0xd, 0x5929, 0xe8, 0x80000000, 0xfffffffffffffc00, 0x2, 0x4, 0x2, 0x2, 0x7, 0x7, 0x3, 0x2, 0x8, 0xfff, 0x101, 0x4, 0x6, 0xab6, 0x4, 0x4, 0x1, 0x80000007, 0xb, 0x39790, 0x6, 0xe, 0x5, 0x400000000008061d, 0x10000003, 0x8, 0x6, 0x4, 0x4, 0x200, 0xfffffffffffffffc, 0xe53e, 0x2c, 0x8, 0x2293332f, 0x6, 0x5, 0x0, 0xd, 0x3, 0x5, 0x1, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x4cb, 0x8, 0x3, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb690, 0x3ffc00000, 0x8, 0x3]}) r3 = memfd_create(&(0x7f00000001c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0\xbc]\x12\xc0D\x9f\x80\x8f\xfe\xf2\xc2)\xccm\xacz\xc1\xad\xe4\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) write$binfmt_elf32(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03"], 0xd8) execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 454.034222ms ago: executing program 3 (id=228): ioctl$KVM_SET_XSAVE(0xffffffffffffffff, 0x5000aea5, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000001080)=ANY=[@ANYBLOB="7f454c4604fd0a060300000000"], 0x6e1) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x109c00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @ioapic={0xf000, 0x6, 0x8, 0x8c66, 0x0, [{0xf, 0x9, 0x8, '\x00', 0x18}, {0x4, 0x81, 0x0, '\x00', 0xb3}, {0xf0, 0x3, 0xb, '\x00', 0x4}, {0x2, 0x4, 0xfe, '\x00', 0x8}, {0x1, 0x71, 0x7f, '\x00', 0x6}, {0xe, 0x8, 0x6a, '\x00', 0x81}, {0x8, 0x5, 0x5e}, {0x7, 0x29, 0x6}, {0x7, 0x18, 0x14, '\x00', 0x7}, {0x5, 0x81, 0x0, '\x00', 0x5}, {0x70, 0x6b, 0xa0, '\x00', 0x40}, {0x81, 0xb}, {0x6, 0x6, 0x27, '\x00', 0x9}, {0x2, 0x1, 0xfa, '\x00', 0xe}, {0x4, 0x2, 0x1, '\x00', 0x7b}, {0xc0, 0x9, 0x36, '\x00', 0x3e}, {0x8, 0x3c, 0xa, '\x00', 0x5}, {0xfe, 0xb, 0x6}, {0x2, 0x2, 0x9, '\x00', 0x9}, {0x7f, 0xb6, 0x56, '\x00', 0x3}, {0xed, 0xfc, 0x5, '\x00', 0x2}, {0x0, 0xd, 0x3, '\x00', 0x86}, {0xa, 0x1, 0x3, '\x00', 0x6}, {0x0, 0x2, 0x1, '\x00', 0x9}]}}) 377.693296ms ago: executing program 2 (id=229): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x0, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000380)={0x0, r2}) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000040)={0x3, 0xffffffffffffffff, 0x1}) 216.05575ms ago: executing program 0 (id=230): timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x3fd4, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) r1 = shmget$private(0x0, 0x400000, 0x184, &(0x7f0000c00000/0x400000)=nil) shmat(r1, &(0x7f00001b2000/0x3000)=nil, 0x2000) 146.067974ms ago: executing program 2 (id=231): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0x28}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) r1 = io_uring_setup(0x5594, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x1, 0x21e}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 0s ago: executing program 3 (id=232): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_migrate_pages\x00', r1, 0x0, 0x9}, 0x18) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.50' (ED25519) to the list of known hosts. [ 70.282740][ T5845] cgroup: Unknown subsys name 'net' [ 70.432215][ T5845] cgroup: Unknown subsys name 'cpuset' [ 70.440696][ T5845] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 71.461215][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.467815][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.883124][ T5845] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 76.669215][ T5866] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.678375][ T5872] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 76.687848][ T5872] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.697534][ T5872] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.705839][ T5872] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 76.708135][ T5871] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.717744][ T5872] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 76.722471][ T5871] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 76.727741][ T5872] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.735251][ T5871] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 76.748687][ T5871] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 76.755801][ T5871] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.765992][ T5871] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.773351][ T5871] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 76.780598][ T5872] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 76.796371][ T5873] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 76.804232][ T5872] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.813061][ T5872] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 76.826783][ T5874] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.829544][ T5872] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 76.835193][ T5874] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.841377][ T5872] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 76.867409][ T5863] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.870829][ T5872] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 76.882695][ T5872] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 77.544263][ T5869] chnl_net:caif_netlink_parms(): no params data found [ 77.572405][ T5855] chnl_net:caif_netlink_parms(): no params data found [ 77.670536][ T5861] chnl_net:caif_netlink_parms(): no params data found [ 77.736229][ T5857] chnl_net:caif_netlink_parms(): no params data found [ 77.882211][ T5856] chnl_net:caif_netlink_parms(): no params data found [ 77.914650][ T5869] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.922002][ T5869] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.930716][ T5869] bridge_slave_0: entered allmulticast mode [ 77.938265][ T5869] bridge_slave_0: entered promiscuous mode [ 77.953800][ T5869] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.961027][ T5869] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.969036][ T5869] bridge_slave_1: entered allmulticast mode [ 77.976761][ T5869] bridge_slave_1: entered promiscuous mode [ 77.984384][ T5855] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.991654][ T5855] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.998919][ T5855] bridge_slave_0: entered allmulticast mode [ 78.005887][ T5855] bridge_slave_0: entered promiscuous mode [ 78.077216][ T5855] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.084333][ T5855] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.091995][ T5855] bridge_slave_1: entered allmulticast mode [ 78.100118][ T5855] bridge_slave_1: entered promiscuous mode [ 78.129174][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.136332][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.143619][ T5861] bridge_slave_0: entered allmulticast mode [ 78.150612][ T5861] bridge_slave_0: entered promiscuous mode [ 78.158787][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.165921][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.173428][ T5861] bridge_slave_1: entered allmulticast mode [ 78.181493][ T5861] bridge_slave_1: entered promiscuous mode [ 78.253823][ T5869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.275638][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.283202][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.291747][ T5857] bridge_slave_0: entered allmulticast mode [ 78.298897][ T5857] bridge_slave_0: entered promiscuous mode [ 78.328391][ T5869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.340097][ T5855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.354092][ T5855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.363599][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.370931][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.378315][ T5857] bridge_slave_1: entered allmulticast mode [ 78.385391][ T5857] bridge_slave_1: entered promiscuous mode [ 78.394215][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.474894][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.500283][ T5869] team0: Port device team_slave_0 added [ 78.506461][ T5856] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.513680][ T5856] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.520980][ T5856] bridge_slave_0: entered allmulticast mode [ 78.529249][ T5856] bridge_slave_0: entered promiscuous mode [ 78.563533][ T5857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.586744][ T5869] team0: Port device team_slave_1 added [ 78.592984][ T5856] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.600530][ T5856] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.608224][ T5856] bridge_slave_1: entered allmulticast mode [ 78.615199][ T5856] bridge_slave_1: entered promiscuous mode [ 78.635430][ T5855] team0: Port device team_slave_0 added [ 78.644447][ T5857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.694990][ T5855] team0: Port device team_slave_1 added [ 78.731009][ T5861] team0: Port device team_slave_0 added [ 78.753437][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.760493][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.786492][ T5869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.802715][ T5856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.836452][ T5861] team0: Port device team_slave_1 added [ 78.860000][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.867616][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.893883][ T5869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.907843][ T5866] Bluetooth: hci3: command tx timeout [ 78.908177][ T5872] Bluetooth: hci2: command tx timeout [ 78.913650][ T53] Bluetooth: hci0: command tx timeout [ 78.925369][ T5856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.935467][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.942899][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.968839][ T5855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.982028][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.989137][ T5866] Bluetooth: hci1: command tx timeout [ 78.989466][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.994830][ T5866] Bluetooth: hci4: command tx timeout [ 79.025822][ T5855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.039869][ T5857] team0: Port device team_slave_0 added [ 79.083910][ T5857] team0: Port device team_slave_1 added [ 79.119372][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.126340][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.152534][ T5857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.165333][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.172451][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.198870][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.211167][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.218190][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.244116][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.269591][ T5856] team0: Port device team_slave_0 added [ 79.278869][ T5856] team0: Port device team_slave_1 added [ 79.285509][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.292538][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.319622][ T5857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.419259][ T5857] hsr_slave_0: entered promiscuous mode [ 79.425625][ T5857] hsr_slave_1: entered promiscuous mode [ 79.504468][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.511513][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.538151][ T5856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.550983][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.558620][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.584595][ T5856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.609564][ T5855] hsr_slave_0: entered promiscuous mode [ 79.615906][ T5855] hsr_slave_1: entered promiscuous mode [ 79.622903][ T5855] debugfs: 'hsr0' already exists in 'hsr' [ 79.628898][ T5855] Cannot create hsr debugfs directory [ 79.640943][ T5869] hsr_slave_0: entered promiscuous mode [ 79.647490][ T5869] hsr_slave_1: entered promiscuous mode [ 79.653535][ T5869] debugfs: 'hsr0' already exists in 'hsr' [ 79.659633][ T5869] Cannot create hsr debugfs directory [ 79.682085][ T5861] hsr_slave_0: entered promiscuous mode [ 79.689030][ T5861] hsr_slave_1: entered promiscuous mode [ 79.695049][ T5861] debugfs: 'hsr0' already exists in 'hsr' [ 79.701244][ T5861] Cannot create hsr debugfs directory [ 79.877553][ T5856] hsr_slave_0: entered promiscuous mode [ 79.883791][ T5856] hsr_slave_1: entered promiscuous mode [ 79.889998][ T5856] debugfs: 'hsr0' already exists in 'hsr' [ 79.895737][ T5856] Cannot create hsr debugfs directory [ 80.393832][ T5857] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 80.406483][ T5857] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 80.428948][ T5857] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 80.452726][ T5857] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 80.504193][ T5869] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.515232][ T5869] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.543188][ T5869] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.555458][ T5869] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.625727][ T5855] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.641724][ T5855] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.654151][ T5855] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.675966][ T5855] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.770225][ T5856] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.791320][ T5856] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.813010][ T5856] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.862728][ T5856] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 80.946148][ T5857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.977957][ T5866] Bluetooth: hci2: command tx timeout [ 80.978018][ T53] Bluetooth: hci3: command tx timeout [ 80.983416][ T5866] Bluetooth: hci0: command tx timeout [ 81.014937][ T5861] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 81.036780][ T5861] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 81.050452][ T5861] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 81.058062][ T5872] Bluetooth: hci4: command tx timeout [ 81.063160][ T5866] Bluetooth: hci1: command tx timeout [ 81.086149][ T5857] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.093146][ T5861] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.130483][ T1005] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.137937][ T1005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.170213][ T1005] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.177413][ T1005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.212415][ T5855] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.242938][ T5869] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.314925][ T5869] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.339700][ T5855] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.362878][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.383950][ T3494] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.391108][ T3494] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.428047][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.435227][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.446121][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.453276][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.480420][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.487651][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.516028][ T5856] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.531727][ T5857] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.564233][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.571432][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.637450][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.654125][ T3494] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.661381][ T3494] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.746407][ T5861] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.855008][ T1005] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.862181][ T1005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.953296][ T51] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.960482][ T51] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.006303][ T5856] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 82.034988][ T5856] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.230276][ T5857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.413866][ T5869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.461512][ T5855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.565373][ T5869] veth0_vlan: entered promiscuous mode [ 82.652991][ T5869] veth1_vlan: entered promiscuous mode [ 82.760555][ T5855] veth0_vlan: entered promiscuous mode [ 82.801380][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.844099][ T5869] veth0_macvtap: entered promiscuous mode [ 82.883343][ T5855] veth1_vlan: entered promiscuous mode [ 82.912118][ T5869] veth1_macvtap: entered promiscuous mode [ 82.942692][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.979422][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.993281][ T5855] veth0_macvtap: entered promiscuous mode [ 83.022933][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.034854][ T5856] veth0_vlan: entered promiscuous mode [ 83.059150][ T5866] Bluetooth: hci3: command tx timeout [ 83.059466][ T5872] Bluetooth: hci2: command tx timeout [ 83.070128][ T5866] Bluetooth: hci0: command tx timeout [ 83.080443][ T5855] veth1_macvtap: entered promiscuous mode [ 83.094509][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.104970][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.130722][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.140520][ T5872] Bluetooth: hci1: command tx timeout [ 83.147787][ T5872] Bluetooth: hci4: command tx timeout [ 83.154340][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.179317][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.187928][ T5856] veth1_vlan: entered promiscuous mode [ 83.213806][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.236920][ T5857] veth0_vlan: entered promiscuous mode [ 83.261213][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.270785][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.294939][ T5861] veth0_vlan: entered promiscuous mode [ 83.311486][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.320484][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.349379][ T5857] veth1_vlan: entered promiscuous mode [ 83.381198][ T5861] veth1_vlan: entered promiscuous mode [ 83.466062][ T5856] veth0_macvtap: entered promiscuous mode [ 83.494093][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.494312][ T5856] veth1_macvtap: entered promiscuous mode [ 83.512086][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.545567][ T1528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.555296][ T1528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.574633][ T5861] veth0_macvtap: entered promiscuous mode [ 83.602114][ T5861] veth1_macvtap: entered promiscuous mode [ 83.610966][ T1528] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.613944][ T5857] veth0_macvtap: entered promiscuous mode [ 83.625212][ T1528] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.632393][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.672385][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.682885][ T5857] veth1_macvtap: entered promiscuous mode [ 83.710334][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.733536][ T5869] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 83.746583][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.766444][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.787212][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.790722][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.795056][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.843866][ T1528] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.878539][ T1528] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.902597][ T1528] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.912884][ T1528] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.972268][ T1528] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.984304][ T1528] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.039586][ T5980] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 84.044220][ T1528] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.076686][ T1528] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.118301][ T1528] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.160342][ T1005] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.182468][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.195101][ T1005] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.197099][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.212274][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.320525][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.335685][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.396694][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.411995][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.502625][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.531846][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.634237][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.666889][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.698518][ T3494] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.720840][ T3494] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.017033][ T30] audit: type=1326 audit(1757170634.358:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.102800][ T30] audit: type=1326 audit(1757170634.368:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.150888][ T30] audit: type=1326 audit(1757170634.368:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.152692][ T5872] Bluetooth: hci2: command tx timeout [ 85.174749][ T30] audit: type=1326 audit(1757170634.368:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.179906][ T5872] Bluetooth: hci0: command tx timeout [ 85.207324][ T5872] Bluetooth: hci3: command tx timeout [ 85.221728][ T30] audit: type=1326 audit(1757170634.368:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.227660][ T6002] fuse: Unknown parameter 'fd0x0000000000000003' [ 85.250124][ T5866] Bluetooth: hci4: command tx timeout [ 85.250137][ T5872] Bluetooth: hci1: command tx timeout [ 85.266499][ T30] audit: type=1326 audit(1757170634.378:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.296886][ T30] audit: type=1326 audit(1757170634.378:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.319735][ T30] audit: type=1326 audit(1757170634.378:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.341724][ T30] audit: type=1326 audit(1757170634.378:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 85.427096][ T30] audit: type=1326 audit(1757170634.378:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4cef98ebe9 code=0x7ffc0000 [ 86.826170][ T24] cfg80211: failed to load regulatory.db [ 87.263911][ T6054] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 88.192630][ T6085] kvm: user requested TSC rate below hardware speed [ 88.273332][ T6091] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 90.596246][ T6157] kvm: pic: level sensitive irq not supported [ 90.596404][ T6157] kvm: pic: non byte read [ 90.641163][ T6157] kvm: pic: level sensitive irq not supported [ 90.641260][ T6157] kvm: pic: non byte read [ 91.268405][ T6182] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3343437945 (53495007120 ns) > initial count (52285443328 ns). Using initial count to start timer. [ 91.318949][ T6182] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3089888063 (3089888063 ns) > initial count (2126324423 ns). Using initial count to start timer. [ 92.501805][ T6233] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 92.511680][ T6232] process 'syz.1.99' launched './file1' with NULL argv: empty string added [ 95.485819][ T6316] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 96.412650][ T6346] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3089888063 (3089888063 ns) > initial count (2126324423 ns). Using initial count to start timer. [ 98.135564][ T6387] fuse: Unknown parameter 'use00000000000000000000' [ 100.798531][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 100.798547][ T30] audit: type=1326 audit(1757170650.168:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6437 comm="syz.1.179" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b7cd8ebe9 code=0x0 [ 100.879708][ T30] audit: type=1326 audit(1757170650.168:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6437 comm="syz.1.179" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b7cd8ebe9 code=0x0 [ 103.111958][ T6479] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3343437945 (53495007120 ns) > initial count (52285443328 ns). Using initial count to start timer. [ 103.216368][ T6480] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3089888063 (3089888063 ns) > initial count (2126324423 ns). Using initial count to start timer. [ 104.835441][ T0] NOHZ tick-stop error: local softirq work is pending, handler #41!!! [ 104.897421][ T5940] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 105.073287][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.117526][ T5940] usb 5-1: Using ep0 maxpacket: 32 [ 105.257068][ T5940] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 105.265377][ T5940] usb 5-1: config 0 has no interface number 0 [ 105.309166][ T5940] usb 5-1: too many endpoints for config 0 interface 184 altsetting 7: 247, using maximum allowed: 30 [ 105.370677][ T5940] usb 5-1: config 0 interface 184 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 247 [ 105.401693][ T5940] usb 5-1: config 0 interface 184 has no altsetting 0 [ 105.457096][ T5940] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 105.484096][ T5940] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.542762][ T5940] usb 5-1: Product: syz [ 105.627121][ T5940] usb 5-1: Manufacturer: syz [ 105.637186][ T5940] usb 5-1: SerialNumber: syz [ 105.759935][ T5940] usb 5-1: config 0 descriptor?? [ 105.803411][ T5940] smsc75xx v1.0.0 [ 105.813453][ T5940] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 105.868300][ T5940] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -22 [ 105.957100][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 107.142044][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 107.153391][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 107.611486][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 108.079399][ T6567] ================================================================== [ 108.087511][ T6567] BUG: KASAN: null-ptr-deref in io_sqe_buffer_register+0x369/0x20a0 [ 108.095535][ T6567] Read of size 8 at addr 0000000000000000 by task syz.2.231/6567 [ 108.103269][ T6567] [ 108.105627][ T6567] CPU: 1 UID: 0 PID: 6567 Comm: syz.2.231 Not tainted syzkaller #0 PREEMPT(full) [ 108.105652][ T6567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 108.105671][ T6567] Call Trace: [ 108.105679][ T6567] [ 108.105688][ T6567] dump_stack_lvl+0x189/0x250 [ 108.105716][ T6567] ? __pfx_dump_stack_lvl+0x10/0x10 [ 108.105737][ T6567] ? _raw_spin_lock_irqsave+0xb3/0xf0 [ 108.105766][ T6567] ? __virt_addr_valid+0x7c/0x5c0 [ 108.105790][ T6567] ? io_sqe_buffer_register+0x369/0x20a0 [ 108.105815][ T6567] kasan_report+0x118/0x150 [ 108.105842][ T6567] ? rcu_is_watching+0x15/0xb0 [ 108.105861][ T6567] ? io_sqe_buffer_register+0x369/0x20a0 [ 108.105887][ T6567] kasan_check_range+0x2b0/0x2c0 [ 108.105915][ T6567] io_sqe_buffer_register+0x369/0x20a0 [ 108.105946][ T6567] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 108.105971][ T6567] ? trace_kmalloc+0x1f/0xd0 [ 108.105993][ T6567] ? __kvmalloc_node_noprof+0x5ed/0x910 [ 108.106018][ T6567] ? io_sqe_buffers_register+0x138/0x8e0 [ 108.106067][ T6567] ? iovec_from_user+0x1ba/0x250 [ 108.106091][ T6567] io_sqe_buffers_register+0x3b9/0x8e0 [ 108.106119][ T6567] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 108.106142][ T6567] ? __fget_files+0x3a0/0x420 [ 108.106167][ T6567] ? __fget_files+0x2a/0x420 [ 108.106193][ T6567] ? io_is_uring_fops+0xd/0x50 [ 108.106220][ T6567] __se_sys_io_uring_register+0xb85/0x11b0 [ 108.106241][ T6567] ? __se_sys_futex+0x36f/0x400 [ 108.106263][ T6567] ? __pfx___se_sys_io_uring_register+0x10/0x10 [ 108.106285][ T6567] ? rcu_is_watching+0x15/0xb0 [ 108.106304][ T6567] ? do_syscall_64+0xbe/0xfa0 [ 108.106324][ T6567] do_syscall_64+0xfa/0xfa0 [ 108.106342][ T6567] ? lockdep_hardirqs_on+0x9c/0x150 [ 108.106361][ T6567] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.106380][ T6567] ? clear_bhb_loop+0x60/0xb0 [ 108.106400][ T6567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.106419][ T6567] RIP: 0033:0x7f357098ebe9 [ 108.106444][ T6567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.106461][ T6567] RSP: 002b:00007f357185a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 108.106481][ T6567] RAX: ffffffffffffffda RBX: 00007f3570bc5fa0 RCX: 00007f357098ebe9 [ 108.106495][ T6567] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000004 [ 108.106508][ T6567] RBP: 00007f3570a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 108.106521][ T6567] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000000 [ 108.106534][ T6567] R13: 00007f3570bc6038 R14: 00007f3570bc5fa0 R15: 00007ffcb8592328 [ 108.106557][ T6567] [ 108.106563][ T6567] ================================================================== [ 108.438007][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 108.447671][ T6567] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 108.454985][ T6567] CPU: 0 UID: 0 PID: 6567 Comm: syz.2.231 Not tainted syzkaller #0 PREEMPT(full) [ 108.464200][ T6567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 108.474278][ T6567] Call Trace: [ 108.477563][ T6567] [ 108.480513][ T6567] dump_stack_lvl+0x99/0x250 [ 108.485133][ T6567] ? __asan_memcpy+0x40/0x70 [ 108.489742][ T6567] ? __pfx_dump_stack_lvl+0x10/0x10 [ 108.494953][ T6567] ? __pfx__printk+0x10/0x10 [ 108.499562][ T6567] vpanic+0x237/0x6d0 [ 108.503552][ T6567] ? __pfx_vpanic+0x10/0x10 [ 108.508067][ T6567] ? preempt_schedule+0xae/0xc0 [ 108.512932][ T6567] ? __pfx_preempt_schedule+0x10/0x10 [ 108.518314][ T6567] panic+0xb9/0xc0 [ 108.522085][ T6567] ? __pfx_panic+0x10/0x10 [ 108.526516][ T6567] ? _raw_spin_unlock_irqrestore+0xfd/0x110 [ 108.532435][ T6567] ? io_sqe_buffer_register+0x369/0x20a0 [ 108.538089][ T6567] check_panic_on_warn+0x89/0xb0 [ 108.543047][ T6567] ? io_sqe_buffer_register+0x369/0x20a0 [ 108.548690][ T6567] end_report+0x78/0x160 [ 108.552954][ T6567] kasan_report+0x129/0x150 [ 108.557460][ T6567] ? rcu_is_watching+0x15/0xb0 [ 108.562240][ T6567] ? io_sqe_buffer_register+0x369/0x20a0 [ 108.567874][ T6567] kasan_check_range+0x2b0/0x2c0 [ 108.572811][ T6567] io_sqe_buffer_register+0x369/0x20a0 [ 108.578368][ T6567] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 108.584278][ T6567] ? trace_kmalloc+0x1f/0xd0 [ 108.588861][ T6567] ? __kvmalloc_node_noprof+0x5ed/0x910 [ 108.594405][ T6567] ? io_sqe_buffers_register+0x138/0x8e0 [ 108.600029][ T6567] ? iovec_from_user+0x1ba/0x250 [ 108.604965][ T6567] io_sqe_buffers_register+0x3b9/0x8e0 [ 108.610425][ T6567] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 108.616405][ T6567] ? __fget_files+0x3a0/0x420 [ 108.621084][ T6567] ? __fget_files+0x2a/0x420 [ 108.625673][ T6567] ? io_is_uring_fops+0xd/0x50 [ 108.630522][ T6567] __se_sys_io_uring_register+0xb85/0x11b0 [ 108.636373][ T6567] ? __se_sys_futex+0x36f/0x400 [ 108.641230][ T6567] ? __pfx___se_sys_io_uring_register+0x10/0x10 [ 108.647466][ T6567] ? rcu_is_watching+0x15/0xb0 [ 108.652222][ T6567] ? do_syscall_64+0xbe/0xfa0 [ 108.656890][ T6567] do_syscall_64+0xfa/0xfa0 [ 108.661381][ T6567] ? lockdep_hardirqs_on+0x9c/0x150 [ 108.666667][ T6567] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.672729][ T6567] ? clear_bhb_loop+0x60/0xb0 [ 108.677399][ T6567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.683283][ T6567] RIP: 0033:0x7f357098ebe9 [ 108.687689][ T6567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.707286][ T6567] RSP: 002b:00007f357185a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 108.715700][ T6567] RAX: ffffffffffffffda RBX: 00007f3570bc5fa0 RCX: 00007f357098ebe9 [ 108.723665][ T6567] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000004 [ 108.731628][ T6567] RBP: 00007f3570a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 108.739596][ T6567] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000000 [ 108.747565][ T6567] R13: 00007f3570bc6038 R14: 00007f3570bc5fa0 R15: 00007ffcb8592328 [ 108.755540][ T6567] [ 108.758780][ T6567] Kernel Offset: disabled [ 108.763197][ T6567] Rebooting in 86400 seconds..