last executing test programs: 4.927956038s ago: executing program 0 (id=23): r0 = shmget$private(0x0, 0x400000, 0x184, &(0x7f0000c00000/0x400000)=nil) shmat(r0, &(0x7f0000f62000/0x1000)=nil, 0x7000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 4.533760915s ago: executing program 0 (id=26): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) setsockopt$sock_int(r0, 0x1, 0xb, 0x0, 0x0) 3.515698324s ago: executing program 2 (id=36): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000014d564b000000"]) 3.241157369s ago: executing program 3 (id=37): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000000000009004"]) 3.126602972s ago: executing program 0 (id=38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="d479183d7d98d181a4b5f3e3", 0xc}], 0x1}}], 0x1, 0x24044015) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2.860900967s ago: executing program 3 (id=39): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0) write(r1, &(0x7f0000000240)="94", 0x1) tee(r0, r5, 0x8f5, 0x100000000000000) read$FUSE(r4, &(0x7f00000003c0)={0x2020}, 0x2020) r6 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xffffd000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0xc9) r7 = openat$urandom(0xffffffffffffff9c, 0x0, 0x103902, 0x0) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, 0x0, 0x0) r8 = openat(0xffffffffffffff9c, 0x0, 0xd4802, 0x1ff) r9 = syz_clone(0x81248080, 0x0, 0x4c, 0x0, 0x0, 0x0) ptrace(0x10, r9) ptrace(0x8, r9) sendfile(r8, r7, 0x0, 0xfffa83) truncate(&(0x7f0000000900)='./file1\x00', 0x1) write(0xffffffffffffffff, 0x0, 0x0) write(r2, 0x0, 0x0) 2.496037034s ago: executing program 2 (id=41): r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x194) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 2.360669796s ago: executing program 4 (id=42): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket(0xa, 0x3, 0xff) sendto$inet6(r0, 0x0, 0x0, 0x8010, &(0x7f0000000240)={0xa, 0x4ea2, 0x10000, @empty, 0x401}, 0x1c) 2.204298909s ago: executing program 2 (id=43): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000b80)="83556f524e5b4275202de9e9190a4e45413b785e52d04218ff14259285fc60a04bc6b2219b8c6853a6622cf43ff12c6e70030000009d24e78c3e9315e114c8a7316f4fe07425a43afc3f2146fd5b3fa9944ac1fff9e40cb9d497259e2f8443386550fc0255f733c2c4592534f4c24aa04090941068f785925c29c444a6887d4a23cffdd0da78bccb1ee094cc21d79dddfd1ee274ec69d98e4ce1efdf416ca3948f3e2d92e348b88fd9387473855b1fdcd7493d01f0453924af3a79bc5d40b7e5ab2c6bd87501389f038abd8f0b2c59445502d726c974e0e57eab107a6ad6f2a998529e4bdafb9ed3a4c3482682f5369b1ca77c8dae495685a16821fd0da5b3b17b58909c93344ff6b6908a5de6530ebb79b7096253ed28f981b117f1af480914519ce90117ffc37d83297da593ce451f464a6b272b35442e3bc42881092cc92420590b6230a6af3817a7b4ca4d7a46e0c5d814ee1f6d9a20a255c54b88476ac582e3e4d99ba105b0f4dfb48d666aa23f70fbe69249f33f75fb4e5cbf27f1ecd1f47bfa745d508d3c599de413ab6b7f00ae14e2ed3c83da269536787bf4ff3f0d117b8415df306504b3020bfa61450bd88b8c73362f2ccd2217a49b8948f0ead1cac7c3f8da62ecc2219826bde12cf42eb9f9378909858d000000006316d96e2735850218ae8f89dfb2459ebc25571077a7602a55d51b2582a5d5e322e5816bc464beace66726fa5a8b0b84be74b85dd81115bf7dc16d2a45db14e6b52e05ab8f54b7d775d90db2ea7a63d7a84812ed5a56346fcbd1ef7b0f8f3f6833a99270f678ec85e3ce2ce718531e898016f81dec1c2702e7e0b04539cdc298c00cd464ca36342b634a61e2ba4e8c3ede56d78cac00fb4137aaddba05c519713989c60aed06231c821eb247e6d7a55989e4a672b5d24c", 0x292}], 0x1}}], 0x1, 0x60c5895) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x202, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000380)={0x21, 0x0, [{0x298, 0x0, 0x100}]}) 2.119942721s ago: executing program 0 (id=44): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f00000001c0)="d8df0f23b3b9ce000000b807000000ba000000000f3066b8ca008ed0b9b60a000080320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000000b9a6080000b800000100ba000000000f300f300fc79d53bf0000c4b9e16dc301012202", 0x62}], 0x1, 0x4, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000900)=[@text16={0x10, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.113092871s ago: executing program 4 (id=45): r0 = socket(0xa, 0x5, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x8, 0x1, 0x85}]}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0), 0x4) sendto$inet6(r0, &(0x7f0000000040)='\x00', 0x1, 0x44004, 0x0, 0x0) 1.930325364s ago: executing program 3 (id=47): ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000011c0)={'tunl0\x00', &(0x7f0000000000)={'gre0\x00', 0x0, 0xf, 0x80, 0xc5e, 0x80002e4, {{0x5, 0x4, 0x0, 0xe, 0x14, 0x63, 0x0, 0x10, 0x29, 0x0, @multicast1, @multicast1}}}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0) preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 1.903388355s ago: executing program 4 (id=48): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0xb27, 0x4) connect$inet(r0, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, &(0x7f00000010c0)="2faea58f8c0fe092e56251f8f7b363be9f873942547018d941ac39423e9ee2643480243e943922825b49812a2bfe83d90dbcafb70bcf6467034f163c21c650a4abaabb6e1a70d0546dc026b004a7b87684d22e90143e929cca3eca6b0bbe454bf9b3dcb4d744fadad06f5ad66e6238e7744b8a11ed97b34cee288d95470d7e46f0a19e9d2ad446efda4f428b89773eaa9482e7024a4ed899c128d57e000509000000517287440c69eacfed996d21fac4e646d2c80285660620145f9667e899dd410ebf7ce8b6f71a0d58c18f8b5705c9da07bdcafa474d2936a7320e8a", 0xdd, 0x8090, 0x0, 0x0) sendto(r0, &(0x7f0000000400)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3bf52a6b2cdb77ef9af2a603a3e78adff59fbb22bae1b2443011fd801251bcef8f165533aac58c7556dd51edc5a6865d4e29f0bbd0ed602050000000000002944de604d849a1e3b32905b0d", 0x64, 0x4008044, 0x0, 0x0) sendto$inet(r0, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x0, 0x0, 0x0) 1.804298557s ago: executing program 0 (id=49): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) setsockopt$sock_int(r0, 0x1, 0xb, 0x0, 0x0) 1.597147651s ago: executing program 1 (id=50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000000000009004"]) 1.475993213s ago: executing program 4 (id=51): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000014d564b000000"]) 1.475735813s ago: executing program 2 (id=52): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.339196125s ago: executing program 3 (id=53): r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) io_submit(0x0, 0x2, &(0x7f00000026c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x6, r0, 0x0, 0x0, 0x9}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xf, 0x5, r0, 0x0, 0x0, 0x8, 0x0, 0x3}]) 1.220361308s ago: executing program 1 (id=54): r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x194) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 1.08181177s ago: executing program 4 (id=55): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="d479183d7d98d181a4b5f3e3", 0xc}], 0x1}}], 0x1, 0x24044015) ioctl$KVM_RUN(r3, 0xae80, 0x0) 989.145792ms ago: executing program 1 (id=56): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket(0xa, 0x3, 0xff) sendto$inet6(r0, 0x0, 0x0, 0x8010, &(0x7f0000000240)={0xa, 0x4ea2, 0x10000, @empty, 0x401}, 0x1c) 828.961155ms ago: executing program 3 (id=57): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)={0x0, 0xea91, 0x80, 0x4000006, 0x3, "42341f9b1000007e4f00"}) r1 = syz_open_pts(r0, 0x103100) ioctl$TIOCCONS(r1, 0x541d) 828.199385ms ago: executing program 2 (id=67): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 685.905398ms ago: executing program 1 (id=58): r0 = socket(0xa, 0x5, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x8, 0x1, 0x85}]}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0), 0x4) sendto$inet6(r0, &(0x7f0000000040)='\x00', 0x1, 0x44004, 0x0, 0x0) 435.904453ms ago: executing program 0 (id=59): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0) write(r1, &(0x7f0000000240)="94", 0x1) tee(r0, r5, 0x8f5, 0x100000000000000) read$FUSE(r4, &(0x7f00000003c0)={0x2020}, 0x2020) r6 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xffffd000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0xc9) r7 = openat$urandom(0xffffffffffffff9c, 0x0, 0x103902, 0x0) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, 0x0, 0x0) r8 = openat(0xffffffffffffff9c, 0x0, 0xd4802, 0x1ff) r9 = syz_clone(0x81248080, 0x0, 0x4c, 0x0, 0x0, 0x0) ptrace(0x10, r9) ptrace(0x8, r9) sendfile(r8, r7, 0x0, 0xfffa83) truncate(&(0x7f0000000900)='./file1\x00', 0x1) write(0xffffffffffffffff, 0x0, 0x0) write(r2, 0x0, 0x0) 351.904774ms ago: executing program 3 (id=60): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x102, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001b00)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xffffffff, @remote, 0x7}, 0x1c, 0x0}}], 0x1, 0x40000840) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"]) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = eventfd2(0x8, 0x1) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r2, 0x4}) write$eventfd(r2, &(0x7f0000000040)=0x6, 0x8) 339.157244ms ago: executing program 1 (id=61): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0xb27, 0x4) connect$inet(r0, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, &(0x7f00000010c0)="2faea58f8c0fe092e56251f8f7b363be9f873942547018d941ac39423e9ee2643480243e943922825b49812a2bfe83d90dbcafb70bcf6467034f163c21c650a4abaabb6e1a70d0546dc026b004a7b87684d22e90143e929cca3eca6b0bbe454bf9b3dcb4d744fadad06f5ad66e6238e7744b8a11ed97b34cee288d95470d7e46f0a19e9d2ad446efda4f428b89773eaa9482e7024a4ed899c128d57e000509000000517287440c69eacfed996d21fac4e646d2c80285660620145f9667e899dd410ebf7ce8b6f71a0d58c18f8b5705c9da07bdcafa474d2936a7320e8a", 0xdd, 0x8090, 0x0, 0x0) sendto(r0, &(0x7f0000000400)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3bf52a6b2cdb77ef9af2a603a3e78adff59fbb22bae1b2443011fd801251bcef8f165533aac58c7556dd51edc5a6865d4e29f0bbd0ed602050000000000002944de604d849a1e3b32905b0d", 0x64, 0x4008044, 0x0, 0x0) sendto$inet(r0, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x0, 0x0, 0x0) 296.202905ms ago: executing program 2 (id=62): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000560000000000000066ba2100b066eeb9e00a00000f"], 0x56}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2, 0x102000, 0x1}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000002340)={0x0, 0x0, @pic={0x7, 0x10, 0x4, 0x81, 0x0, 0xb, 0x7, 0x9, 0x5d, 0x1, 0x8, 0x40, 0x31, 0x0, 0x5, 0x4b}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000000c0)={0x3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 106.187339ms ago: executing program 4 (id=63): ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000011c0)={'tunl0\x00', &(0x7f0000000000)={'gre0\x00', 0x0, 0xf, 0x80, 0xc5e, 0x80002e4, {{0x5, 0x4, 0x0, 0xe, 0x14, 0x63, 0x0, 0x10, 0x29, 0x0, @multicast1, @multicast1}}}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0) preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 0s ago: executing program 1 (id=64): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000b80)="83556f524e5b4275202de9e9190a4e45413b785e52d04218ff14259285fc60a04bc6b2219b8c6853a6622cf43ff12c6e70030000009d24e78c3e9315e114c8a7316f4fe07425a43afc3f2146fd5b3fa9944ac1fff9e40cb9d497259e2f8443386550fc0255f733c2c4592534f4c24aa04090941068f785925c29c444a6887d4a23cffdd0da78bccb1ee094cc21d79dddfd1ee274ec69d98e4ce1efdf416ca3948f3e2d92e348b88fd9387473855b1fdcd7493d01f0453924af3a79bc5d40b7e5ab2c6bd87501389f038abd8f0b2c59445502d726c974e0e57eab107a6ad6f2a998529e4bdafb9ed3a4c3482682f5369b1ca77c8dae495685a16821fd0da5b3b17b58909c93344ff6b6908a5de6530ebb79b7096253ed28f981b117f1af480914519ce90117ffc37d83297da593ce451f464a6b272b35442e3bc42881092cc92420590b6230a6af3817a7b4ca4d7a46e0c5d814ee1f6d9a20a255c54b88476ac582e3e4d99ba105b0f4dfb48d666aa23f70fbe69249f33f75fb4e5cbf27f1ecd1f47bfa745d508d3c599de413ab6b7f00ae14e2ed3c83da269536787bf4ff3f0d117b8415df306504b3020bfa61450bd88b8c73362f2ccd2217a49b8948f0ead1cac7c3f8da62ecc2219826bde12cf42eb9f9378909858d000000006316d96e2735850218ae8f89dfb2459ebc25571077a7602a55d51b2582a5d5e322e5816bc464beace66726fa5a8b0b84be74b85dd81115bf7dc16d2a45db14e6b52e05ab8f54b7d775d90db2ea7a63d7a84812ed5a56346fcbd1ef7b0f8f3f6833a99270f678ec85e3ce2ce718531e898016f81dec1c2702e7e0b04539cdc298c00cd464ca36342b634a61e2ba4e8c3ede56d78cac00fb4137aaddba05c519713989c60aed06231c821eb247e6d7a55989e4a672b5d24c", 0x292}], 0x1}}], 0x1, 0x60c5895) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x202, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000380)={0x21, 0x0, [{0x298, 0x0, 0x100}]}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.250' (ED25519) to the list of known hosts. [ 69.269711][ T4254] cgroup: Unknown subsys name 'net' [ 69.406610][ T4254] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 70.933037][ T4254] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 71.343186][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.349682][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.946143][ T4282] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.954340][ T4282] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.956706][ T4283] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.963616][ T4282] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.970638][ T4283] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.978959][ T4282] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.984253][ T4283] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.991120][ T4282] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.998047][ T4283] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.006141][ T4282] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 73.011739][ T4283] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 73.019073][ T4282] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 73.025603][ T4283] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 73.040477][ T4282] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.040693][ T4283] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 73.055810][ T4284] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 73.056648][ T4282] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.063095][ T4284] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 73.072445][ T4282] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 73.077219][ T4284] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 73.084875][ T4282] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.093382][ T4284] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 73.098828][ T4282] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.105110][ T4284] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 73.112413][ T4282] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 73.121054][ T4285] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 73.126823][ T4282] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.168738][ T4285] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.176250][ T4279] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 73.196269][ T4285] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 73.643356][ T4269] chnl_net:caif_netlink_parms(): no params data found [ 73.717238][ T4265] chnl_net:caif_netlink_parms(): no params data found [ 73.727031][ T4267] chnl_net:caif_netlink_parms(): no params data found [ 73.788557][ T4266] chnl_net:caif_netlink_parms(): no params data found [ 73.874297][ T4269] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.881564][ T4269] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.889964][ T4269] device bridge_slave_0 entered promiscuous mode [ 73.913023][ T4270] chnl_net:caif_netlink_parms(): no params data found [ 73.927333][ T4269] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.934713][ T4269] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.943318][ T4269] device bridge_slave_1 entered promiscuous mode [ 73.996683][ T4267] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.004010][ T4267] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.012101][ T4267] device bridge_slave_0 entered promiscuous mode [ 74.047987][ T4267] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.055233][ T4267] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.063728][ T4267] device bridge_slave_1 entered promiscuous mode [ 74.080145][ T4269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.116059][ T4265] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.123284][ T4265] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.131795][ T4265] device bridge_slave_0 entered promiscuous mode [ 74.141074][ T4269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.150519][ T4266] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.157723][ T4266] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.166209][ T4266] device bridge_slave_0 entered promiscuous mode [ 74.190767][ T4265] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.197895][ T4265] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.206365][ T4265] device bridge_slave_1 entered promiscuous mode [ 74.229355][ T4266] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.236708][ T4266] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.245078][ T4266] device bridge_slave_1 entered promiscuous mode [ 74.255515][ T4267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.281847][ T4270] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.288992][ T4270] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.297414][ T4270] device bridge_slave_0 entered promiscuous mode [ 74.314128][ T4267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.332626][ T4269] team0: Port device team_slave_0 added [ 74.341079][ T4265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.350350][ T4270] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.357430][ T4270] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.365501][ T4270] device bridge_slave_1 entered promiscuous mode [ 74.388795][ T4269] team0: Port device team_slave_1 added [ 74.405262][ T4265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.424598][ T4266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.465514][ T4266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.485180][ T4267] team0: Port device team_slave_0 added [ 74.492016][ T4269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.498983][ T4269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.524958][ T4269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.547800][ T4270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.567242][ T4267] team0: Port device team_slave_1 added [ 74.579605][ T4269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.586962][ T4269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.613455][ T4269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.627119][ T4265] team0: Port device team_slave_0 added [ 74.635104][ T4265] team0: Port device team_slave_1 added [ 74.642508][ T4270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.654207][ T4266] team0: Port device team_slave_0 added [ 74.686248][ T4266] team0: Port device team_slave_1 added [ 74.739759][ T4267] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.746936][ T4267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.773212][ T4267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.786133][ T4267] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.793201][ T4267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.819237][ T4267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.831272][ T4265] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.838238][ T4265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.870185][ T4265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.883751][ T4270] team0: Port device team_slave_0 added [ 74.890130][ T4265] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.897097][ T4265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.923260][ T4265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.946010][ T4269] device hsr_slave_0 entered promiscuous mode [ 74.953476][ T4269] device hsr_slave_1 entered promiscuous mode [ 74.965050][ T4270] team0: Port device team_slave_1 added [ 74.975609][ T4266] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.982648][ T4266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.008761][ T4266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.060808][ T4266] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.067861][ T4266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.094229][ T4266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.125911][ T4270] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.133129][ T4270] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.159582][ T4270] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.189859][ T4265] device hsr_slave_0 entered promiscuous mode [ 75.197158][ T4265] device hsr_slave_1 entered promiscuous mode [ 75.204010][ T4265] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.211976][ T4265] Cannot create hsr debugfs directory [ 75.227225][ T4270] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.234292][ T4270] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.260606][ T4270] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.276597][ T4286] Bluetooth: hci0: command 0x0409 tx timeout [ 75.283215][ T4284] Bluetooth: hci4: command 0x0409 tx timeout [ 75.283234][ T4281] Bluetooth: hci3: command 0x0409 tx timeout [ 75.283433][ T4281] Bluetooth: hci1: command 0x0409 tx timeout [ 75.289418][ T4284] Bluetooth: hci2: command 0x0409 tx timeout [ 75.313961][ T4267] device hsr_slave_0 entered promiscuous mode [ 75.320946][ T4267] device hsr_slave_1 entered promiscuous mode [ 75.327419][ T4267] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.335329][ T4267] Cannot create hsr debugfs directory [ 75.369251][ T4266] device hsr_slave_0 entered promiscuous mode [ 75.376359][ T4266] device hsr_slave_1 entered promiscuous mode [ 75.383165][ T4266] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.391188][ T4266] Cannot create hsr debugfs directory [ 75.459895][ T4270] device hsr_slave_0 entered promiscuous mode [ 75.466813][ T4270] device hsr_slave_1 entered promiscuous mode [ 75.474226][ T4270] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.481888][ T4270] Cannot create hsr debugfs directory [ 75.749575][ T4269] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 75.766632][ T4269] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 75.781043][ T4269] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 75.794607][ T4269] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 75.826169][ T4267] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 75.835836][ T4267] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 75.854945][ T4267] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 75.866086][ T4267] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 75.955302][ T4265] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.975629][ T4265] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 76.000795][ T4265] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 76.009927][ T4265] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 76.058274][ T4266] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 76.079737][ T4269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.104340][ T4266] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 76.115178][ T4266] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 76.127170][ T4266] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 76.159805][ T4269] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.168258][ T4270] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 76.183594][ T4270] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 76.192737][ T4270] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 76.205073][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 76.214541][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.229276][ T4270] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 76.247154][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 76.257120][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.266735][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.274056][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.284165][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.317275][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 76.326344][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 76.336140][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.343264][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.372913][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 76.384626][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 76.438600][ T4267] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.448391][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 76.458546][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 76.483933][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 76.505612][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 76.515193][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 76.526000][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 76.534886][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 76.556068][ T4269] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 76.567898][ T4269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 76.584108][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 76.593122][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 76.606257][ T4265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.639303][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 76.648221][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.662961][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 76.676410][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.691517][ T4270] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.712716][ T4266] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.721817][ T4265] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.731431][ T4267] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.748621][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 76.763438][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.780757][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 76.789804][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.804821][ T33] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.812015][ T33] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.825830][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 76.834827][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 76.843640][ T33] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.850778][ T33] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.868562][ T4266] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.877350][ T4270] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.897164][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.906269][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 76.920930][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.928964][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 76.956782][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.968259][ T33] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.975563][ T33] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.991017][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 76.999926][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.014128][ T33] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.021300][ T33] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.030755][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 77.039527][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 77.049127][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 77.084593][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 77.096189][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 77.105320][ T33] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.112524][ T33] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.122039][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 77.130918][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 77.139319][ T33] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.146452][ T33] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.154627][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 77.163479][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.172247][ T33] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.179332][ T33] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.187350][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 77.198782][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 77.208077][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 77.218193][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 77.227931][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 77.236598][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 77.246018][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 77.259295][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 77.268109][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 77.277426][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 77.285597][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 77.293925][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 77.303604][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.312577][ T33] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.319679][ T33] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.340265][ T4284] Bluetooth: hci2: command 0x041b tx timeout [ 77.340311][ T4286] Bluetooth: hci0: command 0x041b tx timeout [ 77.346317][ T4284] Bluetooth: hci1: command 0x041b tx timeout [ 77.352521][ T4281] Bluetooth: hci4: command 0x041b tx timeout [ 77.358761][ T4282] Bluetooth: hci3: command 0x041b tx timeout [ 77.377863][ T4265] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 77.388575][ T4265] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 77.405844][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 77.415943][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 77.427068][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 77.435930][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 77.444695][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 77.454421][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 77.463257][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 77.472119][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 77.481111][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 77.489615][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 77.498775][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 77.535032][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 77.546374][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 77.555801][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 77.565778][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 77.574612][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 77.584293][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 77.593730][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 77.603638][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 77.612921][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 77.622156][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 77.632788][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 77.642136][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 77.652677][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 77.685575][ T4266] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 77.698119][ T4266] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 77.717145][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 77.728131][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 77.736833][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 77.746952][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 77.756520][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 77.765517][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 77.775034][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 77.783348][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 77.791450][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 77.803559][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 77.812601][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 77.826968][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 77.849512][ T4269] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.859070][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 77.870492][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 77.892404][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 77.981914][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 78.011144][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 78.091577][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 78.106856][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 78.143316][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 78.171482][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 78.201706][ T4269] device veth0_vlan entered promiscuous mode [ 78.243112][ T4269] device veth1_vlan entered promiscuous mode [ 78.324975][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 78.341154][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 78.349533][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.363949][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.378341][ T4269] device veth0_macvtap entered promiscuous mode [ 78.407185][ T4265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.425457][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 78.448717][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.463923][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.484077][ T4269] device veth1_macvtap entered promiscuous mode [ 78.533289][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 78.548213][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 78.560402][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 78.589094][ T4269] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.610622][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.626088][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.647854][ T4269] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.668660][ T4265] device veth0_vlan entered promiscuous mode [ 78.683100][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.695085][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.705219][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 78.714646][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 78.726775][ T4269] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.736030][ T4269] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.747091][ T4269] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.756104][ T4269] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.777987][ T4265] device veth1_vlan entered promiscuous mode [ 78.787207][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 78.796199][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 78.813676][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.821531][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.845734][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.856602][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.867965][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.875761][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.891612][ T4270] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.905346][ T4266] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.942716][ T4267] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.969421][ T4265] device veth0_macvtap entered promiscuous mode [ 78.992795][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 79.013137][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 79.043271][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 79.052461][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 79.061613][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 79.070999][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 79.082778][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 79.113456][ T4265] device veth1_macvtap entered promiscuous mode [ 79.156827][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 79.171503][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.184218][ T4265] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.216885][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 79.226032][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 79.236145][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 79.245531][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 79.254500][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 79.266371][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.277752][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.289436][ T4265] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.313005][ T4266] device veth0_vlan entered promiscuous mode [ 79.322300][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 79.334387][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 79.345088][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 79.358844][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 79.379425][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 79.389285][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 79.414661][ T4270] device veth0_vlan entered promiscuous mode [ 79.420852][ T4284] Bluetooth: hci4: command 0x040f tx timeout [ 79.421089][ T4286] Bluetooth: hci0: command 0x040f tx timeout [ 79.426881][ T4284] Bluetooth: hci2: command 0x040f tx timeout [ 79.433110][ T4286] Bluetooth: hci1: command 0x040f tx timeout [ 79.433139][ T4286] Bluetooth: hci3: command 0x040f tx timeout [ 79.457188][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.462332][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 79.465820][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.484239][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 79.507123][ T4265] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.516978][ T4265] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.535008][ T4265] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.545121][ T4265] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.573825][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 79.588743][ T4266] device veth1_vlan entered promiscuous mode [ 79.615771][ T4270] device veth1_vlan entered promiscuous mode [ 79.647856][ T4361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.677309][ T4361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.707221][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 79.716527][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 79.726045][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 79.735830][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 79.746863][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 79.805852][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 79.822786][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 79.836704][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 79.846712][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 79.889780][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 79.899203][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 79.916013][ T4266] device veth0_macvtap entered promiscuous mode [ 79.929097][ T4267] device veth0_vlan entered promiscuous mode [ 79.951550][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 79.976138][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 79.989593][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 79.989781][ T4388] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 80.007245][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 80.026656][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 80.042902][ T4266] device veth1_macvtap entered promiscuous mode [ 80.057129][ T4270] device veth0_macvtap entered promiscuous mode [ 80.093205][ T4267] device veth1_vlan entered promiscuous mode [ 80.108399][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.120450][ T4270] device veth1_macvtap entered promiscuous mode [ 80.127784][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.147206][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.153900][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.166119][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.176850][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.191659][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.214381][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 80.223747][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 80.233346][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 80.242511][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 80.250823][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 80.259483][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 80.268716][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 80.278282][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 80.294091][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.314136][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.324504][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.350432][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.362991][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.391277][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 80.403565][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 80.422705][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.436102][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.450773][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.459520][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.470356][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.480873][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.491887][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.502589][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.514793][ T4270] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.529374][ T4266] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.539174][ T4266] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.549380][ T4266] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.559450][ T4266] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.570469][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 80.578581][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 80.587844][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 80.599269][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 80.608242][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 80.625646][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.639696][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.655295][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.665849][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.686785][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.699265][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.718277][ T4270] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.746177][ T4267] device veth0_macvtap entered promiscuous mode [ 80.760482][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 80.768855][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 80.779342][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 80.793851][ T4270] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.803878][ T4270] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.817993][ T4270] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.864602][ T4270] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.883857][ T4267] device veth1_macvtap entered promiscuous mode [ 81.026764][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.043122][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.054412][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.083680][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.094889][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.115928][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.129051][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.145786][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.157926][ T4267] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.196870][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 81.225084][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 81.240316][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.256295][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.309082][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.321603][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.332454][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.353467][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.373029][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.383840][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.395895][ T4267] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.419474][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 81.429169][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 81.438636][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.448517][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.455171][ T4267] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.470229][ T4267] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.479061][ T4267] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.500045][ T4267] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.500870][ T4282] Bluetooth: hci3: command 0x0419 tx timeout [ 81.509166][ T4284] Bluetooth: hci1: command 0x0419 tx timeout [ 81.514925][ T4286] Bluetooth: hci0: command 0x0419 tx timeout [ 81.514963][ T4286] Bluetooth: hci4: command 0x0419 tx timeout [ 81.514991][ T4286] Bluetooth: hci2: command 0x0419 tx timeout [ 81.572760][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 81.605350][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.651677][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.696283][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 81.708954][ T4361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.776492][ T4361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.813434][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.834413][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.851447][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.874220][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.906960][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.920253][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.941066][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 82.025316][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.051192][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.119227][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 82.599340][ T4435] mmap: syz.0.15 (4435) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 83.467960][ T4454] sctp: [Deprecated]: syz.2.20 (pid 4454) Use of int in max_burst socket option deprecated. [ 83.467960][ T4454] Use struct sctp_assoc_value instead [ 84.916738][ T4491] sctp: [Deprecated]: syz.3.34 (pid 4491) Use of int in max_burst socket option deprecated. [ 84.916738][ T4491] Use struct sctp_assoc_value instead [ 86.579046][ T4526] sctp: [Deprecated]: syz.4.45 (pid 4526) Use of int in max_burst socket option deprecated. [ 86.579046][ T4526] Use struct sctp_assoc_value instead [ 86.702481][ T127] cfg80211: failed to load regulatory.db [ 88.072189][ T4574] sctp: [Deprecated]: syz.1.58 (pid 4574) Use of int in max_burst socket option deprecated. [ 88.072189][ T4574] Use struct sctp_assoc_value instead [ 88.675148][ T4595] [ 88.677544][ T4595] ====================================================== [ 88.684582][ T4595] WARNING: possible circular locking dependency detected [ 88.691627][ T4595] syzkaller #0 Not tainted [ 88.696056][ T4595] ------------------------------------------------------ [ 88.703086][ T4595] syz.4.63/4595 is trying to acquire lock: [ 88.708901][ T4595] ffff88807d32e2d8 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable+0x1d/0x60 [ 88.718622][ T4595] [ 88.718622][ T4595] but task is already holding lock: [ 88.726009][ T4595] ffff888068b0f430 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0 [ 88.736955][ T4595] [ 88.736955][ T4595] which lock already depends on the new lock. [ 88.736955][ T4595] [ 88.747385][ T4595] [ 88.747385][ T4595] the existing dependency chain (in reverse order) is: [ 88.756420][ T4595] [ 88.756420][ T4595] -> #1 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}: [ 88.765162][ T4595] down_write+0x36/0x60 [ 88.769889][ T4595] process_measurement+0x33c/0x1a10 [ 88.775674][ T4595] ima_file_mmap+0x104/0x150 [ 88.780836][ T4595] __se_sys_remap_file_pages+0x53e/0x770 [ 88.787024][ T4595] do_syscall_64+0x4c/0xa0 [ 88.791987][ T4595] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.798449][ T4595] [ 88.798449][ T4595] -> #0 (&mm->mmap_lock){++++}-{3:3}: [ 88.806042][ T4595] __lock_acquire+0x2cf8/0x7c50 [ 88.811463][ T4595] lock_acquire+0x1b4/0x490 [ 88.816528][ T4595] down_read_killable+0x4c/0x340 [ 88.822021][ T4595] mmap_read_lock_killable+0x1d/0x60 [ 88.827869][ T4595] lock_mm_and_find_vma+0x2b1/0x2f0 [ 88.833620][ T4595] do_user_addr_fault+0x2db/0xb10 [ 88.839203][ T4595] exc_page_fault+0x60/0x100 [ 88.844354][ T4595] asm_exc_page_fault+0x22/0x30 [ 88.849757][ T4595] fault_in_readable+0x13e/0x1f0 [ 88.855270][ T4595] fault_in_iov_iter_readable+0xbb/0x2e0 [ 88.861493][ T4595] generic_perform_write+0x1d2/0x560 [ 88.867369][ T4595] __generic_file_write_iter+0x172/0x430 [ 88.873564][ T4595] generic_file_write_iter+0xab/0x2e0 [ 88.879500][ T4595] vfs_write+0x44c/0x960 [ 88.884311][ T4595] ksys_write+0x143/0x240 [ 88.889207][ T4595] do_syscall_64+0x4c/0xa0 [ 88.894181][ T4595] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.900648][ T4595] [ 88.900648][ T4595] other info that might help us debug this: [ 88.900648][ T4595] [ 88.910924][ T4595] Possible unsafe locking scenario: [ 88.910924][ T4595] [ 88.918406][ T4595] CPU0 CPU1 [ 88.923802][ T4595] ---- ---- [ 88.929198][ T4595] lock(&sb->s_type->i_mutex_key#12); [ 88.934714][ T4595] lock(&mm->mmap_lock); [ 88.941616][ T4595] lock(&sb->s_type->i_mutex_key#12); [ 88.949656][ T4595] lock(&mm->mmap_lock); [ 88.954024][ T4595] [ 88.954024][ T4595] *** DEADLOCK *** [ 88.954024][ T4595] [ 88.962188][ T4595] 3 locks held by syz.4.63/4595: [ 88.967151][ T4595] #0: ffff888028be40e8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2ae/0x360 [ 88.976434][ T4595] #1: ffff88807970c460 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x256/0x960 [ 88.985389][ T4595] #2: ffff888068b0f430 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0 [ 88.996786][ T4595] [ 88.996786][ T4595] stack backtrace: [ 89.002728][ T4595] CPU: 1 PID: 4595 Comm: syz.4.63 Not tainted syzkaller #0 [ 89.009979][ T4595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 89.020085][ T4595] Call Trace: [ 89.023399][ T4595] [ 89.026362][ T4595] dump_stack_lvl+0x168/0x22e [ 89.031086][ T4595] ? load_image+0x3b0/0x3b0 [ 89.035631][ T4595] ? show_regs_print_info+0x12/0x12 [ 89.040887][ T4595] ? print_circular_bug+0x12b/0x1a0 [ 89.046135][ T4595] check_noncircular+0x274/0x310 [ 89.051120][ T4595] ? add_chain_block+0x940/0x940 [ 89.056103][ T4595] ? lockdep_lock+0xdc/0x1e0 [ 89.060777][ T4595] ? _find_first_zero_bit+0xcf/0x100 [ 89.066108][ T4595] __lock_acquire+0x2cf8/0x7c50 [ 89.071019][ T4595] ? verify_lock_unused+0x140/0x140 [ 89.076261][ T4595] ? verify_lock_unused+0x140/0x140 [ 89.081506][ T4595] ? verify_lock_unused+0x140/0x140 [ 89.086802][ T4595] ? mark_lock+0x94/0x320 [ 89.091168][ T4595] lock_acquire+0x1b4/0x490 [ 89.095716][ T4595] ? mmap_read_lock_killable+0x1d/0x60 [ 89.101226][ T4595] ? read_lock_is_recursive+0x10/0x10 [ 89.106633][ T4595] ? cmp_ex_search+0x1a/0x70 [ 89.111255][ T4595] ? bsearch+0x8a/0xb0 [ 89.115360][ T4595] ? fault_in_readable+0x13e/0x1f0 [ 89.120509][ T4595] ? search_extable+0x8c/0xd0 [ 89.125225][ T4595] ? trim_init_extable+0x3b0/0x3b0 [ 89.130370][ T4595] ? mmap_read_lock_killable+0x1d/0x60 [ 89.135876][ T4595] down_read_killable+0x4c/0x340 [ 89.140854][ T4595] ? mmap_read_lock_killable+0x1d/0x60 [ 89.146361][ T4595] mmap_read_lock_killable+0x1d/0x60 [ 89.151701][ T4595] lock_mm_and_find_vma+0x2b1/0x2f0 [ 89.156946][ T4595] do_user_addr_fault+0x2db/0xb10 [ 89.161998][ T4595] ? _raw_spin_unlock_irq+0x1f/0x40 [ 89.167246][ T4595] exc_page_fault+0x60/0x100 [ 89.171873][ T4595] asm_exc_page_fault+0x22/0x30 [ 89.176761][ T4595] RIP: 0010:fault_in_readable+0x13e/0x1f0 [ 89.182520][ T4595] Code: 88 eb c4 ff 4d 89 f4 49 81 cc ff 0f 00 00 4d 89 f7 49 01 dc 49 81 e4 00 f0 ff ff 4d 39 e6 77 44 e8 67 eb c4 ff 4d 39 e7 74 47 <41> 8a 07 88 44 24 07 49 81 c7 00 10 00 00 4d 39 e7 74 07 e8 4a eb [ 89.202171][ T4595] RSP: 0018:ffffc90005a2fa90 EFLAGS: 00050287 [ 89.208271][ T4595] RAX: ffffffff81bbe4b9 RBX: 0000000000001000 RCX: 0000000000080000 [ 89.216269][ T4595] RDX: ffffc90006379000 RSI: 00000000000167c6 RDI: 00000000000167c7 [ 89.224316][ T4595] RBP: 0000000000000000 R08: ffff88802a085940 R09: 0000000000000002 [ 89.232318][ T4595] R10: 0000000000000006 R11: 0000000000000002 R12: 00002000000cc000 [ 89.240315][ T4595] R13: dffffc0000000000 R14: 00002000000cb000 R15: 00002000000cb000 [ 89.248323][ T4595] ? fault_in_readable+0x139/0x1f0 [ 89.253477][ T4595] fault_in_iov_iter_readable+0xbb/0x2e0 [ 89.259165][ T4595] generic_perform_write+0x1d2/0x560 [ 89.264505][ T4595] ? atime_needs_update+0x780/0x780 [ 89.269749][ T4595] ? generic_file_direct_write+0x660/0x660 [ 89.275605][ T4595] ? __file_remove_privs+0x5b0/0x5b0 [ 89.280916][ T4595] ? preempt_count_add+0x8d/0x190 [ 89.285976][ T4595] ? rwsem_write_trylock+0x12f/0x1b0 [ 89.291306][ T4595] ? clear_nonspinnable+0x60/0x60 [ 89.296370][ T4595] ? generic_write_checks_count+0x3d9/0x4c0 [ 89.302304][ T4595] __generic_file_write_iter+0x172/0x430 [ 89.307979][ T4595] generic_file_write_iter+0xab/0x2e0 [ 89.313420][ T4595] vfs_write+0x44c/0x960 [ 89.317714][ T4595] ? file_end_write+0x250/0x250 [ 89.322609][ T4595] ? __fget_files+0x44a/0x4d0 [ 89.327333][ T4595] ? __fdget_pos+0x2ae/0x360 [ 89.331949][ T4595] ? ksys_write+0x71/0x240 [ 89.336397][ T4595] ksys_write+0x143/0x240 [ 89.340774][ T4595] ? __ia32_sys_read+0x80/0x80 [ 89.345578][ T4595] ? lockdep_hardirqs_on+0x94/0x140 [ 89.350823][ T4595] do_syscall_64+0x4c/0xa0 [ 89.355292][ T4595] ? clear_bhb_loop+0x60/0xb0 [ 89.359996][ T4595] ? clear_bhb_loop+0x60/0xb0 [ 89.364708][ T4595] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 89.370711][ T4595] RIP: 0033:0x7fce6538ebe9 [ 89.375175][ T4595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.394833][ T4595] RSP: 002b:00007fce66236038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 89.403285][ T4595] RAX: ffffffffffffffda RBX: 00007fce655c5fa0 RCX: 00007fce6538ebe9 [ 89.411291][ T4595] RDX: 000000000208e24b RSI: 0000200000000000 RDI: 0000000000000004 [ 89.419287][ T4595] RBP: 00007fce65411e19 R08: 0000000000000000 R09: 0000000000000000 [ 89.427285][ T4595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.435282][ T4595] R13: 00007fce655c6038 R14: 00007fce655c5fa0 R15: 00007ffd597fb2d8 [ 89.443290][ T4595]