last executing test programs: 1m4.546118894s ago: executing program 4 (id=1513): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0), 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000007240)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f00000002c0)=ANY=[@ANYRES32, @ANYBLOB="fe0f09"], 0x1a) 1m3.541894041s ago: executing program 4 (id=1516): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x40, &(0x7f0000000300)={[{@numtail}, {@rodir}, {@uni_xlateno}, {@utf8no}, {@shortname_win95}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp932'}}]}, 0x1, 0x187, &(0x7f00000004c0)="$eJzs2zFrE2EYB/B/bNSqQzI4icOBi1NI+gksUkEMCEoGBUGxLUhPChYCOthuLn4IP4Cfpp/EsYNwkl6xbUgHsfVs8vst98B7/+N9h7vn3oN7fff91vr2zmb/1X6WW620H6TIQSvdXMlSansBAObJQVXlR1VV1fW93PiWqqqanhEAcNH0fwBYPPo/ACwe/R8AFs/zFy+frA6Ha8+KYjkpv4xH41F9rMdXN/MuZTbSTyc/M3lBOFLXjx4P1/rFoW6+lrtH+d3xaOl0fpBOurPzgzpfnM5fzc2T+ZV0cnt2fmVm/lru3zuR76WT/bfZTpn1TLLH+c+Donj4dDiVv3V4HgAAAMyDXvHbzP17r3fWeJ3/g+8DU/vrdu60m107ACyqnY+ftt6U5caHvyom3f48rqNQnGfxPf/FNC5l0fSTCbhoxzd90zMBAAAAAAAAAAAAAADO8i9+J2p6jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDtVwAAAP//dQSwIg==") openat$incfs(0xffffffffffffff9c, &(0x7f0000000100)='.pending_reads\x00', 0x149240, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$video4linux(&(0x7f0000000840), 0x6, 0x0) ioctl$VIDIOC_QUERYSTD(r1, 0x8008563f, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x1) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xe) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-intel\x00'}, 0x58) r3 = accept$alg(r2, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f00000050c0)=[{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)='n', 0x7fffefff}, {&(0x7f0000000100)=']', 0x1}], 0x2}], 0x1, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000180)={'\x00', 0x0, 0xfff, 0x1, 0x8001}) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000100)={'\x00', 0x0, 0x0, 0x4}) syz_mount_image$fuse(0xfffffffffffffffe, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) 1m2.955529401s ago: executing program 4 (id=1520): syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors_recursive\x00', 0x26e1, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) socket$tipc(0x1e, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r0 = eventfd(0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 1m2.756029641s ago: executing program 4 (id=1521): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xff, 0xfffffffffffffffc}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x0, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000000c0)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f0000000000)=0x0, 0x0) r4 = socket$inet_smc(0x2b, 0x1, 0x0) syz_io_uring_submit(r3, 0x0, 0x0) listen(r4, 0x0) 1m1.580413461s ago: executing program 4 (id=1525): r0 = socket$l2tp6(0xa, 0x2, 0x73) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) syz_open_procfs(0xffffffffffffffff, 0x0) r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VIDIOC_S_PARM(r4, 0xc0cc5616, &(0x7f0000000280)={0x0, @output}) bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4a, &(0x7f0000000280), 0x4) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) recvmmsg$unix(r0, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 59.832202433s ago: executing program 4 (id=1527): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-ssse3\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f0000000000), 0xe) 37.072593193s ago: executing program 1 (id=1580): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(0x0, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) sendmsg$IPVS_CMD_GET_DAEMON(r0, 0x0, 0x0) 34.841896422s ago: executing program 1 (id=1582): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_LEN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 34.673681391s ago: executing program 1 (id=1583): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000200)=0x3, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) sendto$inet(r0, &(0x7f0000000040)="0804", 0xffec, 0x0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) 34.513847107s ago: executing program 1 (id=1585): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000380), 0x4) 34.360058968s ago: executing program 1 (id=1586): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994", 0xae}, {&(0x7f0000001480)}], 0x3) sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)}, {&(0x7f0000000180)}, {&(0x7f0000000080)="919e4819964e98a1e651d3167d444745c7524283ee4ad51008b30b", 0x1b}], 0x3}, 0x0) syz_open_dev$video4linux(&(0x7f0000000140), 0x1b, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0xc, 0x2, 0x5}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @empty}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x2c}}, 0x0) sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, 0x0, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x9) 33.971232473s ago: executing program 1 (id=1587): ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000680)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) r1 = syz_io_uring_setup(0x73fa, &(0x7f0000000200), &(0x7f0000000100), &(0x7f0000000000)=0x0) syz_io_uring_setup(0xa94, &(0x7f0000000140), &(0x7f0000000040)=0x0, &(0x7f00000005c0)) r4 = syz_io_uring_setup(0x18b0, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000340)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000240)) syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r1, 0x48e9, 0x0, 0x0, 0x0, 0x0) write$evdev(r0, &(0x7f0000000000), 0x100000008) 10.028529291s ago: executing program 0 (id=1624): syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYRES32=0x0], 0x12, 0xa10, &(0x7f00000001c0)="$eJzs3c1vXGe9B/Dv8UviulWStrm9vVGbTNKb1G19Hdu5TW7UxSWxJ4mLX5DtSI1YNKVxUBRDoQWprZBIJWBFBRKIBewqVqwqdUM3qDvYwYoFEuq/UCEWYWV0zoyTsT1jO2lsp+nnY83Mefmd5/mdOS+PZ3x8nrCzLj+y3twba6Ys7V0xtrRUPe5y/OLvPk/qfPGdHf/0gw/fLx/v3ciudOfF4vdJX5Ja0pPkyaR3bHx2ZmqDgq4nl5N8khRJdqfxuimXU/wsLYfBJyl+U9bb0a7NlsxGlvhS2+n9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7kfF2Pjw8EixKxPTF1+pNSS1NcbGZ2eKLC2tnbO8TMPHVa/fxccb1psU5SN9fctdfT+5//bsJ5LUjuSpxthTVYfk6cu7Dz+x76XHe7qWl++Uzeeye/PFvvXOu9dfW1xceHNLErn/na9PT8zNTEydOV+vTczN1E6fPDl8/MK5udq5icn63KW5+fpUbWy2fmZ+ZrY2MPZcbeT06RO1+tClmYvT58eHJuvLE0/9z+jw8Mnay0Nfq5+ZnZuZPv7y0NzYhYnJyYnp81VMObuMOVXuiF+dmK/N189M1WpXry0unFiVU3dW7b9l0MhGa1IGjW4UNDo8OjoyMjo68l6z9+xbE06+ePrFU8PDPcOrZE3EFu203F8e6ryZ7/1JHO5SV6P9TyYzkelczCuptf0Zy3hmM5OpDvObltv/o8fr69bb2v43W/meltkHyqcjOdic2Neh/e+Qy/b9vJV38m6u57UsZjELeXPHM9ren/OpZzoTmctMJjKVM9WUWnNKLadzMicznFdzIYcyl1rOZSKTqWculzKX+dSrPWoss6nnTOYzk9nUMpCxPJdaRnI6p3MitdQzlEuZycVM53zGc6Yq5WquVe/7iXVyvBU0spmg0XWC1jTmd9z+11f/csKXzlacxuGuLDXb/10bhw6MbUdCAAAAwD33X3/Knv2P/fHvSZGnq+/lz01M1od3Oi0AAADgHqou13uqfOkth55O4fM/AAAAPGiKHGx+C9CfQ42h5f+E8iUAAAAAPCCqv/8fTHHo9gSf/wEAAOAB89DyQMd77G94F/5icPn2v7UrjdcrzYjGWNF/bmKyPjQ2M/nSSI5Vdxmo/tNgTWndSdFb/fvB8znciDrc33jtv11iWWdfGTUy9NJIns+RRsSRgWfKl2cG2kSONiKfbUQ+2xrZnRWRJ8pIAHjQHWnfHhebbP97VxQ2eKBq8nsOtGmDh7WsAHC/OFJd/5/kX80uzdp8/m9GHOz0+f9/V33+77mysv1/LFcPNS4pGMrreSOLuZLBNK84ONSu1OXeCBqXIQxu8G1Af/OShb+c6srgmu8D+m6ta2vsQkYz2PYbgZZyi+UcTjTiurdoIwDANjuybju8ufZ/MIONiA6f//tdUggA95VbPdhv4cBOryMAsJJWGgAAAAAAAAAAAAAAAAAAAAAAAAAAAO69Td3A/8/HksXFhWQbOgu4NdB3JxmuP9CVbcp5xwe6k+xU7f+fO16q3Mb3y1v34A38+J+NI+juFt/JsxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbpUi6203vSnYnGU5yfPuz2jo3djqBe6W27tz3Os0obuZm3s6erUgJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODLrHn//640Xh9uTEpPV3I0yeUkX9/pHO+lmzudwI75VvXccv//rqQ3S7nR0+wAougdG5+dmSo3f7G7nP/pBx++Xz42LnttrwplAWUNKzqXaNbQMqV35VKPVkv1jy+8df17b3ynNn622jHPzp+bHJ86P/uV24FPFB81ukBo7QZhOd8fHP3Dz1sm72pW/lF6OuW/ut5zVb3ja+v9z3ZLd6h3E64tLoyWNc3XX5n//revvd0y67EcTp4ZSAZW1vTN8tGhpsOr38+Vis+KnxR78qtcrrZ/+W4US0W5ifZW6//Q1WuLC0Ovv7F45VZOP1yR074cSnIl6VuZ0/Jou5wOVeeTth6uau0tax2ugsqn/Rus47paShzp8L4+Wu0y/WvWYb06a53XobLB+97M6ETbjH7x3cdz7I639LENamyr+Kz4W3Ehf82PWvr/6Cq3/9G0PTrbFFFFtuwprfNWHF5djchqzUdbZ7y6usyORyVb4Kf5Rv7v1vbvWirK97/luNmm81FLje2Pi+TOj4vf7l3TotxWtUj7V7VIzbNPp2Waee5vRHXI8z/yQtJz4I7OKC9scEbZquP/18VA/pEb+v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuf0XS3W56V3I0yb4ke8vxWrK0OubGXdTX1V/cTZr3zN3k/MVTdFzR4mZu5u3s2e6MAAAAAAAAANgaZ8c//eDD98tH9ff47vx3V3NOLelJsq/4Ze/Y+OzM1AYF9SaXl/+k33dnOVwunx65Pf5JOfbkBgvt7OUDAPCF9u8AAAD//yjzadA=") openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f00000000c0)=ANY=[@ANYBLOB="000204"], 0x18) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0x0) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000000), 0x8) connect$inet6(r0, &(0x7f0000002200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) writev(r0, 0x0, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) utime(&(0x7f0000000400)='./file0\x00', 0x0) 8.655692815s ago: executing program 0 (id=1626): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_LEN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 8.419798481s ago: executing program 0 (id=1627): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 8.3035858s ago: executing program 0 (id=1628): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r1, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b9f802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963cd14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f0d9ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d579531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a785d820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37dfd149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f2729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab21842da1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a99b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb29f1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f8f4ed0b27cedd1c5e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46fc88a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"}) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="f26eb90f0800fb28440f01c866bafbc40c450f7878d98a66acbafc0c0cb8000066efc42235ba8d2991d91626440f71e0008f6978801b360f01c3b904010040b804000000ba000000000f300fc75b00", 0x4f}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 8.270841017s ago: executing program 2 (id=1629): socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socket$inet_mptcp(0x2, 0x1, 0x106) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg(r0, &(0x7f0000001940)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000001c0)="bd", 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='htcp\x00', 0xfedd) sendmmsg$inet(r0, &(0x7f0000009040)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000001980)="1a27f94ec2a0a289d21d70d3add7b38b452370583b3969d65703272b37762b9c6d4a4433d07eaa77bf0d06a2c3c782a1879426b88206c882bdd33ff6ef92e0a50afd5e3551a6f6b50ca7a60b6f20a9f6c4c07f6889f0ff03491ebc3645ddb5cfeaf0c6044eb443afcebdfd111c9c88108dbfcfc1f941b8b925a7d91f213425a12b1c12c9293736a2279e9476ed0a3b31d6d095f5285f166431c292f50d4acabbd3dcfbc9b59fb8f5c472f31372a77b1da2fcaeafc55ff011c540d29317d476a8a5f44ed0937b18e4fd59d74850f0eee4d46dca4e46bad311687d28c46872af87e79e35b832d1d6f1ff7bf9629a26bcf2e169520784202a40c5572149b6750992eedc8c58b7472da69da3c5c93855f4578d14955ffe7b6547ff633de6a82588eda45aabf7e4b2bde2a7a6098c978fe06a293ce2ac6755712e27fcfc29291e538bc39574f71dcb8fd9a373c0f7e4c6a82fb3ae3b05d0c3ed2bd09950a6dc3bf06587aab2ac3e899141f40fd86fc0139c4a2d26dac6bfbc784c92e3164d5d6afb3b387f417caaef7f8b15e323d066a02a524e997ebc302f5985d19caec412ce9447397609bfb656fcdcd102cb940eb8d4371594f77e27c0defbbdb4699a0eca4c27670cb1279c34f51efc1c1a355bb103a7ff6ccf09cb88affeec2ea3c1afbf20a1ea8b3089fb3e490328a80bc4288239b69148c610a73da6ccf65e49685fb5b1a3bbd5ba74ad754a1d7c06ba75b3d8e5cd512f3ad799084b1f4eccb6738c2ef4e5ca1bd4c11f0e5d7ab375edad4f5b2f8a128236931eea0ee5031ca825f5aa86bd8234796a6dd0fce8a3e2d4328000bb1e965d856adee87435006a6d26135040c257adfdfda6724cc048416dfe7e90c63588f803ede5a860e8451c3a0fe5ebaf0a957159ab456a33375a9985da14e00b83cf5f38c38272723c5f54da126247463450adcfd06226e5662d77a71de5bbc55908b8df93afb65946fa8e391072c387be28db9945336b70adb9bbc5863797dbdae736cdab6855ee1ac5d63c3b6a80522ec31235f941012bd69c81a590cbeaf1f671808059e812a37ac5bb9e180ef33d0c928d117baf5f326b3fea71bb0fdad3549f698480d49d870f5d4e9ad1492a808bc29f00cd52b1ed4878251506637b12c853946a1a7cf320c5f7dc39551ffee31628473b6965f5dc0e60fc7f424cb29c6827d53cfe8a9711c23fc52b8ba88a92a9fa22b63cb20c8e11d9c534a57b08a8cdd6ed0cfb790bb94b2385271623077d6a8f34efe79fa38a078f4ea9d19fc555d947781dc100b6985b3356c2aef8686bce184357558f114c16af1f4bbed90a76fae38bb39f934f52b6ff7d1e8358d5214c03ba651d1d40f74e55d3fdfa240f0eb5e503a25802abb70390cf0823f032d2135a29b3789ae7e004fee9a6a2dc94d3a1c842ce66299a87fc724a45b75f60322a6d7b3f37afe5ee747d9050acd1e32b53a18a0c393c8e5bf01fa98480865c023b60519121b5c9bc842b7784f5834dd180f891a9cb5501b0d9771be6c5c6841cfd54831d6558c5f6496e03a062d858b5755eee58e2a60bc1d26ca964def8fe55583de249e973d5b48dc9f93adf638e57e4d935fa4f44fd2bdcde9039c0d370ee72e9aaae2c0ad6866dc01033767152928fedc6c80ed2ae888d2438749f7c2583d70dc1e28b92fd9e3c3e088943afb386022b9dad353e04474c811c465e0f19cccea7e1895912df0f9bf76c7c9d141f0aaa4507a84bc57d283c6b8fe2e2e5d419a4273faee7c335e3119c16a91d03fbb5a17292ed35ea0c244058d8fc09e922c9244e9813318d0e00b47419682a7324b93be34c0eefed082be903b7a1c27059a2532e3acf3fa4ac3b14abe42fbc176236ea712efcfa77a4e4815a68b3ef76d57c95922e8aeacd80d84c5b1cacb2b0b77b8e7dd5dd0678fc3fbb", 0x558}], 0x1}}], 0x1, 0x0) ptrace$pokeuser(0x6, 0x0, 0x7, 0x6) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 8.144100583s ago: executing program 0 (id=1630): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c) r3 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="e000000010000905000000000000000008004300ff0300002f67e2171ef9582248fda90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27d0000d57ef9b7bf852c8986626691b01b5f44f4ce28712c28"], 0xe0}], 0x1}, 0x0) 7.121936536s ago: executing program 2 (id=1631): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x10000a0) r2 = dup(r0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) inotify_rm_watch(r2, r1) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socket$inet6_sctp(0xa, 0x801, 0x84) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 5.944804349s ago: executing program 2 (id=1632): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000480)={[{@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@shortname_win95}, {@numtail}, {@uni_xlateno}, {@utf8no}, {@uni_xlate}, {@fat=@uid}, {@fat=@check_strict}, {@uni_xlate}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@fat=@codepage={'codepage', 0x3d, '1251'}}, {@shortname_lower}, {@utf8}, {@fat=@dmask={'dmask', 0x3d, 0x40}}, {@uni_xlateno}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@shortname_lower}, {@nonumtail}, {@shortname_winnt}, {@rodir}, {@utf8no}, {@nonumtail}, {@shortname_lower}, {@shortname_mixed}, {@utf8}], [{@pcr={'pcr', 0x3d, 0x3}}, {@pcr={'pcr', 0x3d, 0x10}}]}, 0x6, 0x2d3, &(0x7f0000000a40)="$eJzs3b1rJGUYAPBnNrMfarFbWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2ES4Q8QPXq8TOxtK/QBD8Q2zsLAVbwc4IgZGZncl+ZNhsJBvx8vsVyZuZ55n3ed+ZJNPkyQcvTw4fZvH46Re/Ra+XRGvYjThJYhCtqH0VS4bfBgDwf3aS5/FnPtNw+tdv1uT2tlgXALA9F/z+r6TlxwdFxE/XVxsAsB33H7z79t7+/t13sqwX9yZfH4+SiCg+z87vPY6PYhyP4nb04zSifFFoR/m2UAzv5Xk+TbPCIF6bTI9HRebk/Z+r6+/9EVHm70Y/BuWhs7eNMv+t/bu72cxC/rSo4/lq/mGRfyf68eJZ8lL+nYb8GHXi9VcX6r8V/fjlw/g4xvGwLGKe/+Vulr2Zf/fX5+8V5RX5yfR41C3j5vKdevLpNd8jAAAAAAAAAAAAAAAAAAAAAACePbeq3jndKPv3FIeq/js7p8UX7chqg+X+PLP8pL7QvD9QtPI8n+bxfd1f53aWZXkVOM9P46W0aiwIAAAAAAAAAAAAAAAAAAAAN9zRp58dHozHj55cyaDuBpBGxN/3I/7tdYYLR16J9cHdas6D8bhVDZdj0sUjsVPHJBFryygWcUXbctHguXM1V4MffmzMKlZ0lEbTqd7Fk7ab57rk4JP2bB8bY+qn6/Agad7D7lnxveLGxeqN60Tz7O1YOdKp7+dqcP0obracTuOp/qW3pfNCOZiuiYlk3ffFG78vLSeJleBO2XGjMb1dDZp2Y/ZsbPQ8R2+Wfv5nRaJbBwAAAAAAAAAAAAAAAAAAbNX8r38bTj5dm9rKu1srCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1fz//28ySJeTN8jqxJOj/2ptAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Bz/BAAA//8a6VGq") socket$rds(0x15, 0x5, 0x0) r0 = getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) write$binfmt_elf64(r1, 0x0, 0xfd14) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0xb, 0x7, 0x2, "d1f2a8f1041e2519be38ef324aea9d45120728d3864d1dfe07d86e9f002d115a", 0x30385056}) sched_setscheduler(0x0, 0x0, &(0x7f0000000300)=0x7) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) landlock_restrict_self(0xffffffffffffffff, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000bb, &(0x7f0000000300)=@framed={{}, [@printk={@llu}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x3, 0x8, 0x8}, 0x10}, 0x90) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r4], 0x4c}}, 0x0) 5.654004349s ago: executing program 0 (id=1634): ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000680)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) r1 = syz_io_uring_setup(0x73fa, &(0x7f0000000200)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000000)=0x0) syz_io_uring_setup(0xa94, &(0x7f0000000140), &(0x7f0000000040)=0x0, &(0x7f00000005c0)) r4 = syz_io_uring_setup(0x18b0, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000340)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000240)) syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r1, 0x48e9, 0x0, 0x0, 0x0, 0x0) write$evdev(r0, &(0x7f0000000000), 0x100000008) 4.214500971s ago: executing program 2 (id=1635): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_LEN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 3.823962418s ago: executing program 2 (id=1637): r0 = socket$inet_tcp(0x2, 0x1, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = syz_io_uring_setup(0x23d, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f00000001c0)=0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r1, 0x7f5f, 0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 3.823746762s ago: executing program 3 (id=1638): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 3.658647648s ago: executing program 3 (id=1639): socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x0, 0x0, 0x0, 0xe4}]}, 0x10) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socket$inet_mptcp(0x2, 0x1, 0x106) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg(r0, &(0x7f0000001940)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000001c0)="bd", 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='htcp\x00', 0xfedd) sendmmsg$inet(r0, &(0x7f0000009040)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000001980)="1a27f94ec2a0a289d21d70d3add7b38b452370583b3969d65703272b37762b9c6d4a4433d07eaa77bf0d06a2c3c782a1879426b88206c882bdd33ff6ef92e0a50afd5e3551a6f6b50ca7a60b6f20a9f6c4c07f6889f0ff03491ebc3645ddb5cfeaf0c6044eb443afcebdfd111c9c88108dbfcfc1f941b8b925a7d91f213425a12b1c12c9293736a2279e9476ed0a3b31d6d095f5285f166431c292f50d4acabbd3dcfbc9b59fb8f5c472f31372a77b1da2fcaeafc55ff011c540d29317d476a8a5f44ed0937b18e4fd59d74850f0eee4d46dca4e46bad311687d28c46872af87e79e35b832d1d6f1ff7bf9629a26bcf2e169520784202a40c5572149b6750992eedc8c58b7472da69da3c5c93855f4578d14955ffe7b6547ff633de6a82588eda45aabf7e4b2bde2a7a6098c978fe06a293ce2ac6755712e27fcfc29291e538bc39574f71dcb8fd9a373c0f7e4c6a82fb3ae3b05d0c3ed2bd09950a6dc3bf06587aab2ac3e899141f40fd86fc0139c4a2d26dac6bfbc784c92e3164d5d6afb3b387f417caaef7f8b15e323d066a02a524e997ebc302f5985d19caec412ce9447397609bfb656fcdcd102cb940eb8d4371594f77e27c0defbbdb4699a0eca4c27670cb1279c34f51efc1c1a355bb103a7ff6ccf09cb88affeec2ea3c1afbf20a1ea8b3089fb3e490328a80bc4288239b69148c610a73da6ccf65e49685fb5b1a3bbd5ba74ad754a1d7c06ba75b3d8e5cd512f3ad799084b1f4eccb6738c2ef4e5ca1bd4c11f0e5d7ab375edad4f5b2f8a128236931eea0ee5031ca825f5aa86bd8234796a6dd0fce8a3e2d4328000bb1e965d856adee87435006a6d26135040c257adfdfda6724cc048416dfe7e90c63588f803ede5a860e8451c3a0fe5ebaf0a957159ab456a33375a9985da14e00b83cf5f38c38272723c5f54da126247463450adcfd06226e5662d77a71de5bbc55908b8df93afb65946fa8e391072c387be28db9945336b70adb9bbc5863797dbdae736cdab6855ee1ac5d63c3b6a80522ec31235f941012bd69c81a590cbeaf1f671808059e812a37ac5bb9e180ef33d0c928d117baf5f326b3fea71bb0fdad3549f698480d49d870f5d4e9ad1492a808bc29f00cd52b1ed4878251506637b12c853946a1a7cf320c5f7dc39551ffee31628473b6965f5dc0e60fc7f424cb29c6827d53cfe8a9711c23fc52b8ba88a92a9fa22b63cb20c8e11d9c534a57b08a8cdd6ed0cfb790bb94b2385271623077d6a8f34efe79fa38a078f4ea9d19fc555d947781dc100b6985b3356c2aef8686bce184357558f114c16af1f4bbed90a76fae38bb39f934f52b6ff7d1e8358d5214c03ba651d1d40f74e55d3fdfa240f0eb5e503a25802abb70390cf0823f032d2135a29b3789ae7e004fee9a6a2dc94d3a1c842ce66299a87fc724a45b75f60322a6d7b3f37afe5ee747d9050acd1e32b53a18a0c393c8e5bf01fa98480865c023b60519121b5c9bc842b7784f5834dd180f891a9cb5501b0d9771be6c5c6841cfd54831d6558c5f6496e03a062d858b5755eee58e2a60bc1d26ca964def8fe55583de249e973d5b48dc9f93adf638e57e4d935fa4f44fd2bdcde9039c0d370ee72e9aaae2c0ad6866dc01033767152928fedc6c80ed2ae888d2438749f7c2583d70dc1e28b92fd9e3c3e088943afb386022b9dad353e04474c811c465e0f19cccea7e1895912df0f9bf76c7c9d141f0aaa4507a84bc57d283c6b8fe2e2e5d419a4273faee7c335e3119c16a91d03fbb5a17292ed35ea0c244058d8fc09e922c9244e9813318d0e00b47419682a7324b93be34c0eefed082be903b7a1c27059a2532e3acf3fa4ac3b14abe42fbc176236ea712efcfa77a4e4815a68b3ef76d57c95922e8aeacd80d84c5b1cacb2b0b77b8e7dd5dd0678fc3fbb", 0x558}], 0x1}}], 0x1, 0x0) ptrace$pokeuser(0x6, 0x0, 0x7, 0x6) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 2.518660183s ago: executing program 3 (id=1640): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000000000140003006261746164765f736c6176655f31000018003480140035"], 0x4c}}, 0x0) 2.404113853s ago: executing program 2 (id=1641): r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_GET_TIMEOUT(r0, 0x2202, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r4, 0x29, 0xd1, &(0x7f0000000000)=0x5, 0x4) getsockopt$inet6_int(r4, 0x29, 0xd0, 0x0, &(0x7f0000000140)) 2.35222484s ago: executing program 3 (id=1642): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c) r1 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="e000000010000905000000000000000008004300ff0300002f67e2171ef9582248fda90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27d0000d57ef9b7bf852c8986626691b01b5f44f4ce28712c28"], 0xe0}], 0x1}, 0x0) 1.199627522s ago: executing program 3 (id=1643): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000480)={[{@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@shortname_win95}, {@numtail}, {@uni_xlateno}, {@utf8no}, {@uni_xlate}, {@fat=@uid}, {@fat=@check_strict}, {@uni_xlate}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@fat=@codepage={'codepage', 0x3d, '1251'}}, {@shortname_lower}, {@utf8}, {@fat=@dmask={'dmask', 0x3d, 0x40}}, {@uni_xlateno}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@shortname_lower}, {@nonumtail}, {@shortname_winnt}, {@rodir}, {@utf8no}, {@nonumtail}, {@shortname_lower}, {@shortname_mixed}, {@utf8}], [{@pcr={'pcr', 0x3d, 0x3}}, {@pcr={'pcr', 0x3d, 0x10}}]}, 0x6, 0x2d3, &(0x7f0000000a40)="$eJzs3b1rJGUYAPBnNrMfarFbWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2ES4Q8QPXq8TOxtK/QBD8Q2zsLAVbwc4IgZGZncl+ZNhsJBvx8vsVyZuZ55n3ed+ZJNPkyQcvTw4fZvH46Re/Ra+XRGvYjThJYhCtqH0VS4bfBgDwf3aS5/FnPtNw+tdv1uT2tlgXALA9F/z+r6TlxwdFxE/XVxsAsB33H7z79t7+/t13sqwX9yZfH4+SiCg+z87vPY6PYhyP4nb04zSifFFoR/m2UAzv5Xk+TbPCIF6bTI9HRebk/Z+r6+/9EVHm70Y/BuWhs7eNMv+t/bu72cxC/rSo4/lq/mGRfyf68eJZ8lL+nYb8GHXi9VcX6r8V/fjlw/g4xvGwLGKe/+Vulr2Zf/fX5+8V5RX5yfR41C3j5vKdevLpNd8jAAAAAAAAAAAAAAAAAAAAAACePbeq3jndKPv3FIeq/js7p8UX7chqg+X+PLP8pL7QvD9QtPI8n+bxfd1f53aWZXkVOM9P46W0aiwIAAAAAAAAAAAAAAAAAAAAN9zRp58dHozHj55cyaDuBpBGxN/3I/7tdYYLR16J9cHdas6D8bhVDZdj0sUjsVPHJBFryygWcUXbctHguXM1V4MffmzMKlZ0lEbTqd7Fk7ab57rk4JP2bB8bY+qn6/Agad7D7lnxveLGxeqN60Tz7O1YOdKp7+dqcP0obracTuOp/qW3pfNCOZiuiYlk3ffFG78vLSeJleBO2XGjMb1dDZp2Y/ZsbPQ8R2+Wfv5nRaJbBwAAAAAAAAAAAAAAAAAAbNX8r38bTj5dm9rKu1srCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1fz//28ySJeTN8jqxJOj/2ptAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Bz/BAAA//8a6VGq") socket$rds(0x15, 0x5, 0x0) r0 = getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) write$binfmt_elf64(r1, 0x0, 0xfd14) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0xb, 0x7, 0x2, "d1f2a8f1041e2519be38ef324aea9d45120728d3864d1dfe07d86e9f002d115a", 0x30385056}) sched_setscheduler(0x0, 0x0, &(0x7f0000000300)=0x7) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) landlock_restrict_self(0xffffffffffffffff, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000bb, &(0x7f0000000300)=@framed={{}, [@printk={@llu}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x3, 0x8, 0x8}, 0x10}, 0x90) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r4], 0x4c}}, 0x0) 0s ago: executing program 3 (id=1644): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x0, @val=@tcx}, 0x40) syz_emit_ethernet(0x4e, &(0x7f0000000540)=ANY=[], 0x0) kernel console output (not intermixed with test programs): activated: batadv_slave_0 [ 502.935919][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 502.981073][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 503.018449][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 503.263970][ T52] veth1_macvtap: left promiscuous mode [ 503.290537][ T52] veth0_macvtap: left promiscuous mode [ 503.297022][ T52] veth1_vlan: left promiscuous mode [ 503.302498][ T52] veth0_vlan: left promiscuous mode [ 504.710296][T10184] loop1: detected capacity change from 0 to 8192 [ 505.949386][ T52] team_slave_1 (unregistering): left promiscuous mode [ 505.969154][ T52] team0 (unregistering): Port device team_slave_1 removed [ 506.024340][ T52] team_slave_0 (unregistering): left promiscuous mode [ 506.035115][ T52] team0 (unregistering): Port device team_slave_0 removed [ 506.600875][T10005] team0: Port device team_slave_0 added [ 506.645218][T10189] bond0: (slave tunl0): The slave device specified does not support setting the MAC address [ 506.656312][T10189] bond0: (slave tunl0): Error -95 calling set_mac_address [ 506.778226][ T9764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.805151][T10203] loop1: detected capacity change from 0 to 64 [ 506.817385][ T9764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.827230][ T9764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.846002][ T9764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.856164][ T9764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.875005][ T9764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.891140][ T9764] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 506.904351][T10203] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 507.204443][T10005] team0: Port device team_slave_1 added [ 508.791049][ T9764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.827595][ T9764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.848015][ T9764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.867317][ T9764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.877153][ T9764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.917557][ T9764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.944482][ T9764] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 508.970956][ T9764] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.014417][ T9764] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.031628][ T9764] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.057337][ T9764] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.085118][T10005] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 509.122797][T10005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 509.170565][T10223] loop3: detected capacity change from 0 to 8192 [ 509.182496][T10005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 509.236549][T10005] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 509.264910][T10005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 509.305102][T10005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 509.486453][T10005] hsr_slave_0: entered promiscuous mode [ 509.524279][T10005] hsr_slave_1: entered promiscuous mode [ 509.549463][T10005] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 509.557057][T10005] Cannot create hsr debugfs directory [ 510.921261][ T3856] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 510.956649][ T3856] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 511.302448][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 511.331463][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 511.866809][T10262] loop1: detected capacity change from 0 to 64 [ 511.877723][T10262] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 512.059681][T10267] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 512.785060][T10005] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 512.921892][T10005] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 513.033123][T10005] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 513.104161][T10005] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 514.042280][T10005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 514.215937][T10005] 8021q: adding VLAN 0 to HW filter on device team0 [ 514.304852][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state [ 514.312087][ T5149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 514.384881][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state [ 514.392184][ T5149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 515.231470][T10005] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 517.445230][T10005] veth0_vlan: entered promiscuous mode [ 517.536750][T10005] veth1_vlan: entered promiscuous mode [ 517.706512][T10005] veth0_macvtap: entered promiscuous mode [ 517.726301][T10342] loop2: detected capacity change from 0 to 128 [ 517.791306][T10005] veth1_macvtap: entered promiscuous mode [ 517.855485][T10005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 517.865990][T10005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 517.876059][T10005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 517.886913][T10005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 517.896838][T10005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 517.907569][T10005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 517.943890][T10005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 518.034942][T10005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 518.269311][T10005] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 518.934283][T10005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 519.012488][T10005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 519.059496][T10005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 519.130586][T10005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 519.171168][T10005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 519.209429][T10005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 519.243979][T10005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 519.277314][T10005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 519.314718][T10005] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 519.364900][T10005] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 519.397333][T10005] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 519.432529][T10005] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 519.457381][T10005] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 519.697421][ T3837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 519.738134][ T3837] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 519.864399][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 519.913016][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 520.166153][T10375] loop4: detected capacity change from 0 to 512 [ 520.185623][T10375] EXT4-fs: Ignoring removed nomblk_io_submit option [ 520.250625][T10375] EXT4-fs: Invalid want_extra_isize 9 [ 523.973727][T10414] loop3: detected capacity change from 0 to 128 [ 524.412749][T10422] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 524.754924][T10428] loop0: detected capacity change from 0 to 512 [ 524.792777][T10428] EXT4-fs: Ignoring removed nomblk_io_submit option [ 524.844784][T10428] EXT4-fs: Invalid want_extra_isize 9 [ 526.129127][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 526.140508][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 526.167699][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 526.188457][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 526.362740][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 526.371499][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 527.974408][T10436] chnl_net:caif_netlink_parms(): no params data found [ 528.471090][ T54] Bluetooth: hci2: command tx timeout [ 528.602712][T10436] bridge0: port 1(bridge_slave_0) entered blocking state [ 528.647556][T10436] bridge0: port 1(bridge_slave_0) entered disabled state [ 528.675200][T10436] bridge_slave_0: entered allmulticast mode [ 528.699000][T10436] bridge_slave_0: entered promiscuous mode [ 528.807639][T10436] bridge0: port 2(bridge_slave_1) entered blocking state [ 528.815061][T10436] bridge0: port 2(bridge_slave_1) entered disabled state [ 528.843696][T10436] bridge_slave_1: entered allmulticast mode [ 528.880426][T10436] bridge_slave_1: entered promiscuous mode [ 529.194492][T10436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 529.246753][T10436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 529.748060][T10436] team0: Port device team_slave_0 added [ 529.790986][T10436] team0: Port device team_slave_1 added [ 529.959141][ T3837] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.100928][T10436] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 530.124543][T10436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 530.222676][T10436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 530.308239][T10436] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 530.315311][T10436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 530.343223][T10465] loop4: detected capacity change from 0 to 32768 [ 530.580965][T10436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 530.597393][ T54] Bluetooth: hci2: command tx timeout [ 530.779949][ T3837] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.046143][T10483] loop2: detected capacity change from 0 to 512 [ 531.074864][T10483] EXT4-fs: Ignoring removed nomblk_io_submit option [ 531.113132][T10483] EXT4-fs: Invalid want_extra_isize 9 [ 531.220373][ T3837] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.325123][T10436] hsr_slave_0: entered promiscuous mode [ 531.352269][T10436] hsr_slave_1: entered promiscuous mode [ 531.383597][T10436] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 531.407354][T10436] Cannot create hsr debugfs directory [ 531.460581][ T3837] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.900377][T10492] loop4: detected capacity change from 0 to 128 [ 532.636137][ T54] Bluetooth: hci2: command tx timeout [ 532.654898][ T3837] bridge_slave_1: left allmulticast mode [ 532.668108][ T3837] bridge_slave_1: left promiscuous mode [ 532.714198][ T3837] bridge0: port 2(bridge_slave_1) entered disabled state [ 532.744360][ T3837] bridge_slave_0: left allmulticast mode [ 532.768533][ T3837] bridge_slave_0: left promiscuous mode [ 532.797540][ T3837] bridge0: port 1(bridge_slave_0) entered disabled state [ 533.659884][T10506] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 534.818653][ T54] Bluetooth: hci2: command tx timeout [ 535.098775][ T3837] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 535.141783][ T3837] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 535.164144][ T3837] bond0 (unregistering): Released all slaves [ 535.905346][ T3837] hsr_slave_0: left promiscuous mode [ 535.956095][ T3837] hsr_slave_1: left promiscuous mode [ 535.967902][ T3837] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 535.975359][ T3837] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 536.023691][ T3837] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 536.048166][ T3837] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 536.160429][ T3837] veth1_macvtap: left promiscuous mode [ 536.188956][ T3837] veth0_macvtap: left promiscuous mode [ 536.219589][ T3837] veth1_vlan: left promiscuous mode [ 536.243275][ T3837] veth0_vlan: left promiscuous mode [ 536.576465][T10519] loop2: detected capacity change from 0 to 32768 [ 537.694216][T10546] loop3: detected capacity change from 0 to 512 [ 537.726555][T10546] EXT4-fs: Ignoring removed nomblk_io_submit option [ 537.743654][T10546] EXT4-fs: Invalid want_extra_isize 9 [ 538.884924][ T3837] team0 (unregistering): Port device team_slave_1 removed [ 538.980723][ T3837] team0 (unregistering): Port device team_slave_0 removed [ 539.064061][T10567] loop3: detected capacity change from 0 to 128 [ 541.275990][T10436] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 541.336587][T10436] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 541.379232][T10436] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 541.439510][T10436] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 541.842789][T10576] loop4: detected capacity change from 0 to 32768 [ 542.142940][T10436] 8021q: adding VLAN 0 to HW filter on device bond0 [ 542.469677][T10436] 8021q: adding VLAN 0 to HW filter on device team0 [ 542.589599][ T5104] bridge0: port 1(bridge_slave_0) entered blocking state [ 542.596831][ T5104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 542.698262][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state [ 542.705454][ T5149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 542.935762][T10436] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 542.961769][T10436] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 543.789800][T10613] loop3: detected capacity change from 0 to 512 [ 543.830201][T10613] EXT4-fs: Ignoring removed nomblk_io_submit option [ 543.867146][T10613] EXT4-fs: Invalid want_extra_isize 9 [ 543.890346][ T5104] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 544.071119][T10436] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 544.127468][ T5104] usb 1-1: Using ep0 maxpacket: 8 [ 544.156016][ T5104] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 544.195249][ T5104] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 544.236572][ T5104] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 544.289065][T10436] veth0_vlan: entered promiscuous mode [ 544.294745][ T5104] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 544.312965][ T5104] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 544.329846][T10436] veth1_vlan: entered promiscuous mode [ 544.346916][ T5104] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 544.366845][ T5104] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 544.414162][T10436] veth0_macvtap: entered promiscuous mode [ 544.431739][T10436] veth1_macvtap: entered promiscuous mode [ 544.485548][T10436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.537372][T10436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.547242][T10436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.597471][T10436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.635410][T10436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.665402][ T5104] usb 1-1: GET_CAPABILITIES returned 0 [ 544.667321][T10436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.681539][ T5104] usbtmc 1-1:16.0: can't read capabilities [ 544.697614][T10436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.737439][T10436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.749309][T10436] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 544.787034][T10436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 544.815890][T10436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.826927][T10436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 544.838924][T10436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.849134][T10436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 544.893739][T10436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.937669][T10436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 544.984625][T10436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 545.031700][T10436] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 545.075269][T10436] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 545.137172][T10436] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 545.175957][T10436] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 545.205317][T10436] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 545.979339][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 546.031583][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 546.112110][ T3837] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 546.147753][ T3837] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 546.254706][T10635] loop2: detected capacity change from 0 to 128 [ 546.441215][ T47] usb 1-1: USB disconnect, device number 8 [ 546.709748][T10642] loop0: detected capacity change from 0 to 4096 [ 546.746267][T10642] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 546.849826][T10642] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 546.876525][T10642] ntfs3: loop0: Failed to load $Extend (-22). [ 546.905282][T10642] ntfs3: loop0: Failed to initialize $Extend. [ 547.552443][T10633] loop3: detected capacity change from 0 to 32768 [ 549.447231][T10662] loop2: detected capacity change from 0 to 512 [ 549.638239][T10662] EXT4-fs: Ignoring removed nomblk_io_submit option [ 549.697640][T10662] EXT4-fs: Invalid want_extra_isize 9 [ 550.167192][T10671] loop3: detected capacity change from 0 to 256 [ 550.871868][T10677] loop3: detected capacity change from 0 to 4096 [ 550.917423][T10677] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 551.097549][T10677] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 551.118409][T10677] ntfs3: loop3: Failed to load $Extend (-22). [ 551.124547][T10677] ntfs3: loop3: Failed to initialize $Extend. [ 552.035877][T10694] loop1: detected capacity change from 0 to 128 [ 553.352998][T10703] usb usb8: usbfs: process 10703 (syz.0.1244) did not claim interface 0 before use [ 553.742678][T10692] loop3: detected capacity change from 0 to 32768 [ 554.785200][T10714] loop2: detected capacity change from 0 to 4096 [ 554.837759][T10714] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 554.932867][T10714] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 555.041135][T10714] ntfs3: loop2: Failed to load $Extend (-22). [ 555.060876][T10714] ntfs3: loop2: Failed to initialize $Extend. [ 555.111923][T10714] ntfs3: loop2: ino=21, The size of extended attributes must not exceed 64KiB [ 555.249059][T10714] ntfs3: loop2: ino=21, The size of extended attributes must not exceed 64KiB [ 555.657472][ T6481] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 555.897490][ T6481] usb 5-1: Using ep0 maxpacket: 8 [ 555.922838][ T6481] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 555.971406][ T6481] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 556.007487][ T6481] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 556.063407][ T6481] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 556.122052][ T6481] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 556.176470][ T6481] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 556.217219][ T6481] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 556.457546][ T6481] usb 5-1: GET_CAPABILITIES returned 0 [ 556.483545][ T6481] usbtmc 5-1:16.0: can't read capabilities [ 557.557150][ T5104] usb 5-1: USB disconnect, device number 5 [ 558.068332][T10757] loop4: detected capacity change from 0 to 128 [ 563.279486][T10820] netlink: 'syz.4.1286': attribute type 29 has an invalid length. [ 563.287402][T10820] netlink: 'syz.4.1286': attribute type 3 has an invalid length. [ 563.295134][T10820] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1286'. [ 563.320279][T10829] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1284'. [ 563.531170][T10820] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nullb0": -EINTR [ 563.806951][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.837917][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.933680][T10837] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 564.363784][ T6481] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 564.571558][ T6481] usb 2-1: Using ep0 maxpacket: 8 [ 564.589028][ T6481] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 564.607492][ T6481] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 564.623771][ T6481] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 564.637641][ T6481] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 564.649608][ T6481] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 564.663919][ T6481] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 564.673484][ T6481] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 565.483613][ T6481] usb 2-1: usb_control_msg returned -71 [ 565.489573][ T6481] usbtmc 2-1:16.0: can't read capabilities [ 565.505120][ T6481] usb 2-1: USB disconnect, device number 6 [ 565.639039][T10861] loop1: detected capacity change from 0 to 128 [ 567.618811][T10879] netlink: 288 bytes leftover after parsing attributes in process `syz.0.1299'. [ 569.636700][T10897] loop3: detected capacity change from 0 to 64 [ 569.672284][T10897] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 570.067521][ T5150] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 570.627692][ T5150] usb 2-1: Using ep0 maxpacket: 8 [ 570.636866][ T5150] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 570.654431][ T5150] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 570.677346][ T5150] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 570.693374][ T5150] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 570.705443][ T5150] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 570.737420][ T5150] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 570.747025][ T5150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 571.514002][T10917] bond0: (slave tunl0): The slave device specified does not support setting the MAC address [ 571.526470][T10917] bond0: (slave tunl0): Error -95 calling set_mac_address [ 572.255981][ T5150] usb 2-1: usb_control_msg returned -71 [ 572.273692][ T5150] usbtmc 2-1:16.0: can't read capabilities [ 572.357898][ T5150] usb 2-1: USB disconnect, device number 7 [ 576.187473][ T927] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 576.496154][ T5104] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 577.520524][T10948] loop3: detected capacity change from 0 to 32768 [ 577.538490][ T927] usb 1-1: config 0 has no interfaces? [ 577.548345][ T927] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 577.567344][ T5104] usb 3-1: Using ep0 maxpacket: 8 [ 577.572796][ T927] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.584851][ T5104] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 577.597337][ T927] usb 1-1: Product: syz [ 577.601939][ T927] usb 1-1: Manufacturer: syz [ 577.606570][ T927] usb 1-1: SerialNumber: syz [ 577.724650][T10948] workqueue: Failed to create a rescuer kthread for wq "xfs-inodegc/loop3": -EINTR [ 578.319517][ T5104] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 578.350827][ T5104] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 578.364493][ T927] usb 1-1: config 0 descriptor?? [ 578.369610][ T5104] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 578.397326][ T5104] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 578.421392][ T5104] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 578.430981][ T5104] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 578.453320][T10980] loop1: detected capacity change from 0 to 64 [ 578.480773][T10980] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 578.802629][T10971] loop4: detected capacity change from 0 to 32768 [ 578.844784][T10971] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 578.978174][T10971] XFS (loop4): Ending clean mount [ 579.016371][ T2929] usb 1-1: USB disconnect, device number 9 [ 579.058140][T10971] XFS (loop4): Quotacheck needed: Please wait. [ 579.204424][T10971] XFS (loop4): Quotacheck: Done. [ 579.208515][ T5104] usb 3-1: usb_control_msg returned -71 [ 579.230240][ T5104] usbtmc 3-1:16.0: can't read capabilities [ 579.313493][ T5104] usb 3-1: USB disconnect, device number 6 [ 579.384706][T10982] loop3: detected capacity change from 0 to 32768 [ 579.418619][T10982] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1328 (10982) [ 579.477734][T10005] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 579.665770][T10982] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 579.684598][T10982] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 579.695393][T10982] BTRFS info (device loop3): using free-space-tree [ 580.127655][T11016] netlink: 'syz.0.1331': attribute type 10 has an invalid length. [ 580.193872][T11016] batman_adv: batadv0: Adding interface: team0 [ 580.218301][T11016] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 580.257833][T11016] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 580.338519][T11017] netlink: 'syz.0.1331': attribute type 10 has an invalid length. [ 580.368098][T11016] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1331'. [ 580.397615][T11017] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1331'. [ 580.406648][T11017] team0: entered promiscuous mode [ 580.414133][ T7547] BTRFS info (device loop3): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 580.449143][T11016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1331'. [ 580.467647][T11017] team_slave_0: entered promiscuous mode [ 580.484636][T11017] team_slave_1: entered promiscuous mode [ 580.505211][T11017] 8021q: adding VLAN 0 to HW filter on device team0 [ 580.532578][T11017] batman_adv: batadv0: Interface activated: team0 [ 580.557392][T11017] batman_adv: batadv0: Interface deactivated: team0 [ 580.580533][T11017] batman_adv: batadv0: Removing interface: team0 [ 580.642821][T11017] bridge0: port 3(team0) entered blocking state [ 580.675439][T11017] bridge0: port 3(team0) entered disabled state [ 580.727216][T11017] team0: entered allmulticast mode [ 580.765270][T11017] team_slave_0: entered allmulticast mode [ 580.831664][T11017] team_slave_1: entered allmulticast mode [ 580.863219][T11017] bridge0: port 3(team0) entered blocking state [ 580.869649][T11017] bridge0: port 3(team0) entered forwarding state [ 582.345035][T11039] loop1: detected capacity change from 0 to 4096 [ 583.266594][ T29] audit: type=1326 audit(1720191963.787:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11051 comm="syz.3.1340" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc432f75bd9 code=0x0 [ 583.859896][T11040] loop2: detected capacity change from 0 to 32768 [ 583.925652][T11040] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1334 (11040) [ 584.340564][T11040] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 584.367780][T11040] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 584.368111][T11065] netlink: 'syz.3.1342': attribute type 1 has an invalid length. [ 584.396968][T11040] BTRFS info (device loop2): using free-space-tree [ 584.514205][T11068] netlink: 'syz.1.1343': attribute type 10 has an invalid length. [ 584.728069][T11068] batman_adv: batadv0: Adding interface: team0 [ 584.734290][T11068] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 584.759394][ C1] vkms_vblank_simulate: vblank timer overrun [ 584.916510][T11068] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 584.963324][T11091] netlink: 'syz.1.1343': attribute type 10 has an invalid length. [ 584.993401][T11048] loop4: detected capacity change from 0 to 32768 [ 585.111921][T11091] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1343'. [ 585.537905][T11091] team0: entered promiscuous mode [ 585.567000][T11048] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 585.589815][T11068] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1343'. [ 585.600828][T11091] team_slave_0: entered promiscuous mode [ 585.606704][T11091] team_slave_1: entered promiscuous mode [ 585.630552][T11091] 8021q: adding VLAN 0 to HW filter on device team0 [ 585.651988][T11040] BTRFS error (device loop2): open_ctree failed [ 585.656800][T11068] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1343'. [ 585.659093][T11091] batman_adv: batadv0: Interface activated: team0 [ 585.679392][T11091] batman_adv: batadv0: Interface deactivated: team0 [ 585.686072][T11091] batman_adv: batadv0: Removing interface: team0 [ 585.719875][T11091] bridge0: port 3(team0) entered blocking state [ 585.734319][T11091] bridge0: port 3(team0) entered disabled state [ 585.781464][T11091] team0: entered allmulticast mode [ 585.800783][T11091] team_slave_0: entered allmulticast mode [ 585.806605][T11091] team_slave_1: entered allmulticast mode [ 585.809666][T11048] XFS (loop4): Ending clean mount [ 585.819540][T11091] bridge0: port 3(team0) entered blocking state [ 585.826028][T11091] bridge0: port 3(team0) entered forwarding state [ 585.880942][T11048] XFS (loop4): Quotacheck needed: Please wait. [ 585.890992][T11092] bond0: (slave tunl0): The slave device specified does not support setting the MAC address [ 585.902111][T11092] bond0: (slave tunl0): Error -95 calling set_mac_address [ 586.134041][T11048] XFS (loop4): Quotacheck: Done. [ 586.224498][T10005] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 588.536708][T11135] loop1: detected capacity change from 0 to 4096 [ 590.310650][T11147] loop4: detected capacity change from 0 to 32768 [ 590.615635][ T29] audit: type=1804 audit(1720191971.127:38): pid=11147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1358" name="/newroot/39/file0/bus" dev="loop4" ino=7 res=1 errno=0 [ 591.014001][ T29] audit: type=1804 audit(1720191971.247:39): pid=11169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1358" name="/newroot/39/file0/bus" dev="loop4" ino=7 res=1 errno=0 [ 591.152023][ T29] audit: type=1804 audit(1720191971.437:40): pid=11169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1358" name="/newroot/39/file0/bus" dev="loop4" ino=7 res=1 errno=0 [ 591.246917][ T29] audit: type=1804 audit(1720191971.737:41): pid=11172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1358" name="/newroot/39/file0/bus" dev="loop4" ino=7 res=1 errno=0 [ 592.370822][T11189] 9pnet_fd: Insufficient options for proto=fd [ 592.761836][ T5104] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 592.836068][T11193] loop2: detected capacity change from 0 to 4096 [ 592.992241][ T5104] usb 2-1: Using ep0 maxpacket: 32 [ 593.014214][ T5104] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 593.030851][ T5104] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 593.049568][ T5104] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 593.067330][ T5104] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 593.086777][ T5104] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 593.107512][ T5104] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 593.143660][ T5104] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 593.177361][ T5104] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.211317][ T5104] usb 2-1: config 0 descriptor?? [ 593.532589][ T5104] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 593.547874][ T5104] usb 2-1: USB disconnect, device number 8 [ 593.579032][ T5104] usblp0: removed [ 594.068159][ T5104] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 594.287327][ T5104] usb 2-1: Using ep0 maxpacket: 32 [ 594.299145][ T5104] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 594.317320][ T5104] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 594.326039][ T5104] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 594.366973][ T5104] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 594.399588][ T5104] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 594.434372][ T5104] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 594.515577][ T5104] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 594.573090][ T5104] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 594.687980][ T5104] usb 2-1: config 0 descriptor?? [ 595.169474][ T5104] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 595.547589][ T2929] usb 2-1: USB disconnect, device number 9 [ 595.789466][T11190] usblp0: removed [ 595.809210][T11232] 9pnet_fd: Insufficient options for proto=fd [ 596.318504][T11221] loop4: detected capacity change from 0 to 32768 [ 596.507856][ T29] audit: type=1804 audit(1720191977.017:42): pid=11221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1377" name="/newroot/41/file0/bus" dev="loop4" ino=7 res=1 errno=0 [ 596.570198][ T29] audit: type=1804 audit(1720191977.027:43): pid=11221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1377" name="/newroot/41/file0/bus" dev="loop4" ino=7 res=1 errno=0 [ 596.591032][ C0] vkms_vblank_simulate: vblank timer overrun [ 596.607446][ T29] audit: type=1804 audit(1720191977.117:44): pid=11241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1377" name="/newroot/41/file0/bus" dev="loop4" ino=7 res=1 errno=0 [ 596.728017][ T29] audit: type=1804 audit(1720191977.247:45): pid=11244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1377" name="/newroot/41/file0/bus" dev="loop4" ino=7 res=1 errno=0 [ 599.267781][T11272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1392'. [ 599.305032][T11275] 9pnet_fd: Insufficient options for proto=fd [ 599.967362][ T2929] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 600.167402][ T2929] usb 1-1: Using ep0 maxpacket: 32 [ 600.183647][ T2929] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 600.199702][ T2929] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 600.243972][ T2929] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 600.263483][ T2929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 600.287396][ T2929] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 600.308148][ T2929] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 600.323740][ T2929] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 600.350896][ T2929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 600.368152][ T47] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 600.388381][ T2929] usb 1-1: config 0 descriptor?? [ 600.701450][T11304] 9pnet_fd: Insufficient options for proto=fd [ 600.844663][ T2929] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 600.870067][ T47] usb 2-1: config 0 has an invalid interface number: 226 but max is 0 [ 600.882820][ T2929] usb 1-1: USB disconnect, device number 10 [ 601.622663][ T47] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 601.648302][ T2929] usblp0: removed [ 601.653568][ T47] usb 2-1: config 0 has no interface number 0 [ 601.660701][ T47] usb 2-1: config 0 interface 226 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 6 [ 601.694167][ T47] usb 2-1: New USB device found, idVendor=07a6, idProduct=8511, bcdDevice=21.76 [ 601.707766][ T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 601.715815][ T47] usb 2-1: Product: syz [ 601.720888][ T47] usb 2-1: Manufacturer: syz [ 601.726089][ T47] usb 2-1: SerialNumber: syz [ 601.748855][ T47] usb 2-1: config 0 descriptor?? [ 602.107562][ T47] pegasus 2-1:0.226: probe with driver pegasus failed with error -71 [ 602.120540][ T47] usb 2-1: USB disconnect, device number 10 [ 602.288442][ T6558] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 602.357538][ T2929] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 602.477566][ T6558] usb 3-1: Using ep0 maxpacket: 16 [ 602.495357][ T6558] usb 3-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4 [ 602.521605][ T6558] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 602.536298][ T6558] usb 3-1: Product: syz [ 602.545859][ T6558] usb 3-1: Manufacturer: syz [ 602.552056][ T6558] usb 3-1: SerialNumber: syz [ 602.569587][ T6558] usb 3-1: config 0 descriptor?? [ 602.588031][ T6558] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 602.917458][ T927] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 603.125456][ T927] usb 2-1: config 0 has no interfaces? [ 603.144809][ T927] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 603.174448][T11335] 9pnet_fd: Insufficient options for proto=fd [ 603.175511][ T927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 603.224151][ T927] usb 2-1: Product: syz [ 603.240565][ T927] usb 2-1: Manufacturer: syz [ 603.255239][ T927] usb 2-1: SerialNumber: syz [ 603.274922][ T927] usb 2-1: config 0 descriptor?? [ 603.410260][ T6558] gp8psk: FW Version = 224.11.118 (0xe00b76) Build 2221/58/65 [ 603.548733][ T6481] usb 2-1: USB disconnect, device number 11 [ 603.611991][ T6558] gp8psk: FPGA Version = 136 [ 604.037071][T11338] loop0: detected capacity change from 0 to 32768 [ 604.101020][T11338] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 604.334542][ T6558] gp8psk: usb out operation failed. [ 604.444632][ T6558] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22) [ 604.648828][ T6558] dvb_usb_gp8psk 3-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22 [ 604.723208][ T6558] usb 3-1: USB disconnect, device number 7 [ 604.897670][T11338] XFS (loop0): Ending clean mount [ 604.949533][T11338] XFS (loop0): Quotacheck needed: Please wait. [ 605.652680][T11338] XFS (loop0): Quotacheck: Done. [ 606.327283][ C1] sched: RT throttling activated [ 606.517590][ T5198] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 606.525378][ T5149] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 606.565996][T11338] mmap: syz.0.1418 (11338): VmData 54239232 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 606.727421][ T5149] usb 5-1: Using ep0 maxpacket: 32 [ 606.738128][ T5198] usb 4-1: config 0 has an invalid interface number: 226 but max is 0 [ 606.758299][ T5149] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 606.771686][ T5198] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 606.909516][ T5149] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 606.967385][ T5198] usb 4-1: config 0 has no interface number 0 [ 606.974201][ T5149] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 606.991253][ T5198] usb 4-1: config 0 interface 226 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 6 [ 607.027500][ T5149] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 607.077315][ T5198] usb 4-1: New USB device found, idVendor=07a6, idProduct=8511, bcdDevice=21.76 [ 607.094551][ T5149] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 607.114568][ T5198] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.137077][ T5149] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 607.167707][ T5198] usb 4-1: Product: syz [ 607.171908][ T5198] usb 4-1: Manufacturer: syz [ 607.197812][ T5149] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 607.206891][ T5149] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 607.217300][ T5198] usb 4-1: SerialNumber: syz [ 607.322795][ T5198] usb 4-1: config 0 descriptor?? [ 607.329203][ T5149] usb 5-1: config 0 descriptor?? [ 607.534597][ T9764] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 607.555096][ T5198] pegasus 4-1:0.226: probe with driver pegasus failed with error -71 [ 607.800429][ T5149] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 607.817398][ T5198] usb 4-1: USB disconnect, device number 5 [ 607.829018][ T5149] usb 5-1: USB disconnect, device number 6 [ 607.851669][ T8670] udevd[8670]: setting owner of /dev/bus/usb/004/005 to uid=0, gid=0 failed: No such file or directory [ 608.594433][ T5149] usblp0: removed [ 608.894938][T11388] syz.2.1432 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 610.722821][T11408] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1439'. [ 610.926847][T11413] mkiss: ax0: crc mode is auto. [ 611.517436][ T2929] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 612.286142][ T2929] usb 3-1: config 0 has an invalid interface number: 226 but max is 0 [ 612.295787][ T2929] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 612.316227][ T2929] usb 3-1: config 0 has no interface number 0 [ 612.918929][ T5104] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 613.037929][ T2929] usb 3-1: config 0 interface 226 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 6 [ 613.180837][ T2929] usb 3-1: New USB device found, idVendor=07a6, idProduct=8511, bcdDevice=21.76 [ 613.192166][ T2929] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 613.237864][ T5104] usb 4-1: Using ep0 maxpacket: 32 [ 613.262844][ T5104] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 613.308755][ T5104] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 613.366307][ T5104] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 613.412486][ T5104] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 613.424002][T11449] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1453'. [ 613.439978][ T2929] usb 3-1: Product: syz [ 613.444859][ T2929] usb 3-1: Manufacturer: syz [ 613.449712][ T2929] usb 3-1: SerialNumber: syz [ 613.458876][ T2929] usb 3-1: config 0 descriptor?? [ 613.703421][ T5104] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 613.713409][ T5104] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 613.731368][ T5104] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 613.741683][ T5104] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 614.122478][ T5104] usb 4-1: config 0 descriptor?? [ 614.230186][ T2929] pegasus 3-1:0.226: probe with driver pegasus failed with error -71 [ 614.365952][ T2929] usb 3-1: USB disconnect, device number 8 [ 614.429536][ T5104] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 614.484199][ T5104] usb 4-1: USB disconnect, device number 6 [ 614.524443][ T5104] usblp0: removed [ 614.697460][ T6558] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 615.047537][ T5104] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 615.131602][ T6558] usb 5-1: config 0 has no interfaces? [ 615.153001][ T6558] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 615.183270][ T6558] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 615.202344][ T6558] usb 5-1: Product: syz [ 615.206644][ T6558] usb 5-1: Manufacturer: syz [ 615.211429][ T6558] usb 5-1: SerialNumber: syz [ 615.228137][ T6558] usb 5-1: config 0 descriptor?? [ 615.247358][ T5104] usb 4-1: Using ep0 maxpacket: 32 [ 615.263890][ T5104] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 615.285434][ T5104] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 615.310393][T11461] loop2: detected capacity change from 0 to 32768 [ 615.319146][ T5104] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 615.342751][ T5104] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 615.360514][ T5104] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 615.394350][ T5104] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 615.415848][T11461] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 615.416757][ T5104] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 615.441332][ T5104] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 615.459668][T11461] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 615.473380][ T5104] usb 4-1: config 0 descriptor?? [ 615.529023][T11469] loop1: detected capacity change from 0 to 32768 [ 615.754890][T11461] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms [ 615.836975][ T5198] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 615.857035][ T5104] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 615.873387][ T5198] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 615.918076][ T5104] usb 4-1: USB disconnect, device number 7 [ 615.937978][ T5104] usblp0: removed [ 616.108051][ T927] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 616.204230][ T5198] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 330ms [ 616.219676][ T5198] gfs2: fsid=syz:syz.0: jid=0: Done [ 616.228330][T11461] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 616.597425][ T927] usb 1-1: Using ep0 maxpacket: 8 [ 616.689179][ T927] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 616.771867][ T927] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 616.789375][ T927] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 616.802670][ T927] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 616.813245][ T927] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 616.826729][ T927] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 616.852066][ T927] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 617.098259][ T927] usb 1-1: GET_CAPABILITIES returned 0 [ 617.117461][ T927] usbtmc 1-1:16.0: can't read capabilities [ 617.137917][T11487] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1464'. [ 617.444084][ T2929] usb 5-1: USB disconnect, device number 7 [ 617.846466][ T5149] usb 1-1: USB disconnect, device number 12 [ 618.077662][ T6558] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 618.544547][ T6558] usb 4-1: config 0 has an invalid interface number: 226 but max is 0 [ 618.554923][ T6558] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 618.556825][T11505] loop0: detected capacity change from 0 to 64 [ 618.566548][ T6558] usb 4-1: config 0 has no interface number 0 [ 618.578354][ T6558] usb 4-1: config 0 interface 226 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 6 [ 618.603530][ T6558] usb 4-1: New USB device found, idVendor=07a6, idProduct=8511, bcdDevice=21.76 [ 618.623162][ T6558] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 618.632395][ T6558] usb 4-1: Product: syz [ 618.636671][ T6558] usb 4-1: Manufacturer: syz [ 618.641906][ T6558] usb 4-1: SerialNumber: syz [ 618.664522][ T6558] usb 4-1: config 0 descriptor?? [ 618.723162][ T29] audit: type=1800 audit(1720191999.247:46): pid=11505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1472" name="bus" dev="loop0" ino=1 res=0 errno=0 [ 618.749351][T11505] minix_free_block (loop0:2): bit already cleared [ 618.757211][T11505] minix_free_block (loop0:3): bit already cleared [ 618.764530][T11505] minix_free_block (loop0:4): bit already cleared [ 618.909385][ T6558] pegasus 4-1:0.226: probe with driver pegasus failed with error -71 [ 618.946730][T11514] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1475'. [ 618.951886][ T6558] usb 4-1: USB disconnect, device number 8 [ 619.250278][ T927] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 619.397350][ T5149] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 619.469829][ T927] usb 5-1: config 0 has no interfaces? [ 619.499025][ T927] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 619.539963][ T927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 619.576363][ T927] usb 5-1: Product: syz [ 619.598806][ T5149] usb 2-1: Using ep0 maxpacket: 8 [ 619.621607][ T927] usb 5-1: Manufacturer: syz [ 619.631443][ T5149] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 619.687547][ T927] usb 5-1: SerialNumber: syz [ 619.792624][ T5149] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 619.902449][ T927] usb 5-1: config 0 descriptor?? [ 620.019380][ T5149] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 620.147355][ T5149] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 620.206126][ T5149] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 620.272638][ T5149] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 620.341707][ T5149] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.754728][ T5149] usb 2-1: GET_CAPABILITIES returned 0 [ 620.759856][T11546] netlink: 'syz.3.1486': attribute type 3 has an invalid length. [ 620.767300][ T5149] usbtmc 2-1:16.0: can't read capabilities [ 620.775043][T11546] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1486'. [ 620.967364][ T2929] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 621.003613][T11553] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1489'. [ 621.167372][ T2929] usb 1-1: Using ep0 maxpacket: 8 [ 621.175270][ T2929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 621.193466][ T2929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 621.219307][ T2929] usb 1-1: New USB device found, idVendor=054c, idProduct=042f, bcdDevice= 0.00 [ 621.233462][ T2929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.254440][ T2929] usb 1-1: config 0 descriptor?? [ 621.275880][ T2929] usbhid 1-1:0.0: can't add hid device: -22 [ 621.282300][ T2929] usbhid 1-1:0.0: probe with driver usbhid failed with error -22 [ 621.422881][ T5149] usb 2-1: USB disconnect, device number 12 [ 621.483689][T11560] loop1: detected capacity change from 0 to 128 [ 621.949004][ T2929] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 622.408333][ T5149] usb 5-1: USB disconnect, device number 8 [ 622.951184][ T2929] usb 3-1: config 0 has an invalid interface number: 226 but max is 0 [ 622.967317][ T2929] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 622.978920][ T2929] usb 3-1: config 0 has no interface number 0 [ 622.985060][ T2929] usb 3-1: config 0 interface 226 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 6 [ 623.722555][ T2929] usb 3-1: New USB device found, idVendor=07a6, idProduct=8511, bcdDevice=21.76 [ 623.734383][ T2929] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 623.744710][ T2929] usb 3-1: Product: syz [ 623.752301][ T2929] usb 3-1: Manufacturer: syz [ 623.767283][ T2929] usb 3-1: SerialNumber: syz [ 623.794546][ T2929] usb 3-1: config 0 descriptor?? [ 624.121337][ T2929] pegasus 3-1:0.226: probe with driver pegasus failed with error -71 [ 624.166539][T11592] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1500'. [ 624.177892][ T2929] usb 3-1: USB disconnect, device number 9 [ 624.348766][ T29] audit: type=1326 audit(1720192004.867:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.406729][ T29] audit: type=1326 audit(1720192004.867:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.460302][ T29] audit: type=1326 audit(1720192004.867:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.520034][ T29] audit: type=1326 audit(1720192004.867:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.573016][ T29] audit: type=1326 audit(1720192004.877:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.621353][ T29] audit: type=1326 audit(1720192004.877:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.646517][ T29] audit: type=1326 audit(1720192004.877:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.680443][ T29] audit: type=1326 audit(1720192004.877:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.711412][ T927] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 624.722661][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.731311][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.756301][ T29] audit: type=1326 audit(1720192004.877:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.790144][ T29] audit: type=1326 audit(1720192004.877:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11593 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f1bb1575bd9 code=0x7ffc0000 [ 624.865919][T11589] loop1: detected capacity change from 0 to 32768 [ 625.695791][ T927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 625.745242][ T927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 625.762108][ T2929] usb 1-1: USB disconnect, device number 13 [ 625.785891][ T927] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 625.816842][T11603] loop2: detected capacity change from 0 to 128 [ 625.855299][ T927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7 [ 625.890672][T11604] sp0: Synchronizing with TNC [ 625.927807][ T927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 625.981773][ T927] usb 5-1: New USB device found, idVendor=0cf3, idProduct=7010, bcdDevice=92.9f [ 626.018723][ T927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 626.048157][ T927] usb 5-1: Product: syz [ 626.059996][ T927] usb 5-1: Manufacturer: syz [ 626.075388][ T927] usb 5-1: SerialNumber: syz [ 626.113514][ T927] usb 5-1: config 0 descriptor?? [ 626.134402][ T927] usb 5-1: ath9k_htc: Device endpoint numbers are not the expected ones [ 626.396532][ T2929] usb 5-1: USB disconnect, device number 9 [ 628.688016][ T6558] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 629.603863][T11642] loop4: detected capacity change from 0 to 128 [ 629.615515][ T6558] usb 4-1: config 0 has an invalid interface number: 226 but max is 0 [ 629.645291][ T6558] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 629.685909][ T6558] usb 4-1: config 0 has no interface number 0 [ 629.712581][ T6558] usb 4-1: config 0 interface 226 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 6 [ 629.795316][ T6558] usb 4-1: New USB device found, idVendor=07a6, idProduct=8511, bcdDevice=21.76 [ 629.839843][ T6558] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 629.892405][ T6558] usb 4-1: Product: syz [ 629.896624][ T6558] usb 4-1: Manufacturer: syz [ 629.936488][ T6558] usb 4-1: SerialNumber: syz [ 629.963116][ T6558] usb 4-1: config 0 descriptor?? [ 630.182731][ T6558] pegasus 4-1:0.226: probe with driver pegasus failed with error -71 [ 630.213749][T11652] 9pnet_fd: Insufficient options for proto=fd [ 630.251522][ T6558] usb 4-1: USB disconnect, device number 9 [ 630.923478][T11659] syz.3.1523 (11659) used obsolete PPPIOCDETACH ioctl [ 631.071309][T11650] loop2: detected capacity change from 0 to 32768 [ 631.867882][T11665] sp0: Synchronizing with TNC [ 633.850014][T11684] loop1: detected capacity change from 0 to 128 [ 634.012904][T11686] 9pnet_fd: Insufficient options for proto=fd [ 635.157446][ T47] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 635.377589][ T47] usb 2-1: Using ep0 maxpacket: 16 [ 635.402356][ T47] usb 2-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4 [ 635.438994][ T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 635.469645][ T47] usb 2-1: Product: syz [ 635.473855][ T47] usb 2-1: Manufacturer: syz [ 635.614911][ T47] usb 2-1: SerialNumber: syz [ 635.812195][ T47] usb 2-1: config 0 descriptor?? [ 636.047920][ T47] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 636.371535][T11702] raw_sendmsg: syz.3.1537 forgot to set AF_INET. Fix it! [ 636.762775][ T47] gp8psk: FW Version = 224.11.118 (0xe00b76) Build 2221/58/65 [ 636.975044][ T47] gp8psk: FPGA Version = 136 [ 637.365627][T11715] 9pnet_fd: Insufficient options for proto=fd [ 637.380679][ T47] gp8psk: usb out operation failed. [ 637.401135][ T47] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22) [ 637.433771][ T47] dvb_usb_gp8psk 2-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22 [ 637.487158][ T47] usb 2-1: USB disconnect, device number 13 [ 637.668523][T11718] loop3: detected capacity change from 0 to 1764 [ 637.766944][T11718] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 637.797607][T11718] ISOFS: unable to read i-node block [ 637.803009][T11718] isofs_fill_super: get root inode failed [ 640.099015][ T8956] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 640.118398][ T8956] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 640.128924][ T8956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 640.138016][ T8956] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 640.153287][ T8956] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 640.160914][ T8956] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 640.816309][T11755] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1550'. [ 642.095990][T11732] chnl_net:caif_netlink_parms(): no params data found [ 642.228582][ T8956] Bluetooth: hci1: command tx timeout [ 643.120397][T11732] bridge0: port 1(bridge_slave_0) entered blocking state [ 643.184374][T11732] bridge0: port 1(bridge_slave_0) entered disabled state [ 643.192196][T11732] bridge_slave_0: entered allmulticast mode [ 643.200035][T11732] bridge_slave_0: entered promiscuous mode [ 643.233761][T11732] bridge0: port 2(bridge_slave_1) entered blocking state [ 643.248455][T11732] bridge0: port 2(bridge_slave_1) entered disabled state [ 643.255698][T11732] bridge_slave_1: entered allmulticast mode [ 643.306722][T11732] bridge_slave_1: entered promiscuous mode [ 643.690548][T11732] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 644.103111][T11732] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 644.348865][ T8956] Bluetooth: hci1: command tx timeout [ 644.497192][T11732] team0: Port device team_slave_0 added [ 644.643243][T11762] loop3: detected capacity change from 0 to 32768 [ 644.766189][ T3873] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 644.777150][T11762] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/loop3": -EINTR [ 645.406082][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 645.437774][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 645.445558][T11732] team0: Port device team_slave_1 added [ 645.453961][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 645.467319][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 645.478724][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 645.607875][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 645.876154][ T3873] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.110630][ T3873] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.132585][T11732] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 646.146975][T11732] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 646.172948][ C0] vkms_vblank_simulate: vblank timer overrun [ 646.193195][T11732] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 646.266534][ T3873] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.325755][T11732] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 646.345499][T11732] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 646.371534][ C0] vkms_vblank_simulate: vblank timer overrun [ 646.389410][ T54] Bluetooth: hci1: command tx timeout [ 646.513439][T11732] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 646.818510][T11806] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1565'. [ 647.442082][T11732] hsr_slave_0: entered promiscuous mode [ 647.458705][T11732] hsr_slave_1: entered promiscuous mode [ 647.475312][T11732] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 647.489802][T11732] Cannot create hsr debugfs directory [ 647.673999][ T54] Bluetooth: hci5: command tx timeout [ 647.998527][ T3873] team0: left allmulticast mode [ 648.014790][ T3873] team_slave_0: left allmulticast mode [ 648.045629][ T3873] team_slave_1: left allmulticast mode [ 648.059357][ T3873] bridge0: port 3(team0) entered disabled state [ 648.094238][ T3873] bridge_slave_1: left allmulticast mode [ 648.107684][ T3873] bridge_slave_1: left promiscuous mode [ 648.118024][ T3873] bridge0: port 2(bridge_slave_1) entered disabled state [ 648.189833][ T3873] bridge_slave_0: left allmulticast mode [ 648.210540][ T3873] bridge_slave_0: left promiscuous mode [ 648.221543][ T3873] bridge0: port 1(bridge_slave_0) entered disabled state [ 648.484616][ T54] Bluetooth: hci1: command tx timeout [ 649.747491][ T54] Bluetooth: hci5: command tx timeout [ 649.789138][ T3873] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 649.847798][ T3873] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 649.881826][ T3873] bond0 (unregistering): Released all slaves [ 651.449509][T11837] loop3: detected capacity change from 0 to 128 [ 651.808463][ T3873] hsr_slave_0: left promiscuous mode [ 651.827431][ T8956] Bluetooth: hci5: command tx timeout [ 651.897521][ T3873] hsr_slave_1: left promiscuous mode [ 652.022853][T11848] loop1: detected capacity change from 0 to 164 [ 652.146644][ T3873] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 652.332562][ T3873] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 652.395053][ T8956] Bluetooth: hci2: command 0x0406 tx timeout [ 652.514664][ T3873] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 652.570993][ T3873] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 652.826672][ T3873] veth1_macvtap: left promiscuous mode [ 652.877145][ T3873] veth0_macvtap: left promiscuous mode [ 652.916975][ T3873] veth1_vlan: left promiscuous mode [ 652.968351][ T3873] veth0_vlan: left promiscuous mode [ 653.907523][ T54] Bluetooth: hci5: command tx timeout [ 655.074688][ T3873] team_slave_1 (unregistering): left promiscuous mode [ 655.108613][ T3873] team0 (unregistering): Port device team_slave_1 removed [ 655.280907][ T3873] team_slave_0 (unregistering): left promiscuous mode [ 655.301940][ T3873] team0 (unregistering): Port device team_slave_0 removed [ 656.947348][ C1] DEBUG: holding rtnl_mutex for 542 jiffies. [ 656.953438][ C1] task:kworker/u8:10 state:R running task stack:18800 pid:3873 tgid:3873 ppid:2 flags:0x00004000 [ 656.965319][ C1] Workqueue: netns cleanup_net [ 656.970159][ C1] Call Trace: [ 656.973456][ C1] [ 656.976415][ C1] __schedule+0x1800/0x4a60 [ 656.981014][ C1] ? __lock_acquire+0x1359/0x2000 [ 656.986085][ C1] ? validate_chain+0x11e/0x5920 [ 656.991095][ C1] ? __pfx___schedule+0x10/0x10 [ 656.995986][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 657.002033][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 657.008421][ C1] ? preempt_schedule+0xe1/0xf0 [ 657.013297][ C1] preempt_schedule_common+0x84/0xd0 [ 657.018650][ C1] preempt_schedule+0xe1/0xf0 [ 657.023382][ C1] ? __pfx_preempt_schedule+0x10/0x10 [ 657.028823][ C1] ? unwind_next_frame+0x196f/0x2a00 [ 657.034147][ C1] preempt_schedule_thunk+0x1a/0x30 [ 657.039431][ C1] ? unwind_next_frame+0x196f/0x2a00 [ 657.044763][ C1] ? unwind_next_frame+0x1e75/0x2a00 [ 657.050121][ C1] ? unwind_next_frame+0x211f/0x2a00 [ 657.055453][ C1] unwind_next_frame+0x2124/0x2a00 [ 657.060642][ C1] ? process_scheduled_works+0xa2c/0x1830 [ 657.066395][ C1] ? process_scheduled_works+0xa2c/0x1830 [ 657.072174][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 657.078392][ C1] arch_stack_walk+0x151/0x1b0 [ 657.083205][ C1] ? worker_thread+0x86d/0xd40 [ 657.088057][ C1] stack_trace_save+0x118/0x1d0 [ 657.092949][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 657.098391][ C1] ? __lock_acquire+0x1359/0x2000 [ 657.103460][ C1] kasan_save_stack+0x3f/0x60 [ 657.108218][ C1] ? kasan_save_stack+0x3f/0x60 [ 657.113099][ C1] ? __kasan_record_aux_stack+0xac/0xc0 [ 657.118718][ C1] ? kvfree_call_rcu+0xfc/0x790 [ 657.123609][ C1] ? dropmon_net_event+0x192/0x2a0 [ 657.128786][ C1] ? notifier_call_chain+0x19f/0x3e0 [ 657.134106][ C1] ? unregister_netdevice_many_notify+0xdc8/0x1d20 [ 657.140673][ C1] ? default_device_exit_batch+0xa0f/0xa90 [ 657.146534][ C1] ? cleanup_net+0x89d/0xcc0 [ 657.151190][ C1] ? process_scheduled_works+0xa2c/0x1830 [ 657.156989][ C1] ? __phys_addr+0xba/0x170 [ 657.161562][ C1] __kasan_record_aux_stack+0xac/0xc0 [ 657.167054][ C1] ? __pfx_addrconf_ifdown+0x10/0x10 [ 657.172413][ C1] tls_dev_event+0x8f6/0x10b0 [ 657.177242][ C1] ? kernfs_remove_by_name_ns+0x11b/0x160 [ 657.183009][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 657.188993][ C1] ? rcu_is_watching+0x15/0xb0 [ 657.193804][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 657.198480][ C1] ? __qdisc_destroy+0x165/0x410 [ 657.203464][ C1] ? dev_shutdown+0x357/0x440 [ 657.208248][ C1] ? unregister_netdevice_many_notify+0x9c7/0x1d20 [ 657.214821][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 657.221709][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 657.227685][ C1] ? batadv_softif_destroy_netlink+0x1e0/0x270 [ 657.233954][ C1] ? default_device_exit_batch+0xa0f/0xa90 [ 657.239882][ C1] ? __pfx___might_resched+0x10/0x10 [ 657.245233][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 657.251509][ C1] ? cfg802154_pernet_exit+0xc3/0xe0 [ 657.256843][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 657.263117][ C1] ? cleanup_net+0x89d/0xcc0 [ 657.267787][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 657.272776][ C1] ? process_scheduled_works+0x945/0x1830 [ 657.278593][ C1] ? process_scheduled_works+0xa2c/0x1830 [ 657.284410][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 657.290527][ C1] ? assign_work+0x364/0x3d0 [ 657.295178][ C1] ? worker_thread+0x86d/0xd40 [ 657.300050][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 657.305992][ C1] ? __kthread_parkme+0x169/0x1d0 [ 657.311110][ C1] ? __pfx_worker_thread+0x10/0x10 [ 657.316277][ C1] ? kthread+0x2f0/0x390 [ 657.320611][ C1] ? __pfx_worker_thread+0x10/0x10 [ 657.325768][ C1] ? __pfx_kthread+0x10/0x10 [ 657.330459][ C1] ? ret_from_fork+0x4b/0x80 [ 657.335097][ C1] ? __pfx_kthread+0x10/0x10 [ 657.339782][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 657.344803][ C1] [ 657.347907][ C1] DEBUG: waiting rtnl_mutex for 580 jiffies. [ 657.353969][ C1] task:syz-executor state:D stack:21024 pid:11789 tgid:11789 ppid:11773 flags:0x00000000 [ 657.364265][ C1] Call Trace: [ 657.367600][ C1] [ 657.370561][ C1] __schedule+0x1800/0x4a60 [ 657.375143][ C1] ? __pfx___schedule+0x10/0x10 [ 657.380105][ C1] ? __pfx_lock_release+0x10/0x10 [ 657.385168][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 657.390739][ C1] ? schedule+0x90/0x320 [ 657.395027][ C1] schedule+0x14b/0x320 [ 657.399291][ C1] schedule_preempt_disabled+0x13/0x30 [ 657.404817][ C1] __mutex_lock+0x6a4/0xd70 [ 657.409438][ C1] ? __mutex_lock+0x527/0xd70 [ 657.414164][ C1] ? rtnetlink_rcv_msg+0x847/0x1180 [ 657.419459][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 657.424536][ C1] ? get_rtnl_holder+0x144/0x190 [ 657.429583][ C1] rtnetlink_rcv_msg+0x847/0x1180 [ 657.434661][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 657.439966][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 657.445472][ C1] ? is_bpf_text_address+0x285/0x2a0 [ 657.450885][ C1] ? __pfx_validate_chain+0x10/0x10 [ 657.456130][ C1] ? __pfx_validate_chain+0x10/0x10 [ 657.461459][ C1] ? arch_stack_walk+0x16d/0x1b0 [ 657.466449][ C1] ? mark_lock+0x9a/0x360 [ 657.470884][ C1] ? __pfx_validate_chain+0x10/0x10 [ 657.476138][ C1] ? __lock_acquire+0x1359/0x2000 [ 657.481366][ C1] ? mark_lock+0x9a/0x360 [ 657.485745][ C1] ? __lock_acquire+0x1359/0x2000 [ 657.490875][ C1] netlink_rcv_skb+0x1e3/0x430 [ 657.495683][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 657.501255][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 657.506613][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 657.511913][ C1] netlink_unicast+0x7f0/0x990 [ 657.516738][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 657.522131][ C1] ? __virt_addr_valid+0x183/0x530 [ 657.527339][ C1] ? __check_object_size+0x49c/0x900 [ 657.532664][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 657.537895][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 657.542742][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 657.548105][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 657.553085][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 657.558464][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 657.563965][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 657.569316][ C1] __sock_sendmsg+0x221/0x270 [ 657.574055][ C1] __sys_sendto+0x3a4/0x4f0 [ 657.578651][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 657.583726][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 657.589030][ C1] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 657.595250][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 657.601327][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 657.607735][ C1] __x64_sys_sendto+0xde/0x100 [ 657.612536][ C1] do_syscall_64+0xf3/0x230 [ 657.617072][ C1] ? clear_bhb_loop+0x35/0x90 [ 657.621940][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.627968][ C1] RIP: 0033:0x7f6ce337796c [ 657.632418][ C1] RSP: 002b:00007fffbe060480 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 657.640933][ C1] RAX: ffffffffffffffda RBX: 00007f6ce4034620 RCX: 00007f6ce337796c [ 657.649002][ C1] RDX: 000000000000003c RSI: 00007f6ce4034670 RDI: 0000000000000003 [ 657.657098][ C1] RBP: 0000000000000000 R08: 00007fffbe0604d4 R09: 000000000000000c [ 657.665203][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 657.673270][ C1] R13: 0000000000000000 R14: 00007f6ce4034670 R15: 0000000000000000 [ 657.681357][ C1] [ 657.684402][ C1] DEBUG: waiting rtnl_mutex for 611 jiffies. [ 657.690440][ C1] task:syz-executor state:D stack:21024 pid:11732 tgid:11732 ppid:11716 flags:0x00004002 [ 657.700686][ C1] Call Trace: [ 657.704093][ C1] [ 657.707066][ C1] __schedule+0x1800/0x4a60 [ 657.711710][ C1] ? __pfx___schedule+0x10/0x10 [ 657.716611][ C1] ? __pfx_lock_release+0x10/0x10 [ 657.721745][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 657.727295][ C1] ? schedule+0x90/0x320 [ 657.731587][ C1] schedule+0x14b/0x320 [ 657.735795][ C1] schedule_preempt_disabled+0x13/0x30 [ 657.741357][ C1] __mutex_lock+0x6a4/0xd70 [ 657.745922][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 657.751210][ C1] ? __mutex_lock+0x527/0xd70 [ 657.755936][ C1] ? nsim_destroy+0x71/0x5c0 [ 657.760633][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 657.765705][ C1] ? __pfx_mntput_no_expire+0x10/0x10 [ 657.771191][ C1] ? get_rtnl_holder+0x144/0x190 [ 657.776182][ C1] nsim_destroy+0x71/0x5c0 [ 657.780721][ C1] __nsim_dev_port_del+0x14b/0x1b0 [ 657.785903][ C1] nsim_dev_reload_destroy+0x28a/0x490 [ 657.791472][ C1] ? __pfx_nsim_bus_remove+0x10/0x10 [ 657.796809][ C1] nsim_drv_remove+0x58/0x160 [ 657.801597][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 657.807759][ C1] bus_remove_device+0x34f/0x420 [ 657.812759][ C1] device_del+0x57a/0x9b0 [ 657.817146][ C1] ? __pfx_device_del+0x10/0x10 [ 657.822122][ C1] device_unregister+0x20/0xc0 [ 657.826931][ C1] del_device_store+0x363/0x480 [ 657.831902][ C1] ? __pfx_del_device_store+0x10/0x10 [ 657.837363][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 657.842262][ C1] ? bus_attr_store+0x4f/0xa0 [ 657.846982][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 657.852291][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 657.857669][ C1] vfs_write+0xa72/0xc90 [ 657.861954][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 657.867858][ C1] ? __pfx_vfs_write+0x10/0x10 [ 657.872678][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 657.877985][ C1] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 657.884112][ C1] ksys_write+0x1a0/0x2c0 [ 657.888533][ C1] ? __pfx_ksys_write+0x10/0x10 [ 657.893423][ C1] ? do_syscall_64+0x100/0x230 [ 657.898373][ C1] ? do_syscall_64+0xb6/0x230 [ 657.903088][ C1] do_syscall_64+0xf3/0x230 [ 657.907684][ C1] ? clear_bhb_loop+0x35/0x90 [ 657.912408][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.918378][ C1] RIP: 0033:0x7fb5a577475f [ 657.922828][ C1] RSP: 002b:00007fff61b3e190 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 657.931340][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb5a577475f [ 657.939382][ C1] RDX: 0000000000000001 RSI: 00007fff61b3e1e0 RDI: 0000000000000005 [ 657.947442][ C1] RBP: 00007fb5a57e45a0 R08: 0000000000000000 R09: 00007fff61b3dfe7 [ 657.955447][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 657.963529][ C1] R13: 00007fff61b3e1e0 R14: 00007fb5a6434620 R15: 0000000000000003 [ 657.971602][ C1] [ 657.974650][ C1] [ 657.974650][ C1] Showing all locks held in the system: [ 657.982445][ C1] 3 locks held by kworker/1:1/47: [ 657.987545][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 657.998660][ C1] #1: ffffc90000b77d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 658.009752][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 658.018885][ C1] 5 locks held by kworker/u8:10/3873: [ 658.024302][ C1] #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 658.035335][ C1] #1: ffffc9000b647d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 658.046006][ C1] #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 658.055578][ C1] #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 658.065731][ C1] #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 658.076924][ C1] 1 lock held by dhcpcd/4761: [ 658.081700][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1bc0 [ 658.090957][ C1] 2 locks held by getty/4850: [ 658.095661][ C1] #0: ffff88802a4fd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 658.105613][ C1] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 658.115866][ C1] 3 locks held by kworker/1:7/6558: [ 658.121153][ C1] 1 lock held by syz.4.1527/11676: [ 658.126299][ C1] 7 locks held by syz-executor/11732: [ 658.131776][ C1] #0: ffff88807f096420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 658.140809][ C1] #1: ffff88807bbe5488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 658.150709][ C1] #2: ffff8880227922d8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 658.160858][ C1] #3: ffffffff8ef05248 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 658.171273][ C1] #4: ffff888067b0c0e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 658.181951][ C1] #5: ffff888067b0d250 (&devlink->lock_key#16){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 658.192209][ C1] #6: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 658.201227][ C1] 1 lock held by syz-executor/11789: [ 658.206539][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 658.216275][ C1] 2 locks held by syz.3.1576/11858: [ 658.221549][ C1] #0: ffffffff8f668fb0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 658.229860][ C1] #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 658.239211][ C1] 2 locks held by syz.2.1581/11877: [ 658.244442][ C1] #0: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 658.254674][ C1] #1: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 658.264639][ C1] 2 locks held by syz.1.1582/11882: [ 658.269915][ C1] #0: ffff88807e2dceb8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x32/0x100 [ 658.280766][ C1] #1: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 658.291800][ C1] [ 658.294153][ C1] ============================================= [ 658.294153][ C1] [ 658.777477][ T6558] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 659.097301][ T6558] usb 3-1: Using ep0 maxpacket: 8 [ 659.110007][ T6558] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 659.127346][ T6558] usb 3-1: config 0 has no interface number 0 [ 659.133497][ T6558] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0xFE has invalid wMaxPacketSize 0 [ 659.150008][ T6558] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 659.179404][ T6558] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 659.208999][ T6558] usb 3-1: config 0 descriptor?? [ 659.228330][ T6558] iowarrior 3-1:0.1: no interrupt-in endpoint found [ 659.347271][ C1] DEBUG: waiting rtnl_mutex for 654 jiffies. [ 659.353353][ C1] task:kworker/1:1 state:D stack:21232 pid:47 tgid:47 ppid:2 flags:0x00004000 [ 659.363640][ C1] Workqueue: events linkwatch_event [ 659.368926][ C1] Call Trace: [ 659.372232][ C1] [ 659.375193][ C1] __schedule+0x1800/0x4a60 [ 659.379805][ C1] ? __pfx___schedule+0x10/0x10 [ 659.384698][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 659.390753][ C1] ? __pfx_lock_release+0x10/0x10 [ 659.395822][ C1] ? kick_pool+0x1bd/0x620 [ 659.400336][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 659.405583][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 659.410894][ C1] ? schedule+0x90/0x320 [ 659.415176][ C1] schedule+0x14b/0x320 [ 659.419397][ C1] schedule_preempt_disabled+0x13/0x30 [ 659.424887][ C1] __mutex_lock+0x6a4/0xd70 [ 659.429476][ C1] ? __mutex_lock+0x527/0xd70 [ 659.434202][ C1] ? linkwatch_event+0xe/0x60 [ 659.438985][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 659.444072][ C1] ? get_rtnl_holder+0x144/0x190 [ 659.449107][ C1] ? process_scheduled_works+0x945/0x1830 [ 659.454871][ C1] linkwatch_event+0xe/0x60 [ 659.459467][ C1] process_scheduled_works+0xa2c/0x1830 [ 659.465104][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 659.471206][ C1] ? assign_work+0x364/0x3d0 [ 659.475859][ C1] worker_thread+0x86d/0xd40 [ 659.480562][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 659.486521][ C1] ? __kthread_parkme+0x169/0x1d0 [ 659.491644][ C1] ? __pfx_worker_thread+0x10/0x10 [ 659.496793][ C1] kthread+0x2f0/0x390 [ 659.500963][ C1] ? __pfx_worker_thread+0x10/0x10 [ 659.506138][ C1] ? __pfx_kthread+0x10/0x10 [ 659.510825][ C1] ret_from_fork+0x4b/0x80 [ 659.515277][ C1] ? __pfx_kthread+0x10/0x10 [ 659.519999][ C1] ret_from_fork_asm+0x1a/0x30 [ 659.524834][ C1] [ 659.527936][ C1] DEBUG: waiting rtnl_mutex for 646 jiffies. [ 659.533943][ C1] task:syz.3.1576 state:D stack:27056 pid:11858 tgid:11851 ppid:7547 flags:0x00000004 [ 659.544227][ C1] Call Trace: [ 659.547586][ C1] [ 659.550563][ C1] __schedule+0x1800/0x4a60 [ 659.555140][ C1] ? __pfx___schedule+0x10/0x10 [ 659.560090][ C1] ? __pfx_lock_release+0x10/0x10 [ 659.565163][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 659.570736][ C1] ? schedule+0x90/0x320 [ 659.575024][ C1] schedule+0x14b/0x320 [ 659.579282][ C1] schedule_preempt_disabled+0x13/0x30 [ 659.584800][ C1] __mutex_lock+0x6a4/0xd70 [ 659.589411][ C1] ? __mutex_lock+0x527/0xd70 [ 659.594142][ C1] ? nl80211_pre_doit+0x5f/0x8b0 [ 659.599199][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 659.604281][ C1] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 659.610635][ C1] ? get_rtnl_holder+0x144/0x190 [ 659.615623][ C1] nl80211_pre_doit+0x5f/0x8b0 [ 659.620493][ C1] genl_rcv_msg+0xaaa/0xec0 [ 659.625042][ C1] ? mark_lock+0x9a/0x360 [ 659.629540][ C1] ? __pfx_genl_rcv_msg+0x10/0x10 [ 659.634665][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 659.639808][ C1] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 659.645233][ C1] ? __pfx_nl80211_get_coalesce+0x10/0x10 [ 659.651045][ C1] ? __pfx_nl80211_post_doit+0x10/0x10 [ 659.656552][ C1] ? __pfx___might_resched+0x10/0x10 [ 659.661951][ C1] netlink_rcv_skb+0x1e3/0x430 [ 659.666771][ C1] ? __pfx_genl_rcv_msg+0x10/0x10 [ 659.671900][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 659.677281][ C1] ? __netlink_deliver_tap+0x77e/0x7c0 [ 659.682793][ C1] genl_rcv+0x28/0x40 [ 659.686815][ C1] netlink_unicast+0x7f0/0x990 [ 659.691690][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 659.697019][ C1] ? __virt_addr_valid+0x183/0x530 [ 659.702240][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 659.707062][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 659.712460][ C1] ? __import_iovec+0x536/0x820 [ 659.717401][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 659.722405][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 659.727788][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 659.733302][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 659.738663][ C1] __sock_sendmsg+0x221/0x270 [ 659.743399][ C1] ____sys_sendmsg+0x525/0x7d0 [ 659.748262][ C1] ? __pfx_____sys_sendmsg+0x10/0x10 [ 659.753622][ C1] __sys_sendmsg+0x2b0/0x3a0 [ 659.758304][ C1] ? __pfx___sys_sendmsg+0x10/0x10 [ 659.763520][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 659.769964][ C1] ? do_syscall_64+0x100/0x230 [ 659.774778][ C1] ? do_syscall_64+0xb6/0x230 [ 659.779578][ C1] do_syscall_64+0xf3/0x230 [ 659.784128][ C1] ? clear_bhb_loop+0x35/0x90 [ 659.788921][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.794866][ C1] RIP: 0033:0x7fc432f75bd9 [ 659.799383][ C1] RSP: 002b:00007fc4329bd048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 659.807885][ C1] RAX: ffffffffffffffda RBX: 00007fc433104110 RCX: 00007fc432f75bd9 [ 659.815898][ C1] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 [ 659.823979][ C1] RBP: 00007fc432fe4aa1 R08: 0000000000000000 R09: 0000000000000000 [ 659.832056][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.840122][ C1] R13: 000000000000006e R14: 00007fc433104110 R15: 00007ffc4fd0a978 [ 659.848182][ C1] [ 659.851259][ C1] DEBUG: waiting rtnl_mutex for 602 jiffies. [ 659.857336][ C1] task:dhcpcd state:D stack:20672 pid:4761 tgid:4761 ppid:4760 flags:0x00000002 [ 659.867606][ C1] Call Trace: [ 659.870917][ C1] [ 659.873912][ C1] __schedule+0x1800/0x4a60 [ 659.878526][ C1] ? __pfx___schedule+0x10/0x10 [ 659.883433][ C1] ? __pfx_lock_release+0x10/0x10 [ 659.888537][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 659.894068][ C1] ? schedule+0x90/0x320 [ 659.898398][ C1] schedule+0x14b/0x320 [ 659.902606][ C1] schedule_preempt_disabled+0x13/0x30 [ 659.908150][ C1] __mutex_lock+0x6a4/0xd70 [ 659.912711][ C1] ? __mutex_lock+0x527/0xd70 [ 659.917473][ C1] ? devinet_ioctl+0x2ce/0x1bc0 [ 659.922370][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 659.927489][ C1] ? bpf_lsm_capable+0x9/0x10 [ 659.932216][ C1] ? security_capable+0x90/0xb0 [ 659.937115][ C1] ? get_rtnl_holder+0x144/0x190 [ 659.942142][ C1] devinet_ioctl+0x2ce/0x1bc0 [ 659.946873][ C1] ? get_user_ifreq+0x1bb/0x200 [ 659.951819][ C1] inet_ioctl+0x3d7/0x4f0 [ 659.956205][ C1] ? __pfx_inet_ioctl+0x10/0x10 [ 659.961203][ C1] sock_do_ioctl+0x158/0x460 [ 659.965857][ C1] ? __pfx_sock_do_ioctl+0x10/0x10 [ 659.971079][ C1] ? __pfx_lock_release+0x10/0x10 [ 659.976234][ C1] sock_ioctl+0x629/0x8e0 [ 659.980677][ C1] ? __pfx_sock_ioctl+0x10/0x10 [ 659.985586][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 659.991681][ C1] ? bpf_lsm_file_ioctl+0x9/0x10 [ 659.996656][ C1] ? security_file_ioctl+0x87/0xb0 [ 660.001868][ C1] ? __pfx_sock_ioctl+0x10/0x10 [ 660.006775][ C1] __se_sys_ioctl+0xfc/0x170 [ 660.011474][ C1] do_syscall_64+0xf3/0x230 [ 660.016022][ C1] ? clear_bhb_loop+0x35/0x90 [ 660.020821][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.026757][ C1] RIP: 0033:0x7f59528f7d49 [ 660.031272][ C1] RSP: 002b:00007ffe359c46a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 660.039763][ C1] RAX: ffffffffffffffda RBX: 00007f59528296c0 RCX: 00007f59528f7d49 [ 660.047828][ C1] RDX: 00007ffe359d4898 RSI: 0000000000008914 RDI: 0000000000000015 [ 660.055850][ C1] RBP: 00007ffe359e4a58 R08: 00007ffe359d4858 R09: 00007ffe359d4808 [ 660.063928][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 660.071975][ C1] R13: 00007ffe359d4898 R14: 0000000000000028 R15: 0000000000008914 [ 660.080056][ C1] [ 660.083126][ C1] DEBUG: holding rtnl_mutex for 855 jiffies. [ 660.089182][ C1] task:kworker/u8:10 state:D stack:18800 pid:3873 tgid:3873 ppid:2 flags:0x00004000 [ 660.099438][ C1] Workqueue: netns cleanup_net [ 660.104256][ C1] Call Trace: [ 660.107633][ C1] [ 660.110598][ C1] __schedule+0x1800/0x4a60 [ 660.115173][ C1] ? __pfx___schedule+0x10/0x10 [ 660.120149][ C1] ? __pfx_lock_release+0x10/0x10 [ 660.125225][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 660.131243][ C1] ? kthread_data+0x52/0xd0 [ 660.135800][ C1] ? wq_worker_sleeping+0x66/0x240 [ 660.141007][ C1] ? schedule+0x90/0x320 [ 660.145298][ C1] schedule+0x14b/0x320 [ 660.149572][ C1] synchronize_rcu_expedited+0x684/0x830 [ 660.155258][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 660.161514][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 660.166850][ C1] ? __pfx___might_resched+0x10/0x10 [ 660.172218][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 660.178272][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 660.184383][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 660.190801][ C1] synchronize_rcu+0x11b/0x360 [ 660.195613][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 660.201002][ C1] lockdep_unregister_key+0x556/0x610 [ 660.206420][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 660.212404][ C1] ? rcu_is_watching+0x15/0xb0 [ 660.217250][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 660.221895][ C1] __qdisc_destroy+0x165/0x410 [ 660.226712][ C1] dev_shutdown+0x357/0x440 [ 660.231326][ C1] unregister_netdevice_many_notify+0x9c7/0x1d20 [ 660.237760][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 660.244601][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 660.250590][ C1] ? batadv_softif_destroy_netlink+0x1e0/0x270 [ 660.256795][ C1] default_device_exit_batch+0xa0f/0xa90 [ 660.262532][ C1] ? __pfx___might_resched+0x10/0x10 [ 660.267906][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 660.274119][ C1] ? cfg802154_pernet_exit+0xc3/0xe0 [ 660.279488][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 660.285700][ C1] cleanup_net+0x89d/0xcc0 [ 660.290197][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 660.295180][ C1] ? process_scheduled_works+0x945/0x1830 [ 660.301002][ C1] process_scheduled_works+0xa2c/0x1830 [ 660.306634][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 660.312718][ C1] ? assign_work+0x364/0x3d0 [ 660.317413][ C1] worker_thread+0x86d/0xd40 [ 660.322074][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 660.328043][ C1] ? __kthread_parkme+0x169/0x1d0 [ 660.333119][ C1] ? __pfx_worker_thread+0x10/0x10 [ 660.338323][ C1] kthread+0x2f0/0x390 [ 660.342451][ C1] ? __pfx_worker_thread+0x10/0x10 [ 660.347648][ C1] ? __pfx_kthread+0x10/0x10 [ 660.352290][ C1] ret_from_fork+0x4b/0x80 [ 660.356753][ C1] ? __pfx_kthread+0x10/0x10 [ 660.361467][ C1] ret_from_fork_asm+0x1a/0x30 [ 660.366323][ C1] [ 660.369427][ C1] DEBUG: waiting rtnl_mutex for 882 jiffies. [ 660.375453][ C1] task:syz-executor state:D stack:21024 pid:11789 tgid:11789 ppid:11773 flags:0x00000000 [ 660.385752][ C1] Call Trace: [ 660.389103][ C1] [ 660.392074][ C1] __schedule+0x1800/0x4a60 [ 660.396648][ C1] ? __pfx___schedule+0x10/0x10 [ 660.401605][ C1] ? __pfx_lock_release+0x10/0x10 [ 660.406678][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 660.412250][ C1] ? schedule+0x90/0x320 [ 660.416550][ C1] schedule+0x14b/0x320 [ 660.420884][ C1] schedule_preempt_disabled+0x13/0x30 [ 660.426389][ C1] __mutex_lock+0x6a4/0xd70 [ 660.430990][ C1] ? __mutex_lock+0x527/0xd70 [ 660.435801][ C1] ? rtnetlink_rcv_msg+0x847/0x1180 [ 660.441110][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 660.446198][ C1] ? get_rtnl_holder+0x144/0x190 [ 660.451265][ C1] rtnetlink_rcv_msg+0x847/0x1180 [ 660.456343][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 660.461676][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 660.467182][ C1] ? is_bpf_text_address+0x285/0x2a0 [ 660.472562][ C1] ? __pfx_validate_chain+0x10/0x10 [ 660.477851][ C1] ? __pfx_validate_chain+0x10/0x10 [ 660.483102][ C1] ? arch_stack_walk+0x16d/0x1b0 [ 660.488126][ C1] ? mark_lock+0x9a/0x360 [ 660.492509][ C1] ? __pfx_validate_chain+0x10/0x10 [ 660.497821][ C1] ? __lock_acquire+0x1359/0x2000 [ 660.502903][ C1] ? mark_lock+0x9a/0x360 [ 660.507318][ C1] ? __lock_acquire+0x1359/0x2000 [ 660.512404][ C1] netlink_rcv_skb+0x1e3/0x430 [ 660.517253][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 660.522759][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 660.528166][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 660.533409][ C1] netlink_unicast+0x7f0/0x990 [ 660.538268][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 660.543602][ C1] ? __virt_addr_valid+0x183/0x530 [ 660.548810][ C1] ? __check_object_size+0x49c/0x900 [ 660.554134][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 660.559355][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 660.564180][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 660.569553][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 660.574530][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 660.579891][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 660.585398][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 660.590769][ C1] __sock_sendmsg+0x221/0x270 [ 660.595502][ C1] __sys_sendto+0x3a4/0x4f0 [ 660.600089][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 660.605180][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 660.610464][ C1] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 660.616598][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 660.622677][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 660.629144][ C1] __x64_sys_sendto+0xde/0x100 [ 660.633951][ C1] do_syscall_64+0xf3/0x230 [ 660.638516][ C1] ? clear_bhb_loop+0x35/0x90 [ 660.643231][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.649196][ C1] RIP: 0033:0x7f6ce337796c [ 660.653642][ C1] RSP: 002b:00007fffbe060480 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 660.662145][ C1] RAX: ffffffffffffffda RBX: 00007f6ce4034620 RCX: 00007f6ce337796c [ 660.670192][ C1] RDX: 000000000000003c RSI: 00007f6ce4034670 RDI: 0000000000000003 [ 660.678231][ C1] RBP: 0000000000000000 R08: 00007fffbe0604d4 R09: 000000000000000c [ 660.686244][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 660.694302][ C1] R13: 0000000000000000 R14: 00007f6ce4034670 R15: 0000000000000000 [ 660.702368][ C1] [ 660.705412][ C1] DEBUG: waiting rtnl_mutex for 913 jiffies. [ 660.711469][ C1] task:syz-executor state:D stack:21024 pid:11732 tgid:11732 ppid:11716 flags:0x00004002 [ 660.721714][ C1] Call Trace: [ 660.725020][ C1] [ 660.728012][ C1] __schedule+0x1800/0x4a60 [ 660.732587][ C1] ? __pfx___schedule+0x10/0x10 [ 660.737527][ C1] ? __pfx_lock_release+0x10/0x10 [ 660.742598][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 660.748157][ C1] ? schedule+0x90/0x320 [ 660.752446][ C1] schedule+0x14b/0x320 [ 660.756640][ C1] schedule_preempt_disabled+0x13/0x30 [ 660.762175][ C1] __mutex_lock+0x6a4/0xd70 [ 660.766721][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 660.772017][ C1] ? __mutex_lock+0x527/0xd70 [ 660.776755][ C1] ? nsim_destroy+0x71/0x5c0 [ 660.781438][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 660.786538][ C1] ? __pfx_mntput_no_expire+0x10/0x10 [ 660.792012][ C1] ? get_rtnl_holder+0x144/0x190 [ 660.797014][ C1] nsim_destroy+0x71/0x5c0 [ 660.801570][ C1] __nsim_dev_port_del+0x14b/0x1b0 [ 660.806737][ C1] nsim_dev_reload_destroy+0x28a/0x490 [ 660.812291][ C1] ? __pfx_nsim_bus_remove+0x10/0x10 [ 660.817662][ C1] nsim_drv_remove+0x58/0x160 [ 660.822379][ C1] device_release_driver_internal+0x4a9/0x7c0 [ 660.828549][ C1] bus_remove_device+0x34f/0x420 [ 660.833561][ C1] device_del+0x57a/0x9b0 [ 660.837985][ C1] ? __pfx_device_del+0x10/0x10 [ 660.842886][ C1] device_unregister+0x20/0xc0 [ 660.847734][ C1] del_device_store+0x363/0x480 [ 660.852636][ C1] ? __pfx_del_device_store+0x10/0x10 [ 660.858088][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 660.862978][ C1] ? bus_attr_store+0x4f/0xa0 [ 660.867738][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 660.872984][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 660.878355][ C1] vfs_write+0xa72/0xc90 [ 660.882669][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 660.888548][ C1] ? __pfx_vfs_write+0x10/0x10 [ 660.893362][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 660.898635][ C1] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 660.904768][ C1] ksys_write+0x1a0/0x2c0 [ 660.909173][ C1] ? __pfx_ksys_write+0x10/0x10 [ 660.914055][ C1] ? do_syscall_64+0x100/0x230 [ 660.918896][ C1] ? do_syscall_64+0xb6/0x230 [ 660.923613][ C1] do_syscall_64+0xf3/0x230 [ 660.928194][ C1] ? clear_bhb_loop+0x35/0x90 [ 660.932916][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.938893][ C1] RIP: 0033:0x7fb5a577475f [ 660.943340][ C1] RSP: 002b:00007fff61b3e190 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 660.951830][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb5a577475f [ 660.959867][ C1] RDX: 0000000000000001 RSI: 00007fff61b3e1e0 RDI: 0000000000000005 [ 660.967904][ C1] RBP: 00007fb5a57e45a0 R08: 0000000000000000 R09: 00007fff61b3dfe7 [ 660.975911][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 660.983943][ C1] R13: 00007fff61b3e1e0 R14: 00007fb5a6434620 R15: 0000000000000003 [ 660.992005][ C1] [ 660.995058][ C1] [ 660.995058][ C1] Showing all locks held in the system: [ 661.002829][ C1] 4 locks held by kworker/u8:0/11: [ 661.007997][ C1] #0: ffff88802a5ef148 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 661.019432][ C1] #1: ffffc90000107d00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 661.032696][ C1] #2: ffffc90000a18ca0 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 661.042909][ C1] #3: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 661.052876][ C1] 3 locks held by kworker/1:1/47: [ 661.057964][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 661.069041][ C1] #1: ffffc90000b77d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 661.080120][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 661.089224][ C1] 5 locks held by kworker/u8:10/3873: [ 661.094618][ C1] #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 661.105619][ C1] #1: ffffc9000b647d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 661.116269][ C1] #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 661.125780][ C1] #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 661.135925][ C1] #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 661.147033][ C1] 1 lock held by dhcpcd/4761: [ 661.151780][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1bc0 [ 661.161035][ C1] 2 locks held by getty/4850: [ 661.165736][ C1] #0: ffff88802a4fd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 661.175607][ C1] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 661.185829][ C1] 1 lock held by syz.4.1527/11676: [ 661.191010][ C1] 7 locks held by syz-executor/11732: [ 661.196405][ C1] #0: ffff88807f096420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 661.205407][ C1] #1: ffff88807bbe5488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 661.215268][ C1] #2: ffff8880227922d8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 661.225399][ C1] #3: ffffffff8ef05248 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 661.235816][ C1] #4: ffff888067b0c0e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 661.246464][ C1] #5: ffff888067b0d250 (&devlink->lock_key#16){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 661.256697][ C1] #6: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 661.265709][ C1] 1 lock held by syz-executor/11789: [ 661.271059][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 661.280675][ C1] 2 locks held by syz.3.1576/11858: [ 661.285891][ C1] #0: ffffffff8f668fb0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 661.294185][ C1] #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0 [ 661.303537][ C1] 1 lock held by syz.1.1587/11893: [ 661.308709][ C1] [ 661.311051][ C1] ============================================= [ 661.311051][ C1] [ 662.217409][T11789] chnl_net:caif_netlink_parms(): no params data found [ 663.008565][T11789] bridge0: port 1(bridge_slave_0) entered blocking state [ 663.036329][T11789] bridge0: port 1(bridge_slave_0) entered disabled state [ 663.061171][T11789] bridge_slave_0: entered allmulticast mode [ 663.086755][T11789] bridge_slave_0: entered promiscuous mode [ 663.116511][T11789] bridge0: port 2(bridge_slave_1) entered blocking state [ 663.143119][T11789] bridge0: port 2(bridge_slave_1) entered disabled state [ 663.165337][T11789] bridge_slave_1: entered allmulticast mode [ 663.187168][T11789] bridge_slave_1: entered promiscuous mode [ 663.306269][T11789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 663.380043][T11789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 663.500101][ T5149] usb 3-1: USB disconnect, device number 10 [ 663.625341][T11732] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 664.342496][T11732] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 664.444053][T11732] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 664.533137][T11789] team0: Port device team_slave_0 added [ 664.593192][T11789] team0: Port device team_slave_1 added [ 664.637476][T11732] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 664.875142][T11789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 664.904829][T11789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 664.981710][T11789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 665.042095][T11789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 665.049122][T11789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 665.079876][T11789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 665.905774][T11789] hsr_slave_0: entered promiscuous mode [ 666.071174][T11789] hsr_slave_1: entered promiscuous mode [ 666.147476][T11789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 666.216063][T11789] Cannot create hsr debugfs directory [ 667.798125][ T6558] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 667.833627][T11732] 8021q: adding VLAN 0 to HW filter on device bond0 [ 667.996134][T11789] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.008162][ T6481] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 668.057349][ T6558] usb 3-1: Using ep0 maxpacket: 8 [ 668.074327][ T6558] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 668.074394][T11732] 8021q: adding VLAN 0 to HW filter on device team0 [ 668.087299][ T6558] usb 3-1: config 0 has no interface number 0 [ 668.105541][ T6558] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0xFE has invalid wMaxPacketSize 0 [ 668.134218][ T6558] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 668.167854][ T6558] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 668.189175][ T6558] usb 3-1: config 0 descriptor?? [ 668.199335][ T6558] iowarrior 3-1:0.1: no interrupt-in endpoint found [ 668.223539][ T6481] usb 4-1: config 0 interface 0 has no altsetting 0 [ 668.237607][ T6481] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 668.241353][T11789] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.274581][ T6481] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 668.299379][ T6481] usb 4-1: config 0 descriptor?? [ 668.350226][ T2929] bridge0: port 1(bridge_slave_0) entered blocking state [ 668.357467][ T2929] bridge0: port 1(bridge_slave_0) entered forwarding state [ 668.407574][ T2929] bridge0: port 2(bridge_slave_1) entered blocking state [ 668.414831][ T2929] bridge0: port 2(bridge_slave_1) entered forwarding state [ 668.504298][T11789] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 669.021849][T11789] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 669.448442][ T6481] video4linux radio32: keene_cmd_main failed (-110) [ 669.505131][ T6481] radio-keene 4-1:0.0: V4L2 device registered as radio32 [ 669.949725][ T927] usb 4-1: USB disconnect, device number 10 [ 670.092374][T11789] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 670.128415][T11789] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 670.178628][T11789] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 670.212816][T11789] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 670.404270][T11732] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 670.426938][ T8956] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 670.441700][ T8956] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 670.452195][ T8956] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 670.480844][ T8956] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 670.596507][ T8956] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 670.617900][ T8956] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 670.663702][ T2929] usb 3-1: USB disconnect, device number 11 [ 671.206812][T11789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 671.526266][T11732] veth0_vlan: entered promiscuous mode [ 671.870410][T11732] veth1_vlan: entered promiscuous mode [ 672.025878][T11789] 8021q: adding VLAN 0 to HW filter on device team0 [ 672.133078][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state [ 672.140316][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 672.222371][ T2929] bridge0: port 2(bridge_slave_1) entered blocking state [ 672.229602][ T2929] bridge0: port 2(bridge_slave_1) entered forwarding state [ 672.665056][T11732] veth0_macvtap: entered promiscuous mode [ 672.717549][ T54] Bluetooth: hci6: command tx timeout [ 672.844517][T11732] veth1_macvtap: entered promiscuous mode [ 673.017184][ T3846] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.195769][T11732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 673.226275][T11732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.238285][T11732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 673.249454][T11732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.259581][T11732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 673.270190][T11732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.280399][T11732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 673.291046][T11732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.329293][T11732] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 673.369122][ T3846] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.433866][T11978] chnl_net:caif_netlink_parms(): no params data found [ 673.629806][ T3846] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.792917][T11732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 673.803694][T11732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.813736][T11732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 673.824422][T11732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.835102][T11732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 673.855117][T11732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.865031][T11732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 673.877320][T11732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.900544][T11732] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 674.009891][ T3846] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 674.240977][T11732] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.251163][T11732] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.260737][T11732] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.407385][T11732] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.511394][T11978] bridge0: port 1(bridge_slave_0) entered blocking state [ 674.672008][T11978] bridge0: port 1(bridge_slave_0) entered disabled state [ 674.785711][T11978] bridge_slave_0: entered allmulticast mode [ 674.791892][ T54] Bluetooth: hci6: command tx timeout [ 674.831460][T11978] bridge_slave_0: entered promiscuous mode [ 674.883016][T11978] bridge0: port 2(bridge_slave_1) entered blocking state [ 674.926243][T11978] bridge0: port 2(bridge_slave_1) entered disabled state [ 674.960170][T11978] bridge_slave_1: entered allmulticast mode [ 675.052149][T11978] bridge_slave_1: entered promiscuous mode [ 675.499706][T11978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 675.584583][T11978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 675.901343][T11978] team0: Port device team_slave_0 added [ 676.249822][T12027] loop3: detected capacity change from 0 to 256 [ 676.284160][T11978] team0: Port device team_slave_1 added [ 676.877688][ T54] Bluetooth: hci6: command tx timeout [ 677.077859][T12031] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 677.196090][T11756] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 677.233626][T11978] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 677.254009][T11756] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 677.289338][T11978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 677.365877][T11978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 677.411817][T11789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 677.489770][ T3846] team0: left allmulticast mode [ 677.507316][ T3846] team_slave_0: left allmulticast mode [ 677.525797][ T3846] team_slave_1: left allmulticast mode [ 677.540676][ T3846] bridge0: port 3(team0) entered disabled state [ 677.577447][ T3846] bridge_slave_1: left allmulticast mode [ 677.583288][ T3846] bridge_slave_1: left promiscuous mode [ 677.597517][ T3846] bridge0: port 2(bridge_slave_1) entered disabled state [ 677.640740][ T3846] bridge_slave_0: left allmulticast mode [ 677.646447][ T3846] bridge_slave_0: left promiscuous mode [ 677.672679][ T3846] bridge0: port 1(bridge_slave_0) entered disabled state [ 678.776914][ T3846] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 678.853869][ T3846] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 678.947849][ T3846] bond0 (unregistering): Released all slaves [ 678.957402][ T54] Bluetooth: hci6: command tx timeout [ 679.064948][T11978] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 679.097488][T11978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 679.188841][T11978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 679.714831][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 679.725828][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 679.889177][T11978] hsr_slave_0: entered promiscuous mode [ 679.916190][T11978] hsr_slave_1: entered promiscuous mode [ 679.933937][T11978] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 679.962020][T11978] Cannot create hsr debugfs directory [ 680.064048][T12064] loop0: detected capacity change from 0 to 128 [ 680.077393][ T3846] hsr_slave_0: left promiscuous mode [ 680.102373][T12064] FAT-fs (loop0): Unrecognized mount option "allow_utime=0000000000000000harset=maccenteuro" or missing value [ 680.125745][ T3846] hsr_slave_1: left promiscuous mode [ 680.154883][ T3846] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 680.175070][ T3846] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 680.186275][ T29] kauditd_printk_skb: 42 callbacks suppressed [ 680.186293][ T29] audit: type=1326 audit(1720192060.717:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12062 comm="syz.0.1543" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5a5775bd9 code=0x0 [ 680.218424][ T3846] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 680.225987][ T3846] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 680.266854][ T3846] veth1_macvtap: left promiscuous mode [ 680.285177][ T3846] veth0_macvtap: left promiscuous mode [ 680.297833][ T3846] veth1_vlan: left promiscuous mode [ 680.303228][ T3846] veth0_vlan: left promiscuous mode [ 681.025198][T12083] loop0: detected capacity change from 0 to 256 [ 681.955736][ T3846] team_slave_1 (unregistering): left promiscuous mode [ 681.981428][ T3846] team0 (unregistering): Port device team_slave_1 removed [ 682.050164][ T3846] team_slave_0 (unregistering): left promiscuous mode [ 682.062402][ T3846] team0 (unregistering): Port device team_slave_0 removed [ 682.893869][T12086] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 682.901203][T12086] IPv6: NLM_F_CREATE should be set when creating new route [ 683.281027][T12102] loop0: detected capacity change from 0 to 1764 [ 683.328869][T12102] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 683.362060][T12102] ISOFS: unable to read i-node block [ 683.377336][T12102] isofs_fill_super: get root inode failed [ 683.506678][T11789] veth0_vlan: entered promiscuous mode [ 683.675309][T11789] veth1_vlan: entered promiscuous mode [ 684.501521][T11789] veth0_macvtap: entered promiscuous mode [ 684.526323][T11789] veth1_macvtap: entered promiscuous mode [ 684.635803][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 684.667458][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.690405][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 684.721310][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.747276][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 684.770191][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.789102][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 684.836322][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.884135][T11789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 685.786193][ T3846] bridge_slave_1: left allmulticast mode [ 685.816557][ T3846] bridge_slave_1: left promiscuous mode [ 685.873987][ T3846] bridge0: port 2(bridge_slave_1) entered disabled state [ 685.959712][ T3846] bridge_slave_0: left allmulticast mode [ 685.965419][ T3846] bridge_slave_0: left promiscuous mode [ 686.017579][ T3846] bridge0: port 1(bridge_slave_0) entered disabled state [ 686.167881][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.174239][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.265485][T12143] netlink: 'syz.3.1633': attribute type 29 has an invalid length. [ 687.381754][T12147] loop2: detected capacity change from 0 to 256 [ 688.464540][ T3846] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 688.483311][ T3846] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 688.497014][ T3846] bond0 (unregistering): Released all slaves [ 688.515790][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 688.534754][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 688.545413][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 688.563613][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 688.574800][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 688.596461][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 688.606827][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 688.624909][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 688.645472][T11789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 688.698614][T12143] netlink: 'syz.3.1633': attribute type 29 has an invalid length. [ 688.710471][T12153] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 688.820619][T11789] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.843462][T11789] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.852414][T11789] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.869771][T11789] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 689.888030][ T3846] hsr_slave_0: left promiscuous mode [ 689.943111][ T3846] hsr_slave_1: left promiscuous mode [ 690.080663][ T3846] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 690.181206][ T3846] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 690.301533][ T3846] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 690.351119][ T3846] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 690.460108][ T3846] veth1_macvtap: left promiscuous mode [ 690.488291][ T3846] veth0_macvtap: left promiscuous mode [ 690.494004][ T3846] veth1_vlan: left promiscuous mode [ 690.538157][ T3846] veth0_vlan: left promiscuous mode [ 691.823033][ T3846] team0 (unregistering): Port device team_slave_1 removed [ 691.932698][T12181] loop3: detected capacity change from 0 to 256 [ 691.947167][ T3846] team0 (unregistering): Port device team_slave_0 removed [ 692.925565][T12182] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 693.039389][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 693.047867][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 693.192960][T11756] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 693.193082][T11978] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 693.229108][T11756] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 693.299149][T12188] Oops: stack segment: 0000 [#1] PREEMPT SMP KASAN PTI [ 693.299186][T12188] CPU: 1 UID: 0 PID: 12188 Comm: syz.3.1644 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 693.299212][T12188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 693.299226][T12188] RIP: 0010:dev_hash_map_redirect+0x64/0x620 [ 693.299257][T12188] Code: 00 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 9f 9c 3d 00 48 8b 03 48 89 44 24 08 48 8d 58 38 48 89 dd 48 c1 ed 03 <42> 0f b6 44 3d 00 84 c0 0f 85 f5 03 00 00 44 8b 33 44 89 f6 83 e6 [ 693.299277][T12188] RSP: 0018:ffffc90004307958 EFLAGS: 00010202 [ 693.299297][T12188] RAX: 0000000000000000 RBX: 0000000000000038 RCX: 0000000000040000 [ 693.299312][T12188] RDX: ffffc9001044d000 RSI: 00000000000001be RDI: 00000000000001bf [ 693.299327][T12188] RBP: 0000000000000007 R08: 0000000000000007 R09: ffffffff81b5ee2f [ 693.299342][T12188] R10: 0000000000000004 R11: ffff888025078000 R12: 0000000000000008 [ 693.299356][T12188] R13: 00000000043079b0 R14: 0000000000000000 R15: dffffc0000000000 [ 693.299371][T12188] FS: 00007fc4329de6c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 693.299389][T12188] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 693.299404][T12188] CR2: 00007fc4329ddfa8 CR3: 0000000061fa2000 CR4: 00000000003506f0 [ 693.299422][T12188] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 693.299436][T12188] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 693.299450][T12188] Call Trace: [ 693.299458][T12188] [ 693.299467][T12188] ? __die_body+0x88/0xe0 [ 693.299498][T12188] ? die+0xcf/0x110 [ 693.299529][T12188] ? do_trap+0x15a/0x3a0 [ 693.299559][T12188] ? do_error_trap+0x1dc/0x2c0 [ 693.299589][T12188] ? __pfx_do_error_trap+0x10/0x10 [ 693.299619][T12188] ? rcu_is_watching+0x15/0xb0 [ 693.299649][T12188] ? exc_stack_segment+0x38/0x50 [ 693.299680][T12188] ? asm_exc_stack_segment+0x26/0x30 [ 693.299707][T12188] ? bpf_ringbuf_query+0x4f/0x150 [ 693.299738][T12188] ? dev_hash_map_redirect+0x64/0x620 [ 693.299763][T12188] ? dev_hash_map_redirect+0x2b/0x620 [ 693.299791][T12188] bpf_prog_ec9efaa32d58ce69+0x56/0x5a [ 693.299811][T12188] tun_get_user+0x3321/0x4560 [ 693.299835][T12188] ? tun_get_user+0x84c/0x4560 [ 693.299865][T12188] ? __pfx_tun_get_user+0x10/0x10 [ 693.299892][T12188] ? tun_get+0x1e/0x2f0 [ 693.299921][T12188] ? tun_get+0x1e/0x2f0 [ 693.299940][T12188] ? tun_get+0x27d/0x2f0 [ 693.299961][T12188] tun_chr_write_iter+0x113/0x1f0 [ 693.299984][T12188] vfs_write+0xa72/0xc90 [ 693.300006][T12188] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 693.300027][T12188] ? __pfx_vfs_write+0x10/0x10 [ 693.300079][T12188] ksys_write+0x1a0/0x2c0 [ 693.300104][T12188] ? __pfx_ksys_write+0x10/0x10 [ 693.300125][T12188] ? exc_page_fault+0x590/0x8c0 [ 693.300158][T12188] ? do_syscall_64+0xb6/0x230 [ 693.300181][T12188] do_syscall_64+0xf3/0x230 [ 693.300201][T12188] ? clear_bhb_loop+0x35/0x90 [ 693.300230][T12188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.300257][T12188] RIP: 0033:0x7fc432f7475f [ 693.300276][T12188] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 693.300296][T12188] RSP: 002b:00007fc4329de010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 693.300320][T12188] RAX: ffffffffffffffda RBX: 00007fc433104038 RCX: 00007fc432f7475f [ 693.300337][T12188] RDX: 000000000000004e RSI: 0000000020000540 RDI: 00000000000000c8 [ 693.300352][T12188] RBP: 00007fc432fe4aa1 R08: 0000000000000000 R09: 0000000000000000 [ 693.300367][T12188] R10: 000000000000004e R11: 0000000000000293 R12: 0000000000000000 [ 693.300381][T12188] R13: 000000000000006e R14: 00007fc433104038 R15: 00007ffc4fd0a978 [ 693.300407][T12188] [ 693.300415][T12188] Modules linked in: [ 693.300431][T12188] ---[ end trace 0000000000000000 ]--- [ 693.669676][T12188] RIP: 0010:dev_hash_map_redirect+0x64/0x620 [ 693.675707][T12188] Code: 00 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 9f 9c 3d 00 48 8b 03 48 89 44 24 08 48 8d 58 38 48 89 dd 48 c1 ed 03 <42> 0f b6 44 3d 00 84 c0 0f 85 f5 03 00 00 44 8b 33 44 89 f6 83 e6 [ 693.695396][T12188] RSP: 0018:ffffc90004307958 EFLAGS: 00010202 [ 693.701536][T12188] RAX: 0000000000000000 RBX: 0000000000000038 RCX: 0000000000040000 [ 693.709569][T12188] RDX: ffffc9001044d000 RSI: 00000000000001be RDI: 00000000000001bf [ 693.717623][T12188] RBP: 0000000000000007 R08: 0000000000000007 R09: ffffffff81b5ee2f [ 693.725631][T12188] R10: 0000000000000004 R11: ffff888025078000 R12: 0000000000000008 [ 693.733667][T12188] R13: 00000000043079b0 R14: 0000000000000000 R15: dffffc0000000000 [ 693.741697][T12188] FS: 00007fc4329de6c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 693.750700][T12188] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 693.757334][T12188] CR2: 00007fc4329ddfa8 CR3: 0000000061fa2000 CR4: 00000000003506f0 [ 693.765343][T12188] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 693.773412][T12188] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 693.781451][T12188] Kernel panic - not syncing: Fatal exception in interrupt [ 693.788983][T12188] Kernel Offset: disabled [ 693.793312][T12188] Rebooting in 86400 seconds..