last executing test programs: 1m15.589251523s ago: executing program 1 (id=3309): socket$l2tp(0x2, 0x2, 0x73) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="e9240000003f00000000a324a75d59"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x62040200) unshare(0x62040200) r3 = syz_open_dev$sg(&(0x7f0000000080), 0x9, 0x115380) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x7fffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$EBT_SO_GET_ENTRIES(r5, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="b1a0bb640950da6dde54fc1a52b795b80d194ee5c57f01a67aefb3ab616662359a4a100b3bbd94c2d5c29b3a533530f5e6a61b08d7d4a7ede4cd322a65"]) ftruncate(r7, 0x200004) sendfile(0xffffffffffffffff, r7, 0x0, 0x80001d00c0d1) ioctl$VIDIOC_G_JPEGCOMP(r7, 0x808c563d, &(0x7f0000000480)) bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40) syz_usb_connect(0x0, 0x24, 0x0, 0x0) 1m0.755023091s ago: executing program 1 (id=3309): socket$l2tp(0x2, 0x2, 0x73) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="e9240000003f00000000a324a75d59"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x62040200) unshare(0x62040200) r3 = syz_open_dev$sg(&(0x7f0000000080), 0x9, 0x115380) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x7fffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$EBT_SO_GET_ENTRIES(r5, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="b1a0bb640950da6dde54fc1a52b795b80d194ee5c57f01a67aefb3ab616662359a4a100b3bbd94c2d5c29b3a533530f5e6a61b08d7d4a7ede4cd322a65"]) ftruncate(r7, 0x200004) sendfile(0xffffffffffffffff, r7, 0x0, 0x80001d00c0d1) ioctl$VIDIOC_G_JPEGCOMP(r7, 0x808c563d, &(0x7f0000000480)) bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40) syz_usb_connect(0x0, 0x24, 0x0, 0x0) 45.616531484s ago: executing program 1 (id=3309): socket$l2tp(0x2, 0x2, 0x73) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="e9240000003f00000000a324a75d59"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x62040200) unshare(0x62040200) r3 = syz_open_dev$sg(&(0x7f0000000080), 0x9, 0x115380) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x7fffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$EBT_SO_GET_ENTRIES(r5, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="b1a0bb640950da6dde54fc1a52b795b80d194ee5c57f01a67aefb3ab616662359a4a100b3bbd94c2d5c29b3a533530f5e6a61b08d7d4a7ede4cd322a65"]) ftruncate(r7, 0x200004) sendfile(0xffffffffffffffff, r7, 0x0, 0x80001d00c0d1) ioctl$VIDIOC_G_JPEGCOMP(r7, 0x808c563d, &(0x7f0000000480)) bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40) syz_usb_connect(0x0, 0x24, 0x0, 0x0) 33.121525692s ago: executing program 1 (id=3309): socket$l2tp(0x2, 0x2, 0x73) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="e9240000003f00000000a324a75d59"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x62040200) unshare(0x62040200) r3 = syz_open_dev$sg(&(0x7f0000000080), 0x9, 0x115380) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x7fffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$EBT_SO_GET_ENTRIES(r5, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="b1a0bb640950da6dde54fc1a52b795b80d194ee5c57f01a67aefb3ab616662359a4a100b3bbd94c2d5c29b3a533530f5e6a61b08d7d4a7ede4cd322a65"]) ftruncate(r7, 0x200004) sendfile(0xffffffffffffffff, r7, 0x0, 0x80001d00c0d1) ioctl$VIDIOC_G_JPEGCOMP(r7, 0x808c563d, &(0x7f0000000480)) bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40) syz_usb_connect(0x0, 0x24, 0x0, 0x0) 18.751010522s ago: executing program 1 (id=3309): socket$l2tp(0x2, 0x2, 0x73) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="e9240000003f00000000a324a75d59"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x62040200) unshare(0x62040200) r3 = syz_open_dev$sg(&(0x7f0000000080), 0x9, 0x115380) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x7fffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$EBT_SO_GET_ENTRIES(r5, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="b1a0bb640950da6dde54fc1a52b795b80d194ee5c57f01a67aefb3ab616662359a4a100b3bbd94c2d5c29b3a533530f5e6a61b08d7d4a7ede4cd322a65"]) ftruncate(r7, 0x200004) sendfile(0xffffffffffffffff, r7, 0x0, 0x80001d00c0d1) ioctl$VIDIOC_G_JPEGCOMP(r7, 0x808c563d, &(0x7f0000000480)) bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40) syz_usb_connect(0x0, 0x24, 0x0, 0x0) 7.00343408s ago: executing program 0 (id=3808): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x8, 0x2, 0x7}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000540)={0x0, 0x0, r4, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000400)={r5, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100)={r6, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r7}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f00000001c0)={r8, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000200)={0x0, 0x0, r9}) 6.697339401s ago: executing program 3 (id=3810): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000480)=[{0x0}], 0x1, &(0x7f0000000700)=[@rights={{0xc}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x4c}, 0x10000) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) sendto(r0, &(0x7f00000001c0)="25ff8571999e1f778f0350a97e44f1b970763fa07dc8b9fe0b9017ffc8854e8baaf1413c31b7dba484267bac5aae083558afab07716cf0ad72832b1320411e32c81cd67fabb0652f0b850dfaf75004cfc278cdee43f3810d6f2d643c16f679b7697cb0", 0xfffffffffffffee9, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000007000000140001800500020001000000080006000e000000ddcba1fb79731b12384541a6ad"], 0x28}}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) gettid() 6.557127303s ago: executing program 0 (id=3812): getsockopt(0xffffffffffffffff, 0xfffffff7, 0x0, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000080)=""/107, 0x6b}], 0x1) sched_setaffinity(0x0, 0x4, &(0x7f0000000200)=0x400000002) r2 = syz_open_dev$MSR(&(0x7f0000000440), 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$MSR(0x0, 0x0, 0x0) syz_open_dev$usbfs(0x0, 0x79, 0x101301) 6.48693879s ago: executing program 2 (id=3813): r0 = socket$inet6(0xa, 0x80803, 0x83) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) socket$inet_smc(0x2b, 0x1, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e06018000020000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/184, 0xb8) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x4c}}, 0x0) sendto$inet(r3, 0x0, 0x0, 0x200007fd, 0x0, 0x0) sendmsg$inet(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0) recvmmsg(r3, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close(0xffffffffffffffff) socket(0x840000000002, 0x3, 0x100) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) close(r6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'veth1_macvtap\x00', @multicast}) fsmount(0xffffffffffffffff, 0x0, 0x80) 6.035593191s ago: executing program 1 (id=3309): socket$l2tp(0x2, 0x2, 0x73) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="e9240000003f00000000a324a75d59"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x62040200) unshare(0x62040200) r3 = syz_open_dev$sg(&(0x7f0000000080), 0x9, 0x115380) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x7fffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$EBT_SO_GET_ENTRIES(r5, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="b1a0bb640950da6dde54fc1a52b795b80d194ee5c57f01a67aefb3ab616662359a4a100b3bbd94c2d5c29b3a533530f5e6a61b08d7d4a7ede4cd322a65"]) ftruncate(r7, 0x200004) sendfile(0xffffffffffffffff, r7, 0x0, 0x80001d00c0d1) ioctl$VIDIOC_G_JPEGCOMP(r7, 0x808c563d, &(0x7f0000000480)) bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40) syz_usb_connect(0x0, 0x24, 0x0, 0x0) 4.440567325s ago: executing program 0 (id=3814): r0 = getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000400)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2db, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, &(0x7f0000000100)=""/47, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000500)=""/69, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000016c0)) ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af00, &(0x7f0000000140)) r2 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000180)=r2) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000380)={0x0, r2}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) 4.440142036s ago: executing program 2 (id=3815): syz_emit_vhci(0x0, 0x22) openat$uinput(0xffffff9c, &(0x7f0000000300), 0x2, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000a00)) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, 0x0) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bad547412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a63506e8cb76bba42c6bee078240ec871a2bcf7dd5691833ac53a02f361"], 0xd) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042c111ec80000000000000000009f9a0a530437dd49d554bc912e628c000800040031"], 0x14) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{0x0}], 0x1, 0x400000, 0x81) syz_emit_vhci(0x0, 0xe3) socket$inet6(0xa, 0x6, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r3}}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000440)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000340), r3, 0x0, 0x1, 0x4}}, 0x20) 4.431723143s ago: executing program 3 (id=3816): socket$nl_route(0x10, 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00') socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86ddf9fffffffffffffffc010000000000000000000000000000fe8000000000000000000000000000aa000000000010"], 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xa}, 0x20) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4.287201938s ago: executing program 2 (id=3817): r0 = socket$nl_rdma(0x10, 0x3, 0x14) syz_emit_vhci(&(0x7f00000006c0)=ANY=[], 0x22) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x100010, r0, 0x8aa07000) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) syz_emit_vhci(&(0x7f0000000880)=ANY=[@ANYBLOB="040900000000000000001b73d3f13beeaefe48f8040095402f915170770dc8526bbf87534c2dd1e3e4e7872729e09033ea57dc5551eacc2dfb696c75a310b65ea4bf3288473416c5a12644b31d7672cae43f78ec75d0cef490c0adb3808fb63f4f"], 0xd) syz_emit_vhci(0x0, 0x5c) preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0) ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000200)={&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, 0x0}) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="030f0404000000000000001620"], 0x7) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000ac0)={[0x0, 0x825, 0x4, 0x0, 0x2, 0x8000, 0x1, 0x10005, 0x0, 0xffffffff, 0x0, 0x414, 0x2, 0x10001, 0xfffffffffffff924, 0xffffffff7fffffff], 0x2000, 0x323804}) sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$sock_ifreq(0xffffffffffffffff, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x8}) io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)}, 0x0) openat$vcsu(0xffffff9c, &(0x7f0000001780), 0x200400, 0x0) 4.096648042s ago: executing program 3 (id=3818): socket$l2tp(0x2, 0x2, 0x73) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="e9240000003f00000000a324a75d59"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x62040200) unshare(0x62040200) r3 = syz_open_dev$sg(&(0x7f0000000080), 0x9, 0x115380) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x7fffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$EBT_SO_GET_ENTRIES(r5, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="b1a0bb640950da6dde54fc1a52b795b80d194ee5c57f01a67aefb3ab616662359a4a100b3bbd94c2d5c29b3a533530f5e6a61b08d7d4a7ede4cd322a65"]) ftruncate(r7, 0x200004) sendfile(0xffffffffffffffff, r7, 0x0, 0x80001d00c0d1) ioctl$VIDIOC_G_JPEGCOMP(r7, 0x808c563d, &(0x7f0000000480)) bind$alg(0xffffffffffffffff, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40) syz_usb_connect(0x0, 0x24, 0x0, 0x0) 3.186038648s ago: executing program 0 (id=3819): syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYRES8=r0], &(0x7f0000000100)='GPL\x00', 0x4e8a293b, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/12, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r5) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r6 = inotify_init1(0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) r7 = syz_io_uring_setup(0x353, &(0x7f00000000c0), &(0x7f0000ffb000), &(0x7f0000ffb000)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0x19, 0x20000000, 0x0) fcntl$setown(r6, 0x8, 0xffffffffffffffff) fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, 0x0}) r9 = syz_open_procfs(r8, &(0x7f0000000040)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r9, 0x40086610, &(0x7f0000000180)={@id={0x2, 0x300, @b}}) setsockopt$packet_int(r4, 0x107, 0xa, 0x0, 0x0) setsockopt$packet_rx_ring(r4, 0x107, 0x5, 0x0, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d29863301b0b811f69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff1eec72b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a14c16837394d2b3673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fb9bec59ae347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbde0f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de14275bf4a53e95235ae13768ab3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2befd1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84ae78af8421a22c4b4c17a3d24a4a0104000000000000d77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2c2b5c976dacf3dda7191c757f208000000000000005f7ed983f65723fbb36b9b51abb0dbcd33570000000000000000251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a58275dbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193ad0438cdef7a98a1671a1918df310dc4bfd61c3db4819ab1c57b348a8ff1ed36364a20fe846f11d045de81f069bac8425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb2514a6ae50dbdd422de0f0f8c670000000000390be79688f80c4c314cb1b14afcaa5d23f9032e0ec51f45f447d6a7c798fcf7e60e2180e289410801e4f03a0e140f388f25b92da1025d8409e171a2336ed71cca86eb4658fe06df286e0e20276b0618eeffd05774f15686cd9d3182ca2fec863875f305fed6baf48a594db12582a38cfdffffffffffffff0cf8d920517835fe7d09cfcb624f6931f1cc6f6b71f58de9ddc38e0c43992f6bc57a718d0cfd197b5324b4e05ef1caa96db3ae1f2f2e5791faba2ebbe1a6faf21f2748fb1fb6743c3ca8af4e6b02518c9b7fdc1b5721eb1c3ed98db25536f74ac7861afc94544e52dcb5c60460a05802e3b437ac977bfa26b887a2443e8d559c58187f004eb82b07937df6e96f77ed551926bec4e0188fae10a35d1c5f1768ac6be829be1827f9df303160df18597efba46f1babc3d74adc31ca71bdab9079e4288881b434484eadde9da6b81802842abd462d546c59d87acc014f81d3414759bda12d2a2c6bc1bfa807bd3101eb227184a61107b6d0618e2a3b842671e084ac3f0ff94dc48b51601247318ab4d1c5106458000000000008000000000000cfee0107e6c2fe8639d926829fdbbd86bf591a8c3c235d8939af9d923f648165881a6c29997234406200b3b1c321cc158dbe17123eace3000000000000000000000000000000000000796de6ae4ae40bdf9a6e8c5dc29562262af9cd54e8e3ecc7e3c8cba0ecc791683496c4e5c1a5729714d9f9031f49b400cd2667b4ea6df54809615a4f973f93e6ccec72f16ff998e29ed99df733680a9d5cea57f99cc139b6ea9014f3000000000000000000000000000000000000feeab45a4046a622b0dceb413e4e39b7317e92cbed46b41ab5115bfb542c933783d750852dfdc6656aaf15e10615a88821f2f1bc53969b52d6852755e7681ad5beda80b38ccd34116b99f50b4fdd967b3f20f260455412b675639a26c76840cce40e323bde9d673fceda0ad6981565c8a183d928903b4f4472dde41b6dcd75314c31e704dfcb222c8359fe88944f852242270c932abfaeece0843d708f5cd25b2a63ae1e79723c1c3c013836b47da0a35d0f34c0705caae54024cf8ade6396ff44482284f415e5769d9ae8688a8d5516690aae9ce1c785262734723519b042a161e6efabf263a46ba92254a51ff6502470f3038cf6d8d991931cfd82ea97e1b596133e7754908d912d1054d174f5a731c019f152a5ca2e48599b6d563bfcd8c0950f4292769217a6e309452b14e64ae64ad58ced33582a1b3d2e0c300059fb1ee78cdddb827293de267d64bf47c3c8c419683c948e46de8cea0b232da00ff39ebef3b73b3d6fbeecd3f9ff06b7e08ed8ce2b9b9cf2e08975f5959fa7028f68c525ab173c0c553d21bd1e9176abdf799e7a08d2f3c14e1ca99d525bc3af0ca0f48f145c65b10dfc67803aab67f6b631d3d7e237fec4bc6eacc364b7cdd925973705d40c5a614e354d9b92357845d15ea41ad3e3a98396131f835e17f0cbfbdc59453991e689f9ce19bd4a3b4121e5a8b5dbb519b5556cb70603ceac0b7ca02cb05a01afa3164ca428add947673cdba49a0e6e8aeeddf52c0f0ef224c69a3c96c2fddf56d74c4ae7"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x20, &(0x7f0000000840)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}}, @map_fd={0x18, 0x9, 0x1, 0x0, r9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r9}}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7c0d}}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x3}, @map_fd={0x18, 0x5}], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x90) syz_init_net_socket$x25(0x9, 0x5, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r10, 0x20e, 0xe40, 0xfd000004, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff290000003b0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) socket$nl_generic(0x10, 0x3, 0x10) 2.99103056s ago: executing program 3 (id=3820): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$pptp(0x18, 0x1, 0x2) r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) fcntl$dupfd(r2, 0x0, r1) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x18}}, 0x0) socket$kcm(0x10, 0x2, 0x4) getsockname$packet(r3, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r4, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r5], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newtfilter={0x24, 0x10, 0xc27, 0x0, 0x0, {0x0, 0x0, 0x74, r4, {0x1}, {0xffff, 0xfff1}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 2.525608702s ago: executing program 2 (id=3821): r0 = getpid() sched_setscheduler(r0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) close(0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) preadv(0xffffffffffffffff, &(0x7f0000000200)=[{0x0}], 0x1, 0x0, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @long}, 0x14, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[], 0x13c}}, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x2a, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYBLOB="04040a00e0ffffff0f77042482"], 0xd) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) 2.525174767s ago: executing program 3 (id=3822): r0 = socket$inet6(0xa, 0x80803, 0x83) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) socket$inet_smc(0x2b, 0x1, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e06018000020000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/184, 0xb8) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x44, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x44}}, 0x0) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) sendmsg$inet(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0) recvmmsg(r3, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close(0xffffffffffffffff) socket(0x840000000002, 0x3, 0x100) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) close(r6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'veth1_macvtap\x00', @multicast}) fsmount(0xffffffffffffffff, 0x0, 0x80) 2.008128968s ago: executing program 0 (id=3823): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000000)={@local}) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$pokeuser(0x6, r3, 0x102, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x0, 0x0, 0x2}]}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x2004ce], 0x100000}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYRESHEX=r5]) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES8=r4, @ANYRESDEC=r4, @ANYBLOB="d0210ebea50562eadbe19e51e102f194d43b1dd2fd5bab28f2fb54bcc8be16277062f567f1afe87735353227fb494ad2c7e259b940320bc438e9ba935a7b5844279333ee3932", @ANYRES16=r5, @ANYRES16=r4, @ANYRES64]) 1.890803255s ago: executing program 2 (id=3824): r0 = socket$inet6(0xa, 0x80803, 0x83) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) socket$inet_smc(0x2b, 0x1, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e06018000020000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/184, 0xb8) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x4c}}, 0x0) sendto$inet(r3, 0x0, 0x0, 0x200007fd, 0x0, 0x0) sendmsg$inet(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0) recvmmsg(r3, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close(0xffffffffffffffff) socket(0x840000000002, 0x3, 0x100) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) close(r6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'veth1_macvtap\x00', @multicast}) fsmount(0xffffffffffffffff, 0x0, 0x80) 1.486070183s ago: executing program 0 (id=3825): r0 = socket$inet6(0xa, 0x80803, 0x83) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) socket$inet_smc(0x2b, 0x1, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e06018000020000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/184, 0xb8) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x4c}}, 0x0) sendto$inet(r3, 0x0, 0x0, 0x200007fd, 0x0, 0x0) sendmsg$inet(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0) recvmmsg(r3, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close(0xffffffffffffffff) socket(0x840000000002, 0x3, 0x100) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) close(r6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'veth1_macvtap\x00', @multicast}) fsmount(0xffffffffffffffff, 0x0, 0x80) 57.752766ms ago: executing program 3 (id=3826): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) chdir(&(0x7f0000000280)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ftruncate(r0, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0) write$FUSE_IOCTL(r1, &(0x7f0000000100)={0x20}, 0xfdef) chdir(&(0x7f0000000240)='./file0\x00') add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) write$binfmt_elf32(r2, &(0x7f0000000d00)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x58) io_setup(0x1fe, &(0x7f0000000200)=0x0) io_submit(r3, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r2, &(0x7f0000000180)='\x00', 0x37000}]) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1a, 0x1e, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000080000000000000000500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001861000002000000000000000100000085100000faffffff182a0000", @ANYRES32=r1, @ANYBLOB="000000000104000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000500)=""/197, 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000080)={0x6, 0x1}, 0x8, 0x10, &(0x7f00000000c0)={0x5, 0x9, 0x7c, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x90) 0s ago: executing program 2 (id=3827): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0xb6, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0) read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x1000, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) syz_io_uring_setup(0xd5, &(0x7f0000000480), 0x0, 0x0) unshare(0x26020480) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'netpci0\x00', 0x0}) capset(0x0, &(0x7f0000000100)) sendto$packet(r3, &(0x7f0000000140)="a6bea8a120e5f8", 0x7, 0x0, &(0x7f00000000c0)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14) symlinkat(&(0x7f0000019300)='./file2\x00', r2, &(0x7f0000000280)='./file0\x00') lsm_set_self_attr(0x65, &(0x7f0000000240)=ANY=[@ANYRESDEC=r2], 0x20, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000222f00002500feff000000009523000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, &(0x7f0000000180)=0x2) kernel console output (not intermixed with test programs): 1] netlink: 'syz.3.3328': attribute type 10 has an invalid length. [ 1325.203928][T18801] netlink: 210880 bytes leftover after parsing attributes in process `syz.3.3328'. [ 1325.356793][ T25] usb 7-1: Using ep0 maxpacket: 8 [ 1325.390584][ T25] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 1325.402702][ T25] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1325.406966][ T25] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1325.412242][ T25] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1325.416723][ T25] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1325.433092][ T25] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1325.437599][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1325.478246][T18806] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1325.518224][T18806] 9pnet_fd: Insufficient options for proto=fd [ 1325.557920][ T1132] team0 (unregistering): Port device team_slave_1 removed [ 1325.664870][ T25] usb 7-1: usb_control_msg returned -32 [ 1325.667215][ T25] usbtmc 7-1:16.0: can't read capabilities [ 1325.789101][ T1132] team0 (unregistering): Port device team_slave_0 removed [ 1326.156749][T16467] smc: removing ib device syz0 [ 1327.111390][T15270] Bluetooth: hci1: command tx timeout [ 1327.770435][ T25] usb 7-1: USB disconnect, device number 19 [ 1327.802780][T18718] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1327.806249][T18718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1327.825152][T18718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1327.864999][T18790] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3324'. [ 1327.964966][T12084] usb 5-1: USB disconnect, device number 19 [ 1328.027142][T12084] iowarrior 5-1:0.1: I/O-Warror #0 now disconnected [ 1328.380309][T18718] hsr_slave_0: entered promiscuous mode [ 1328.385349][T18718] hsr_slave_1: entered promiscuous mode [ 1328.397144][T18718] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1328.400395][T18718] Cannot create hsr debugfs directory [ 1328.772615][ T1132] IPVS: stop unused estimator thread 0... [ 1329.587159][T18839] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1329.604659][T18842] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3334'. [ 1330.076624][T18718] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1330.108688][T18718] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1330.147368][T18718] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1330.187749][T18718] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1330.360360][T18718] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1330.409644][T18718] 8021q: adding VLAN 0 to HW filter on device team0 [ 1330.470271][ T98] bridge0: port 1(bridge_slave_0) entered blocking state [ 1330.473487][ T98] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1330.482488][ T91] bridge0: port 2(bridge_slave_1) entered blocking state [ 1330.485897][ T91] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1330.653735][T18865] netlink: 'syz.0.3340': attribute type 1 has an invalid length. [ 1330.657156][T18865] netlink: 'syz.0.3340': attribute type 4 has an invalid length. [ 1330.672903][T18865] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.3340'. [ 1330.806267][T18718] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1330.862860][T18718] veth0_vlan: entered promiscuous mode [ 1330.887849][T18718] veth1_vlan: entered promiscuous mode [ 1330.914728][T18718] veth0_macvtap: entered promiscuous mode [ 1330.950265][T18718] veth1_macvtap: entered promiscuous mode [ 1331.032464][T18883] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1331.187729][T18892] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1331.203834][T18892] 9pnet_fd: Insufficient options for proto=fd [ 1331.245081][T18718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1331.260999][T18718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1331.280669][T18718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1331.285524][T18718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1331.293388][T18718] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1331.484516][T18718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1331.507289][T18718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1331.511681][T18718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1331.518080][T18718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1331.527327][T18718] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1331.559299][T18718] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1331.564160][T18718] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1331.569739][T18718] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1331.573444][T18718] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1331.787474][ T1107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1331.790802][ T1107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1331.834001][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1331.837463][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1332.671069][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1332.931372][T18918] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1333.236680][T18921] syz.2.3348[18921] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1333.236817][T18921] syz.2.3348[18921] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1333.584755][ T5411] page_pool_release_retry() stalled pool shutdown: id 583, 1 inflight 60 sec [ 1333.611209][T18924] netlink: 'syz.0.3349': attribute type 4 has an invalid length. [ 1333.767781][T18929] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3351'. [ 1334.704500][ T98] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1335.039956][T18945] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1335.144868][T18942] 9pnet_fd: Insufficient options for proto=fd [ 1335.204369][T10035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1335.219373][T10035] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1335.234550][T10035] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1335.270770][T10035] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1335.281076][T10035] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1335.289638][ T25] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 1335.308487][T10035] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1335.531500][ T25] usb 7-1: Using ep0 maxpacket: 16 [ 1335.542872][ T25] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1335.564116][ T25] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1335.587152][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1335.607996][ T25] usb 7-1: config 0 descriptor?? [ 1335.659511][ T25] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input35 [ 1335.707965][T18950] chnl_net:caif_netlink_parms(): no params data found [ 1335.899881][ T4824] bcm5974 7-1:0.0: could not read from device [ 1335.943395][T18947] bcm5974 7-1:0.0: could not read from device [ 1335.999277][ T4824] bcm5974 7-1:0.0: could not read from device [ 1336.003095][ T25] usb 7-1: USB disconnect, device number 20 [ 1336.011893][ T4824] bcm5974 7-1:0.0: could not read from device [ 1336.016600][ T4824] bcm5974 7-1:0.0: could not read from device [ 1336.021120][T18950] bridge0: port 1(bridge_slave_0) entered blocking state [ 1336.025793][T18950] bridge0: port 1(bridge_slave_0) entered disabled state [ 1336.029324][T18950] bridge_slave_0: entered allmulticast mode [ 1336.034744][T18950] bridge_slave_0: entered promiscuous mode [ 1336.043615][T18950] bridge0: port 2(bridge_slave_1) entered blocking state [ 1336.046897][T18950] bridge0: port 2(bridge_slave_1) entered disabled state [ 1336.050279][T18950] bridge_slave_1: entered allmulticast mode [ 1336.054935][T18950] bridge_slave_1: entered promiscuous mode [ 1336.069382][T18962] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1336.142799][T18950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1336.154847][T18950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1336.241946][T18950] team0: Port device team_slave_0 added [ 1336.249426][T18950] team0: Port device team_slave_1 added [ 1336.326344][T18964] syz.3.3359[18964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1336.326429][T18964] syz.3.3359[18964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1336.388250][T18950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1336.410331][T18950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1336.426129][T18950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1336.442415][T18950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1336.459639][T18950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1336.476043][T18950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1336.576791][ T98] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1336.917946][ T98] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1337.012263][T18950] hsr_slave_0: entered promiscuous mode [ 1337.027768][T18950] hsr_slave_1: entered promiscuous mode [ 1337.037189][T18950] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1337.040910][T18950] Cannot create hsr debugfs directory [ 1337.145823][T18964] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1337.153335][ T98] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1337.184932][T18964] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1337.211639][T18964] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1337.682916][ T98] bridge_slave_1: left allmulticast mode [ 1337.685540][ T98] bridge_slave_1: left promiscuous mode [ 1337.688485][ T98] bridge0: port 2(bridge_slave_1) entered disabled state [ 1337.711713][ T98] bridge_slave_0: left allmulticast mode [ 1337.716533][ T98] bridge_slave_0: left promiscuous mode [ 1337.720562][ T98] bridge0: port 1(bridge_slave_0) entered disabled state [ 1338.609039][ T98] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1338.623549][ T98] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1338.677031][ T98] bond0 (unregistering): Released all slaves [ 1339.061629][T15270] Bluetooth: hci1: command 0x041b tx timeout [ 1339.170236][T18996] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1339.184871][T18996] 9pnet_fd: Insufficient options for proto=fd [ 1339.342264][ T98] hsr_slave_0: left promiscuous mode [ 1339.349981][ T98] hsr_slave_1: left promiscuous mode [ 1339.354523][ T98] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1339.359247][ T98] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1339.364704][ T98] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1339.370176][ T98] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1339.434621][ T98] veth1_macvtap: left promiscuous mode [ 1339.436620][ T98] veth0_macvtap: left promiscuous mode [ 1339.438956][ T98] veth1_vlan: left promiscuous mode [ 1339.441245][ T98] veth0_vlan: left promiscuous mode [ 1339.941792][T19003] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1339.975806][T19003] 9pnet_fd: Insufficient options for proto=fd [ 1341.052050][T15270] Bluetooth: hci1: command 0x041b tx timeout [ 1341.582036][ T98] team0 (unregistering): Port device team_slave_1 removed [ 1341.739295][ T98] team0 (unregistering): Port device team_slave_0 removed [ 1343.034085][T15270] Bluetooth: hci1: command 0x041b tx timeout [ 1343.427049][T19007] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3368'. [ 1343.869114][T18950] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1343.964730][T18950] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1344.059205][T18950] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1344.070838][T18950] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1344.179301][ T5411] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 1344.269733][T18950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1344.290367][T18950] 8021q: adding VLAN 0 to HW filter on device team0 [ 1344.297854][T16467] bridge0: port 1(bridge_slave_0) entered blocking state [ 1344.301002][T16467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1344.342457][T16467] bridge0: port 2(bridge_slave_1) entered blocking state [ 1344.345621][T16467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1344.369436][ T5411] usb 5-1: config 0 has no interfaces? [ 1344.372000][ T5411] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 1344.377225][ T5411] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1344.387674][ T5411] usb 5-1: config 0 descriptor?? [ 1344.627545][T19028] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1344.715071][T18950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1344.762382][T18950] veth0_vlan: entered promiscuous mode [ 1344.771240][T18950] veth1_vlan: entered promiscuous mode [ 1344.800948][T18950] veth0_macvtap: entered promiscuous mode [ 1344.819349][T18950] veth1_macvtap: entered promiscuous mode [ 1344.833346][T18950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1344.835821][T19020] netlink: 'syz.0.3370': attribute type 1 has an invalid length. [ 1344.839454][T18950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1344.849129][T18950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1344.855868][T18950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1344.861906][T18950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1344.899393][ T5415] usb 5-1: USB disconnect, device number 20 [ 1344.908590][T18950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1344.914977][T18950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1344.919315][T18950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1344.924175][T18950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1344.931186][T18950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1344.973347][T18950] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1344.980484][T18950] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1344.984216][T18950] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1344.988458][T18950] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1345.029004][T15270] Bluetooth: hci1: command 0x041b tx timeout [ 1345.143068][ T1107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1345.146114][ T1107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1345.193714][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1345.200499][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1346.231439][T19057] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1346.257339][T19057] 9pnet_fd: Insufficient options for proto=fd [ 1346.780516][T19067] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1346.819253][T19067] 9pnet_fd: Insufficient options for proto=fd [ 1348.581815][ T1107] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1348.619532][T19079] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1349.178019][T10035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1349.186845][T10035] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1349.193736][T10035] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1349.224100][T10035] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1349.228740][T10035] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1349.232508][T10035] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1349.611434][T19084] chnl_net:caif_netlink_parms(): no params data found [ 1349.813617][T19084] bridge0: port 1(bridge_slave_0) entered blocking state [ 1349.818035][T19084] bridge0: port 1(bridge_slave_0) entered disabled state [ 1349.821000][T19084] bridge_slave_0: entered allmulticast mode [ 1349.824712][T19084] bridge_slave_0: entered promiscuous mode [ 1349.830246][T19084] bridge0: port 2(bridge_slave_1) entered blocking state [ 1349.844454][T19084] bridge0: port 2(bridge_slave_1) entered disabled state [ 1349.849913][T19084] bridge_slave_1: entered allmulticast mode [ 1349.859764][T19084] bridge_slave_1: entered promiscuous mode [ 1349.977151][T19084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1350.002962][T19084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1350.220425][T19115] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1350.246164][T19084] team0: Port device team_slave_0 added [ 1350.252954][T19084] team0: Port device team_slave_1 added [ 1350.254484][T19115] 9pnet_fd: Insufficient options for proto=fd [ 1350.268886][T19114] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1350.769375][ T1107] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1350.787304][T19084] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1350.793036][T19084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1350.818763][T19084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1350.920285][ T1107] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1350.948818][ C0] vkms_vblank_simulate: vblank timer overrun [ 1350.961933][T19084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1350.966425][T19084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1350.985792][T19084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1351.088622][ T1107] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1351.137667][T19084] hsr_slave_0: entered promiscuous mode [ 1351.141893][T19084] hsr_slave_1: entered promiscuous mode [ 1351.145493][T19084] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1351.148711][T19084] Cannot create hsr debugfs directory [ 1351.180593][T19133] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1351.262817][T15270] Bluetooth: hci1: command tx timeout [ 1351.282526][T19132] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1351.834723][T19139] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1351.968105][ T1107] bridge_slave_1: left allmulticast mode [ 1351.971854][ T1107] bridge_slave_1: left promiscuous mode [ 1351.989909][ T1107] bridge0: port 2(bridge_slave_1) entered disabled state [ 1351.996009][ T1107] bridge_slave_0: left allmulticast mode [ 1352.008237][ T1107] bridge_slave_0: left promiscuous mode [ 1352.011568][ T1107] bridge0: port 1(bridge_slave_0) entered disabled state [ 1352.970575][ T1107] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1352.979372][ T1107] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1352.987808][ T1107] bond0 (unregistering): Released all slaves [ 1353.061806][T19149] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3405'. [ 1353.240453][T15270] Bluetooth: hci1: command tx timeout [ 1353.508787][T19160] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3407'. [ 1353.854861][T19167] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1354.056982][T19084] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1354.121183][T19084] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1354.264588][T19084] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1354.280009][T19084] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1354.337860][ C0] vkms_vblank_simulate: vblank timer overrun [ 1354.374084][ T1107] hsr_slave_0: left promiscuous mode [ 1354.390540][ T1107] hsr_slave_1: left promiscuous mode [ 1354.421791][ T1107] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1354.424958][ T1107] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1354.434208][ T1107] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1354.443870][ T1107] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1354.561359][ T1107] veth1_macvtap: left promiscuous mode [ 1354.564035][ T1107] veth0_macvtap: left promiscuous mode [ 1354.566606][ T1107] veth1_vlan: left promiscuous mode [ 1354.580650][ T1107] veth0_vlan: left promiscuous mode [ 1355.083368][T12084] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 1355.226084][T15270] Bluetooth: hci1: command tx timeout [ 1355.273887][T12084] usb 7-1: Using ep0 maxpacket: 16 [ 1355.280536][T12084] usb 7-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1355.286765][T12084] usb 7-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1355.291736][T12084] usb 7-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1355.298601][T12084] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1355.301804][T12084] usb 7-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 1355.306798][T12084] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1355.312112][T12084] usb 7-1: config 0 descriptor?? [ 1355.837235][T12084] input: HID 0458:5010 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0458:5010.0012/input/input36 [ 1355.995861][T12084] kye 0003:0458:5010.0012: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.2-1/input0 [ 1356.425486][ T1107] team0 (unregistering): Port device team_slave_1 removed [ 1356.688551][ T1107] team0 (unregistering): Port device team_slave_0 removed [ 1356.923751][ C2] kye 0003:0458:5010.0012: usb_submit_urb(ctrl) failed: -1 [ 1357.207869][T15270] Bluetooth: hci1: command tx timeout [ 1357.814254][ T25] usb 7-1: USB disconnect, device number 21 [ 1358.337080][T19084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1358.386276][T19084] 8021q: adding VLAN 0 to HW filter on device team0 [ 1358.453166][T16467] bridge0: port 1(bridge_slave_0) entered blocking state [ 1358.457123][T16467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1358.471161][T16467] bridge0: port 2(bridge_slave_1) entered blocking state [ 1358.475515][T16467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1358.517503][T19084] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1358.525827][T19084] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1358.824022][T19204] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3417'. [ 1359.445841][T19084] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1359.814295][T19084] veth0_vlan: entered promiscuous mode [ 1359.840777][T19084] veth1_vlan: entered promiscuous mode [ 1359.930184][T19084] veth0_macvtap: entered promiscuous mode [ 1359.979339][T19084] veth1_macvtap: entered promiscuous mode [ 1360.094235][T19213] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1360.107062][T19084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1360.112571][T19084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1360.130629][T19084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1360.153932][T19084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1360.199504][T19217] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1360.224342][T19084] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1360.242929][T19084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1360.259449][T19084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1360.263720][T19084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1360.285210][T19084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1360.301657][T19084] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1360.439773][T19084] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1360.450964][T19084] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1360.458911][T19084] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1360.491142][T19084] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1360.740971][ T98] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1360.748442][ T98] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1360.840900][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1360.844417][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1360.989073][T11662] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 1361.160958][T11662] usb 7-1: Using ep0 maxpacket: 8 [ 1361.166241][T11662] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 1361.173329][T11662] usb 7-1: config 0 has no interface number 0 [ 1361.188471][T11662] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1361.193938][T11662] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1361.197758][T11662] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1361.225191][T11662] usb 7-1: config 0 descriptor?? [ 1361.266635][T11662] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 1362.003289][T11662] usb 7-1: USB disconnect, device number 22 [ 1362.020871][T11662] iowarrior 7-1:0.1: I/O-Warror #0 now disconnected [ 1362.612622][T19237] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3428'. [ 1363.306129][ T1132] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1363.939658][ T1132] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1364.106802][ T1132] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1364.123355][T19244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3430'. [ 1364.253471][ T1132] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1364.274922][T10035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1364.283550][T10035] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1364.288381][T10035] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1364.317363][T10035] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1364.322211][T10035] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1364.328423][T10035] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1364.587778][T19261] block device autoloading is deprecated and will be removed. [ 1364.622100][ T1132] bridge_slave_1: left allmulticast mode [ 1364.624616][ T1132] bridge_slave_1: left promiscuous mode [ 1364.629594][ T1132] bridge0: port 2(bridge_slave_1) entered disabled state [ 1364.666173][ T1132] bridge_slave_0: left allmulticast mode [ 1364.668524][ T1132] bridge_slave_0: left promiscuous mode [ 1364.671440][ T1132] bridge0: port 1(bridge_slave_0) entered disabled state [ 1364.682819][T19264] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1366.008099][ T1132] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1366.027496][ T1132] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1366.035840][ T1132] bond0 (unregistering): Released all slaves [ 1366.067626][T19282] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3441'. [ 1366.266960][T15270] Bluetooth: hci1: command tx timeout [ 1366.624540][T19251] chnl_net:caif_netlink_parms(): no params data found [ 1366.883958][ T1132] hsr_slave_0: left promiscuous mode [ 1366.908755][ T1132] hsr_slave_1: left promiscuous mode [ 1366.943320][ T1132] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1366.946677][ T1132] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1366.982231][ T1132] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1366.985192][ T1132] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1367.040625][ T1132] veth1_macvtap: left promiscuous mode [ 1367.043215][ T1132] veth0_macvtap: left promiscuous mode [ 1367.045883][ T1132] veth1_vlan: left promiscuous mode [ 1367.048306][ T1132] veth0_vlan: left promiscuous mode [ 1368.252645][T15270] Bluetooth: hci1: command tx timeout [ 1369.304882][ T1132] team0 (unregistering): Port device team_slave_1 removed [ 1369.508074][ T1132] team0 (unregistering): Port device team_slave_0 removed [ 1370.238718][T15270] Bluetooth: hci1: command tx timeout [ 1371.297222][T19251] bridge0: port 1(bridge_slave_0) entered blocking state [ 1371.300495][T19251] bridge0: port 1(bridge_slave_0) entered disabled state [ 1371.303582][T19251] bridge_slave_0: entered allmulticast mode [ 1371.307652][T19251] bridge_slave_0: entered promiscuous mode [ 1371.315205][T19251] bridge0: port 2(bridge_slave_1) entered blocking state [ 1371.322518][T19251] bridge0: port 2(bridge_slave_1) entered disabled state [ 1371.327502][T19251] bridge_slave_1: entered allmulticast mode [ 1371.331828][T19251] bridge_slave_1: entered promiscuous mode [ 1371.338570][T19340] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3458'. [ 1371.549161][T19251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1371.558891][T19251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1371.908994][T19251] team0: Port device team_slave_0 added [ 1372.037344][T19251] team0: Port device team_slave_1 added [ 1372.211867][T15270] Bluetooth: hci1: command tx timeout [ 1372.281852][T19251] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1372.284679][T19251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1372.303259][T19251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1372.318802][T19365] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3464'. [ 1372.354815][T19251] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1372.366350][T19251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1372.378291][T19251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1372.511706][T19251] hsr_slave_0: entered promiscuous mode [ 1372.537131][T19251] hsr_slave_1: entered promiscuous mode [ 1372.542700][T19251] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1372.553465][T19251] Cannot create hsr debugfs directory [ 1373.144825][T19379] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3466'. [ 1373.853242][T19395] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3470'. [ 1374.245761][T19251] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1374.280479][T19251] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1374.300524][T19251] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1374.338063][T19251] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1374.548997][T19251] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1374.622849][T19251] 8021q: adding VLAN 0 to HW filter on device team0 [ 1374.712637][ T98] bridge0: port 1(bridge_slave_0) entered blocking state [ 1374.716797][ T98] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1374.730278][ T98] bridge0: port 2(bridge_slave_1) entered blocking state [ 1374.733434][ T98] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1374.893456][T19406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3471'. [ 1374.906342][T19406] netlink: 'syz.3.3471': attribute type 18 has an invalid length. [ 1374.933758][T19408] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3472'. [ 1375.103248][T19415] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1375.167581][T19251] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1375.231038][T19251] veth0_vlan: entered promiscuous mode [ 1375.251253][T19251] veth1_vlan: entered promiscuous mode [ 1375.373951][T19251] veth0_macvtap: entered promiscuous mode [ 1375.391369][T19251] veth1_macvtap: entered promiscuous mode [ 1375.415520][T19251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1375.423013][T19251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1375.428282][T19251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1375.444086][T19251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1375.451940][T19251] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1375.482118][T19251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1375.486564][T19251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1375.491572][T19251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1375.503377][T19251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1375.510479][T19251] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1375.522969][T19251] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1375.527070][T19251] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1375.530816][T19251] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1375.543433][T19251] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1375.682743][T19438] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1375.703344][ T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1375.720035][ T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1375.816545][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1375.828714][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1376.063802][T19436] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1376.100377][T19436] 9pnet_fd: Insufficient options for proto=fd [ 1376.450847][T19440] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 1376.644444][T19440] usb 7-1: Using ep0 maxpacket: 8 [ 1376.651853][T19440] usb 7-1: config 0 has no interfaces? [ 1376.654140][T19440] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 1376.678208][T19440] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1376.726322][T19440] usb 7-1: config 0 descriptor?? [ 1377.134388][T19465] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3481'. [ 1377.189550][ T5411] usb 7-1: USB disconnect, device number 23 [ 1377.489583][T19467] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1377.709674][T19469] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1378.059386][T19477] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1378.356825][ T1132] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1379.174235][T19486] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1379.207008][T10035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1379.220868][T10035] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1379.226487][T10035] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1379.234488][T10035] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1379.239751][T10035] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1379.243940][T10035] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1379.503486][T19498] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3492'. [ 1379.508646][T19498] tc_dump_action: action bad kind [ 1379.578691][T19490] chnl_net:caif_netlink_parms(): no params data found [ 1381.213553][T15270] Bluetooth: hci1: command tx timeout [ 1381.960616][T19504] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1382.559148][T10035] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 1383.183845][T10035] Bluetooth: hci1: command tx timeout [ 1383.521407][T19490] bridge0: port 1(bridge_slave_0) entered blocking state [ 1383.524511][T19490] bridge0: port 1(bridge_slave_0) entered disabled state [ 1383.527725][T19490] bridge_slave_0: entered allmulticast mode [ 1383.531497][T19490] bridge_slave_0: entered promiscuous mode [ 1383.550927][T19490] bridge0: port 2(bridge_slave_1) entered blocking state [ 1383.564092][T19490] bridge0: port 2(bridge_slave_1) entered disabled state [ 1383.570039][T19490] bridge_slave_1: entered allmulticast mode [ 1383.578293][T19490] bridge_slave_1: entered promiscuous mode [ 1383.768190][T19490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1383.779799][T19490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1383.919911][ T1132] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1384.150877][ T1132] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1384.236476][T19490] team0: Port device team_slave_0 added [ 1384.264040][T19490] team0: Port device team_slave_1 added [ 1384.480022][T10035] Bluetooth: hci4: command 0x1003 tx timeout [ 1384.481297][T15270] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 1384.535440][ T1132] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1384.680114][T19490] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1384.683101][T19490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1384.695662][T19490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1384.716734][T19490] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1384.725814][T19490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1384.746459][T19490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1384.809774][T19526] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3502'. [ 1384.822436][T19526] netlink: 'syz.3.3502': attribute type 5 has an invalid length. [ 1384.918118][ T1132] bridge_slave_1: left allmulticast mode [ 1384.921060][ T1132] bridge_slave_1: left promiscuous mode [ 1384.924303][ T1132] bridge0: port 2(bridge_slave_1) entered disabled state [ 1384.953838][ T1132] bridge_slave_0: left allmulticast mode [ 1384.965236][ T1132] bridge_slave_0: left promiscuous mode [ 1384.968479][ T1132] bridge0: port 1(bridge_slave_0) entered disabled state [ 1385.165655][T15270] Bluetooth: hci1: command tx timeout [ 1385.500570][T19530] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1386.041163][ T1132] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1386.083245][ T1132] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1386.095074][ T1132] bond0 (unregistering): Released all slaves [ 1386.227073][T19490] hsr_slave_0: entered promiscuous mode [ 1386.278578][T19490] hsr_slave_1: entered promiscuous mode [ 1386.297997][T19490] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1386.303236][T19490] Cannot create hsr debugfs directory [ 1387.060497][T19546] dccp_close: ABORT with 32 bytes unread [ 1387.091614][ T1132] hsr_slave_0: left promiscuous mode [ 1387.107565][ T1132] hsr_slave_1: left promiscuous mode [ 1387.120283][ T1132] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1387.134433][ T1132] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1387.147666][ T1132] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1387.149172][T15270] Bluetooth: hci1: command tx timeout [ 1387.151518][ T1132] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1387.333418][ T1132] veth1_macvtap: left promiscuous mode [ 1387.356195][ T1132] veth0_macvtap: left promiscuous mode [ 1387.385146][ T1132] veth1_vlan: left promiscuous mode [ 1387.430591][ T1132] veth0_vlan: left promiscuous mode [ 1390.876018][ T1132] team0 (unregistering): Port device team_slave_1 removed [ 1391.144879][ T1132] team0 (unregistering): Port device team_slave_0 removed [ 1391.199152][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1392.780939][T19577] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1393.587933][T19598] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1393.618155][T19490] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1393.699911][T19490] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1393.748830][T19490] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1393.815819][T19490] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1393.920187][T19490] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1393.941306][T19490] 8021q: adding VLAN 0 to HW filter on device team0 [ 1393.953099][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state [ 1393.956967][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1393.973310][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 1393.976630][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1394.448419][T19490] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1394.524029][T19490] veth0_vlan: entered promiscuous mode [ 1394.562450][T19490] veth1_vlan: entered promiscuous mode [ 1394.657349][T19490] veth0_macvtap: entered promiscuous mode [ 1394.670642][T19490] veth1_macvtap: entered promiscuous mode [ 1394.715681][T19490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1394.722615][T19490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1394.727713][T19490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1394.735226][T19490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1394.744129][T19490] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1394.755694][T19490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1394.760691][T19490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1394.765986][T19490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1394.772986][T19490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1394.783169][T19490] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1394.803094][T19490] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1394.807941][T19490] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1394.811522][T19490] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1394.817511][T19490] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1394.890197][T19624] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1395.017075][ T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1395.020610][ T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1395.118565][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1395.123212][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1395.689842][T19629] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1395.933541][ T39] kauditd_printk_skb: 2495 callbacks suppressed [ 1395.933556][ T39] audit: type=1326 audit(2000000656.535:10080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19635 comm="syz.0.3528" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x0 [ 1397.715441][ T1153] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1397.720394][ T5411] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 1397.919959][ T5411] usb 5-1: Using ep0 maxpacket: 8 [ 1397.927887][ T5411] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1397.943872][ T5411] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1397.947895][ T5411] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1397.952694][ T5411] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1397.957863][ T5411] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1397.961508][ T5411] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1398.191358][ T5411] usb 5-1: usb_control_msg returned -32 [ 1398.193930][ T5411] usbtmc 5-1:16.0: can't read capabilities [ 1398.748153][T18758] usb 5-1: USB disconnect, device number 21 [ 1399.226319][T10035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1399.232689][T10035] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1399.237319][T10035] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1399.241690][T10035] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1399.281435][T10035] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1399.287170][T10035] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1399.663006][T19658] chnl_net:caif_netlink_parms(): no params data found [ 1399.842096][T19658] bridge0: port 1(bridge_slave_0) entered blocking state [ 1399.851074][T19658] bridge0: port 1(bridge_slave_0) entered disabled state [ 1399.855959][T19658] bridge_slave_0: entered allmulticast mode [ 1399.860138][T19658] bridge_slave_0: entered promiscuous mode [ 1399.880861][T19658] bridge0: port 2(bridge_slave_1) entered blocking state [ 1399.888821][T19658] bridge0: port 2(bridge_slave_1) entered disabled state [ 1399.893612][T19658] bridge_slave_1: entered allmulticast mode [ 1399.897770][T19658] bridge_slave_1: entered promiscuous mode [ 1400.062790][T19658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1400.075902][T19658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1400.146908][T19658] team0: Port device team_slave_0 added [ 1400.173779][ T1153] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1400.194579][T19658] team0: Port device team_slave_1 added [ 1400.268961][T19658] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1400.272355][T19658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1400.293246][T19658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1400.385418][ T1153] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1400.394879][T19658] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1400.400161][T19658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1400.414750][T19658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1400.494210][ T1153] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1400.538712][T19658] hsr_slave_0: entered promiscuous mode [ 1400.573263][T19658] hsr_slave_1: entered promiscuous mode [ 1400.576417][T19658] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1400.586070][T19658] Cannot create hsr debugfs directory [ 1400.899635][ T1153] bridge_slave_1: left allmulticast mode [ 1400.902872][ T1153] bridge_slave_1: left promiscuous mode [ 1400.905962][ T1153] bridge0: port 2(bridge_slave_1) entered disabled state [ 1400.913289][ T1153] bridge_slave_0: left allmulticast mode [ 1400.921125][ T1153] bridge_slave_0: left promiscuous mode [ 1400.923777][ T1153] bridge0: port 1(bridge_slave_0) entered disabled state [ 1401.141132][T16248] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 1401.258604][T10035] Bluetooth: hci1: command tx timeout [ 1401.329372][T16248] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1401.334046][T16248] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1401.340101][T16248] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1401.345180][T16248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1401.352493][T16248] usb 5-1: SerialNumber: syz [ 1401.549297][ T1153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1401.561865][ T1153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1401.594848][ T1153] bond0 (unregistering): Released all slaves [ 1401.643825][T16248] usb 5-1: 0:2 : does not exist [ 1401.661474][T16248] usb 5-1: unit 5 not found! [ 1401.730190][T16248] usb 5-1: USB disconnect, device number 22 [ 1401.923108][T19681] udevd[19681]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1402.191543][T19689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3540'. [ 1402.201420][T19689] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3540'. [ 1402.296913][ T1153] hsr_slave_0: left promiscuous mode [ 1402.300978][ T1153] hsr_slave_1: left promiscuous mode [ 1402.308833][ T1153] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1402.311772][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1402.322120][ T1153] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1402.325862][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1402.407536][ T1153] veth1_macvtap: left promiscuous mode [ 1402.410824][ T1153] veth0_macvtap: left promiscuous mode [ 1402.413765][ T1153] veth1_vlan: left promiscuous mode [ 1402.417900][ T1153] veth0_vlan: left promiscuous mode [ 1403.237611][T10035] Bluetooth: hci1: command tx timeout [ 1404.007387][T19707] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3546'. [ 1404.287157][ T1153] team0 (unregistering): Port device team_slave_1 removed [ 1404.442439][ T1153] team0 (unregistering): Port device team_slave_0 removed [ 1405.217202][T10035] Bluetooth: hci1: command tx timeout [ 1405.881452][T19700] bridge0: entered allmulticast mode [ 1405.885104][T19701] bridge0: port 3(team0) entered blocking state [ 1405.889002][T19701] bridge0: port 3(team0) entered forwarding state [ 1405.893401][T19701] bridge0: port 1(bridge_slave_0) entered blocking state [ 1405.899021][T19701] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1405.919794][T19701] bridge0: entered promiscuous mode [ 1405.947899][T19710] netlink: 'syz.3.3547': attribute type 11 has an invalid length. [ 1406.000900][T19710] debugfs: Directory 'netdev:…' with parent 'phy13' already present! [ 1406.150444][ T39] audit: type=1326 audit(2000000667.253:10081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19712 comm="syz.2.3548" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x0 [ 1406.231564][T19723] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3550'. [ 1406.241116][T19721] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1406.241722][T19723] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3550'. [ 1406.393924][T19658] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1406.409804][T19658] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1406.455028][T19658] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1406.481247][T19658] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1406.572956][T19729] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1406.686235][T19658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1406.725956][T19658] 8021q: adding VLAN 0 to HW filter on device team0 [ 1406.734505][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state [ 1406.745827][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1406.807609][T16467] bridge0: port 2(bridge_slave_1) entered blocking state [ 1406.810753][T16467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1407.096717][T19658] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1407.175486][T19658] veth0_vlan: entered promiscuous mode [ 1407.187557][T19658] veth1_vlan: entered promiscuous mode [ 1407.198451][T10035] Bluetooth: hci1: command tx timeout [ 1407.223052][T19658] veth0_macvtap: entered promiscuous mode [ 1407.231019][T19658] veth1_macvtap: entered promiscuous mode [ 1407.250913][T19658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1407.255754][T19658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1407.260072][T19658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1407.273101][T19658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1407.281912][T19658] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1407.291198][T19658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1407.296826][T19658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1407.300953][T19658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1407.317657][T19658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1407.324583][T19658] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1407.332934][T19658] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1407.336633][T19658] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1407.340606][T19658] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1407.344949][T19658] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1407.353845][T19754] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3558'. [ 1407.432409][T19756] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1407.615516][T16467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1407.626902][T16467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1407.675479][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1407.682090][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1407.742289][T19764] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1408.098512][T19773] vivid-004: disconnect [ 1408.127574][T19769] vivid-004: reconnect [ 1408.222247][T19777] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3566'. [ 1408.464788][T19785] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1408.520251][T19788] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3570'. [ 1409.221146][T19793] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1409.357768][T19796] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1409.798420][T19804] bridge0: entered allmulticast mode [ 1409.805072][T19804] bridge0: port 1(bridge_slave_0) entered blocking state [ 1409.808160][T19804] bridge0: port 1(bridge_slave_0) entered listening state [ 1409.817659][T19804] bridge0: entered promiscuous mode [ 1409.920412][T19809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3578'. [ 1410.039838][T19812] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1410.323403][T19816] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1410.346386][T19816] 9pnet_fd: Insufficient options for proto=fd [ 1410.365117][ T1153] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1411.456836][T19826] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1411.485881][T15270] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1411.521431][T15270] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1411.528835][T15270] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1411.544530][T15270] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1411.555332][T15270] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1411.560007][T15270] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1411.868241][T19827] chnl_net:caif_netlink_parms(): no params data found [ 1412.043453][T19827] bridge0: port 1(bridge_slave_0) entered blocking state [ 1412.050291][T19827] bridge0: port 1(bridge_slave_0) entered disabled state [ 1412.070100][T19827] bridge_slave_0: entered allmulticast mode [ 1412.074229][T19827] bridge_slave_0: entered promiscuous mode [ 1412.081413][T19827] bridge0: port 2(bridge_slave_1) entered blocking state [ 1412.084719][T19827] bridge0: port 2(bridge_slave_1) entered disabled state [ 1412.088257][T19827] bridge_slave_1: entered allmulticast mode [ 1412.091693][T19827] bridge_slave_1: entered promiscuous mode [ 1412.153725][T19827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1412.161271][T19827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1412.242692][T19827] team0: Port device team_slave_0 added [ 1412.249159][T19827] team0: Port device team_slave_1 added [ 1412.322474][T19827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1412.326939][T19827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1412.339343][T19827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1412.351211][T19827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1412.354586][T19827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1412.365891][T19827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1412.440815][T19827] hsr_slave_0: entered promiscuous mode [ 1412.444364][T19827] hsr_slave_1: entered promiscuous mode [ 1412.452279][T19827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1412.455385][T19827] Cannot create hsr debugfs directory [ 1412.868115][ T1153] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1413.048868][ T1153] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1413.186147][ T1153] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1413.442579][ T1153] bridge_slave_1: left allmulticast mode [ 1413.445069][ T1153] bridge_slave_1: left promiscuous mode [ 1413.461409][ T1153] bridge0: port 2(bridge_slave_1) entered disabled state [ 1413.481433][ T1153] bridge_slave_0: left allmulticast mode [ 1413.484818][ T1153] bridge_slave_0: left promiscuous mode [ 1413.487886][ T1153] bridge0: port 1(bridge_slave_0) entered disabled state [ 1413.607732][T10035] Bluetooth: hci1: command tx timeout [ 1414.338466][T19852] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1414.419372][ T1153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1414.447498][ T1153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1414.466304][ T1153] bond0 (unregistering): Released all slaves [ 1414.629062][T19857] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1414.644437][T19857] 9pnet_fd: Insufficient options for proto=fd [ 1414.734643][T19860] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1415.077340][ T1153] hsr_slave_0: left promiscuous mode [ 1415.083240][ T1153] hsr_slave_1: left promiscuous mode [ 1415.095835][ T1153] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1415.098628][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1415.105593][ T1153] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1415.108983][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1415.200204][ T1153] veth1_macvtap: left promiscuous mode [ 1415.202797][ T1153] veth0_macvtap: left promiscuous mode [ 1415.205298][ T1153] veth1_vlan: left promiscuous mode [ 1415.207650][ T1153] veth0_vlan: left promiscuous mode [ 1415.273711][T19878] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1415.581379][T10035] Bluetooth: hci1: command tx timeout [ 1416.406770][T19893] netfs: Couldn't get user pages (rc=-14) [ 1416.700528][T19895] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1416.922958][T19898] syz.2.3600[19898] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1416.923109][T19898] syz.2.3600[19898] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1417.108524][ T1153] team0 (unregistering): Port device team_slave_1 removed [ 1417.276118][ T1153] team0 (unregistering): Port device team_slave_0 removed [ 1417.561780][T10035] Bluetooth: hci1: command tx timeout [ 1418.708868][T19903] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1418.763784][ C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 1418.980089][T19911] vivid-006: disconnect [ 1418.998133][T19907] vivid-006: reconnect [ 1419.111875][T19915] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1419.430346][T19918] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1419.536196][T10035] Bluetooth: hci1: command tx timeout [ 1419.714356][T19926] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1419.723895][T19926] 9pnet_fd: Insufficient options for proto=fd [ 1421.807252][T19925] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3611'. [ 1421.966467][T19931] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1422.022615][T19827] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1422.047244][T19827] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1422.077550][T19827] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1422.139926][T19827] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1422.230115][T19940] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1422.290424][T19943] netfs: Couldn't get user pages (rc=-14) [ 1422.308728][T19827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1422.489937][T19827] 8021q: adding VLAN 0 to HW filter on device team0 [ 1422.498739][T16467] bridge0: port 1(bridge_slave_0) entered blocking state [ 1422.501836][T16467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1422.516151][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 1422.519030][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1422.849255][T19827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1422.881921][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1423.012526][T19827] veth0_vlan: entered promiscuous mode [ 1423.025354][T19827] veth1_vlan: entered promiscuous mode [ 1423.073296][T19954] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1423.101136][T19827] veth0_macvtap: entered promiscuous mode [ 1423.120576][T19827] veth1_macvtap: entered promiscuous mode [ 1423.177767][T19827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1423.181731][T19827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1423.188403][T19827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1423.193643][T19827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1423.199755][T19827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1423.210350][T19827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1423.216657][T19827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1423.220692][T19827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1423.226135][T19827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1423.232767][T19827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1423.357683][T19827] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1423.361557][T19827] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1423.373097][T19827] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1423.381171][ T39] audit: type=1326 audit(2000000685.341:10082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3620" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 1423.382104][T19827] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1423.586466][ T1153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1423.589383][ T1153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1423.680627][T16467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1423.684941][T16467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1424.086734][T19971] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1424.108806][ C0] bridge0: port 1(bridge_slave_0) entered learning state [ 1424.177428][T19973] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1424.498751][T19982] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1425.061084][ T39] audit: type=1800 audit(2000000687.105:10083): pid=19990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3630" name="/" dev="fuse" ino=1 res=0 errno=0 [ 1426.033714][T12084] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 1426.233183][T12084] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1426.238513][T12084] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1426.244058][T12084] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1426.249933][T12084] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1426.255695][T12084] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1426.260074][T12084] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1426.265639][T12084] usb 5-1: config 0 descriptor?? [ 1426.269072][T19996] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1426.537052][T16467] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1426.738365][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.741942][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.745255][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.748524][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.751826][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.755635][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.758836][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.762003][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.770364][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.773938][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.777344][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.780578][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.784115][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.787482][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.790620][T12084] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 1426.794779][T12084] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving [ 1426.802625][T12084] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 1427.049516][ T5411] usb 5-1: USB disconnect, device number 23 [ 1427.625610][T15270] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1427.640547][T15270] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1427.646756][T15270] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1427.654790][T15270] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1427.659899][T15270] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1427.671170][T15270] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1427.917408][T20008] chnl_net:caif_netlink_parms(): no params data found [ 1428.150790][T20008] bridge0: port 1(bridge_slave_0) entered blocking state [ 1428.155059][T20008] bridge0: port 1(bridge_slave_0) entered disabled state [ 1428.159761][T20008] bridge_slave_0: entered allmulticast mode [ 1428.163808][T20008] bridge_slave_0: entered promiscuous mode [ 1428.177307][T20008] bridge0: port 2(bridge_slave_1) entered blocking state [ 1428.180349][T20008] bridge0: port 2(bridge_slave_1) entered disabled state [ 1428.180632][T20021] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1428.192745][T20008] bridge_slave_1: entered allmulticast mode [ 1428.200252][T20008] bridge_slave_1: entered promiscuous mode [ 1428.346916][T20008] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1428.354992][T20008] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1428.724350][T16467] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1429.271366][T16467] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1429.669390][T15270] Bluetooth: hci1: command tx timeout [ 1429.673931][T20008] team0: Port device team_slave_0 added [ 1429.712189][T20035] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1429.743953][T16467] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1429.762180][T20008] team0: Port device team_slave_1 added [ 1429.953945][T20008] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1429.957223][T20008] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1429.967984][T20008] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1430.002045][T20008] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1430.015969][T20008] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1430.031051][T20008] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1430.043729][T20040] netlink: 191416 bytes leftover after parsing attributes in process `syz.3.3644'. [ 1430.109367][T20041] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1430.289347][T20008] hsr_slave_0: entered promiscuous mode [ 1430.306375][T20008] hsr_slave_1: entered promiscuous mode [ 1430.312824][T20008] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1430.325447][T20008] Cannot create hsr debugfs directory [ 1430.546290][T20044] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1430.600448][T16467] bridge_slave_1: left allmulticast mode [ 1430.617262][T16467] bridge_slave_1: left promiscuous mode [ 1430.623912][T16467] bridge0: port 2(bridge_slave_1) entered disabled state [ 1430.647088][T16467] bridge_slave_0: left allmulticast mode [ 1430.662496][T16467] bridge_slave_0: left promiscuous mode [ 1430.690981][T16467] bridge0: port 1(bridge_slave_0) entered disabled state [ 1431.105619][T20048] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1431.650703][T15270] Bluetooth: hci1: command tx timeout [ 1432.013415][T16467] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1432.037350][T16467] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1432.070176][T16467] bond0 (unregistering): Released all slaves [ 1432.774763][T16467] hsr_slave_0: left promiscuous mode [ 1432.782323][T16467] hsr_slave_1: left promiscuous mode [ 1432.785807][T16467] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1432.789137][T16467] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1432.793573][T16467] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1432.796714][T16467] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1432.870330][T16467] veth1_macvtap: left promiscuous mode [ 1432.873036][T16467] veth0_macvtap: left promiscuous mode [ 1432.875373][T16467] veth1_vlan: left promiscuous mode [ 1432.877766][T16467] veth0_vlan: left promiscuous mode [ 1433.641542][T15270] Bluetooth: hci1: command tx timeout [ 1434.681879][T16467] team0 (unregistering): Port device team_slave_1 removed [ 1434.925769][T16467] team0 (unregistering): Port device team_slave_0 removed [ 1435.622719][T15270] Bluetooth: hci1: command tx timeout [ 1436.813284][T20073] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3652'. [ 1437.138035][T20101] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1437.492378][T20008] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1437.502630][T20008] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1437.520946][T20008] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1437.534172][T20008] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1437.762541][T20008] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1437.827257][T20008] 8021q: adding VLAN 0 to HW filter on device team0 [ 1437.899533][T16467] bridge0: port 1(bridge_slave_0) entered blocking state [ 1437.907263][T16467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1437.930241][T16467] bridge0: port 2(bridge_slave_1) entered blocking state [ 1437.933427][T16467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1438.218908][T20128] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1438.226153][T20128] 9pnet_fd: Insufficient options for proto=fd [ 1438.297303][T20142] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3663'. [ 1438.302592][T20142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1438.306689][T20142] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1438.314242][T20142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1438.317295][T20142] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1438.362449][T20008] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1438.407113][T20008] veth0_vlan: entered promiscuous mode [ 1438.415458][T20008] veth1_vlan: entered promiscuous mode [ 1438.446285][T20008] veth0_macvtap: entered promiscuous mode [ 1438.455117][T20008] veth1_macvtap: entered promiscuous mode [ 1438.475370][T20008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1438.483219][T20008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.489328][T20008] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1438.499910][T20008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1438.504442][T20008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.511605][T20008] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1438.517065][T20008] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1438.520929][T20008] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1438.525345][T20008] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1438.530336][T20008] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1438.600198][T20147] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3664'. [ 1438.606355][ T1107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1438.609830][ T1107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1438.635604][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1438.639479][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1438.747218][ C0] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1438.750629][ C0] bridge0: topology change detected, propagating [ 1440.031338][T20163] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1440.118766][ C3] hrtimer: interrupt took 4863366 ns [ 1440.950274][T20169] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1441.081711][T20175] block nbd2: NBD_DISCONNECT [ 1441.087152][T20175] block nbd2: Disconnected due to user request. [ 1441.095955][T20175] block nbd2: shutting down sockets [ 1441.336536][ T91] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1442.557599][T20183] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3676'. [ 1442.617165][T10035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1442.627192][T10035] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1442.632132][T10035] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1442.638095][T10035] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1442.648290][T10035] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1442.657349][T10035] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1443.009558][T20185] chnl_net:caif_netlink_parms(): no params data found [ 1443.886031][ T91] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1443.907047][T20185] bridge0: port 1(bridge_slave_0) entered blocking state [ 1443.911378][T20185] bridge0: port 1(bridge_slave_0) entered disabled state [ 1443.921370][T20185] bridge_slave_0: entered allmulticast mode [ 1443.937939][T20185] bridge_slave_0: entered promiscuous mode [ 1443.953191][T20185] bridge0: port 2(bridge_slave_1) entered blocking state [ 1443.956468][T20185] bridge0: port 2(bridge_slave_1) entered disabled state [ 1443.962411][T20185] bridge_slave_1: entered allmulticast mode [ 1443.971524][T20185] bridge_slave_1: entered promiscuous mode [ 1444.031408][ T91] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1444.182805][T20185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1444.261048][T20209] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1444.269851][ T91] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1444.306347][T20185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1444.501164][T20185] team0: Port device team_slave_0 added [ 1444.518229][T20185] team0: Port device team_slave_1 added [ 1444.606000][T15270] Bluetooth: hci1: command tx timeout [ 1444.739714][T20185] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1444.743109][T20185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1444.756468][T20185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1444.864412][T20185] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1444.871011][T20185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1444.896057][T20185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1444.945009][ T91] bridge_slave_1: left allmulticast mode [ 1444.947482][ T91] bridge_slave_1: left promiscuous mode [ 1444.953463][ T91] bridge0: port 2(bridge_slave_1) entered disabled state [ 1444.961916][ T91] bridge_slave_0: left allmulticast mode [ 1444.964361][ T91] bridge_slave_0: left promiscuous mode [ 1444.966882][ T91] bridge0: port 1(bridge_slave_0) entered disabled state [ 1445.045084][T20215] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1445.053862][T20215] 9pnet_fd: Insufficient options for proto=fd [ 1445.434590][ T91] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1445.441629][ T91] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1445.473836][ T91] bond0 (unregistering): Released all slaves [ 1445.723972][T20185] hsr_slave_0: entered promiscuous mode [ 1445.727996][T20185] hsr_slave_1: entered promiscuous mode [ 1445.733984][T20185] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1445.737951][T20185] Cannot create hsr debugfs directory [ 1446.050653][ T91] hsr_slave_0: left promiscuous mode [ 1446.057707][ T91] hsr_slave_1: left promiscuous mode [ 1446.061203][ T91] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1446.065622][ T91] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1446.069914][ T91] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1446.073501][ T91] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1446.144362][ T91] veth1_macvtap: left promiscuous mode [ 1446.146895][ T91] veth0_macvtap: left promiscuous mode [ 1446.150172][ T91] veth1_vlan: left promiscuous mode [ 1446.152667][ T91] veth0_vlan: left promiscuous mode [ 1446.587377][T15270] Bluetooth: hci1: command tx timeout [ 1446.808983][T20228] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1447.604615][T20239] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1448.163497][ T91] team0 (unregistering): Port device team_slave_1 removed [ 1448.356277][ T91] team0 (unregistering): Port device team_slave_0 removed [ 1448.573979][T15270] Bluetooth: hci1: command tx timeout [ 1449.714466][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1450.549187][T15270] Bluetooth: hci1: command tx timeout [ 1451.031949][T20276] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1451.467795][ T39] audit: type=1326 audit(2000000714.830:10084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20278 comm="syz.2.3696" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x0 [ 1452.048958][T20185] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1452.111894][T20185] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1452.152318][T20185] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1452.276124][T20296] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1452.401597][T20185] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1452.639437][T20185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1452.688613][T20185] 8021q: adding VLAN 0 to HW filter on device team0 [ 1452.719712][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 1452.723358][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1452.742294][ T1107] bridge0: port 2(bridge_slave_1) entered blocking state [ 1452.754047][ T1107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1453.228940][T20185] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1453.412224][T20185] veth0_vlan: entered promiscuous mode [ 1453.478123][T20185] veth1_vlan: entered promiscuous mode [ 1453.594133][T20185] veth0_macvtap: entered promiscuous mode [ 1453.619913][T20185] veth1_macvtap: entered promiscuous mode [ 1453.670503][T20185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1453.720340][T20185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1453.743387][T20185] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1453.786351][T20185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1453.809589][T20185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1453.821244][T20185] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1453.847081][T20185] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1453.851215][T20185] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1453.864752][T20185] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1453.868240][T20185] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1454.046169][ T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1454.049521][ T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1454.105074][ T98] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1454.109892][ T98] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1456.613466][ T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1457.729647][T20348] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1457.755752][T20348] 9pnet_fd: Insufficient options for proto=fd [ 1457.803713][T20356] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1457.914025][T10035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1457.926695][T10035] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1457.942343][T10035] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1457.948736][T10035] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1457.953433][T10035] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1457.960511][T10035] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1458.468207][ T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1458.495728][T20361] chnl_net:caif_netlink_parms(): no params data found [ 1458.574848][ T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1458.672459][ T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1458.854791][T20361] bridge0: port 1(bridge_slave_0) entered blocking state [ 1458.864920][T20361] bridge0: port 1(bridge_slave_0) entered disabled state [ 1458.868217][T20361] bridge_slave_0: entered allmulticast mode [ 1458.872228][T20361] bridge_slave_0: entered promiscuous mode [ 1458.878036][T20361] bridge0: port 2(bridge_slave_1) entered blocking state [ 1458.881228][T20361] bridge0: port 2(bridge_slave_1) entered disabled state [ 1458.886617][T20361] bridge_slave_1: entered allmulticast mode [ 1458.891852][T20361] bridge_slave_1: entered promiscuous mode [ 1459.004084][T20361] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1459.015181][T20361] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1459.185899][T20361] team0: Port device team_slave_0 added [ 1459.217985][T20361] team0: Port device team_slave_1 added [ 1459.363878][T20361] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1459.366806][T20361] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1459.382497][T20361] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1459.394049][ T45] bridge_slave_1: left allmulticast mode [ 1459.396595][ T45] bridge_slave_1: left promiscuous mode [ 1459.402474][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 1459.409207][ T45] bridge_slave_0: left allmulticast mode [ 1459.411790][ T45] bridge_slave_0: left promiscuous mode [ 1459.414406][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 1459.529512][T20390] ubi0: attaching mtd0 [ 1459.539975][T20390] ubi0: scanning is finished [ 1459.584224][T20390] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1459.592743][T20390] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1459.596883][T20390] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1459.600857][T20390] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1459.604193][T20390] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1459.607567][T20390] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1459.612245][T20390] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1564836596 [ 1459.616831][T20390] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1459.625988][T20391] ubi0: background thread "ubi_bgt0d" started, PID 20391 [ 1459.923433][T10035] Bluetooth: hci1: command tx timeout [ 1460.017137][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1460.030063][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1460.039937][ T45] bond0 (unregistering): Released all slaves [ 1460.051632][T20361] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1460.054359][T20361] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1460.066404][T20361] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1460.340303][T20403] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1460.351613][T20403] 9pnet_fd: Insufficient options for proto=fd [ 1460.387666][T20361] hsr_slave_0: entered promiscuous mode [ 1460.394004][T20361] hsr_slave_1: entered promiscuous mode [ 1460.397310][T20361] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1460.400755][T20361] Cannot create hsr debugfs directory [ 1460.642088][ T45] hsr_slave_0: left promiscuous mode [ 1460.644850][ T45] hsr_slave_1: left promiscuous mode [ 1460.649493][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1460.652846][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1460.669218][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1460.672529][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1460.730568][ T45] veth1_macvtap: left promiscuous mode [ 1460.733060][ T45] veth0_macvtap: left promiscuous mode [ 1460.735276][ T45] veth1_vlan: left promiscuous mode [ 1460.737651][ T45] veth0_vlan: left promiscuous mode [ 1461.903830][T10035] Bluetooth: hci1: command tx timeout [ 1461.957393][ T39] audit: type=1326 audit(2000000725.843:10085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1461.980104][ T39] audit: type=1326 audit(2000000725.843:10086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.013024][ T39] audit: type=1326 audit(2000000725.843:10087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.023795][ T39] audit: type=1326 audit(2000000725.843:10088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.044792][ T39] audit: type=1326 audit(2000000725.843:10089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.053845][ T39] audit: type=1326 audit(2000000725.843:10090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.065840][ T39] audit: type=1326 audit(2000000725.843:10091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.080179][ T39] audit: type=1326 audit(2000000725.843:10092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.090558][ T39] audit: type=1326 audit(2000000725.843:10093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.099500][ T39] audit: type=1326 audit(2000000725.864:10094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20411 comm="syz.0.3721" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 1462.620993][ T45] team0 (unregistering): Port device team_slave_1 removed [ 1462.784441][ T45] team0 (unregistering): Port device team_slave_0 removed [ 1463.836752][T20408] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3720'. [ 1463.866681][T20415] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3722'. [ 1463.894526][T10035] Bluetooth: hci1: command tx timeout [ 1464.173421][T20428] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1464.245665][T20425] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3724'. [ 1464.661938][T20446] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3726'. [ 1465.232930][T20361] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1465.248206][T20361] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1465.264443][T20361] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1465.288566][T20361] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1465.425944][T20361] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1465.473418][T20361] 8021q: adding VLAN 0 to HW filter on device team0 [ 1465.485105][T16467] bridge0: port 1(bridge_slave_0) entered blocking state [ 1465.488493][T16467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1465.501254][T16467] bridge0: port 2(bridge_slave_1) entered blocking state [ 1465.504454][T16467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1465.807870][T20361] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1465.854376][T20361] veth0_vlan: entered promiscuous mode [ 1465.865061][T20361] veth1_vlan: entered promiscuous mode [ 1465.875854][T10035] Bluetooth: hci1: command tx timeout [ 1465.891905][T20361] veth0_macvtap: entered promiscuous mode [ 1465.899336][T20361] veth1_macvtap: entered promiscuous mode [ 1465.913363][T20361] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1465.919382][T20361] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.925002][T20361] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1465.935446][T20361] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1465.942522][T20361] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1465.950787][T20361] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1465.957733][T20481] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3732'. [ 1466.022176][T20361] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1466.026378][T20361] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1466.032741][T20361] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1466.036880][T20361] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1466.140575][T16467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1466.145992][T16467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1466.179286][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1466.183518][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1466.295074][T20484] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1466.313110][T20484] 9pnet_fd: Insufficient options for proto=fd [ 1467.090227][T20491] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1467.112488][T20491] 9pnet_fd: Insufficient options for proto=fd [ 1467.929647][T20501] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1468.208606][T20504] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1468.842254][T20509] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3738'. [ 1468.952462][T16467] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1470.112665][T20520] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3741'. [ 1470.121031][T20520] bridge0: left promiscuous mode [ 1470.123334][T20520] bridge0: left allmulticast mode [ 1470.194737][T20521] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3742'. [ 1470.222026][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 1470.225160][ C1] vcan0: j1939_xtp_rx_dat: no rx connection found [ 1470.266593][T15270] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1470.273498][T15270] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1470.278669][T15270] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1470.282906][T15270] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1470.286252][T15270] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1470.289436][T15270] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1470.348500][T20523] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1470.354715][T20523] 9pnet_fd: Insufficient options for proto=fd [ 1470.553362][T20524] chnl_net:caif_netlink_parms(): no params data found [ 1470.666358][T20524] bridge0: port 1(bridge_slave_0) entered blocking state [ 1470.670458][T20524] bridge0: port 1(bridge_slave_0) entered disabled state [ 1470.673580][T20524] bridge_slave_0: entered allmulticast mode [ 1470.677431][T20524] bridge_slave_0: entered promiscuous mode [ 1470.682758][T20524] bridge0: port 2(bridge_slave_1) entered blocking state [ 1470.685862][T20524] bridge0: port 2(bridge_slave_1) entered disabled state [ 1470.692030][T20524] bridge_slave_1: entered allmulticast mode [ 1470.696323][T20524] bridge_slave_1: entered promiscuous mode [ 1470.761150][T20524] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1470.766663][T20524] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1470.823701][T20524] team0: Port device team_slave_0 added [ 1470.832869][T20524] team0: Port device team_slave_1 added [ 1470.878291][T20524] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1470.881179][T20524] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1470.894901][T20524] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1470.920780][T20524] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1470.923829][T20524] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1470.936525][T20524] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1471.002104][T20537] serio: Serial port pts2 [ 1471.023555][T20524] hsr_slave_0: entered promiscuous mode [ 1471.027249][T20524] hsr_slave_1: entered promiscuous mode [ 1471.031456][T20524] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1471.034657][T20524] Cannot create hsr debugfs directory [ 1471.654256][T16467] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1471.747076][T16467] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1471.835430][T16467] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1472.080138][T20554] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1472.101726][T16467] bridge_slave_1: left allmulticast mode [ 1472.110809][T16467] bridge_slave_1: left promiscuous mode [ 1472.113408][T16467] bridge0: port 2(bridge_slave_1) entered disabled state [ 1472.122524][T16467] bridge_slave_0: left allmulticast mode [ 1472.125891][T16467] bridge_slave_0: left promiscuous mode [ 1472.128773][T16467] bridge0: port 1(bridge_slave_0) entered disabled state [ 1472.271750][T10035] Bluetooth: hci1: command tx timeout [ 1473.107366][T16467] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1473.120716][T16467] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1473.146929][T16467] bond0 (unregistering): Released all slaves [ 1473.427647][T20561] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3749'. [ 1474.062841][T20582] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1474.153136][T20576] syzkaller0: entered promiscuous mode [ 1474.163060][T20576] syzkaller0: entered allmulticast mode [ 1474.166163][T20524] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1474.218586][T16467] hsr_slave_0: left promiscuous mode [ 1474.234805][T16467] hsr_slave_1: left promiscuous mode [ 1474.239377][T16467] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1474.244797][T16467] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1474.258250][T10035] Bluetooth: hci1: command tx timeout [ 1474.264929][T16467] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1474.268472][T16467] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1474.375548][T16467] veth1_macvtap: left promiscuous mode [ 1474.378114][T16467] veth0_macvtap: left promiscuous mode [ 1474.382063][T16467] veth1_vlan: left promiscuous mode [ 1474.385137][T16467] veth0_vlan: left promiscuous mode [ 1475.190507][T16248] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 1475.375390][T16248] usb 7-1: Using ep0 maxpacket: 8 [ 1475.387035][T16248] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1475.391153][T16248] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1475.396909][T16248] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1475.401145][T16248] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1475.408265][T16248] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1475.412238][T16248] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1475.794456][T16248] usb 7-1: usb_control_msg returned -32 [ 1475.796993][T16248] usbtmc 7-1:16.0: can't read capabilities [ 1476.041344][T16467] team0 (unregistering): Port device team_slave_1 removed [ 1476.181163][T16467] team0 (unregistering): Port device team_slave_0 removed [ 1476.240003][T10035] Bluetooth: hci1: command tx timeout [ 1477.220872][T20524] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1478.216195][T10035] Bluetooth: hci1: command tx timeout [ 1479.333804][ T5390] usb 7-1: USB disconnect, device number 24 [ 1479.339269][T20598] netlink: 'syz.0.3757': attribute type 10 has an invalid length. [ 1479.342731][T20598] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1479.389897][T20598] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1479.399709][T20598] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 1479.404479][T20524] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1479.444062][T20524] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1479.719548][T20612] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3760'. [ 1479.775756][T20524] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1479.804179][T20621] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 1479.813869][T20524] 8021q: adding VLAN 0 to HW filter on device team0 [ 1479.860511][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 1479.863914][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1479.887972][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 1479.891245][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1480.452641][T20524] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1480.560070][T20524] veth0_vlan: entered promiscuous mode [ 1480.570476][T20524] veth1_vlan: entered promiscuous mode [ 1480.598601][T20639] netlink: 'syz.0.3765': attribute type 1 has an invalid length. [ 1480.627833][T20639] bond1: entered promiscuous mode [ 1480.669970][T20524] veth0_macvtap: entered promiscuous mode [ 1480.676604][T20639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3765'. [ 1480.682750][T20639] bond1: left promiscuous mode [ 1480.685069][T20639] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1480.692160][T20524] veth1_macvtap: entered promiscuous mode [ 1480.731954][T20524] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1480.741648][T20524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1480.748497][T20524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1480.754857][T20524] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1480.805463][T20524] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.812393][T20524] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.821814][T20524] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.825182][T20524] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.968394][ T1153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1480.972168][ T1153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1481.033802][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1481.034865][T20655] serio: Serial port pts2 [ 1481.036827][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1481.437874][T20666] netlink: 'syz.3.3770': attribute type 6 has an invalid length. [ 1481.441357][T20666] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3770'. [ 1481.454993][T20666] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3770'. [ 1482.328314][T20677] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3774'. [ 1482.396981][T20678] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3773'. [ 1482.490029][T20680] can0: slcan on ttyprintk. [ 1482.812833][ T5390] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 1482.983866][ T5390] usb 5-1: Using ep0 maxpacket: 8 [ 1482.989115][ T5390] usb 5-1: config 0 has no interfaces? [ 1482.991812][ T5390] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1483.004234][ T5390] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1483.018594][ T5390] usb 5-1: config 0 descriptor?? [ 1483.263254][T19440] usb 5-1: USB disconnect, device number 24 [ 1483.424497][T20679] can0 (unregistered): slcan off ttyprintk. [ 1483.507489][ T91] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1485.149300][T15270] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1485.155068][T15270] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1485.163221][T15270] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1485.174264][T15270] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1485.175080][T19440] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 1485.186005][T15270] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1485.189250][T15270] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1485.355877][T19440] usb 5-1: Using ep0 maxpacket: 8 [ 1485.363639][T19440] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1485.371428][T19440] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 2 [ 1485.379334][T19440] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1485.383018][T20717] chnl_net:caif_netlink_parms(): no params data found [ 1485.383298][T19440] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1485.431589][ T91] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1485.572054][ T91] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1485.634833][T20717] bridge0: port 1(bridge_slave_0) entered blocking state [ 1485.638216][T20717] bridge0: port 1(bridge_slave_0) entered disabled state [ 1485.645830][T20717] bridge_slave_0: entered allmulticast mode [ 1485.650080][T20717] bridge_slave_0: entered promiscuous mode [ 1485.655785][T20717] bridge0: port 2(bridge_slave_1) entered blocking state [ 1485.659129][T20717] bridge0: port 2(bridge_slave_1) entered disabled state [ 1485.665846][T20717] bridge_slave_1: entered allmulticast mode [ 1485.671891][T20717] bridge_slave_1: entered promiscuous mode [ 1485.754408][ T91] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1485.821597][T20717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1485.829682][T20717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1485.925126][T20717] team0: Port device team_slave_0 added [ 1485.942135][T20717] team0: Port device team_slave_1 added [ 1485.953834][ T5390] usb 5-1: USB disconnect, device number 25 [ 1486.049626][T20717] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1486.053109][T20717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1486.065631][T20717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1486.074643][T20717] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1486.077692][T20717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1486.089535][T20717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1486.126063][ T91] bridge_slave_1: left allmulticast mode [ 1486.130616][ T91] bridge_slave_1: left promiscuous mode [ 1486.133118][ T91] bridge0: port 2(bridge_slave_1) entered disabled state [ 1486.138790][ T91] bridge_slave_0: left allmulticast mode [ 1486.141446][ T91] bridge_slave_0: left promiscuous mode [ 1486.144126][ T91] bridge0: port 1(bridge_slave_0) entered disabled state [ 1486.683738][ T91] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1486.712102][ T91] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1486.719395][ T91] bond0 (unregistering): Released all slaves [ 1487.129353][T10035] Bluetooth: hci1: command tx timeout [ 1487.204642][T20717] hsr_slave_0: entered promiscuous mode [ 1487.228787][T20717] hsr_slave_1: entered promiscuous mode [ 1487.238146][T20717] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1487.251607][T20717] Cannot create hsr debugfs directory [ 1487.608150][ T91] hsr_slave_0: left promiscuous mode [ 1487.616408][ T91] hsr_slave_1: left promiscuous mode [ 1487.629244][ T91] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1487.643903][ T91] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1487.672788][ T91] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1487.700596][ T91] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1487.872864][ T91] veth1_macvtap: left promiscuous mode [ 1487.880591][ T91] veth0_macvtap: left promiscuous mode [ 1487.889280][ T91] veth1_vlan: left promiscuous mode [ 1487.903951][ T91] veth0_vlan: left promiscuous mode [ 1488.281415][T20757] input: syz0 as /devices/virtual/input/input37 [ 1489.118657][T10035] Bluetooth: hci1: command tx timeout [ 1489.522164][ T91] team0 (unregistering): Port device team_slave_1 removed [ 1489.700697][ T91] team0 (unregistering): Port device team_slave_0 removed [ 1490.960541][T20759] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3788'. [ 1491.099758][T10035] Bluetooth: hci1: command tx timeout [ 1491.567005][T20782] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1492.206432][T20717] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1492.243710][T20717] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1492.252687][T20795] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1492.263150][T20717] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1492.324149][T20717] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1492.664817][T20717] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1492.703136][T20717] 8021q: adding VLAN 0 to HW filter on device team0 [ 1492.718262][ T91] bridge0: port 1(bridge_slave_0) entered blocking state [ 1492.721770][ T91] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1492.746952][ T91] bridge0: port 2(bridge_slave_1) entered blocking state [ 1492.750198][ T91] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1493.071626][T10035] Bluetooth: hci1: command tx timeout [ 1493.192475][T20717] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1493.205161][T20818] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1493.248974][T20717] veth0_vlan: entered promiscuous mode [ 1493.258604][T20717] veth1_vlan: entered promiscuous mode [ 1493.295673][T20717] veth0_macvtap: entered promiscuous mode [ 1493.303155][T20717] veth1_macvtap: entered promiscuous mode [ 1493.323789][T20717] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1493.334535][T20717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1493.339489][T20717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1493.345091][T20717] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1493.354180][T20717] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1493.358299][T20717] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1493.362095][T20717] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1493.365753][T20717] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1493.451333][ T1153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1493.460945][ T1153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1493.486018][T16467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1493.489767][T16467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1493.572362][ C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1493.826023][T20826] input: syz0 as /devices/virtual/input/input38 [ 1494.266094][T20834] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3805'. [ 1494.530852][T20846] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1495.325276][T20862] ubi0: detaching mtd0 [ 1495.332520][T20862] ubi0: mtd0 is detached [ 1495.686760][ C3] vkms_vblank_simulate: vblank timer overrun [ 1495.993594][T16467] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1497.854140][T15270] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1497.864017][T15270] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1497.870893][T15270] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1497.886378][T15270] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1497.892886][T15270] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1497.897995][T15270] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1498.152365][T20894] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 1498.166050][T20894] 9pnet_fd: Insufficient options for proto=fd [ 1498.414224][T20888] chnl_net:caif_netlink_parms(): no params data found [ 1498.686734][T16467] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1498.754994][T20888] bridge0: port 1(bridge_slave_0) entered blocking state [ 1498.759026][T20888] bridge0: port 1(bridge_slave_0) entered disabled state [ 1498.762441][T20888] bridge_slave_0: entered allmulticast mode [ 1498.767277][T20888] bridge_slave_0: entered promiscuous mode [ 1498.860975][T16467] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1498.930257][T20888] bridge0: port 2(bridge_slave_1) entered blocking state [ 1498.949596][T20888] bridge0: port 2(bridge_slave_1) entered disabled state [ 1498.975006][T20888] bridge_slave_1: entered allmulticast mode [ 1498.979055][T20888] bridge_slave_1: entered promiscuous mode [ 1499.094356][T20906] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 1499.126062][T16467] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1499.146804][T20905] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3820'. [ 1499.167017][T20905] bond_slave_0: entered promiscuous mode [ 1499.170069][T20905] bond_slave_1: entered promiscuous mode [ 1499.172379][T20905] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 1499.196675][T20905] macvtap1: entered promiscuous mode [ 1499.199067][T20905] bond0: entered promiscuous mode [ 1499.203454][T20905] macvtap1: entered allmulticast mode [ 1499.206869][T20905] bond0: entered allmulticast mode [ 1499.210387][T20905] bond_slave_0: entered allmulticast mode [ 1499.213022][T20905] bond_slave_1: entered allmulticast mode [ 1499.218384][T20905] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 1499.223221][T20905] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 1499.296237][T20888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1499.306611][T20907] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3820'. [ 1499.310838][T20907] macvtap1: left promiscuous mode [ 1499.328322][T20907] bond0: left promiscuous mode [ 1499.340190][T20907] macvtap1: left allmulticast mode [ 1499.342191][T20907] bond0: left allmulticast mode [ 1499.344200][T20907] bond_slave_0: left allmulticast mode [ 1499.346272][T20907] bond_slave_1: left allmulticast mode [ 1499.348373][T20907] netdevsim netdevsim3 netdevsim0: left allmulticast mode [ 1499.375567][T20888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1499.576585][T20888] team0: Port device team_slave_0 added [ 1499.607394][T20888] team0: Port device team_slave_1 added [ 1499.875290][T10035] Bluetooth: hci1: command tx timeout [ 1499.905333][T20888] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1499.913321][T20888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1499.932007][T20888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1500.007631][T20888] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1500.011365][T20888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1500.025629][T20888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1500.072037][T16467] bridge_slave_1: left allmulticast mode [ 1500.074971][T16467] bridge_slave_1: left promiscuous mode [ 1500.077389][T16467] bridge0: port 2(bridge_slave_1) entered disabled state [ 1500.119595][T16467] bridge_slave_0: left allmulticast mode [ 1500.122318][T16467] bridge_slave_0: left promiscuous mode [ 1500.125368][T16467] bridge0: port 1(bridge_slave_0) entered disabled state [ 1500.238782][T20916] 9pnet_fd: Insufficient options for proto=fd [ 1501.570840][T16467] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1501.587905][T16467] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1501.599551][T16467] bond0 (unregistering): Released all slaves [ 1501.835337][T10035] Bluetooth: hci1: command tx timeout [ 1502.066304][T20888] hsr_slave_0: entered promiscuous mode [ 1502.071891][T20888] hsr_slave_1: entered promiscuous mode [ 1502.076375][T20888] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1502.086549][T20888] Cannot create hsr debugfs directory [ 1502.244403][T20934] [ 1502.245554][T20934] ====================================================== [ 1502.248489][T20934] WARNING: possible circular locking dependency detected [ 1502.251512][T20934] 6.11.0-rc7-syzkaller-00017-gbc83b4d1f086 #0 Not tainted [ 1502.255430][T20934] ------------------------------------------------------ [ 1502.259280][T20934] syz.3.3826/20934 is trying to acquire lock: [ 1502.261857][T20934] ffff88805635b118 (&mm->mmap_lock){++++}-{3:3}, at: lock_mm_and_find_vma+0x3a9/0x6a0 [ 1502.265853][T20934] [ 1502.265853][T20934] but task is already holding lock: [ 1502.268941][T20934] ffff88804971bef0 (&ctx->wb_lock){+.+.}-{3:3}, at: netfs_begin_writethrough+0x6c/0x3c0 [ 1502.278558][T20934] [ 1502.278558][T20934] which lock already depends on the new lock. [ 1502.278558][T20934] [ 1502.284117][T20934] [ 1502.284117][T20934] the existing dependency chain (in reverse order) is: [ 1502.288493][T20934] [ 1502.288493][T20934] -> #1 (&ctx->wb_lock){+.+.}-{3:3}: [ 1502.293149][T20934] __mutex_lock+0x175/0x9c0 [ 1502.295572][T20934] netfs_writepages+0x5e1/0xdd0 [ 1502.298052][T20934] do_writepages+0x1a3/0x7f0 [ 1502.300362][T20934] filemap_fdatawrite_wbc+0x148/0x1c0 [ 1502.302899][T20934] v9fs_mmap_vm_close+0x213/0x260 [ 1502.305261][T20934] remove_vma+0x8b/0x180 [ 1502.307324][T20934] do_vmi_align_munmap+0x1272/0x19c0 [ 1502.310307][T20934] do_vmi_munmap+0x231/0x410 [ 1502.313368][T20934] mmap_region+0x17f/0x2760 [ 1502.315835][T20934] do_mmap+0xbfb/0xfb0 [ 1502.317863][T20934] vm_mmap_pgoff+0x1ba/0x360 [ 1502.320689][T20934] ksys_mmap_pgoff+0x332/0x5d0 [ 1502.323269][T20934] __do_fast_syscall_32+0x73/0x120 [ 1502.325666][T20934] do_fast_syscall_32+0x32/0x80 [ 1502.328323][T20934] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1502.331277][T20934] [ 1502.331277][T20934] -> #0 (&mm->mmap_lock){++++}-{3:3}: [ 1502.334166][T20934] __lock_acquire+0x24ed/0x3cb0 [ 1502.336377][T20934] lock_acquire+0x1b1/0x560 [ 1502.338500][T20934] down_read_killable+0x9d/0x380 [ 1502.341397][T20934] lock_mm_and_find_vma+0x3a9/0x6a0 [ 1502.343785][T20934] do_user_addr_fault+0x2b5/0x13f0 [ 1502.346508][T20934] exc_page_fault+0x5c/0xc0 [ 1502.349178][T20934] asm_exc_page_fault+0x26/0x30 [ 1502.351506][T20934] fault_in_readable+0x126/0x230 [ 1502.353895][T20934] fault_in_iov_iter_readable+0x101/0x2c0 [ 1502.356770][T20934] netfs_perform_write+0x3ef/0x2250 [ 1502.359191][T20934] netfs_buffered_write_iter_locked+0x213/0x2c0 [ 1502.362166][T20934] netfs_file_write_iter+0x1e0/0x470 [ 1502.364825][T20934] v9fs_file_write_iter+0xa1/0x100 [ 1502.367213][T20934] aio_write+0x3c1/0x8e0 [ 1502.369349][T20934] io_submit_one+0x124e/0x1db0 [ 1502.371611][T20934] __ia32_compat_sys_io_submit+0x1af/0x390 [ 1502.374282][T20934] __do_fast_syscall_32+0x73/0x120 [ 1502.376672][T20934] do_fast_syscall_32+0x32/0x80 [ 1502.378947][T20934] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1502.381821][T20934] [ 1502.381821][T20934] other info that might help us debug this: [ 1502.381821][T20934] [ 1502.385962][T20934] Possible unsafe locking scenario: [ 1502.385962][T20934] [ 1502.388927][T20934] CPU0 CPU1 [ 1502.391534][T20934] ---- ---- [ 1502.393825][T20934] lock(&ctx->wb_lock); [ 1502.395639][T20934] lock(&mm->mmap_lock); [ 1502.398512][T20934] lock(&ctx->wb_lock); [ 1502.401399][T20934] rlock(&mm->mmap_lock); [ 1502.403777][T20934] [ 1502.403777][T20934] *** DEADLOCK *** [ 1502.403777][T20934] [ 1502.407841][T20934] 2 locks held by syz.3.3826/20934: [ 1502.410364][T20934] #0: ffff88804971bb38 (&sb->s_type->i_mutex_key#25){++++}-{3:3}, at: netfs_start_io_write+0x1f/0x70 [ 1502.414916][T20934] #1: ffff88804971bef0 (&ctx->wb_lock){+.+.}-{3:3}, at: netfs_begin_writethrough+0x6c/0x3c0 [ 1502.419269][T20934] [ 1502.419269][T20934] stack backtrace: [ 1502.421637][T20934] CPU: 2 UID: 0 PID: 20934 Comm: syz.3.3826 Not tainted 6.11.0-rc7-syzkaller-00017-gbc83b4d1f086 #0 [ 1502.426125][T20934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1502.430621][T20934] Call Trace: [ 1502.432027][T20934] [ 1502.433297][T20934] dump_stack_lvl+0x116/0x1f0 [ 1502.435337][T20934] check_noncircular+0x31a/0x400 [ 1502.438524][T20934] ? __pfx_check_noncircular+0x10/0x10 [ 1502.441287][T20934] ? __lock_acquire+0x1620/0x3cb0 [ 1502.443489][T20934] ? lockdep_lock+0xc6/0x200 [ 1502.445567][T20934] ? __pfx_lockdep_lock+0x10/0x10 [ 1502.447788][T20934] __lock_acquire+0x24ed/0x3cb0 [ 1502.449842][T20934] ? __pfx___lock_acquire+0x10/0x10 [ 1502.452476][T20934] ? __pfx___perf_event_task_sched_in+0x10/0x10 [ 1502.455411][T20934] lock_acquire+0x1b1/0x560 [ 1502.457514][T20934] ? lock_mm_and_find_vma+0x3a9/0x6a0 [ 1502.459805][T20934] ? __pfx_lock_acquire+0x10/0x10 [ 1502.461728][T20934] ? __pfx___might_resched+0x10/0x10 [ 1502.463967][T20934] down_read_killable+0x9d/0x380 [ 1502.466763][T20934] ? lock_mm_and_find_vma+0x3a9/0x6a0 [ 1502.469602][T20934] ? __pfx_down_read_killable+0x10/0x10 [ 1502.471905][T20934] ? __pfx_search_extable+0x10/0x10 [ 1502.474097][T20934] ? fault_in_readable+0x126/0x230 [ 1502.476299][T20934] lock_mm_and_find_vma+0x3a9/0x6a0 [ 1502.478640][T20934] do_user_addr_fault+0x2b5/0x13f0 [ 1502.481025][T20934] exc_page_fault+0x5c/0xc0 [ 1502.483410][T20934] asm_exc_page_fault+0x26/0x30 [ 1502.485507][T20934] RIP: 0010:fault_in_readable+0x126/0x230 [ 1502.488185][T20934] Code: 77 bb ff 48 39 dd 0f 84 f0 00 00 00 45 31 f6 eb 11 e8 ce 77 bb ff 48 81 c3 00 10 00 00 48 39 eb 74 1d e8 bd 77 bb ff 45 89 f7 <8a> 03 31 ff 44 89 fe 88 44 24 28 e8 ea 79 bb ff 45 85 ff 74 d2 e8 [ 1502.496436][T20934] RSP: 0018:ffffc90002fef640 EFLAGS: 00050246 [ 1502.498863][T20934] RAX: 0000000000040000 RBX: 000000002002b000 RCX: ffffc90007cb1000 [ 1502.502041][T20934] RDX: 0000000000040000 RSI: ffffffff81cfa263 RDI: 0000000000000005 [ 1502.505250][T20934] RBP: 000000002002c000 R08: 0000000000000005 R09: 0000000000000000 [ 1502.508512][T20934] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000001000 [ 1502.511824][T20934] R13: 000000002002a339 R14: 0000000000000000 R15: 0000000000000000 [ 1502.515159][T20934] ? fault_in_readable+0x123/0x230 [ 1502.517252][T20934] ? __pfx_fault_in_readable+0x10/0x10 [ 1502.519266][T20934] ? inode_to_bdi+0x9e/0x160 [ 1502.520982][T20934] fault_in_iov_iter_readable+0x101/0x2c0 [ 1502.523091][T20934] netfs_perform_write+0x3ef/0x2250 [ 1502.525039][T20934] ? __pfx_netfs_perform_write+0x10/0x10 [ 1502.527461][T20934] ? find_held_lock+0x2d/0x110 [ 1502.529653][T20934] ? generic_write_checks+0x322/0x490 [ 1502.532262][T20934] netfs_buffered_write_iter_locked+0x213/0x2c0 [ 1502.535773][T20934] netfs_file_write_iter+0x1e0/0x470 [ 1502.538082][T20934] v9fs_file_write_iter+0xa1/0x100 [ 1502.540469][T20934] aio_write+0x3c1/0x8e0 [ 1502.542302][T20934] ? __pfx_aio_write+0x10/0x10 [ 1502.544442][T20934] ? find_held_lock+0x2d/0x110 [ 1502.546508][T20934] ? __pfx___might_resched+0x10/0x10 [ 1502.548779][T20934] ? io_submit_one+0x124e/0x1db0 [ 1502.550856][T20934] io_submit_one+0x124e/0x1db0 [ 1502.552874][T20934] ? __pfx_io_submit_one+0x10/0x10 [ 1502.555057][T20934] ? __might_fault+0x13b/0x190 [ 1502.557096][T20934] ? __pfx___might_resched+0x10/0x10 [ 1502.559853][T20934] ? __ia32_compat_sys_io_submit+0x1af/0x390 [ 1502.562501][T20934] __ia32_compat_sys_io_submit+0x1af/0x390 [ 1502.565438][T20934] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 1502.568666][T20934] ? xfd_validate_state+0x5d/0x180 [ 1502.570850][T20934] __do_fast_syscall_32+0x73/0x120 [ 1502.573029][T20934] do_fast_syscall_32+0x32/0x80 [ 1502.574958][T20934] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1502.577646][T20934] RIP: 0023:0xf743e579 [ 1502.579386][T20934] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1502.587279][T20934] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8 [ 1502.590360][T20934] RAX: ffffffffffffffda RBX: 00000000f56fe000 RCX: 000000000000140b [ 1502.593764][T20934] RDX: 0000000020000700 RSI: 0000000000000000 RDI: 0000000000000000 [ 1502.597263][T20934] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1502.600626][T20934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1502.603953][T20934] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1502.607307][T20934] [ 1502.971977][T16467] hsr_slave_0: left promiscuous mode [ 1502.978614][T16467] hsr_slave_1: left promiscuous mode [ 1502.991740][T16467] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1502.994848][T16467] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1503.021693][T16467] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1503.025551][T16467] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1503.038428][T16467] veth1_macvtap: left promiscuous mode SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1503.040814][T16467] veth0_macvtap: left promiscuous mode [ 1503.044588][T16467] veth1_vlan: left promiscuous mode [ 1503.064859][T16467] veth0_vlan: left promiscuous mode [ 1503.552823][T16467] team0 (unregistering): Port device team_slave_1 removed [ 1503.636415][T16467] team0 (unregistering): Port device team_slave_0 removed [ 1504.812474][T20948] syz_tun (unregistering): left allmulticast mode [ 1504.815149][T20948] syz_tun (unregistering): left promiscuous mode [ 1504.819608][T20948] bridge0: port 4(syz_tun) entered disabled state [ 1505.127728][T16467] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.221969][T16467] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.284764][T16467] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.383476][T16467] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode [ 1505.387637][T16467] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.520719][T16467] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.605737][T16467] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.679461][T16467] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.750756][T16467] bond0: (slave netdevsim0): Releasing backup interface [ 1505.755822][T16467] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1505.842620][T16467] team0: left allmulticast mode [ 1505.844695][T16467] team_slave_0: left allmulticast mode [ 1505.847396][T16467] team_slave_1: left allmulticast mode [ 1505.849974][T16467] bridge0: port 3(team0) entered disabled state [ 1505.858214][T16467] bridge_slave_1: left promiscuous mode [ 1505.860802][T16467] bridge0: port 2(bridge_slave_1) entered disabled state [ 1505.877478][T16467] bridge_slave_0: left allmulticast mode [ 1505.880032][T16467] bridge_slave_0: left promiscuous mode [ 1505.882393][T16467] bridge0: port 1(bridge_slave_0) entered disabled state [ 1505.890376][T16467] team0: left allmulticast mode [ 1505.897934][T16467] team_slave_0: left allmulticast mode [ 1505.900659][T16467] team_slave_1: left allmulticast mode [ 1505.903359][T16467] team0: left promiscuous mode [ 1505.905417][T16467] team_slave_0: left promiscuous mode [ 1505.907879][T16467] team_slave_1: left promiscuous mode [ 1505.910306][T16467] bridge0: port 3(team0) entered disabled state [ 1505.916127][T16467] bridge_slave_1: left allmulticast mode [ 1505.918830][T16467] bridge_slave_1: left promiscuous mode [ 1505.921343][T16467] bridge0: port 2(bridge_slave_1) entered disabled state [ 1505.927034][T16467] bridge_slave_0: left allmulticast mode [ 1505.929440][T16467] bridge_slave_0: left promiscuous mode [ 1505.934331][T16467] bridge0: port 1(bridge_slave_0) entered disabled state [ 1505.956906][T16467] bridge_slave_1: left allmulticast mode [ 1505.959297][T16467] bridge_slave_1: left promiscuous mode [ 1505.961622][T16467] bridge0: port 2(bridge_slave_1) entered disabled state [ 1505.965516][T16467] bridge_slave_0: left allmulticast mode [ 1505.967801][T16467] bridge_slave_0: left promiscuous mode [ 1505.970242][T16467] bridge0: port 1(bridge_slave_0) entered disabled state [ 1506.019243][T16467] bond_slave_0: left promiscuous mode [ 1506.021565][T16467] bond_slave_1: left promiscuous mode [ 1506.391234][T16467] dvmrp0 (unregistering): left allmulticast mode [ 1507.350240][T16467] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1507.355508][T16467] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1507.362429][T16467] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface [ 1507.366335][T16467] bond0 (unregistering): Released all slaves [ 1507.561694][T16467] bond1 (unregistering): Released all slaves [ 1507.584043][T16467] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1507.591137][T16467] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1507.596389][T16467] bond0 (unregistering): Released all slaves [ 1507.604932][T16467] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1507.610786][T16467] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1507.615950][T16467] bond0 (unregistering): Released all slaves [ 1507.745753][T16467] Κό: left promiscuous mode [ 1507.829245][T16467] Κό: left promiscuous mode [ 1507.923296][T16467] tipc: Left network mode [ 1507.926432][T16467] tipc: Disabling bearer [ 1507.928997][T16467] tipc: Left network mode [ 1508.239785][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1508.306211][T16467] IPVS: stopping backup sync thread 11699 ... [ 1508.310650][T16467] IPVS: stopping backup sync thread 12196 ... [ 1508.953026][T16467] hsr_slave_0: left promiscuous mode [ 1508.967615][T16467] hsr_slave_1: left promiscuous mode [ 1508.971236][T16467] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1508.974440][T16467] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1508.989465][T16467] hsr_slave_0: left promiscuous mode [ 1508.993403][T16467] hsr_slave_1: left promiscuous mode [ 1509.001297][T16467] hsr_slave_0: left promiscuous mode [ 1509.004625][T16467] hsr_slave_1: left promiscuous mode [ 1509.010682][T16467] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1509.015393][T16467] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1509.026460][T16467] veth0_macvtap: left promiscuous mode [ 1509.030151][T16467] veth1_vlan: left promiscuous mode [ 1509.037708][T16467] veth0_macvtap: left promiscuous mode [ 1509.040136][T16467] veth1_vlan: left promiscuous mode [ 1509.042491][T16467] veth0_vlan: left promiscuous mode [ 1510.047079][T16467] team_slave_1 (unregistering): left promiscuous mode [ 1510.054885][T16467] team0 (unregistering): Port device team_slave_1 removed [ 1510.197123][T16467] team_slave_0 (unregistering): left promiscuous mode [ 1510.202307][T16467] team0 (unregistering): Port device team_slave_0 removed [ 1511.863737][T16467] team0 (unregistering): Port device team_slave_1 removed [ 1511.955456][T16467] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 15:59:17 Registers: info registers vcpu 0 CPU#0 RAX=ffff8880003d3118 RBX=0000000000000000 RCX=ffffffff81c687bc RDX=ffff88801faf4880 RSI=dffffc0000000000 RDI=ffff8880003d3118 RBP=ffff88805f356000 RSP=ffffc90000e5f7c0 R8 =0000000000000006 R9 =0000000000000000 R10=0000000000000ce7 R11=0000000000000000 R12=0000000000000ce7 R13=0000000000000001 R14=0000000000047498 R15=ffffc90000e5fc78 RIP=ffffffff81c68817 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7374748 CR3=0000000048034000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016400000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000026e938c RBX=0000000000000001 RCX=ffffffff8b083089 RDX=ffffed10056e6fda RSI=ffffffff8bb07fe0 RDI=ffffffff81634b0c RBP=ffffed10036fd910 RSP=ffffc90000477e08 R8 =0000000000000000 R9 =ffffed10056e6fd9 R10=ffff88802b737ecb R11=0000000000000001 R12=0000000000000001 R13=ffff88801b7ec880 R14=ffffffff9011e758 R15=0000000000000000 RIP=ffffffff8b08447f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000048034000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016400000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fc27c5 RDI=ffffffff9a516680 RBP=ffffffff9a516640 RSP=ffffc90002feec28 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000032 R14=ffffffff84fc2760 R15=0000000000000000 RIP=ffffffff84fc27ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b800000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002002b000 CR3=000000006d92c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000256000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000044800000000 0000000800000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=ffff888021832440 RCX=ffff88802b93fb60 RDX=1ffff11005727dc0 RSI=ffff88802b93fb60 RDI=ffff88802b93ee00 RBP=ffff88802b93edc0 RSP=ffffc90003167718 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000009 R13=ffff888021832930 R14=7fffffffffffffff R15=ffff88802b93edc0 RIP=ffffffff815c3fc2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f56fdda4 CR3=00000000229c4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000044800000000 0000000800000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000