last executing test programs: 3.266145437s ago: executing program 2 (id=41): mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000240)='hugetlbfs\x00', 0x2200890, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$can_j1939(r1, &(0x7f00000000c0)={0x1d, r2}, 0x18) connect$can_j1939(r1, &(0x7f0000000140)={0x1d, r2, 0x0, {0x1, 0xf1, 0xa8fe8ad4eea2351f}, 0x2}, 0x18) sendmmsg(r1, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5) sendmsg$can_j1939(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)="11acb86277ae475d7ad9", 0xa}, 0x1, 0x0, 0x0, 0x400}, 0x20048880) connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x1, {0x2, 0xf0, 0x4}, 0xff}, 0x18) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200001}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r3, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x10}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r4) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r5, 0x890b, &(0x7f0000000c80)={0x0, @l2tp={0x2, 0x0, @rand_addr=0x640100fd, 0x1}, @phonet={0x23, 0x1, 0x8, 0x2}, @generic={0x2a, "85424c9251b9f4e60a7f4f9739ca"}, 0x800, 0x0, 0x0, 0x0, 0xff80, 0x0, 0x0, 0x80000000, 0x9}) close(r4) chdir(&(0x7f0000000000)='./file0/../file0/file0\x00') 1.962391196s ago: executing program 0 (id=59): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000280)={0x0, 0x0}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r5, 0x1000002, 0x13, r3, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000180)=@arm64={0x0, 0x4e, 0x5, '\x00', 0x4e}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.962217996s ago: executing program 1 (id=60): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_X86_SET_MSR_FILTER(r1, 0x4188aec6, &(0x7f0000000cc0)={0x1, [{0x1, 0x0, 0x76, 0x0}, {0x1, 0x10, 0x4004, &(0x7f0000000340)="b5d0"}, {0x0, 0x0, 0x7f, 0x0}, {0x1, 0x0, 0x208, 0x0}, {0x2, 0x0, 0xffff6f56, 0x0}, {0x3, 0x0, 0x8, 0x0}, {0x0, 0x0, 0x101, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x0, 0x0, 0x3, 0x0}, {0x0, 0x0, 0x2ff, 0x0}, {0x1, 0x0, 0x4ed, 0x0}, {0x0, 0x0, 0x11, 0x0}, {0x2, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xb, 0x0}, {0x2, 0x0, 0x0, 0x0}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{0x0, 0xeeef0000, 0xe, 0x0, 0x81, 0x4, 0xa, 0x4e, 0x0, 0x7, 0x6, 0x1}, {0x5000, 0xffff1000, 0x3, 0x5, 0xb, 0x8, 0xd, 0x3, 0x0, 0x81, 0x8, 0x1}, {0x5000, 0x0, 0xd, 0x7, 0x3, 0x1, 0x20, 0xf, 0x8, 0x6, 0x2}, {0xffff1000, 0xd5dd0000, 0xe, 0x2, 0x1, 0x3, 0xc, 0x0, 0x1, 0x6, 0x4, 0x9}, {0x100002, 0xeeee8000, 0x9, 0x0, 0x80, 0xee, 0x0, 0x7, 0x7c, 0x0, 0xe, 0x9}, {0x3000, 0x4, 0x8, 0x1, 0x5, 0x4, 0x1, 0x1, 0x6, 0x86, 0x8, 0x2}, {0xeeee8000, 0xeeee0000, 0xc, 0x7, 0x7, 0x3, 0x1d, 0x47, 0x30, 0x2, 0x8, 0xe1}, {0xf000, 0x2, 0xc, 0xf8, 0xfd, 0xa, 0x2, 0x4, 0x3, 0x8, 0x5, 0xce}, {0x4, 0x7}, {0x6000, 0x5}, 0x27, 0x0, 0x0, 0x40, 0x7, 0x1000, 0xd000, [0x3, 0x8001, 0x8]}) 1.800076885s ago: executing program 2 (id=62): syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f00000006c0)=[@rdmsr={0x66, 0x18, {0x292}}], 0x18}) openat$kvm(0xffffffffffffff9c, 0x0, 0x8000, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xbf2, 0xed}]}) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x9, 0x0, 0x400, 0x80, 0x89, 0x0, 0x8, 0x8d], 0x100000, 0x240046}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x5000, 0xc, 0x6, 0x4, 0xa, 0x5, 0xa, 0x0, 0x1, 0xd, 0x3}, {0x2, 0x80a0000, 0xe, 0x13, 0x1, 0x8, 0x3, 0x8, 0x0, 0x46, 0x2}, {0x7000, 0x3000, 0x4, 0xf, 0x5, 0x1, 0xc3, 0x6, 0x3, 0x6, 0x5, 0x7}, {0x0, 0x0, 0xd, 0xc, 0x7f, 0x6, 0x2, 0x7f, 0x9, 0x2, 0x1, 0x6}, {0x10000, 0x10000, 0x0, 0xd, 0x59, 0x2d, 0x5, 0x7, 0xfc, 0x0, 0xf8, 0xe5}, {0x3000, 0x8092000, 0x8, 0xbd, 0x6, 0x10, 0x10, 0x1, 0xbf, 0x1a, 0x8, 0x4}, {0x8000000, 0xeeee8000, 0xc, 0x9, 0x0, 0xf, 0x7, 0x3, 0x6, 0x0, 0x2, 0x8}, {0xdddd0000, 0xffff, 0x8, 0x4, 0x7, 0x8, 0x0, 0xf9, 0x1, 0x8, 0x0, 0xfe}, {0xeeef0000, 0xedd8}, {0xffff1000, 0x17}, 0x0, 0x0, 0x3000, 0x0, 0x100000002, 0x800, 0xb000, [0x200000000000005, 0x4, 0x7, 0x7]}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000010c0)={[0x60000000003, 0x11, 0x400000000001, 0xe, 0x2000001, 0x0, 0x2004cb, 0xa000000000000000, 0xffff, 0xfffffffffffffff7, 0x5, 0xffffffffffffffff, 0x7fffffffffffffff, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffc], 0x1, 0x202}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1.677190462s ago: executing program 0 (id=64): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42002, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, 0x0}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000800000/0x800000)=nil, r5, 0x7000009, 0xc3872, 0xffffffffffffffff, 0x1000000) mmap$KVM_VCPU(&(0x7f0000a94000/0x1000)=nil, 0x930, 0x100000c, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x2, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.646502126s ago: executing program 4 (id=65): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101600, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x18) 1.590365035s ago: executing program 1 (id=66): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bff000/0x400000)=nil) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, 0x0}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000200)={{0x2, 0x1, 0xe, 0x1, 0x8, 0x9, 0x6, 0x1, 0x0, 0x3, 0x5, 0xeb}, {0x3000, 0x80a0000, 0xa, 0xe, 0x5, 0x5, 0x4, 0x14, 0x4, 0x5, 0x0, 0x3}, {0x2000, 0x102f8000, 0xb, 0x8, 0x6, 0x7, 0x81, 0x3, 0x80, 0x1, 0xe, 0x70}, {0xeeef0000, 0x6000, 0x0, 0xfe, 0x6, 0x9, 0xc3, 0x0, 0x0, 0x0, 0x80, 0xe}, {0x2, 0xeeee0000, 0xa, 0xff, 0x8, 0x9, 0x6, 0x7, 0x6, 0x6, 0x4, 0xfc}, {0x10d000, 0x0, 0x9, 0xb9, 0x6, 0x5, 0x42, 0x6, 0x7, 0x1, 0x0, 0xd}, {0xdddd1000, 0x0, 0x4, 0x1, 0xa, 0x8, 0x4, 0x63, 0x2, 0x1, 0x1, 0xd}, {0xffff1000, 0xdddd0000, 0xa, 0x21, 0xc, 0x8, 0x9, 0x4a, 0x81, 0x8, 0x43, 0x3}, {0xeeee0000, 0x5}, {0xffff1000}, 0x0, 0x0, 0xeeef0000, 0x150690, 0x0, 0x8000, 0xeeee0c00, [0x1, 0x1004, 0x4, 0x5]}) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000380)={"07c0ba07dfad95978135e3760ed9b3f729177f22ef3341193dafee273ebb40d0b7ba9f08b03595651250b58a6c17a1c7644714cb9afc8165176e1fa6ed0a9ebd573750e10be620de51a9e7ab4b6c2be39bd6f2db2d3d4803ae0c76b1281b410b94aa9cdb59dd3644ea59ef0b14ad45c9c1722909931a956a5678449ac264a1801e6287ac28bfba15768350ae1900644905527369c5197475518cd353ccf1ce4bd28466b4d6be8435ac1ab5f5fa6803d8aa6c0ad9e574e6a2dda3720e6d5247ca3c9201885e192ee6dfc0158c93f0c31bf47e102d1e1be094e70b0859258e6bcc53646410de7e23d634dfe9fde0246c8b5e7b823b273b8750968b97c06fa9418d664fc130d97b969772cfe69b3d7bf0e8d00e8c959759e5c76f6ad29ea58ee57c902c45ecacac9e8b245c7b7745833e54815712e545fca1e0032f9367e6507ed27d7d61878d6d6b9869891200445cbb0d38d2165b665a3f85d2e3a5f6d61e64f8e07d459402d94ed69030a83cb72b343f0e326042135eef73fd43f7eaf43d3f5735bedc2ba41dd5da7d37c9cdfa6c89a8562585261f7dfc3d2c3901f56283c6e98f8cd52fe192193e09cf96784caddf4431daa47ee8aea6f8c7b700ae9958b7d5a7afb7f6782174a1b15aae513856e72cf94e49ea99d4f33dd9723ca1a5905ce56655ab74d51e83ff9028a08b95d9f303df7e5580047aaacda49ef6fa415a9b998c320f6e3e4a872e1867cfa3840060263588be66d91a31856beda7e0b7ee02fa436d5561d0408212c5cb65c601d7250c9bd78c771494ab3934ef22c62cbd11f1215b267e1610bfc0a95d7ad9b6705ae0d5b4b283ae7a8b40baf20d658522f6c2cef2daf608fcf1c0bab659b4cf8a168e0f5f9f34c844f38c867f57e6f7f7fcecfaae3b1178a8c301c4b2cd64019604a49e498a77282582ed499ddeb7d7982ae0dfa606910c3f5b4de614e44d628e6661bf8168026c2995c74a8081bf948eb974efcdb5fe5c1ff29051b7c3145bde217948d0b84b110d8ccb19f5f471b6d9d7068f81fb72aa53e969c02a2056a10ada6138dabe708e4994d58c647b6c7d6425c68746322b3f89b056e85a93f06244324605960cf4e325ed64d28b753cf6ccca9db836111d7f0700114580793ad07b0af678549a747cb1d4691ecd248b546ca4797000e86af5376bdf181ded02eb9948706ca4964eba9d61554c411eea82f8fdc13097e58cff4511fd0fa18e4ae1760bc7d05b88724fedc4602b8d55ff42b506a6bb544b4ce166d017e901f69d6a364b7d440c93810e1a88c631571ab3b580688221ffd017e494beec765b9e231392a662b3f5016deb4cc42e318c0abb6bc68647df04166adcbb0026f7f2bc38eac9cec8a74f10c85c4b92efd348a1b8519a35563824fc5c69e7e70a03e3c2eedd3f822d2b15a81aefa69116a3c21f83d967f469"}) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000800)={0x1, 0x0, [{0x40000095, 0x0, 0x71e95c3c}]}) 1.500246208s ago: executing program 4 (id=68): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000000)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x40000071, 0x0, 0xff0000000003fffd}]}) 1.374410804s ago: executing program 0 (id=69): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x42042, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x25000, 0x108000}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x10000000000004, 0x2000000000069, 0x8, 0x2, 0x2000003, 0x2e3, 0x16, 0x2000000000008, 0x8f, 0x2, 0x1000000003, 0x80000002, 0x400, 0x400000037, 0x40000000002, 0x1000], 0x8201000, 0x2880}) syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x200000d, 0x19831, 0xffffffffffffffff, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000540)={0x58000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.357002921s ago: executing program 3 (id=70): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = eventfd2(0x10, 0x80000) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000001c0)={0x4, 0x1000, 0x4, r3, 0x1}) ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f00000002c0)={0xb0000, 0x0, {[0x8000000000000000, 0xff, 0xfffffffffffffffc, 0xffffffffffffff70, 0x1, 0x1, 0x9, 0xa]}}) 1.260200302s ago: executing program 4 (id=71): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000100)={0x2, 0x0, 0xb}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000180)={0x1, 0x0, [{0x291, 0x0, 0x1}]}) 1.190406248s ago: executing program 2 (id=72): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000280)={0x0, &(0x7f0000000040)=[@code={0xa, 0x65, {"b9030100c00f32b904000000c461b9dd0764660f3882820058000066450ff7ecf044093966baf80cb86ab0d68d66bafc0c66edc421845ef366bad00466baf80cb8665abb89ef66bafc0c66ed430f01f86644def0"}}], 0x65}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00000001c0)={0x1, 0x0, [{0xc0000001, 0x2, 0xf, 0x0, 0x4, 0x81, 0x5}]}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000bfe000/0x400000)=nil) syz_kvm_add_vcpu$x86(r6, &(0x7f0000000280)={0x0, &(0x7f00000000c0)=[@wrmsr={0x65, 0x20, {0x10b, 0xe50c}}], 0x20}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.152075431s ago: executing program 3 (id=73): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x2200, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x83f, 0x0, 0x2}]}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000140)={[0x2, 0x400000000009, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1002, 0x38d, 0x0, 0xfffffffffffffffc, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x93, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.102475462s ago: executing program 1 (id=74): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@cpuid={0x64, 0x18, {0xfffffff9, 0x7}}], 0x18}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000180)={0x3e, 0x0, [{0x0, 0x4950, 0x5, 0x0, 0x6, 0xb, 0xfffffe00}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.030028567s ago: executing program 0 (id=75): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f0000000f40)=[@wrmsr={0x65, 0x20, {0x40000094}}], 0x20}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000180)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x2, 0x4000080}]}) ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r3, 0x4068aea3, &(0x7f00000000c0)={0xc7, 0x0, 0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 966.339275ms ago: executing program 4 (id=76): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x40900, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2) r4 = eventfd2(0x7, 0x800) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000100)={r4, 0x8}) ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000000)={0x1d0003, 0x0, {[0x76970ffc, 0xa, 0x1, 0x3, 0xa6f, 0x3, 0x2, 0x4]}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x482, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xbf2, 0xed}]}) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000000)=0x5000) r5 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x9, 0x0, 0x400, 0x80, 0x89, 0x0, 0x8, 0x8d], 0x100000, 0x240046}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x140, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r10, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x5000, 0xc, 0x6, 0x0, 0xa, 0x5, 0xa, 0x0, 0x1, 0xd, 0x3}, {0x2, 0x80a0000, 0xe, 0x13, 0x1, 0x8, 0x3, 0x8, 0x0, 0x46, 0x2}, {0x7000, 0x3000, 0x4, 0xf, 0x5, 0x1, 0xc3, 0x6, 0x3, 0x6, 0x5, 0x7}, {0x25000, 0x0, 0xd, 0xc, 0x7f, 0x6, 0x2, 0x7f, 0x9, 0x2, 0x1, 0x6}, {0xd000, 0x10000, 0x0, 0xd, 0x59, 0x3d, 0x5, 0x7, 0xfc, 0x0, 0xf8, 0xe5}, {0x3000, 0x8092000, 0xe, 0xbd, 0x60, 0x10, 0x10, 0x1, 0xbf, 0x1a, 0x8, 0x4}, {0x8000000, 0xeeee8000, 0xc, 0x9, 0x0, 0xf, 0x7, 0x3, 0x6, 0x10, 0x2, 0x8}, {0xdddd0000, 0xffff, 0x8, 0x4, 0x7, 0x8, 0x0, 0xf9, 0x1, 0x8, 0x0, 0xfe}, {0x1, 0xedd8}, {0xffff1000, 0x17}, 0x0, 0x0, 0x3000, 0x0, 0x100000002, 0x800, 0xb000, [0x200000000000005, 0x4, 0x7, 0x7]}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f00000010c0)={[0x60000000003, 0x11, 0x400000000002, 0xe, 0x2000001, 0x0, 0x2004cb, 0xa000000000000000, 0xffff, 0xfffffffffffffff7, 0x5, 0xffffffffffffffff, 0x7fffffffffffffff, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffc], 0x1, 0x202}) ioctl$KVM_RUN(r10, 0xae80, 0x0) 866.000916ms ago: executing program 2 (id=77): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000040)={0x0, 0x0}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x9, 0x5, 0x87, 0x7, 0x2, 0x5c, 0x406cb, 0x800005a2, 0x7, 0xc, 0x40092, 0x5f9e, 0xadd, 0xffffffff869dbebc, 0x10, 0x8263], 0x7000, 0x290985}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 862.886895ms ago: executing program 3 (id=78): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000180)={0x1, 0x0, [{0x288, 0x0, 0x7}]}) 726.321759ms ago: executing program 0 (id=79): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x2, 0x9, 0x6, 0x4, 0xa, 0x3, 0xe, 0x0, 0x1, 0xc, 0x3}, {0x2, 0x3000, 0x8, 0x13, 0x1, 0x8, 0xa2, 0x8, 0x0, 0x4a, 0x2}, {0x2, 0x5001, 0x4, 0xf, 0x5, 0x7, 0xc3, 0x6, 0x3, 0x46, 0x5, 0x3}, {0x60000, 0x0, 0x1a, 0xc, 0x7f, 0x6, 0x8, 0x7f, 0x9, 0x2, 0x1, 0x6}, {0x1, 0x58000, 0x0, 0xd, 0x59, 0x2d, 0x5, 0x5, 0xfc, 0x0, 0xf8, 0xe5}, {0x2, 0x8092000, 0x8, 0xbd, 0x6, 0x6, 0x10, 0x1, 0xbf, 0x18, 0xff, 0x4}, {0x5000, 0xe000, 0xc, 0x9, 0xc9, 0xf, 0x10, 0x5, 0x8, 0x0, 0x80}, {0xdddd0000, 0x30000, 0x10, 0x4, 0x2, 0x0, 0x0, 0xf9, 0x8, 0x8, 0x3, 0xfe}, {0x1, 0x6}, {0xffff1000, 0x17}, 0x40019, 0x0, 0xd000, 0x0, 0x100000002, 0xa100, 0x54000, [0x9, 0x4, 0x9, 0x7]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000010c0)={[0x60000000003, 0x1000000000, 0x0, 0x10, 0x2000001, 0x0, 0x2004cb, 0xa000000000000000, 0xffff, 0xfffffffffffffffb, 0x5, 0xffffffffffffffff, 0x7fffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc], 0x1, 0x202}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000800)=[@nested_intel_vmwrite_mask={0x154, 0x38, {0x0, @guest32=0x4804, 0x100, 0x101, 0x8}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @control_area=0x3, 0x1441, 0x9, 0x1}}, @in_dx={0x69, 0x20, {0xdc20, 0x6}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x0, @control_area=0x21, 0x8, 0xffffffff, 0x8}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x1, @save_area=0x4c0, 0x4, 0x8, 0x6}}, @cpuid={0x64, 0x18, {0x7288, 0x5}}, @enable_nested={0x12c, 0x18}, @uexit={0x0, 0x18, 0x4fd}, @code={0xa, 0x5c, {"48b80000c0fe000000000f23c80f21f8350400b0000f23f8420f01c9c4217e166f68650f0766ba4300ec64660f38822366b842008ec00f01df0f0f91e30000000d66ba4200b800000000ef"}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x2, @host32=0x4c00, 0x400, 0x2, 0x304d59cc}}, @wrmsr={0x65, 0x20, {0x5e5, 0x2}}, @nested_vmresume={0x130, 0x18, 0x1}, @uexit={0x0, 0x18, 0x8}, @nested_create_vm={0x12d, 0x18, 0x3}, @enable_nested={0x12c, 0x18}, @enable_nested={0x12c, 0x18}, @wrmsr={0x65, 0x20, {0x2f4, 0xfffffffffffffffd}}, @rdmsr={0x66, 0x18, {0x828}}, @in_dx={0x69, 0x20, {0xb3c5, 0x3}}, @nested_create_vm={0x12d, 0x18, 0x2}, @in_dx={0x69, 0x20, {0xa3a7, 0x2}}, @in_dx={0x69, 0x20, {0x3b9c, 0x4}}, @rdmsr={0x66, 0x18, {0xafa}}, @nested_vmresume={0x130, 0x18}], 0x354}) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, &(0x7f0000000240), 0x0}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 721.269328ms ago: executing program 3 (id=80): openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x8000, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x1bc, 0x6, 0x8, 0xf220, 0x2, 0x5, 0x9, 0x6, 0xffff, 0x7, 0x924, 0x0, 0x3, 0x117400d7, 0x3, 0x5], 0x80a0000, 0x100}) ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xd53}) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x7, 0x1, 0x1, 0x1, 0x624, 0x7, 0x8001}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x470f}]}) r3 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f00000003c0)={"61382f4fa5610cd5ecc1b91437afcab47073c95c905681914d5c4b938fb17f177947696a3caa171f53819137b5ee7f5c43d2f51f585aedcd0d9f5b3ce225f18f19a1e3b9c99f088b55897b08062fd8d5edee66ba42e476fced778cef809d3166e3fadbe14937105fadb00c3b501ab5321624892299496e0cce552e4aab8b92d9e2f7058aceafc24973c6c66e55441131f9a9afe74baae65a2cf4f1145cc2fd2d72f5dac78fdbf95b5e34b3bb973b7c170c5bb84c6bd8ae19be7ee40cf2fa444d09b50cd8c7d2cfba26acf480643a7291d214687b21e78d651d92d39e4fe451e0f08d865b4d44b506ce84ee3466a58c8257f812e5134ca0b083d29e87b4720e88416f76fb29da379d67104ada3f7fbbfc32b91442d1377dbcff7005ac1123389f477b522d024507306f21bcd680082b1ea039268e7da39240f51574ee907cb44b8e71deb2d3d888e5f2ac8b6bd4311e1ba3aacf3f6429979c0a90420af001058ca072cf60cd8b268b402fe6c1619a9b3a507331acfb957d722a6519f0889f0882d6d7aeea93905af81e1489c48589e39ef8b02859eba9861f2f3bf9049e99d9e8d92b073cc4108b2bc3d1719c6819cf1d5aa6f70bf06d56de55f7a0ff663deb6b8781ae21bcfc2bd99dc5f779505b0e8deb89b79920618bf279d8a050105a1560a88c7fc3f274ee5f52041af43446ebfc1205966d8010544fa41edefa778d3453af29697dd2b80f57aba088b798aeb6d821045ec3f8b8ed9ebbdc89205f7643bf3d8f0ed7cf17c96e32025c86f17f5c78262026cddc9131ce0b588530ea990526b369d830611ec41ab118f8f6de4a32299be9e0ed9795647284f1d27a4fc06f8053d2f974a070fe835ec4a479babab575ff69cf5fb74f1d73e88bc27572e0b21481badd6e5613b4d0f4bb9dcede08fc4c55ccf60644815d689879516bea7618fc40db69f1f8f335dca9aa440034766fc6d63fe54a203a0d78a350c0f23a9a80b3183688414201cc048e6233f11a1c6f028f11a3486b2a09fa2fcc0fa204e334f184f0148548e3abffb94047f694228b0e0a5874ca6dd8ce1b54441877b731745df2edcc26487a6cb38357da7536f3a541af6776d45581d2cdd58fac7bb2ddfcc08d2ddc2695c872144aaf5ced5bd10816d4a60a2fbf5c7ce60106a0ac6b42604d05ad7c74119197ff53f98cebd6771c5d1ec64eeb7d02cf47ed4f9fad68edd2749811e509c8cf33cc83cecc12fa0bbca1396815cbac1e2dfef46371b69df259fdf15197d1a4be808d95a462427d9dff534ea7485b11e953aae568aa2d4b92538bbd337ecadfcc66501424e4259d0892bba60f1ace1a9090406cebb5340139030f39a5a0b3d547c54ea78912218cd5d4d1264ae384d6bf73f66aa752bc91229e46d93dfb37d8c522270eb990952ce7822da1ac4aff2fcf02da3ab344e6906e0a65"}) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r5, 0x4068aea3, &(0x7f0000000100)) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xffffffffffffffed, 0x0, 0x1000000000001, 0x4000000000000, 0x4002004c8, 0x1007, 0x1, 0xc595, 0x5, 0x1, 0x3ff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x8080000, 0xc, 0x6, 0x4, 0xa, 0x1, 0x8e, 0x0, 0x1, 0xc, 0x3}, {0x1000, 0x3000, 0xe, 0x13, 0x1, 0x8, 0x7, 0x8, 0xe8, 0x42, 0x2}, {0x2, 0x30000, 0xf, 0x12, 0x5, 0x6, 0xc3, 0x6, 0x0, 0x6, 0x5, 0xb}, {0x2, 0x0, 0x1a, 0xc, 0x7f, 0x6, 0x8, 0x7f, 0x5, 0x2, 0x1, 0x6}, {0x1, 0x8000000, 0xe, 0xd, 0x59, 0x2d, 0x5, 0xc, 0xc, 0x0, 0xf8, 0xe5}, {0x3000, 0x373ae001, 0x9a62ad126b37faa6, 0xbe, 0x6, 0x9, 0x10, 0x1, 0xbf, 0x18, 0x2, 0x4}, {0x5000, 0x8000000, 0x4, 0x9, 0x0, 0x2, 0x14, 0x3, 0x8, 0x4, 0x80, 0xc}, {0xe000, 0xeeee0000, 0x10, 0x4, 0x64, 0x8, 0x0, 0xf9, 0x1, 0x8, 0x0, 0xfe}, {0x2, 0xedd8}, {0xffff1000, 0x17}, 0x10, 0x0, 0x100000, 0x202, 0x100000002, 0x0, 0x2000, [0x5, 0x0, 0x4000000000000009, 0x3]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000010c0)={[0x87, 0x2001000000000, 0x0, 0x10, 0x2000001, 0x0, 0x351, 0xa000000000000000, 0xffff, 0xfffffffffffffffb, 0x5, 0xffffffffffffffff, 0x7ffffffffffffffd, 0x5, 0x0, 0xffffffffffff7ffc], 0x1, 0x202}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 715.886427ms ago: executing program 1 (id=81): ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x2, 0x1, 0x0, @sint={0x101, 0x8}}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x5000, 0xc, 0x6, 0xf8, 0xa, 0x5, 0xd, 0x0, 0x1, 0xc}, {0x2, 0x3000, 0x3, 0x13, 0x1, 0x8, 0x3, 0x8, 0x0, 0x46, 0x2}, {0xf000, 0x5001, 0xb, 0xf, 0x5, 0x3, 0xc3, 0x6, 0x3, 0x6, 0x4, 0x5}, {0x3000, 0x4000, 0x1a, 0xc, 0x7f, 0x6, 0x8, 0x7e, 0x9, 0x2, 0x1, 0x2}, {0xf000, 0x4000, 0x0, 0xd, 0x59, 0x2d, 0x5, 0x3, 0xfc, 0x20, 0xf8, 0xe5}, {0x25000, 0x8092000, 0xb, 0xbd, 0x6, 0x10, 0x10, 0x1, 0xbf, 0x18, 0x6, 0x3}, {0xeeef0000, 0xeeee8000, 0xd, 0x9, 0x0, 0xf, 0x10, 0x3, 0x8, 0x1, 0x2, 0x8}, {0xdddd0000, 0x4, 0x10, 0x8c, 0x7, 0x3, 0x0, 0xf9, 0x1, 0x8, 0x0, 0xfe}, {0x40000, 0xedda}, {0xffff1000, 0x17}, 0x40019, 0x0, 0x2, 0x0, 0x100000002, 0x2100, 0xdddd1000, [0x5, 0x6, 0xc000000002000009, 0x7]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000010c0)={[0x60000000004, 0x1000000000, 0x5, 0x10, 0x3, 0x1000, 0x2004cb, 0xa000000000000000, 0xca6, 0xfffffffffffffff7, 0x0, 0xffffffffffffffff, 0x7fffffffffffffff, 0xfffffffffffffffa, 0x5, 0xffffffffffffffff], 0x1, 0x3a281}) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000200)=[@in_dx={0x69, 0x20, {0x7f59, 0x2}}], 0x20}) r3 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x2200, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x83f, 0x0, 0x2}]}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000140)={[0x2, 0x400000000009, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1002, 0x38d, 0x0, 0xfffffffffffffffc, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x93, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 460.479029ms ago: executing program 4 (id=82): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000040)=0x4) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000080)={0x4, 0xbde, 0x0, &(0x7f0000000180)="a1984ec3aec3fc2e025f90eda6dbc903939aac644fd36f1e65174cae030c42cbacc392851a695f247112e91f059460a2c031929dc0515ac7cd20775ff9da9c2b6cb48968dcd6d8d982c492932c572f084d3af58650d207eec0794b3e47c5678c36b99eed61e1dbac68ce8a79aa21a51202018bdc4a51489844f785887083841d65c129992bbe5a51c71b95a9847d2bdede66c6e3184c386faf938fd6db888e73a5c0dcc69c3de7458e68ed33226a8d1c8e", 0x0, 0xb1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x8, 0xc5, 0x0, 0x40, 0x4b, 0x4, 0x6, 0x1, 0xf8, 0x0, 0x1, 0x0, 0x3, 0x6, 0x6, 0x9, 0x4, 0xfe, '\x00', 0x7, 0x4}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000040)}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x40, 0x5, 0x41, 0x2000000, 0x0, 0x2004ca, 0x0, 0xa1d, 0x68ff, 0x5, 0xffff, 0x3, 0xa], 0x10000, 0x2c000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 460.337239ms ago: executing program 2 (id=83): ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x2, 0x2000000000069, 0x8000000000000001, 0x2, 0x3, 0x2e3, 0x16, 0x8, 0x8f, 0x3, 0x3, 0x80000002, 0x10001, 0x5, 0xfffffffffffffff7, 0x1000], 0x8001000, 0x12884}) ioctl$KVM_CAP_DISABLE_QUIRKS2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xd5, 0x0, 0x1}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x4, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x1) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x10000, 0xeeee0000, 0x8, 0x1, 0x0, 0xfd, 0x0, 0x20}, {0x0, 0x2000, 0x10, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5}, {0x3000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4}, {0x10000, 0xffff1000, 0xa, 0x0, 0x0, 0x8, 0x0, 0x4, 0x80}, {0xc000, 0xffff1000, 0xf, 0x2, 0xfe, 0x10, 0x6, 0x0, 0x58, 0x8, 0x4}, {0x0, 0x8000000, 0xb, 0x0, 0x0, 0xfd, 0xfc, 0x0, 0x0, 0x5, 0x36}, {0xe000, 0x100000, 0x4, 0x8, 0x80, 0xfb, 0x0, 0x7, 0x1a, 0x2, 0x0, 0x8}, {0x0, 0x3000, 0x0, 0x2, 0x0, 0x54, 0x7, 0xfd, 0x0, 0x0, 0x7, 0x5}, {0x2000, 0x400}, {0x0, 0xfffd}, 0xddf8ffdb, 0x0, 0x1, 0x120, 0x8, 0x8000, 0x2000, [0xdd41, 0x0, 0x2]}) 376.112832ms ago: executing program 1 (id=84): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) r4 = eventfd2(0x70, 0x0) close(r4) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) write$eventfd(r4, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) r5 = eventfd2(0x0, 0x0) r6 = eventfd2(0x0, 0x0) close(r6) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0c82, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, 0x930, 0x2000004, 0x2011, r6, 0x0) close(r5) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) 332.493674ms ago: executing program 0 (id=85): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x2, 0x1) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x5, 0x5000, 0x1, r2, 0x8}) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0x1, 0x87, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24660f38816810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f21f835030009000f23f8450f2244c4417c50cc"}}], 0x87}) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, 0x0, 0x0}) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x7, 0x1, 0x1, 0x1, 0x624, 0x7, 0x8001}]}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x470f}]}) r6 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xffffffffffffffed, 0x0, 0x1000000000001, 0x4000000000000, 0x4002004c8, 0x1007, 0x1, 0xc595, 0x5, 0x1, 0x3ff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x8080000, 0xc, 0x6, 0x4, 0xa, 0x1, 0xe, 0x0, 0x1, 0xc, 0x3}, {0x1000, 0x3000, 0xe, 0x13, 0x1, 0x8, 0x7, 0x8, 0xe8, 0x42, 0x2}, {0x2, 0x5001, 0xf, 0xf, 0x5, 0x6, 0xc3, 0x6, 0x3, 0x6, 0x5, 0xb}, {0x2, 0x0, 0x1a, 0xc, 0x7f, 0x6, 0x8, 0x7f, 0x5, 0x2, 0x1, 0x6}, {0x1, 0x8000000, 0xe, 0xd, 0x59, 0x2d, 0x5, 0xc, 0xfc, 0x0, 0xf8, 0xe5}, {0x2, 0x373ae001, 0x9a62ad126b37faa6, 0xbe, 0x6, 0x9, 0x10, 0x1, 0xbf, 0x18, 0x2, 0x4}, {0x5000, 0x8000000, 0x4, 0x9, 0x0, 0x2, 0x10, 0x3, 0x8, 0x4, 0x80, 0xc}, {0xe000, 0xeeee0000, 0x10, 0x4, 0x64, 0x8, 0x0, 0xf9, 0x1, 0x8, 0x0, 0xfe}, {0x2, 0xedd8}, {0xffff1000, 0x17}, 0x40010, 0x0, 0x100000, 0x202, 0x100000002, 0x0, 0x2000, [0x5, 0x0, 0x4000000000000009, 0x3]}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000010c0)={[0x87, 0x2001000000000, 0x0, 0x10, 0x2000001, 0x0, 0x351, 0xa000000000000000, 0xffff, 0xfffffffffffffffb, 0x5, 0xffffffffffffffff, 0x7fffffffff7ffffd, 0x5, 0x7, 0xffffffffffff7ffc], 0x1, 0x202}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 201.952129ms ago: executing program 4 (id=86): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000280)={0x0, &(0x7f0000000100)=[@code={0xa, 0x58, {"b805000000b9040000000f01d9c461b9dd0764660f3882820058000066450ff7ecf044093966baf80cb86ab0d68def66bafc0c66edc421845ef366bad004ec430f01f86644def0"}}], 0x58}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r5, 0xc008aeba, &(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) syz_kvm_add_vcpu$x86(0x0, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20002, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r7, 0x1000002, 0x13, r3, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x109802, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$x86(r10, &(0x7f0000bfe000/0x400000)=nil) r12 = syz_kvm_add_vcpu$x86(r11, &(0x7f0000000280)={0x0, &(0x7f0000000340)=[@code={0xa, 0x65, {"b805000000b904000000c4c2fd32aa91000000c461b9dd0764660f3882820058000066450ff7ecf044093966baf80cb86ab0d68def66bafc0c66edc421845ef366bad004ec3e26654e0fc79a512900006644def0"}}], 0x65}) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r13, 0x1000002, 0x13, r12, 0x0) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$eventfd(r14, 0x0, 0x0) write$eventfd(r8, &(0x7f00000002c0)=0xfffffffffffff800, 0x8) 201.785879ms ago: executing program 3 (id=87): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r1, 0xc008aeba, &(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) ioctl$KVM_MEMORY_ENCRYPT_REG_REGION(r1, 0x8010aebb, &(0x7f0000000100)={0x70000, 0x14000}) 201.679189ms ago: executing program 1 (id=88): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xd53}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000800)={"49841ada71cfe011e10532489ef0a3127f9f67568978975321ebdb7108d333a8df648f920da594ae3a327a3f1292465c016dbc5261414bd85acd87473d61390f4bbded57a902b5deb9c23c641914f6b147db6146e946ce31b52ff43219cbc1574ebc8f47d0d2a02b89dc02c49f25471af4f2435dd40d0481fe6f0124e4aa9849c9b8358074976ba0dd502c77e65623e41c8ce041fe7058274e54be3d84f5aa382e9032df7a279d491a51e7480061ebb983305b23e584f6b47af6d615b2f0a1dc1f000000000000176472ebbd1021d2eb285ff99ea7601c4e25ecd4c055c59c3964e30b2f8567d69324b6828cc0e9c3528f1f4e27527d98bca370c165bfd88348ca0eb405029367247b738c6cce89e3efd4479d8f2fc7dbd015046860acb8a71106b920b09e661065bf765a03317feb4f54d4382ac41850982313319363b14557a5b8a18d60e425b3db6bcd35b03c810c9d398c9d91902878258419a4b02fc4bdc3b69da6c5c27f5a507005a24a3fef74f0b287c3a4cd1517537dc8cf5cf0efd75c11e803e972ecc24c500cc49001f231f74f7120f55004d5621655ba535c8c8a91d2fec5656526974aef9f08d835f6c3c7c570d047312da759708349121ee9f7078926baa412b4ae8076f6b7f2bf46ffe08878e0281bb42ace8eca796933daf7f65530e30eb6b0695a450e50aea20fcabb5fca187f8ee62b93dee581774cefb953b396e5b8a1e3cc1062b001082aa5a434d9f03407c4239d0fcb779eba5a32f473d142ac92042c12140f12a0181a4d98a0a5a1c80de2363a80dfc365d26e0332ee63e84500f086fffded2d72500cfb5b3b16aefef5d5808f29e1c572df8af9ca90b714fe6c71a1097e58ccb7945341445d2a0c271f5d15a1462be10d757de7cfd980459469387c5049cebcdb62a24cf04418634944354b4690d4974a26ca113eefe5a71b23aa2fbd989f7b6fcf490ed465f219e70b3397dbc63e21b9d3998c4580570c40a2e75cb6845b34236f5a38dde94ae6fac7a994b21e829bdb618b0910b71608ed7893bc927afa06b1d08d18f684d7972e5467ddfebe1982924658db3e5aee3e443f1cd7017d7a27e6e2620673e9afd67c69ae555ec3e67863f1a9ac7d653d38125f51db870ffa8887c08c455a536d70ea0cae525218e8d06865b553b17bacd52630e4765af1036c834e96c193523d8b3bc399ac296fbe53ed4bd454c669f01cb0915cf9fc03b54d93fbc37ace112d4643c64842b60ee6b979703b6448fe7ddaab8d2fc2d417a12f138d61cc3ca311aa09adbad1a0647a62208ca7f9f2a9e6a6c42e6ae926b15d094886a7d6ae787c8238ab4c235541b1432b9e9407d18a0399dfa98b8ee84ccbe16bf8c30e7cf7071ab10eb8ffb0334d2b91135e3294efd14dd06db46be1032a472cdd54bd015f2937fe3d7d691fa9d0b55a0d5d17a9"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000300)={"25537ae1bc735ba5fc22a953f25ed9c7a8e034969f46ede37a8df037309fc1f901f0b656c10a7ae3c693f9013f70988dabe24b25951ec209a9663f3bfd140e1ca638b4cb6e1fa422031bfafb87a6cdb1df660b4072a7d7d07c779f418540254ed99098ca7a620ac9584e645b0b3125482490687ec35c2eb893fee98ed3ac74df3338bf23745a50688b35e4729802e5ee45ae609d90e28d5268d57d80b58bc30031aecaa6d49cc7f1a0cb954873c095b3564518fe75bcb413f0d29949ae5f5c10b2d94c77290d12c73d6d4b06606890c1c54ed4e7cc7d039dd5ba640fa34fffdefceae4e5d8f89bb8c383098e9049f92c7333f083b3cf595b7e5bac6ed572d1228774de5a2d61fb8e3e833ca025d230815e3b8d8bd7be924b838ced0fcb3565dfb3e2325db647b91dfb2dc830046df13e95f29b212b511a4b442bc41a3a74b2e4691baa83c264c6a416408ee26bdac7a4c05b8df1b5ee135a46355722651aeb7864f1d31f98e4cf56555d5da354bdeca22abaeb281d0738f0be581300f72e2e15894e516e9433cc27555d0e5bdb86c447ecea22b255cc9b42f19444946c3c1f7bccd7f4113c73339da67d16dced1285859e822edc6ba37a9d221f2bae043bfee2a45e1bfd32c200efcf7d4ee9664e2447c1c7ce4444a32f35f8122bf83fa0d791c512501cd4c9cad4f112eee599d1396a401eb510cb2c194c245410161ca2114acda547b379107e54386b6997defa138fd94a369e6d6019cfa82dd347494f8991e9a41e8308dc033382bfe386d3af717193e64a8e4e9e2731c3bb170a663075d2d5339e5ca6516d5521877509860e470032c52827a7f57c979aafd51fc0a267edf73a3c4a6411940f7df0894a813fe293589888736686c74ae445958d4315b6ee92e111ac3298ebfe83b85a527090bcdaf7d574e68c573d768d95990c70e9a36a7fa0b690d1faef9f5dec8fcb3b3aeefee1d81866b81444b01445be9c1d13605f15374da83e766cd3eb867b36df298422730ddcde5a617a94eeb80b2296db2d588080eb439f950bba6add84c4fb248e1d4026b0e0ff611b33a96f92a4715cd26b180ac58aac931db918ba9d83d6b255678fe6a4bc702e246f27d2b518f73b0bc56826c25fac7f28563df43333b0da114ee0be8cea010b79d9eee7cf86d6d38d6e5b77cb2287e957eab5cc4aa7545f5de906c6b7512bffacebb0cdf64b7b5730cf7410205588a283bb1ad74ffbf1f023c62885c61308f65d189c6aff547fe61e95758bf53fba1fa3c277ac7699fa34544ce12e023cfe4de32f2948d295c6237526f5a159364b52fb54b61c7805e6378e63c50d916c7fe45535d4b50ff5e626b352f0b5f7b14b876a9a0e71e912590ab68b1a015f6ab076662a2bff8772650e3f0e71c47b70122688d0f1fc14e6a95a221942a232410f3ad7fd4eae71f1001aa05a"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 178.892994ms ago: executing program 2 (id=89): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x42042, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x1000000000004, 0x200000000006b, 0x9, 0x1005, 0xfffffffffffffffe, 0x1000, 0x0, 0x7fff, 0x8f, 0x7, 0x102, 0xf, 0x3ff, 0x3, 0xe89, 0x80000000001001], 0x8001000, 0xa64caa9dc5e77de5}) syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$x86(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$x86(r5, &(0x7f0000000040)={0x0, 0x0}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000200)={[0x6, 0xe166, 0x8b, 0xa00000000, 0xfffffffd, 0xffffffffffffe85f, 0x8379, 0x3, 0x4, 0x9, 0x40092, 0x5fa1, 0x3, 0xffffffff869fbebc, 0x10, 0xb], 0x1, 0x90d80}) ioctl$KVM_RUN(r6, 0xae80, 0x0) 0s ago: executing program 3 (id=90): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000000c0)={0x3}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000140)={[{0x8, 0xc, 0x6, 0x3, 0x1, 0x3, 0x7, 0xc1, 0x0, 0x21, 0x2, 0x8, 0x4}, {0x1, 0x8080, 0x7, 0x0, 0x8, 0x4, 0x49, 0x6, 0x2, 0x1, 0x9, 0xf, 0x8000000000000100}, {0x2, 0xc8b, 0x5, 0xa, 0x8, 0x6, 0x5, 0x10, 0x5, 0x3, 0x2, 0x24}], 0xf87}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000380)={[{0x1, 0x8, 0x8, 0x0, 0x9, 0x4, 0x7, 0xff, 0x9, 0x4, 0xa, 0x6, 0xb}, {0x7, 0xd0, 0x9, 0x81, 0x39, 0x6, 0x2, 0x8, 0xff, 0x0, 0x8, 0x2, 0xa}, {0x3, 0x5, 0x0, 0x1, 0xa3, 0x81, 0x10, 0x6, 0x6, 0x4, 0x2, 0xd, 0x7}], 0x101}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.184' (ED25519) to the list of known hosts. syzkaller login: [ 51.565303][ T4173] cgroup: Unknown subsys name 'net' [ 51.673838][ T4173] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 53.139636][ T4173] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 54.571368][ T4186] chnl_net:caif_netlink_parms(): no params data found [ 54.644140][ T4188] chnl_net:caif_netlink_parms(): no params data found [ 54.672434][ T4185] chnl_net:caif_netlink_parms(): no params data found [ 54.727126][ T4186] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.734541][ T4186] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.742807][ T4186] device bridge_slave_0 entered promiscuous mode [ 54.773732][ T4186] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.781238][ T4186] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.789549][ T4186] device bridge_slave_1 entered promiscuous mode [ 54.822552][ T4194] chnl_net:caif_netlink_parms(): no params data found [ 54.844977][ T4188] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.852327][ T4188] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.860841][ T4188] device bridge_slave_0 entered promiscuous mode [ 54.872300][ T4188] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.879689][ T4188] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.888019][ T4188] device bridge_slave_1 entered promiscuous mode [ 54.897964][ T4186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.910267][ T4186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.963355][ T4185] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.971140][ T4185] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.979561][ T4185] device bridge_slave_0 entered promiscuous mode [ 54.997699][ T4188] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.007413][ T4187] chnl_net:caif_netlink_parms(): no params data found [ 55.028202][ T4185] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.035927][ T4185] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.043675][ T4185] device bridge_slave_1 entered promiscuous mode [ 55.061862][ T4188] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.073640][ T4186] team0: Port device team_slave_0 added [ 55.108191][ T4186] team0: Port device team_slave_1 added [ 55.128677][ T4185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.143114][ T4188] team0: Port device team_slave_0 added [ 55.157861][ T4188] team0: Port device team_slave_1 added [ 55.172107][ T4185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.198410][ T4186] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.205941][ T4186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.232724][ T4186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.245942][ T4194] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.253056][ T4194] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.261487][ T4194] device bridge_slave_0 entered promiscuous mode [ 55.277008][ T4194] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.284178][ T4194] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.293362][ T4194] device bridge_slave_1 entered promiscuous mode [ 55.317679][ T4186] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.324873][ T4186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.351102][ T4186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.385439][ T4188] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.392881][ T4188] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.419184][ T4188] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.431850][ T4188] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.439191][ T4188] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.468575][ T4188] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.481970][ T4185] team0: Port device team_slave_0 added [ 55.494762][ T4187] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.502159][ T4187] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.511367][ T4187] device bridge_slave_0 entered promiscuous mode [ 55.525636][ T4187] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.532716][ T4187] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.540556][ T4187] device bridge_slave_1 entered promiscuous mode [ 55.553112][ T4185] team0: Port device team_slave_1 added [ 55.560976][ T4194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.611416][ T4194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.624096][ T4186] device hsr_slave_0 entered promiscuous mode [ 55.631584][ T4186] device hsr_slave_1 entered promiscuous mode [ 55.652838][ T4188] device hsr_slave_0 entered promiscuous mode [ 55.659963][ T4188] device hsr_slave_1 entered promiscuous mode [ 55.668000][ T4188] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.676391][ T4188] Cannot create hsr debugfs directory [ 55.697565][ T4187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.707710][ T4185] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.714976][ T4185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.741798][ T4185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.756482][ T4194] team0: Port device team_slave_0 added [ 55.764182][ T4187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.796219][ T4185] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.803791][ T4185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.831142][ T4185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.844150][ T4194] team0: Port device team_slave_1 added [ 55.873149][ T4187] team0: Port device team_slave_0 added [ 55.903158][ T4194] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.911083][ T4194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.937725][ T4194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.951854][ T4187] team0: Port device team_slave_1 added [ 55.971981][ T4194] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.979521][ T4194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.006481][ T4194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.059977][ T4187] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.067323][ T4187] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.094214][ T4187] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.112768][ T4185] device hsr_slave_0 entered promiscuous mode [ 56.119756][ T4185] device hsr_slave_1 entered promiscuous mode [ 56.126415][ T4185] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.134289][ T4185] Cannot create hsr debugfs directory [ 56.145057][ T4187] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.152124][ T4187] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.179297][ T4187] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.210453][ T4194] device hsr_slave_0 entered promiscuous mode [ 56.217531][ T4194] device hsr_slave_1 entered promiscuous mode [ 56.224256][ T4194] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.232256][ T4194] Cannot create hsr debugfs directory [ 56.305911][ T1346] Bluetooth: hci2: command 0x0409 tx timeout [ 56.315164][ T1346] Bluetooth: hci4: command 0x0409 tx timeout [ 56.328879][ T1346] Bluetooth: hci1: command 0x0409 tx timeout [ 56.335451][ T1346] Bluetooth: hci3: command 0x0409 tx timeout [ 56.338792][ T4187] device hsr_slave_0 entered promiscuous mode [ 56.341813][ T1346] Bluetooth: hci0: command 0x0409 tx timeout [ 56.354599][ T4187] device hsr_slave_1 entered promiscuous mode [ 56.361358][ T4187] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.369460][ T4187] Cannot create hsr debugfs directory [ 56.581871][ T4188] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 56.599649][ T4188] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 56.610333][ T4188] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 56.620781][ T4188] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 56.670914][ T4186] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 56.683836][ T4186] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 56.699633][ T4186] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 56.719651][ T4186] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 56.786805][ T4185] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 56.800100][ T4185] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 56.809936][ T4185] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 56.822467][ T4185] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 56.884164][ T4188] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.932361][ T4194] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 56.948410][ T4194] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 56.961295][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.971426][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.993743][ T4187] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.006644][ T4186] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.014257][ T4194] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 57.024553][ T4194] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 57.041317][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.052312][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.062001][ T4187] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.071472][ T4187] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.085001][ T4187] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.098172][ T4186] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.108925][ T4188] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.148257][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.157904][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.168003][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.175340][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.183829][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.195319][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.203922][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.211093][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.220221][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.229122][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.237891][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.245081][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.252993][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.261927][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.271780][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.281323][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.290040][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.298531][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.307140][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.348124][ T4186] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 57.359434][ T4186] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.374675][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.383326][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.392813][ T155] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.400110][ T155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.409029][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.418787][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.428000][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.436620][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.445657][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.454907][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.463484][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.472260][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.482683][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.527753][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.537686][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.548169][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.561896][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.570564][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.579227][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.588255][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.600138][ T4185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.618937][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.630064][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.684163][ T4187] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.706487][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.721138][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.737086][ T4185] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.764086][ T4187] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.787928][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.806492][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.826245][ T3005] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.833540][ T3005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.842616][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.852430][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.861459][ T3005] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.868888][ T3005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.877632][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.886385][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.894826][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.903552][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.913330][ T3005] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.920540][ T3005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.930435][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.939746][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.949714][ T3005] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.956835][ T3005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.965148][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.973265][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.982249][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.027886][ T4194] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.042255][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.052865][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.082464][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.092660][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.101808][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.111661][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.120490][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.130313][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.139712][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.154139][ T4186] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.190001][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.199715][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.213507][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.222825][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.239883][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.248206][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.256400][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.265533][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.274136][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.284601][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.292852][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.302066][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.311827][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.320522][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.332676][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.341555][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.356155][ T4187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.367858][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.379878][ T4185] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.388446][ T7] Bluetooth: hci0: command 0x041b tx timeout [ 58.395369][ T7] Bluetooth: hci3: command 0x041b tx timeout [ 58.400121][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.401569][ T7] Bluetooth: hci1: command 0x041b tx timeout [ 58.418387][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.426923][ T7] Bluetooth: hci4: command 0x041b tx timeout [ 58.433302][ T7] Bluetooth: hci2: command 0x041b tx timeout [ 58.442017][ T4194] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.465241][ T4188] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.506212][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.526769][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.555981][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.563262][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.582254][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.591229][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.601708][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.608921][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.617094][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.663602][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.686356][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.698764][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.734755][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.752790][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.772284][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.781103][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.791650][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.801137][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.811184][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.820337][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.861761][ T4194] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.876307][ T4194] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.886577][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.894072][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.901813][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.911024][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.919739][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.929011][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.938263][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.946251][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.963669][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.972177][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.987807][ T4185] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.009582][ T4186] device veth0_vlan entered promiscuous mode [ 59.021460][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.033043][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.044194][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.057456][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.074017][ T4187] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.083680][ T4188] device veth0_vlan entered promiscuous mode [ 59.094842][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.102627][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.131886][ T4186] device veth1_vlan entered promiscuous mode [ 59.143117][ T4188] device veth1_vlan entered promiscuous mode [ 59.186289][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.196553][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.214272][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.223454][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.235822][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.245509][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.254722][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.274171][ T4185] device veth0_vlan entered promiscuous mode [ 59.292941][ T4187] device veth0_vlan entered promiscuous mode [ 59.312087][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.320787][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.329805][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.341163][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.350800][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.359655][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.368182][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.376631][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.385404][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.397221][ T4185] device veth1_vlan entered promiscuous mode [ 59.412856][ T4194] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.434111][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.443096][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 59.450953][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 59.458869][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.469702][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.489668][ T4188] device veth0_macvtap entered promiscuous mode [ 59.500411][ T4186] device veth0_macvtap entered promiscuous mode [ 59.511017][ T4187] device veth1_vlan entered promiscuous mode [ 59.519301][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.529181][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.537692][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.546342][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.555022][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.563740][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.582721][ T4186] device veth1_macvtap entered promiscuous mode [ 59.608527][ T4188] device veth1_macvtap entered promiscuous mode [ 59.623851][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.635480][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.643836][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.652364][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.661656][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.695647][ T4186] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.707084][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.718373][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.730936][ T4188] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.739355][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.748695][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.757858][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.766790][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.775834][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.785454][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.794003][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.803179][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.827115][ T4187] device veth0_macvtap entered promiscuous mode [ 59.839688][ T4186] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.850744][ T4185] device veth0_macvtap entered promiscuous mode [ 59.868712][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.877282][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.886298][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.895229][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.904125][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.916518][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.927642][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.937082][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.948226][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.959095][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.970597][ T4188] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.978543][ T4194] device veth0_vlan entered promiscuous mode [ 59.988160][ T4187] device veth1_macvtap entered promiscuous mode [ 60.020276][ T4185] device veth1_macvtap entered promiscuous mode [ 60.029623][ T4186] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.042342][ T4186] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.051251][ T4186] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.060019][ T4186] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.072072][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 60.081127][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 60.089641][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.098922][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.110897][ T4188] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.120059][ T4188] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.129187][ T4188] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.138302][ T4188] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.167341][ T4194] device veth1_vlan entered promiscuous mode [ 60.187173][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.198324][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.208626][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.219326][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.231588][ T4187] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.248017][ T4185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.258892][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.269888][ T4185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.280751][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.290930][ T4185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.301475][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.314531][ T4185] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.333814][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 60.342075][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 60.350637][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.359946][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.368806][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.377858][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.390267][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.401947][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.412186][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.423379][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.435582][ T4187] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.448901][ T4185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.462408][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.466399][ T4240] Bluetooth: hci2: command 0x040f tx timeout [ 60.473965][ T4185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.487595][ T4240] Bluetooth: hci4: command 0x040f tx timeout [ 60.490408][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.499357][ T4240] Bluetooth: hci1: command 0x040f tx timeout [ 60.505359][ T4185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.512183][ T4240] Bluetooth: hci3: command 0x040f tx timeout [ 60.521930][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.532731][ T4240] Bluetooth: hci0: command 0x040f tx timeout [ 60.539682][ T4185] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.558940][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.569507][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.579492][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.590238][ T3005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.600988][ T4187] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.609833][ T4187] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.618910][ T4187] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.628946][ T4187] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.645867][ T4185] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.657931][ T4185] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.668853][ T4185] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.678033][ T4185] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.706320][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.718884][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.730377][ T4194] device veth0_macvtap entered promiscuous mode [ 60.768341][ T4194] device veth1_macvtap entered promiscuous mode [ 60.836991][ T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.849896][ T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.894775][ T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.902646][ T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.906734][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.924843][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.932862][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.943116][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.956798][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.967097][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.978509][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.988770][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.999557][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.009940][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.020729][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.033399][ T4194] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.055030][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 61.063656][ T145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 61.076628][ T3005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.093937][ T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.101843][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.101865][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.101875][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.101888][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.101897][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.101910][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.101920][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.101933][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.103104][ T4194] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.134357][ T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.152266][ T3005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.211801][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.220364][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.228413][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 61.237324][ T4254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.255141][ T4194] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.263847][ T4194] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.275386][ T4194] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.284102][ T4194] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.356690][ T3005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.377690][ T3005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.402786][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.419357][ T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.433962][ T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.465377][ T145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.473340][ T145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.493973][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.521370][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.599497][ T3005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.622474][ T3005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.639534][ T4254] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.648999][ T4254] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.664868][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.678035][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.695954][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.713040][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.742814][ T4272] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 61.748831][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.856316][ T4276] FAULT_INJECTION: forcing a failure. [ 61.856316][ T4276] name failslab, interval 1, probability 0, space 0, times 1 [ 61.942416][ T4280] netlink: 'syz.2.8': attribute type 1 has an invalid length. [ 61.961710][ T4276] CPU: 0 PID: 4276 Comm: syz.1.2 Not tainted syzkaller #0 [ 61.968970][ T4276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 61.979135][ T4276] Call Trace: [ 61.982449][ T4276] [ 61.985489][ T4276] dump_stack_lvl+0x188/0x250 [ 61.990208][ T4276] ? show_regs_print_info+0x20/0x20 [ 61.995428][ T4276] ? load_image+0x400/0x400 [ 62.000035][ T4276] ? __might_sleep+0xf0/0xf0 [ 62.004715][ T4276] ? __lock_acquire+0x7d10/0x7d10 [ 62.009744][ T4276] should_fail+0x38c/0x4c0 [ 62.014168][ T4276] should_failslab+0x5/0x20 [ 62.018758][ T4276] slab_pre_alloc_hook+0x51/0xc0 [ 62.023699][ T4276] __kmalloc_node_track_caller+0x68/0x3a0 [ 62.029414][ T4276] ? netlink_sendmsg+0x654/0xbe0 [ 62.034354][ T4276] ? kmem_cache_alloc_node+0x162/0x2d0 [ 62.039895][ T4276] ? __alloc_skb+0xf4/0x750 [ 62.044399][ T4276] ? netlink_sendmsg+0x654/0xbe0 [ 62.049346][ T4276] __alloc_skb+0x22c/0x750 [ 62.053911][ T4276] netlink_sendmsg+0x654/0xbe0 [ 62.058864][ T4276] ? netlink_getsockopt+0x570/0x570 [ 62.064164][ T4276] ? aa_sock_msg_perm+0x94/0x150 [ 62.069131][ T4276] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 62.074534][ T4276] ? security_socket_sendmsg+0x7c/0xa0 [ 62.080321][ T4276] __sys_sendto+0x46d/0x620 [ 62.084954][ T4276] ? __ia32_sys_getpeername+0x80/0x80 [ 62.090361][ T4276] ? __lock_acquire+0x7d10/0x7d10 [ 62.095592][ T4276] ? lock_chain_count+0x20/0x20 [ 62.100448][ T4276] ? vtime_user_exit+0x2c8/0x3e0 [ 62.105566][ T4276] __x64_sys_sendto+0xda/0xf0 [ 62.110364][ T4276] do_syscall_64+0x4c/0xa0 [ 62.114777][ T4276] ? clear_bhb_loop+0x30/0x80 [ 62.119540][ T4276] ? clear_bhb_loop+0x30/0x80 [ 62.124218][ T4276] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 62.130117][ T4276] RIP: 0033:0x7f6fb0ed2fce [ 62.134622][ T4276] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 62.154936][ T4276] RSP: 002b:00007f6faf16ae88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 62.163368][ T4276] RAX: ffffffffffffffda RBX: 00007f6faf16c6c0 RCX: 00007f6fb0ed2fce [ 62.171433][ T4276] RDX: 0000000000000020 RSI: 00007f6faf16b000 RDI: 0000000000000007 [ 62.179419][ T4276] RBP: 0000000000000000 R08: 00007f6faf16af04 R09: 000000000000000c [ 62.187563][ T4276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 62.195530][ T4276] R13: 00007f6faf16af58 R14: 00007f6faf16b000 R15: 0000000000000000 [ 62.203519][ T4276] [ 62.239544][ T4280] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8'. [ 62.248916][ T4280] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8'. [ 62.413674][ T4289] loop4: detected capacity change from 0 to 2048 [ 62.477731][ T4298] loop3: detected capacity change from 0 to 1024 [ 62.535052][ T4298] ======================================================= [ 62.535052][ T4298] WARNING: The mand mount option has been deprecated and [ 62.535052][ T4298] and is ignored by this kernel. Remove the mand [ 62.535052][ T4298] option from the mount to silence this warning. [ 62.535052][ T4298] ======================================================= [ 62.549339][ T7] Bluetooth: hci0: command 0x0419 tx timeout [ 62.605050][ T4232] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 62.608323][ T7] Bluetooth: hci3: command 0x0419 tx timeout [ 62.624288][ T4301] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 62.652646][ T7] Bluetooth: hci1: command 0x0419 tx timeout [ 62.663777][ T7] Bluetooth: hci4: command 0x0419 tx timeout [ 62.682835][ T7] Bluetooth: hci2: command 0x0419 tx timeout [ 62.703554][ T4298] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 62.717538][ T4298] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.770728][ T4294] EXT4-fs error (device loop3): ext4_map_blocks:739: inode #15: block 3: comm syz.3.4: lblock 3 mapped to illegal pblock 3 (length 3) [ 62.789278][ T4306] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 62.822200][ T4294] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 62.854968][ T4294] EXT4-fs (loop3): This should not happen!! Data will be lost [ 62.854968][ T4294] [ 62.909727][ T4298] EXT4-fs error (device loop3): ext4_map_blocks:739: inode #15: block 8: comm syz.3.4: lblock 8 mapped to illegal pblock 8 (length 8) [ 62.954651][ T4298] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 63.008724][ T4232] usb 1-1: config 36 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 63.094878][ T2351] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 63.138147][ T4298] EXT4-fs (loop3): This should not happen!! Data will be lost [ 63.138147][ T4298] [ 63.160330][ T4232] usb 1-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29 [ 63.180110][ T4232] usb 1-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16 [ 63.198235][ T4232] usb 1-1: Manufacturer: syz [ 63.202994][ T4232] usb 1-1: SerialNumber: syz [ 63.237125][ T4296] loop2: detected capacity change from 0 to 32768 [ 63.272970][ T4312] loop4: detected capacity change from 0 to 2048 [ 63.297118][ T4296] XFS (loop2): Mounting V5 Filesystem [ 63.317087][ T4312] UDF-fs: bad mount option "uid=f" or missing value [ 63.341723][ T4296] XFS (loop2): Ending clean mount [ 63.364835][ T2351] usb 2-1: Using ep0 maxpacket: 16 [ 63.439382][ T4296] XFS (loop2): Quotacheck needed: Please wait. [ 63.509815][ T2351] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.523537][ T4232] usbhid 1-1:36.0: couldn't find an input interrupt endpoint [ 63.537235][ T4296] XFS (loop2): Quotacheck: Done. [ 63.561543][ T2351] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 63.599571][ T4232] usb 1-1: USB disconnect, device number 2 [ 63.630151][ T2351] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 63.754500][ T2351] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 63.816133][ T2351] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.828975][ T2351] usb 2-1: config 0 descriptor?? [ 64.529632][ T4332] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:54112 [ 64.846595][ T4305] loop1: detected capacity change from 0 to 256 [ 64.887164][ T4188] XFS (loop2): Unmounting Filesystem [ 64.960367][ T4338] loop0: detected capacity change from 0 to 512 [ 65.033479][ T4338] EXT4-fs (loop0): inline encryption not supported [ 65.091050][ T4338] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 65.158736][ T2351] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 65.175565][ T4338] EXT4-fs (loop0): orphan cleanup on readonly fs [ 65.197688][ T4340] overlayfs: upper fs does not support tmpfile. [ 65.199947][ T2351] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0001/input/input5 [ 65.245349][ T4338] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3887: comm syz.0.17: Allocating blocks 41-42 which overlap fs metadata [ 65.287712][ T4338] EXT4-fs (loop0): Remounting filesystem read-only [ 65.299031][ T4338] Quota error (device loop0): write_blk: dquota write failed [ 65.310798][ T4338] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 65.329308][ T4338] EXT4-fs error (device loop0): ext4_acquire_dquot:6234: comm syz.0.17: Failed to acquire dquot type 0 [ 65.350934][ T4338] EXT4-fs (loop0): Remounting filesystem read-only [ 65.359486][ T4305] udc-core: couldn't find an available UDC or it's busy [ 65.373523][ T4305] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 65.385800][ T2351] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 65.407674][ T4338] EXT4-fs (loop0): 1 truncate cleaned up [ 65.439620][ T4305] fuse: Bad value for 'fd' [ 66.404698][ T4338] EXT4-fs (loop0): pa ffff888074f72380: logic 1, phys. 41, len 23 [ 66.413308][ T4338] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4904: group 0, free 22, pa_free 23 [ 66.442855][ T4338] EXT4-fs (loop0): Remounting filesystem read-only [ 66.470394][ T4338] EXT4-fs (loop0): mounted filesystem without journal. Opts: inlinecrypt,noblock_validity,grpjquota=,barrier=0x0000000000000000,usrjquota=,resgid=0x000000000000ee01,noinit_itable,errors=remount-ro,journal_dev=0x00000000000000072. Quota mode: writeback. [ 66.841284][ T4305] loop1: detected capacity change from 0 to 131072 [ 66.877354][ T4338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17'. [ 66.980861][ T4305] F2FS-fs (loop1): invalid crc value [ 67.027985][ T4305] F2FS-fs (loop1): Found nat_bits in checkpoint [ 67.076944][ T4305] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 67.080986][ T4357] IPVS: set_ctl: invalid protocol: 41 0.0.0.0:20002 [ 67.169557][ T4365] loop2: detected capacity change from 0 to 128 [ 67.208900][ T4305] option changes via remount are deprecated (pid=4304 comm=syz.1.12) [ 67.226016][ T4230] usb 2-1: USB disconnect, device number 2 [ 67.373050][ T4367] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 67.557164][ T4364] tipc: Started in network mode [ 67.575632][ T4364] tipc: Node identity 7669eedae218, cluster identity 4711 [ 67.583235][ T4364] tipc: Enabled bearer , priority 0 [ 67.639195][ T4365] tipc: Resetting bearer [ 67.652441][ T4363] tipc: Disabling bearer [ 68.137222][ T4389] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 68.349184][ T4408] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 68.831695][ T4434] vxcan1: tx drop: invalid da for name 0x0000000000000001 [ 69.379812][ T4465] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 69.448702][ T4465] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 69.768847][ T4484] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 69.828660][ T4488] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 70.065586][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88801e79dc00: rx timeout, send abort [ 70.075716][ C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88801e79dc00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 70.474750][ T4511] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 70.517810][ T4519] APIC base relocation is unsupported by KVM [ 70.518351][ T4519] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2173897796 (69564729472 ns) > initial count (40960169824 ns). Using initial count to start timer. [ 71.195649][ T4556] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 71.328841][ T4568] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 71.432711][ T4574] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 71.445130][ T1429] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.445284][ T1429] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.839622][ T4600] ------------[ cut here ]------------ [ 71.883966][ T4600] WARNING: CPU: 1 PID: 4600 at arch/x86/kvm/x86.c:10372 kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 71.924683][ T4600] Modules linked in: [ 71.928644][ T4600] CPU: 0 PID: 4600 Comm: syz.1.88 Not tainted syzkaller #0 [ 72.046948][ T4600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 72.114719][ T4600] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 72.123183][ T4600] Code: e8 61 f3 ae 00 e9 03 e9 ff ff 44 89 f9 80 e1 07 38 c1 0f 8c d5 ed ff ff 4c 89 ff e8 46 f3 ae 00 e9 c8 ed ff ff e8 8c e7 69 00 <0f> 0b e9 31 fd ff ff 44 89 f9 80 e1 07 38 c1 0f 8c d2 ed ff ff 4c [ 72.156210][ T4600] RSP: 0018:ffffc9000c7bfc30 EFLAGS: 00010287 [ 72.162731][ T4600] RAX: ffffffff810f3ab4 RBX: ffff88807df54000 RCX: 0000000000080000 [ 72.171475][ T4600] RDX: ffffc90004ba9000 RSI: 000000000000041a RDI: 000000000000041b [ 72.181207][ T4600] RBP: 0000000000000000 R08: ffffffff8d89dc2f R09: 1ffffffff1b13b85 [ 72.195331][ T4600] R10: dffffc0000000000 R11: fffffbfff1b13b86 R12: ffff8880761fe001 [ 72.228912][ T4600] R13: 1ffff1100fbea81e R14: ffff88807df540f0 R15: ffff8880761fe000 [ 72.240285][ T4600] FS: 00007f6faf16c6c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 72.251107][ T4600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.258421][ T4600] CR2: 00007fb2ca8232f8 CR3: 000000005ad5e000 CR4: 00000000003526f0 [ 72.267216][ T4600] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 72.275947][ T4600] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 72.283991][ T4600] Call Trace: [ 72.287744][ T4600] [ 72.290699][ T4600] ? __lock_acquire+0x7d10/0x7d10 [ 72.296024][ T4600] kvm_vcpu_ioctl+0x8f7/0xc10 [ 72.301236][ T4600] ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0 [ 72.307026][ T4600] ? bpf_lsm_file_ioctl+0x5/0x10 [ 72.312159][ T4600] ? security_file_ioctl+0x7c/0xa0 [ 72.317367][ T4600] ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0 [ 72.323027][ T4600] __se_sys_ioctl+0xfa/0x170 [ 72.327679][ T4600] do_syscall_64+0x4c/0xa0 [ 72.332115][ T4600] ? clear_bhb_loop+0x30/0x80 [ 72.336905][ T4600] ? clear_bhb_loop+0x30/0x80 [ 72.341601][ T4600] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.347549][ T4600] RIP: 0033:0x7f6fb0f12799 [ 72.352065][ T4600] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 72.372942][ T4600] RSP: 002b:00007f6faf16c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 72.382688][ T4600] RAX: ffffffffffffffda RBX: 00007f6fb118bfa0 RCX: 00007f6fb0f12799 [ 72.391396][ T4600] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 72.400401][ T4600] RBP: 00007f6fb0fa8bd9 R08: 0000000000000000 R09: 0000000000000000 [ 72.408592][ T4600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.416826][ T4600] R13: 00007f6fb118c038 R14: 00007f6fb118bfa0 R15: 00007ffce7f418e8 [ 72.425201][ T4600] [ 72.428350][ T4600] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 72.435822][ T4600] CPU: 0 PID: 4600 Comm: syz.1.88 Not tainted syzkaller #0 [ 72.443209][ T4600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 72.453696][ T4600] Call Trace: [ 72.457167][ T4600] [ 72.460103][ T4600] dump_stack_lvl+0x188/0x250 [ 72.464991][ T4600] ? show_regs_print_info+0x20/0x20 [ 72.470293][ T4600] ? load_image+0x400/0x400 [ 72.475166][ T4600] panic+0x2e5/0x810 [ 72.479082][ T4600] ? bpf_jit_dump+0xd0/0xd0 [ 72.483678][ T4600] ? kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 72.489541][ T4600] __warn+0x248/0x2b0 [ 72.493633][ T4600] ? kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 72.499520][ T4600] report_bug+0x1b7/0x2e0 [ 72.503873][ T4600] handle_bug+0x3a/0x70 [ 72.508038][ T4600] exc_invalid_op+0x16/0x40 [ 72.512568][ T4600] asm_exc_invalid_op+0x16/0x20 [ 72.518183][ T4600] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 72.524754][ T4600] Code: e8 61 f3 ae 00 e9 03 e9 ff ff 44 89 f9 80 e1 07 38 c1 0f 8c d5 ed ff ff 4c 89 ff e8 46 f3 ae 00 e9 c8 ed ff ff e8 8c e7 69 00 <0f> 0b e9 31 fd ff ff 44 89 f9 80 e1 07 38 c1 0f 8c d2 ed ff ff 4c [ 72.544485][ T4600] RSP: 0018:ffffc9000c7bfc30 EFLAGS: 00010287 [ 72.550604][ T4600] RAX: ffffffff810f3ab4 RBX: ffff88807df54000 RCX: 0000000000080000 [ 72.558583][ T4600] RDX: ffffc90004ba9000 RSI: 000000000000041a RDI: 000000000000041b [ 72.566566][ T4600] RBP: 0000000000000000 R08: ffffffff8d89dc2f R09: 1ffffffff1b13b85 [ 72.574573][ T4600] R10: dffffc0000000000 R11: fffffbfff1b13b86 R12: ffff8880761fe001 [ 72.582660][ T4600] R13: 1ffff1100fbea81e R14: ffff88807df540f0 R15: ffff8880761fe000 [ 72.590895][ T4600] ? kvm_arch_vcpu_ioctl_run+0x1bc4/0x1f40 [ 72.596704][ T4600] ? __lock_acquire+0x7d10/0x7d10 [ 72.601931][ T4600] kvm_vcpu_ioctl+0x8f7/0xc10 [ 72.606644][ T4600] ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0 [ 72.612445][ T4600] ? bpf_lsm_file_ioctl+0x5/0x10 [ 72.617599][ T4600] ? security_file_ioctl+0x7c/0xa0 [ 72.622740][ T4600] ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0 [ 72.628378][ T4600] __se_sys_ioctl+0xfa/0x170 [ 72.633056][ T4600] do_syscall_64+0x4c/0xa0 [ 72.637600][ T4600] ? clear_bhb_loop+0x30/0x80 [ 72.642365][ T4600] ? clear_bhb_loop+0x30/0x80 [ 72.647043][ T4600] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.653047][ T4600] RIP: 0033:0x7f6fb0f12799 [ 72.657569][ T4600] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 72.677514][ T4600] RSP: 002b:00007f6faf16c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 72.686025][ T4600] RAX: ffffffffffffffda RBX: 00007f6fb118bfa0 RCX: 00007f6fb0f12799 [ 72.694284][ T4600] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 72.702290][ T4600] RBP: 00007f6fb0fa8bd9 R08: 0000000000000000 R09: 0000000000000000 [ 72.710274][ T4600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.718743][ T4600] R13: 00007f6fb118c038 R14: 00007f6fb118bfa0 R15: 00007ffce7f418e8 [ 72.726836][ T4600] [ 72.729982][ T4600] Kernel Offset: disabled [ 72.734627][ T4600] Rebooting in 86400 seconds..