last executing test programs: 53.912910263s ago: executing program 0 (id=285): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(0x0, &(0x7f0000000180)=[{0x0, 0xfff}], 0x1, 0x0) semtimedop(0x0, &(0x7f0000000040)=[{}, {}], 0x2, 0x0) semtimedop(r0, &(0x7f0000000040)=[{}], 0x1, 0x0) semctl$GETZCNT(r0, 0x1, 0xf, &(0x7f0000000240)=""/169) 52.900360564s ago: executing program 0 (id=289): r0 = socket(0x10, 0x80002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b24, &(0x7f0000000000)={'wlan0\x00'}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000540)=ANY=[], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x210884, &(0x7f0000000500), 0xff, 0x49d, &(0x7f0000000b00)="$eJzs3MtrXNUfAPDvnSRt01fy669WW1uNVrH4SJq0ahcuVBRcKAi6qMuYpLV22kgTwZagUaQupeBeXAr+Be7ciLoQwa2CSykUDUJTVyP31UwmkzRJkwzJfD4wmXPuY8753nvPzLn35N4A2lZf+ieJ2B0Rv0VET56dv0Bf/jY7MzVya2ZqJIla7Y2/kmy5mzNTI+Wi5Xq7isyxSkTl0ySeTxaWO3H5yvnhanXsUpEfmLzw3sDE5StPnbswfHbs7NjFoVOnTp4YfPaZoafXJM40rpuHPhw/fPCVt669NnL62ts/fpNW68CRfH59HHd0q0lATfSlW+3vWqZx3qMrqPtmsKcunXS2sCKsSEdEpLurK2v/PdERczuvJ17+pKWVA9ZV+tu0vemc6fRHa7oGbGFJrHiVHcUXB7Cplb/26flv+drI/ker3XghYluRnp2ZGpm9HX9nVIrpXetYfl9EnJ7+98v0FSu9DgEAsApZ3+bJZv2/ShzI3vOxjr3FGEpvRPwvIvZFxP8jYn9E3BORLXtvRNyXr1zrWWb5fQ35hf2fyvXsrbuhzmsk7f89V9f3m62Lv3jr7Shye7L4u5Iz56pjx4ttciy6tqf5wSXK+O6lXz9fbF59/y99peWXfcGiAtc7Gy7QjQ5PDq/VRrjxccShzmbxJ7dHAtIj4GBEHFrZR+8tE+ce//rwYgvdOf4lrME4U+2riMfy/T8dDfGXkqXHJwd2RHXs+EB5VCz00y9XX1+s/LuKfw2k+3/n/OO/YYmef5J8vLYrqtWxSxMrL+Pq758tek6z2uN/W/JmNmb98zv5tA+GJycvDUZsS17N8uU5XTZ9aG7dMl8un8Z/7Gjz9r+vWCeN//6ISA/iIxHxQEQ8WNT9oYh4OCKOLhH/Dy8+8u4S8SeRREv3/2jT77/bx39vUj9ev4pEx/nvv11sxHx5+/9kTGfftbns++8OllvBu9x8AAAAsClUImJ3JJX+PN23OyqV/v78f/j3x85KdXxi8okz4+9fHM3vEeiNrkp5paun7nroYDJdfGKeHyquFZfzTxTXjb/o6M7y/SPj1dEWxw7tbtf89h9l+0/92dHq2gHrzv1a0L4a23+lRfUANt5yfv+dC8DW1KT9d7eiHsDGc/4P7atZ+/+oIa//D1vTwvb/R5NH1gFb0ar7/82fHAZsIs7/oX1p/9CW7ua+/tUnypsFVv85O5Z9h3+7JMonXhRT1mb71GrzpnTH3KyotDzkNkqkLWZjC517hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBm9l8AAAD//ybO5js=") r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) write$binfmt_elf64(r2, &(0x7f0000000000)=ANY=[], 0xfd14) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001300)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000040000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f20aae63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680200000000000000c0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffff78124a9bbe3aea5cacd3325c8385f9ffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100b0fbb04852e62d16788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d97b37023bf0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbdf58e54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f587eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb2f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcdc821aa8e8c5c39609ff9b4352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f88cab11e7ad87bece1f71d478b655e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e7204ffff000000000000671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b24c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba2000000000000e8013e862e9c0000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239bd00be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fbf3cd119ac06adb6597155ae47846892bb423d8c2b37068b6aa33ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261de87a4f5ed60a47f74a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7e7f00000000000000cac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300000000000000000000000000009cedd4fe3f4606b3610868827759342ba79e02f759eaf5539c0de35f6f0d544b8560730b6acd555d496212fb7bb9f55f4bd9761b4b229597b866457ce907b570cbc35b17f7d24468f347d96c623c732df4f7e35590c75f0334b76b28657499146b4d55d4120c082a227b7e22e287a68179174310e99c3751549a5efb93d535cd059909aec2f80f667a308b1d8e8e2c57351c5790519bce732ca5e203d93a50840e5283081b599546a05836"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_migrate_pages_start\x00', r3}, 0x10) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf20000000000000160007003f1b48013d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48) ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000240)={0x7f, 0x31363553, 0x3, @discrete={0xffffffff, 0x4}}) r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r4, &(0x7f00000000c0)='./file0\x00') ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0x80000001, 0x79}}, './file0\x00'}) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup, 0x20, 0x0, 0x5, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, &(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000180), 0x0}, 0x40) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@map, r1, 0x31, 0x2008, r1, @prog_fd=r5, r6}, 0x20) 52.506788033s ago: executing program 0 (id=290): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000440)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7e}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) syz_mount_image$btrfs(&(0x7f0000000100), &(0x7f0000005140)='./file0\x00', 0x816, &(0x7f0000000140), 0x1, 0x50ed, &(0x7f0000005180)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTsT3573JENYvrOR3E/wmHm5XUpgfKxQ6WkmPbbFHXpgfLxQ65pIemydDeHBhZX9S+H8stJPClbV54UhSOB0L+fnQLRxLCifimfb52ny6aeH7WMgvsJiPV1Cs6V4SkfS42q/HQuGGPc52Dw4AAHBPieE5z7Jjvc2QRtn52qAdVg/aYWTQDvVBO4wmO6Q79tseZnsLcXv7zMalPf//yHD5P74Vq7JFv+v/Q7z+P3+uYff6/9lYaCSF+VhopXcMaMVjZGH343iMRivvcWV9twAAAAB3tfi9QH2F5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP+zda4xc1X0A8LPP8T68XkiqEBolm6TGcROv1zaQqKXKmlI1IqVZNxRURRQbe00WL9ixTYlRiIxNRCMEpQ1S8qEIoyiq+QC1AhFJAeEixREqj4iqKIBAoTVEQaSUJCJNkEI1e++ZvXPuzsOPNV76+0neOTP/87zz8Jx775wLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/w8GvXPO3zeKP/va8Z1+4ePyKPWsvfvW68059MoSJmcc7snBH/423j//87nPv2fPA6jvuO3z+R3vzcnk8DFT/dOZ3boi1Hl4cwv0dIXSngRWDWaAnvz8Y63vfYAinhNlArcRkf1YibTh8vy+EfWE2UKvqe30hDBYCFz71yMM3VxO39YWwNIRQSdt4vpK10ZcGzujNAv1pYGt3FvjVW5la4LudWQCOWXwz1F70BybqMwzPXa7B66/nuHXs7ZUOrysmhhvn+9naee5UQW/6wMQxPW2l6pgXpbfHQe+2BfBuK23nWz1txS9S+TeUt2ZDldC5aXLzhqund8ZHOsPoaFejmubpeX7m9S9tPJL0gnkdxg4MH5fX4S1PLL27a/kFj9+3YunL+z+295Vj7eaPCpu0mJ5vlZC/5hbM8xiN+zxZAG+/0rekEV+6QgibP/97n2kWL83/h5vP/+PLOd521uWOtb45lM3N4yODMfHaUDY3BwAAgAVjIew13Tr60Cea1Vea/4+0d/w/HvLPJ/PZaA+GMD6T2LskhNNmHs8Cd8XmLlsSwgdnUhP1gbVJ4GAI751JLK9VlZRYFEuMJIGfDOWB8SRwKAYmksC3YuDWJHBDDBxIAhtj4GASODcGwlT9OH5/KB9H24G+GFifbcQD8SyEXwzF1pJt9VytKgAAgOMknx321N8tnOtwrBni9PJAX6sM8QzshhkqSQ3pDLY2rWpYQ3erGjpb1VAb9+7mwy/V3NGq5tJpGB31GW7/5d98NjRRmv+PNZ//V+boSEfp+H8I62b+xtydeWS6Fl8/UZcBAAAAOAYD//viN5vFS/P/8fbO/4/7RLoKmcNjcTfEliUhjNUHsmr/sBzIjnoP5AEAAABYCGrH42vHwqfy2+wU7XQ+Xc4/cYT544H/8Tnz9x58cH2z/pbm/xPtnf/fX3+bdeJQ7MXXloSwqBD4QexlNTBjJAZ+/Mn6QD7+Q3ED3BSryk9MqFV1UyyxPgbGksC+RiV+WCtxWn0gf7Jqje+tjWMqL1EIAAAAwAkXdwfE4/Lx/P8P/Wb1Nc3Kleb/64/s/P+ZeXDp9P7pgRBWdofQlf4w4LH+bGHAGBjsyBMP9Wd1daVVXd8fwjnVgaVVvZiv/9+drjH4VF9WVQyc9qH9r59RTXyzL4SVxcDTn7vzrGpiZxKoNf6XfSF8oDratPHvLMoa70kb//qiEN5fCNSqumxRCNXGetOqHqnk1zFIq/rnSgjvKgRqVZ1dCWFXAGCBiv+Vbio+uGPXtVs2TE9Pbp/HRNyH3xc2T01Pjm7cOr2p0qBPm5I+1y1jdH15TO1e+ea5fImii+5dN9hOuvY7wbFiW/l+/NKJg/n9+F2oZ2acq3vq7q5Jh/yRD5ebCIVvUo2G3DnPQ+4vVjL7JJbqj/l7w0BYdPWOye2jX9ywc+f2VdnfdrOvzv7Gw0zZtlqVbqv+ufrWxsuj4WpZiaPdVsuKlazceeW2lTt2Xbti6soNl09ePnnVqrNXj505tmbs42eurI5qLPvbYqjL5qo6Gepbd7Y5ruM41NO7C5WciE8NCQmJhZbYOrCs6f/Jpfn/tubz//ipEz/58/UZGh3/H46H+bPHZw/zr4+Bfe0e/x9udDS/dmLASBLYHQO7HeYHAADgnSFO8uPezLhX+qfLv/Nys3Kl+f/u9n7/f5zW/68tXX9+o2X+l8cSY43W/0+X+a+t/7+70fr/6TL/tfX/970N6/9fXQskm+QX1v8HAADeCU7c+v8tl/dPLxBQytByef/0AgGlDC2X8W/3AgFHvP7/8//5V/8dmijN/29tb/5v4X4AAAA4eXz5z675nWbx0vx/X3vz/xO//l9odP7/SKPARKOFAa3/BwAAwALVaP2/4Rv7L21WrjT/P9De/D+edtFZlzvW+uZQtqZdSNe0e22o9pMBAAAAWBg6w+hoT5t561ZGXXv0bT6TLwXaLF304p8cPrLz/w+2N/+v+13GLU8svbtr+QWPv3nfiqUv7//Y3ldmj/8DAAAA86fd/RIAAAAAAAAAAAAAAMDb78X/2LOmWbz0+/+wbubxRr//j9f9i78veHdd7lhr6/X/8vsXfvqeXTNLFj42FMKHi4Ete7acEvJr8y8rBh6+ZPl7qok9aYkHXzj3pWri0jTwqRWnvlFNnJME1sdFEt+bBuJVFd9YnATi8or/ngbi9jiQBnrzwFcXZ+PoSLfVTwezbdWRbqtnB0NYUgjUttX9g1kbHekAb0sCtQF+IQ3EAf55HuhMe3XPQNarGBiMRe8YyHoFAMBJK34L7Ambp6Ynx+JX+Hh7enf9bVS3ZNn15Wo72mz+uXxpsovuXTfYTror/S46e63xnlCpDmFV6etqMUvHzCiPTy0tNt27Gwy51WpvnQ3KpY500/U2HlFfNqLRjVunN/W0HPia1llWd7fMsqo02Slm6ZzZpG3U0kZf2hhRm9umjS7H+51hdLQryfUHMTgc6rR6RbT7e/3iOn+NXgXFPFcd3vurZvWV5v/D7c3/K8VxvZFfDGB3vLLe3y2xzD8AAADMr6+u/fU34r/P3vjo083ylub/I+3N/+MerPxQcLa342C8/v/eJSHMXFp/OAvcFZu7bEkIH5xJTcQS2QX1z48lxrLAXXGHyfJYYv1EfVWLYuBAEvjJUB44mAQOxUC+l2J/yHfl/P1QCGfNpNbVl9gWSwwngc/EwEgSGI2BsSSwOAbGk8Cri/PARBL4txgIU/Xb6t7F+bYCAAA4Evk8q6f+bkjneQe6W2XoaJWhv1WGzlYZKq0yNBpFvP/tmKEnOXmlo5CpJ621L6mllCFeDP+I+1XKEH5YnzMtWGo6nn9QO9+goz7DA5/oroQmSvP/sfbm//31t1nrh+L8f/b6f1ngB7F7X4unjo/EwI8/WR/IdwwcipPdm2pVTeQl8kn7TbHEeAyMJIFtMTCeBNavywP73lMfyGfatcb31hqfyksUAgAAAHDCxR0EcTdNnP/fseMrA83Kleb/4+3N/2N7A8XGboi1Hl4cwv0ds72pBVYMZoG4H2Mw/jz+fYMhnFLYwVErMdmflehNGg7f78t+od6bVvW9vuzHB/H+hU898vDN1cRtfSEsLex9qbXxfCVroy8NnNGbBfrTwNbuLBD3/NQC3+3MAnDMansF4wsqP9WlZnjucg1ef++Ua4KmwyvtA50j31y/uZovpR2u+T7VmiN72pruv+W4Kb09Dnq3LcR327B3W/GLVP4N5a3ZUCV0bprcvOHq6Z3xkeIvWUvm6Xku/kq1nfRxeB3uPvretlZJOzCWfHyMzV1u7tdhR6zulieW3t21/ILH71ux9OX9H9v7StvdaCD+UPiR6/518EeFzTvfKiF/zS24z5MJnycL8b+BEU9bCGHdq1+/qVm8NP+faG/+353czvh13Jg7loTwkcLGfSxu/j9ekn0OFgLZp+S7yoHskPt/DTX85AQAAIDjrba7o7a/YCq/zU4IT+fJ5fwTR5g/7q8YnzN/u/3u/+tLljaLl+b/65vP/xcl3XT83/F/5onj/3M62XdFL0of2H1Mu6JL1TEvHP+f08n+bnP8f06O/zv+PxfH/1tw/H9OJ/vTVvqWtM2XrhDCy3/00LPN4qX5/7b25v/W/5t70b7a+n/rG63/t63R+n+7rf8HAADMqwYLzaXzvNLqfaUM6ep9pQwtFwhsucSg9f+OeP2/l05//jehidL8f3d78//4chgotr5Q1v8bWdegqltjYJuFAQEAADgZNdpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNvrgX/4n03N4o/+9rxnX7h4/Io9ay9+9brzTn0yhKmZxzuycEf/jbeP//zuc+/Z88DqO+47fP5HK3m5nvz2d+tyx1rfHAphX+GRwZh4bah6ZzZw4afv2dVdTTw2FMKHi4Ete7acUk18ayiEZcXAw5csf081sSct8eAL575UTVyaBj614tQ3qolz8kBH2t1/XJx1tyPt7s2LQ1hSCNS6e8Xi+qpqbfxpHuhM2/inwayNGBiMRb8xmLURA9OxxNSiEFZ2h9CVVvVoJauqK63qXypZVV1pVV+uhHBOCKE7reqF3qyq7nTkT/ZmVcXAaR/a//oZ1cS+3hBWFgNPf+7Os6qJLySBWuN/0RvCB6ovmbTxb/dkjfekjd/WE8L7Qwi9aYlfdmcletMSL3aH8K5CoNb457tD2BV4R4gfPnWfaDt2Xbtlw/T05PZ5TPTmbfWFzVPTk6Mbt05vqiR9aqSjkH7r+qMf+3Ovf2lj9faie9cNtpPuzsv1zHR5dU/d3TUne+9jv/qLlcw+H6X6Y/7eMBAWXb1jcvvoFzfs3Ll9Vfa33eyrs79deTTbVqsWyrZaVqxk5c4rt63csevaFVNXbrh88vLJq1advXrszLE1Yx8/c2V1VGPZ3+Mx1DtP/FBP7y5UciI+ACQkJBZaorPu023sZP8gL33Rn+1oT6jMfECXphXFLB0zozweg157lCM+mu8pLUe0qjRxKGVZ3TrLmtJkYjZLX5Zl5ntdaXJYrKlzZpPG+51hdLSr0XYYrr9b3Lw/O4bN+0y+6dpNAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgUAAD//wNUIwc=") r0 = open(0x0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x40942, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) vmsplice(r1, &(0x7f00000005c0)=[{&(0x7f00000002c0)="14", 0x1}], 0x1, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$binfmt_script(r2, 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x700000000000000) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x10, r0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) open_by_handle_at(r3, &(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00N'], 0x0) 50.269971768s ago: executing program 0 (id=293): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffe6f, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x9c}}, 0x20000015) r0 = socket(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f0000000040)=0x20f, 0x4) getsockopt$inet6_buf(r0, 0x29, 0xd3, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x17, 0x8, 0x0, 0x0, 0x5a, @mcast2, @local, 0x10, 0x1}}) socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000140)={0x1, 0x1, 0x0, r1}, 0xc) 49.629191566s ago: executing program 0 (id=294): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r5, &(0x7f0000000a80)={0x0, 0x0, 0x0}, 0x0) recvmsg(r5, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYRES16=r7, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r2, @ANYBLOB="a9418aab7463eb923f536a7c261c6c67d09c2ab00cc5b1329334f78b66bb6cd8b683ba7a475ebbbe36f8b2a43fd4d78b6722"], 0x1c}}, 0x0) write$nci(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="4f06011805"], 0x5) r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r8) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r9 = inotify_init1(0x0) fcntl$setown(r9, 0x8, 0xffffffffffffffff) fcntl$getownex(r9, 0x10, &(0x7f0000000140)={0x0, 0x0}) r11 = syz_open_procfs(r10, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r11, 0x4004662b, &(0x7f0000000180)={@id={0x2, 0x0, @auto="ffee8e7268b4fecd2fce2d54fbd909e4"}}) 19.764254369s ago: executing program 1 (id=373): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) r0 = socket(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f0000000040)=0x20f, 0x4) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000001c0)={0x40, 0x8, 0x800a, 0x7, 0x80000001, 0x8001, 0x5, 0x71b0}, 0x20) getsockopt$inet6_buf(r0, 0x29, 0xd3, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x17, 0x8, 0x0, 0x0, 0x5a, @mcast2, @local, 0x10, 0x1}}) socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000140)={0x1, 0x1, 0x0, r1}, 0xc) 19.376907657s ago: executing program 1 (id=376): r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}}, 0x0) 19.176149598s ago: executing program 1 (id=378): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="3c75c2015e8724b5a4c586f2ae924b27", 0x10) r1 = accept$alg(r0, 0x0, 0x0) r2 = dup(r1) sendmmsg$alg(r2, &(0x7f00000042c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000c80)="d0e8aae45597b31edd817fddb8da23863260feba96f07bc2d696fcf4c0547f845f43bb236c2adad75274e86a8af5f61d9054f40add4bf207", 0x38}, {&(0x7f0000000d00)="0ff72a74c3b410519a1f09da23abc637d8f70ab1ab7db039f9576ada18b9b34adbf8e362447e0a8933db55dd43108ef68fa6e2fb53b3eb215ba7aa81efa41d25e31eba1d3421202ef2ec17f59a9352978f2e834165a5d6e9b630b154d9b53852212e45babb25066b4a5b47dedbf12988eb98cfbbd36a751827562effe576bf81aef9fafe4874a1e92b38d60f4c", 0x8d}, {&(0x7f0000000dc0)="7c33a1e7c75f2d3ba82db0a793401718acb27d593148f95a139e4fa3d88158c91c6f7b7104242148a6e5ecc3ba7597f464bb9a4d44dee8c4d9aed7f9b48644f23a82666f3966b68ea9bfecd9a59a2648ac4cbe868c139cffbde5949777fb7c7553e5c2183ef7f554", 0x68}], 0x3, &(0x7f0000001080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) recvmsg(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/163, 0xa3}, {&(0x7f0000000240)=""/135, 0x87}], 0x2}, 0x0) 17.984459043s ago: executing program 1 (id=384): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_freezer_state(r1, &(0x7f00000000c0), 0x2, 0x0) r3 = openat$cgroup_procs(r1, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000180), 0x12) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) write$cgroup_freezer_state(r2, &(0x7f0000000400)='FROZEN\x00', 0x7) close(r5) write$cgroup_freezer_state(r2, &(0x7f0000000200)='THAWED\x00', 0x7) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000001000001d00"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$TUNSETLINK(r8, 0x400454cd, 0x339) r9 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) close(r8) r10 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0}, 0x1, 0x0, 0x0, 0x20000001}, 0x4001) getsockname$packet(r10, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xd, r11}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0) 16.689321763s ago: executing program 1 (id=390): syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04085a96e26629"], 0x7) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x50) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x30, 0x4, 0x0, 0x0, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010102}, {@multicast1}, {@remote, 0x8000}, {@dev, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0xf}}, {@remote}, {@multicast2, 0xb}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) socket$inet6(0xa, 0x0, 0x0) mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x0, &(0x7f0000007000/0x1000)=nil) r5 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r6 = socket$pppl2tp(0x18, 0x1, 0x1) r7 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @dev}, 0x2}}, 0x2e) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r8 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_PKTINFO(r8, 0x10e, 0xc, &(0x7f0000000040)=0x8, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) 15.665190909s ago: executing program 1 (id=394): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r2 = memfd_create(&(0x7f00000005c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\xf1\x05\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\xb8\'\xa6\xac\x8fe\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2\xdfGX\xd9\xaa4\xd7\x00\xdc\xe1\x18\xbc\x9a\x8a\x7f-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00iR%\x10\x80K\x1a\x9c\xa9\x1f\x12\xe4\xe5j[W\xde\v\x9d\x0f6V \x03\x96(\xe3K\xa4\x02\x11\xe1\f\x82g(\xa1\x8e!|\x80\xf3\xc8\x873\x10\"\xb2\x17\xf0\xf0\xc4aR\x96+\xf8H\xaa\v)\x92\xfa\xc2\x9e\xa5\x17\x1e<\x19R\x8b\x84I\xa7\xe2\\\x9eM\x17\xa0}!\xc5y\x84\t\x88\xa4D}\n\xbc\xd8H:E\xa2V\x88\n\xc8\xda\x92\xc1\xcdE\xb3BK\xd7\xe7\xe8\xaa\xb0\x00\xd3Tx\xd4<\xe8\x00\n\xcb7\xfa\xab\xabT\xd6bwu\xf9\x9b', 0x6) fcntl$addseals(r2, 0x409, 0x7) ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000100)={r2, 0x0, 0x0, 0x1000}) 9.581400594s ago: executing program 0 (id=309): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) symlinkat(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00') unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r2 = memfd_create(&(0x7f00000005c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\xf1\x05\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\xb8\'\xa6\xac\x8fe\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2\xdfGX\xd9\xaa4\xd7\x00\xdc\xe1\x18\xbc\x9a\x8a\x7f-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00iR%\x10\x80K\x1a\x9c\xa9\x1f\x12\xe4\xe5j[W\xde\v\x9d\x0f6V \x03\x96(\xe3K\xa4\x02\x11\xe1\f\x82g(\xa1\x8e!|\x80\xf3\xc8\x873\x10\"\xb2\x17\xf0\xf0\xc4aR\x96+\xf8H\xaa\v)\x92\xfa\xc2\x9e\xa5\x17\x1e<\x19R\x8b\x84I\xa7\xe2\\\x9eM\x17\xa0}!\xc5y\x84\t\x88\xa4D}\n\xbc\xd8H:E\xa2V\x88\n\xc8\xda\x92\xc1\xcdE\xb3BK\xd7\xe7\xe8\xaa\xb0\x00\xd3Tx\xd4<\xe8\x00\n\xcb7\xfa\xab\xabT\xd6bwu\xf9\x9b', 0x6) fcntl$addseals(r2, 0x409, 0x7) ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000100)={r2, 0x0, 0x0, 0x1000}) 6.7392406s ago: executing program 4 (id=421): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x80c002000104082, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000b, 0x13, r0, 0x0) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000000040)) 6.572840083s ago: executing program 4 (id=422): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000340)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000001c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000580)={&(0x7f0000000540)=[0x0, 0x0], &(0x7f0000000300), 0x2, r5}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000200)=[0x8], &(0x7f00000003c0)=[r6, r6], &(0x7f0000000340)}) 5.964450415s ago: executing program 4 (id=423): r0 = socket(0x10, 0x3, 0x0) gettid() bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)=ANY=[@ANYBLOB="e0020000", @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="c302"], 0x2e0}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x800) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2}}}]}}]}, 0x58}}, 0x0) sendmsg$nl_crypto(r0, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="f8000000130000032bbd7000fbdbdf25736d33000000000000000000000000000000000000000000005c00000000000000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ff000000000000000000000000000000000000000000000000000000000000000000000000009756b5cc0000000000000000000000000800010006000000080001000700000008000100080000004193d771b502d359f45d6fe9f6280057050db037cd761da9bd201d37ce8c80f06ad3c796f09492bb48019698e24033faa48869329c58f25ea79c76b11d5101c8fee4324fc94623a056aef641aba4a922deb61aa6167a0cf1ddada4eb0ee58e3a62c3e7ae8d522984025bac713094e2cc21e9c2ef4bb6767c295ee493cf7f7c7eae0c4c50db355041af4c7cd6b564334cdc01c5"], 0xf8}, 0x1, 0x0, 0x0, 0x1}, 0x884) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x0) r7 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f000000d040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x3c}}, 0x0) sendmsg(r7, &(0x7f00000000c0)={0x0, 0x9588, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2) r9 = syz_io_uring_setup(0x6aa6, &(0x7f0000000380)={0x0, 0x2c01, 0x8, 0x1, 0x8d}, &(0x7f0000000180), &(0x7f0000000300)) syz_io_uring_setup(0x5169, &(0x7f0000000480)={0x0, 0x0, 0x400, 0x800, 0x2f0, 0x0, r9}, &(0x7f0000000100), &(0x7f0000000340)=0x0) syz_io_uring_setup(0xeba, &(0x7f0000000280)={0x0, 0x0, 0x80}, &(0x7f0000000040)=0x0, &(0x7f00000005c0)) syz_io_uring_submit(r11, r10, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index=0x3, 0x0, 0x0}) write(r8, &(0x7f0000000040), 0x0) ioctl$VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000080)={0xf0f046}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) getgid() 4.716940289s ago: executing program 2 (id=426): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r0, 0x104, 0x0, 0x0, &(0x7f0000000140)) 4.626018093s ago: executing program 2 (id=427): r0 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000006000)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @local}, {0x2, 0x0, @broadcast}}) r1 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000000)={'lo\x00'}) 3.30239536s ago: executing program 2 (id=428): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001280)=ANY=[@ANYBLOB="3400000010000104000009040000000000000000"], 0x34}}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b7020000910c0000bfa30000000000000703000000feffff7a0af0ff0d00000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000009000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484512bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa00000000690e000000000000008b798b4f7458d1863cc67c4c6a06fa28e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc7a65d073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db841659c1c7c77a699a881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f838f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4de40839ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b32176066599783568628f0309c3a01716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d247714358d8b170c3b5cad11f72cd9d88e56b95fe9f3de5cfcfa5c1da8ba181580d9db035efe38834de171b64f4b4c1b242786dcc5679e3d0613cdf05b02d7ad4f3b8af27a696e9b8809c2d68fddfcbd451e81d37c11f95094b91fff61ab9e69780b133d1dbca5a78695131c34c855dd793f90ca3973a4bd5606151b3600373d2bbfb7b3638e713e7275af06107949ff5dffe24d3c448ae6e4646b346fe0a21eef1e55d0659eac930d00000000000ff52b98317c45417b900a47c1ae1103c09fc173c1cf28bf7ef7a61523c6b2dbb35f5ae29877bb8e1b3e257056c0d205d391ed7b2089a72a93885b9fc8430ff"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x1f2f, 0xf, 0x3253, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) 3.148577634s ago: executing program 4 (id=429): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_freezer_state(r1, &(0x7f00000000c0), 0x2, 0x0) r3 = openat$cgroup_procs(r1, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000180), 0x12) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) write$cgroup_freezer_state(r2, &(0x7f0000000400)='FROZEN\x00', 0x7) close(r5) write$cgroup_freezer_state(r2, &(0x7f0000000200)='THAWED\x00', 0x7) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000001000001d00"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$TUNSETLINK(r8, 0x400454cd, 0x339) r9 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) close(r8) r10 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0}, 0x1, 0x0, 0x0, 0x20000001}, 0x4001) getsockname$packet(r10, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xd, r11}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0) 3.148040787s ago: executing program 3 (id=430): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_IO(r0, 0x2285, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}], 0x38) write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xc4) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000980)) 3.03863145s ago: executing program 3 (id=431): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) r2 = dup(r1) sendmmsg$alg(r2, &(0x7f00000042c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000c80)="d0e8aae45597b31edd817fddb8da23863260feba96f07bc2d696fcf4c0547f845f43bb236c2adad75274e86a8af5f61d9054f40add4bf207", 0x38}, {&(0x7f0000000d00)="0ff72a74c3b410519a1f09da23abc637d8f70ab1ab7db039f9576ada18b9b34adbf8e362447e0a8933db55dd43108ef68fa6e2fb53b3eb215ba7aa81efa41d25e31eba1d3421202ef2ec17f59a9352978f2e834165a5d6e9b630b154d9b53852212e45babb25066b4a5b47dedbf12988eb98cfbbd36a751827562effe576bf81aef9fafe4874a1e92b38d60f4c", 0x8d}, {&(0x7f0000000dc0)="7c33a1e7c75f2d3ba82db0a793401718acb27d593148f95a139e4fa3d88158c91c6f7b7104242148a6e5ecc3ba7597f464bb9a4d44dee8c4d9aed7f9b48644f23a82666f3966b68ea9bfecd9a59a2648ac4cbe868c139cffbde5949777fb7c7553e5c2183ef7f554", 0x68}], 0x3, &(0x7f0000001080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) recvmsg(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/163, 0xa3}, {&(0x7f0000000240)=""/135, 0x87}], 0x2}, 0x0) 2.024944956s ago: executing program 2 (id=432): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x4c, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0) socket$packet(0x11, 0x3, 0x300) r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) r6 = openat$cgroup_pressure(r5, &(0x7f00000014c0)='cpu.pressure\x00', 0x2, 0x0) read(r6, &(0x7f0000000040)=""/252, 0xfc) r7 = socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', 0x0}) setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f00000000c0)={r8, 0x2, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x10) r9 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r9, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'}) 1.795046983s ago: executing program 3 (id=433): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000340)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000001c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000580)={&(0x7f0000000540)=[0x0, 0x0], &(0x7f0000000300), 0x2, r5}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000200)=[0x8], &(0x7f00000003c0)=[r6, r6], &(0x7f0000000340)}) 1.776622555s ago: executing program 4 (id=434): ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000180)=0xfffffff9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="e000000010000b0500000000000000006f6d8864d22a3f2ffaa46c88bca90000002b0e13e735a3184f1b3d6da2f1acfac0ee50d2b184b27db1f302de337c0004060000000000bf852c89867f6691b01b2d44"], 0xe0}], 0x1}, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x20242, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8001}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) 684.270968ms ago: executing program 3 (id=435): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x48}}, 0x0) 595.197484ms ago: executing program 2 (id=436): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000000c0)=@abs={0x1}, 0x6e) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r1}, 0x10) bind$unix(r0, &(0x7f0000000140)=@abs={0x1}, 0x6e) 463.842305ms ago: executing program 4 (id=437): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x2a, 0xfffffffffffffffc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) truncate(0x0, 0x8000000000000000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000002300)=""/250, 0xfa}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'hsr0\x00'}) socket$packet(0x11, 0x3, 0x300) socket(0x840000000002, 0x0, 0xff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000010000000800"], 0x50}}, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r3, 0x40047451, &(0x7f0000001880)) ioctl$PPPIOCSFLAGS1(r3, 0x40047459, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0xf, &(0x7f0000000280)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 352.632009ms ago: executing program 2 (id=438): memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000600)={'#! ', './file0', [{0x20, '#!\xd4\x05\x00\x00\x00\x00\xec\x00\x00\x00\x00\xe5\xff\x8d\xff\xf1\xe1\xa6\x82E\x1f.f\xe0\xe6\x8b\xbb\xea5K\xae\x99\xe6\x82\x19\xbe\x1f\xa2\xb0\xa2\xe6\xef\xbe\xe7\xd2\xee\x82\xec\x0e\xac0x0}) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x80f3, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) syz_usb_control_io$hid(r0, 0x0, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x40030000000000}, 0x0) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x4c, r4, 0x0, 0x0, 0x25dfdbfc, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'dvmrp0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) connect$tipc(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000006740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) bind$tipc(r1, &(0x7f0000000100)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x4}}, 0x10) syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 339.849872ms ago: executing program 3 (id=439): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a00)=@newtaction={0x60, 0x1c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x4c, 0x1, [@m_ct={0x48, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x1d, 0x6, "a5b04004992bdc99067c22367cd123ea503924f844d35f9b07"}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0) 0s ago: executing program 3 (id=440): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r5, &(0x7f0000000a80)={0x0, 0x0, 0x0}, 0x0) recvmsg(r5, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r2, @ANYBLOB="a9418aab7463eb923f536a7c261c6c67d09c2ab00cc5b1329334f78b66bb6cd8b683ba7a475ebbbe36f8b2a43fd4d78b6722"], 0x1c}}, 0x0) write$nci(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="4f06011805"], 0x5) r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r8) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r9 = inotify_init1(0x0) fcntl$setown(r9, 0x8, 0xffffffffffffffff) fcntl$getownex(r9, 0x10, &(0x7f0000000140)={0x0, 0x0}) r11 = syz_open_procfs(r10, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r11, 0x4004662b, &(0x7f0000000180)={@id={0x2, 0x0, @auto="ffee8e7268b4fecd2fce2d54fbd909e4"}}) kernel console output (not intermixed with test programs): t allmulticast mode [ 198.396884][ T339] bridge_slave_0: left promiscuous mode [ 198.411549][ T339] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.700815][ T6536] loop3: detected capacity change from 0 to 32768 [ 198.725246][ T6536] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 198.825670][ T6536] XFS (loop3): Ending clean mount [ 198.926692][ T5089] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 199.314551][ T339] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 199.334104][ T339] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 199.358300][ T339] bond0 (unregistering): Released all slaves [ 199.438011][ T9] usb 1-1: USB disconnect, device number 2 [ 199.643825][ T5095] Bluetooth: hci6: command tx timeout [ 199.843048][ T6551] syzkaller0: entered promiscuous mode [ 199.855146][ T6551] syzkaller0: entered allmulticast mode [ 199.951936][ T6557] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 201.695132][ T5095] Bluetooth: hci6: command tx timeout [ 202.522239][ T6572] loop4: detected capacity change from 0 to 32768 [ 202.562957][ T6572] xfs: Unknown parameter 'uid>18446744073709551615' [ 202.966333][ T5094] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 203.164124][ T5094] usb 5-1: Using ep0 maxpacket: 8 [ 203.177626][ T5094] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 203.186846][ T5094] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 203.200511][ T5094] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 203.241975][ T5094] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 203.251255][ T5094] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.264639][ T5094] usb 5-1: Product: syz [ 203.268906][ T5094] usb 5-1: Manufacturer: syz [ 203.275824][ T5094] usb 5-1: SerialNumber: syz [ 203.727087][ T6592] netlink: 12 bytes leftover after parsing attributes in process `syz.4.221'. [ 203.769700][ T5095] Bluetooth: hci6: command tx timeout [ 204.601387][ T6572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.221'. [ 204.652962][ T5140] usb 5-1: USB disconnect, device number 4 [ 204.820292][ T339] hsr_slave_0: left promiscuous mode [ 204.831653][ T339] hsr_slave_1: left promiscuous mode [ 204.860752][ T339] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 204.868572][ T339] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 204.879567][ T339] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 204.905321][ T339] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 205.015718][ T339] veth1_macvtap: left promiscuous mode [ 205.028856][ T339] veth0_macvtap: left promiscuous mode [ 205.035078][ T339] veth1_vlan: left promiscuous mode [ 205.042635][ T339] veth0_vlan: left promiscuous mode [ 205.547236][ T5100] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 205.560187][ T5100] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 205.573815][ T5100] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 205.583982][ T5100] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 205.592059][ T5100] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 205.601003][ T5100] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 207.068991][ T5104] Bluetooth: hci0: command 0x206a tx timeout [ 207.075298][ T5104] Bluetooth: hci2: command 0x0406 tx timeout [ 207.322233][ T6611] loop3: detected capacity change from 0 to 32768 [ 207.355948][ T6611] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.230 (6611) [ 207.432306][ T6611] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 207.452920][ T339] team0 (unregistering): Port device team_slave_1 removed [ 207.471777][ T6611] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 207.492320][ T6611] BTRFS info (device loop3): using free-space-tree [ 207.617129][ T339] team0 (unregistering): Port device team_slave_0 removed [ 207.686883][ T5095] Bluetooth: hci4: command tx timeout [ 207.872128][ T5089] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 209.439081][ T6640] syzkaller0: entered promiscuous mode [ 209.445491][ T6640] syzkaller0: entered allmulticast mode [ 209.526056][ T6652] loop4: detected capacity change from 0 to 16 [ 209.562634][ T6652] erofs: (device loop4): mounted with root inode @ nid 36. [ 209.600996][ T6645] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 209.777386][ T5095] Bluetooth: hci4: command tx timeout [ 211.853729][ T5095] Bluetooth: hci4: command tx timeout [ 212.903803][ T5140] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 213.124173][ T5140] usb 1-1: Using ep0 maxpacket: 8 [ 213.132663][ T5140] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 213.142283][ T5140] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 213.155304][ T5140] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 213.167838][ T5140] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 213.177722][ T5140] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.187904][ T5140] usb 1-1: Product: syz [ 213.192135][ T5140] usb 1-1: Manufacturer: syz [ 213.197504][ T5140] usb 1-1: SerialNumber: syz [ 213.596983][ T6669] netlink: 4 bytes leftover after parsing attributes in process `syz.0.238'. [ 213.633612][ T6670] netlink: 12 bytes leftover after parsing attributes in process `syz.0.238'. [ 213.732000][ T928] usb 1-1: USB disconnect, device number 3 [ 213.924252][ T5095] Bluetooth: hci4: command tx timeout [ 214.304155][ T6673] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 215.374392][ T6679] syzkaller0: entered promiscuous mode [ 215.391459][ T6679] syzkaller0: entered allmulticast mode [ 215.845318][ T8] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 216.054474][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 216.090612][ T8] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08 [ 216.116545][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.125571][ T8] usb 1-1: Product: syz [ 216.129891][ T8] usb 1-1: Manufacturer: syz [ 216.151348][ T8] usb 1-1: SerialNumber: syz [ 216.169073][ T8] usb 1-1: config 0 descriptor?? [ 216.191474][ T8] go7007 1-1:0.0: probe with driver go7007 failed with error -12 [ 216.400657][ T5094] usb 1-1: USB disconnect, device number 4 [ 217.603682][ T5095] Bluetooth: hci5: command tx timeout [ 218.419864][ T6738] pim6reg: entered allmulticast mode [ 218.467970][ T6606] chnl_net:caif_netlink_parms(): no params data found [ 218.770026][ T6501] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 218.826955][ T6501] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 218.855547][ T6501] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 218.896742][ T6501] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 218.982186][ T6606] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.991810][ T6606] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.999541][ T6606] bridge_slave_0: entered allmulticast mode [ 219.008512][ T6606] bridge_slave_0: entered promiscuous mode [ 219.020309][ T6606] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.030411][ T6606] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.038085][ T6606] bridge_slave_1: entered allmulticast mode [ 219.046135][ T6606] bridge_slave_1: entered promiscuous mode [ 219.108562][ T6606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.122520][ T6606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.170956][ T6606] team0: Port device team_slave_0 added [ 219.187606][ T6606] team0: Port device team_slave_1 added [ 219.235682][ T6606] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.242707][ T6606] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.269085][ C1] vkms_vblank_simulate: vblank timer overrun [ 219.282175][ T6606] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.298491][ T6606] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.305712][ T6606] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.345288][ T6606] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 220.640418][ T6606] hsr_slave_0: entered promiscuous mode [ 220.666147][ T6606] hsr_slave_1: entered promiscuous mode [ 220.710694][ T6606] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 220.737920][ T6606] Cannot create hsr debugfs directory [ 220.988601][ T6762] syzkaller0: entered promiscuous mode [ 221.003842][ T6762] syzkaller0: entered allmulticast mode [ 221.006523][ T6766] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 221.045250][ T5100] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 221.067774][ T5100] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 221.082029][ T5100] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 221.092830][ T5100] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 221.101300][ T5100] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 221.109244][ T5100] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 222.363594][ T928] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 222.563529][ T928] usb 1-1: Using ep0 maxpacket: 32 [ 222.590810][ T928] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08 [ 222.601187][ T928] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.627513][ T928] usb 1-1: Product: syz [ 222.631724][ T928] usb 1-1: Manufacturer: syz [ 222.653466][ T928] usb 1-1: SerialNumber: syz [ 222.684360][ T928] usb 1-1: config 0 descriptor?? [ 222.701545][ T928] go7007 1-1:0.0: probe with driver go7007 failed with error -12 [ 222.900161][ T8] usb 1-1: USB disconnect, device number 5 [ 223.217533][ T5095] Bluetooth: hci7: command tx timeout [ 223.977490][ T6501] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.083933][ T5095] Bluetooth: hci5: command tx timeout [ 224.171983][ T6606] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.218733][ T6501] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.320152][ T931] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.327590][ T931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.395155][ T6606] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.431644][ T931] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.438995][ T931] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.723273][ T6606] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.292786][ T5095] Bluetooth: hci7: command tx timeout [ 225.453699][ T6770] chnl_net:caif_netlink_parms(): no params data found [ 225.597748][ T6606] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.841909][ T6798] syzkaller0: entered promiscuous mode [ 225.848558][ T6798] syzkaller0: entered allmulticast mode [ 226.035306][ T6770] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.045481][ T6770] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.052864][ T6770] bridge_slave_0: entered allmulticast mode [ 226.063568][ T6770] bridge_slave_0: entered promiscuous mode [ 226.107739][ T6805] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 226.298416][ T6770] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.332725][ T6770] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.341407][ T6770] bridge_slave_1: entered allmulticast mode [ 226.371631][ T6770] bridge_slave_1: entered promiscuous mode [ 226.588794][ T6770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.620399][ T6770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.017704][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 227.363764][ T4489] Bluetooth: hci7: command tx timeout [ 227.523741][ T4489] Bluetooth: hci1: command 0x0406 tx timeout [ 227.591919][ T5104] Bluetooth: hci3: command 0x0406 tx timeout [ 229.444332][ T5095] Bluetooth: hci7: command tx timeout [ 229.557923][ T6770] team0: Port device team_slave_0 added [ 229.604392][ T6606] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 229.630627][ T6606] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 229.697985][ T6770] team0: Port device team_slave_1 added [ 229.882769][ T6606] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 230.001575][ T6770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 230.009527][ T6770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.051189][ T6770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 230.078688][ T6606] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 230.170548][ T6823] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 230.304270][ T6831] syzkaller0: entered promiscuous mode [ 230.339265][ T6831] syzkaller0: entered allmulticast mode [ 230.350818][ T6770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 230.555837][ T6770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.581931][ C1] vkms_vblank_simulate: vblank timer overrun [ 230.620838][ T6770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 233.980003][ T6770] hsr_slave_0: entered promiscuous mode [ 233.989285][ T6770] hsr_slave_1: entered promiscuous mode [ 234.002069][ T6770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 234.011055][ T6770] Cannot create hsr debugfs directory [ 234.104227][ T6501] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.407412][ T6501] veth0_vlan: entered promiscuous mode [ 234.482964][ T6501] veth1_vlan: entered promiscuous mode [ 234.740162][ T6770] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.238606][ T6606] 8021q: adding VLAN 0 to HW filter on device bond0 [ 235.360376][ T6770] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.399154][ T6501] veth0_macvtap: entered promiscuous mode [ 235.421654][ T6501] veth1_macvtap: entered promiscuous mode [ 235.497785][ T6770] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.534263][ T6606] 8021q: adding VLAN 0 to HW filter on device team0 [ 235.571924][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.582968][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.593312][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.614932][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.627751][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.638866][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.648919][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.659830][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.669757][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.680499][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.697189][ T6501] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.745154][ T6770] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.772208][ T931] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.779489][ T931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 235.795681][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.813639][ T5140] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 235.813664][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.827393][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.843670][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.857064][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.867590][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.878461][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.889040][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.899418][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.909939][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.933627][ T6501] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.946090][ T6501] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.955147][ T6501] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.967480][ T6501] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.976368][ T6501] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.995049][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 236.002274][ T5094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 236.020306][ T5140] usb 1-1: Using ep0 maxpacket: 8 [ 236.031642][ T5140] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 236.054675][ T5140] usb 1-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=db.d0 [ 236.064846][ T5140] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.082994][ T5140] usb 1-1: config 0 descriptor?? [ 236.202795][ T5140] rtsx_usb 1-1:0.0: probe with driver rtsx_usb failed with error -8 [ 236.365911][ T339] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.423899][ T339] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.564830][ T6878] syzkaller0: entered promiscuous mode [ 236.570495][ T6878] syzkaller0: entered allmulticast mode [ 236.641034][ T5140] usb 1-1: USB disconnect, device number 6 [ 236.750478][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.757944][ T6770] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 236.804543][ T6885] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 236.807665][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.977906][ T6770] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 237.025950][ T6770] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 237.058387][ T6770] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 238.100127][ T6892] loop1: detected capacity change from 0 to 32768 [ 238.135068][ T6892] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.206 (6892) [ 238.209346][ T6892] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 238.221559][ T6892] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 238.230790][ T6892] BTRFS info (device loop1): using free-space-tree [ 238.583200][ T6501] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 242.243419][ C1] DEBUG: holding rtnl_mutex for 516 jiffies. [ 242.249628][ C1] task:syz.3.278 state:R running task stack:24672 pid:6876 tgid:6876 ppid:5089 flags:0x00004006 [ 242.261472][ C1] Call Trace: [ 242.264928][ C1] [ 242.267915][ C1] __schedule+0x1800/0x4a60 [ 242.272505][ C1] ? __pfx___schedule+0x10/0x10 [ 242.277632][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 242.283697][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 242.289037][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 242.294335][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 242.300170][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 242.305821][ C1] irqentry_exit+0x5e/0x90 [ 242.310419][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 242.316487][ C1] RIP: 0010:lockdep_unregister_key+0x56d/0x610 [ 242.322672][ C1] Code: ff 92 48 c7 c6 10 bc 6f 81 e8 8f 04 0a 00 e8 fa 18 0a 00 e9 e5 fb ff ff e8 c0 62 21 0a 41 f7 c7 00 02 00 00 74 d0 fb 45 84 f6 <75> cf eb e0 90 0f 0b 90 45 31 f6 e9 62 ff ff ff 90 0f 0b 90 e9 a1 [ 242.342333][ C1] RSP: 0018:ffffc900030c7820 EFLAGS: 00000246 [ 242.348461][ C1] RAX: dffffc0000000000 RBX: 1ffff92000618f0c RCX: ffffffff947f4803 [ 242.356573][ C1] RDX: 0000000000000001 RSI: ffffffff8bcad5e0 RDI: ffffffff8c207f20 [ 242.364736][ C1] RBP: ffffc900030c78f8 R08: ffffffff92ffde7f R09: 1ffffffff25ffbcf [ 242.373517][ C1] R10: dffffc0000000000 R11: fffffbfff25ffbd0 R12: ffffc900030c7860 [ 242.381554][ C1] R13: 1ffff92000618f08 R14: 0000000000000000 R15: 0000000000000a02 [ 242.389606][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 242.395554][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 242.402196][ C1] ? __qdisc_destroy+0x150/0x410 [ 242.407769][ C1] ? kfree+0x149/0x360 [ 242.411898][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 242.417524][ C1] __qdisc_destroy+0x165/0x410 [ 242.422398][ C1] dev_shutdown+0x9b/0x440 [ 242.426891][ C1] unregister_netdevice_many_notify+0x9c7/0x1d20 [ 242.433433][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 242.440375][ C1] ? mark_lock+0x9a/0x360 [ 242.444801][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 242.450827][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 242.457218][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 242.462463][ C1] unregister_netdevice_queue+0x303/0x370 [ 242.468449][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 242.474875][ C1] __tun_detach+0x6b6/0x1600 [ 242.479542][ C1] tun_chr_close+0x108/0x1b0 [ 242.484180][ C1] ? __pfx_tun_chr_close+0x10/0x10 [ 242.489323][ C1] __fput+0x24a/0x8a0 [ 242.493476][ C1] task_work_run+0x24f/0x310 [ 242.498087][ C1] ? __pfx_task_work_run+0x10/0x10 [ 242.503399][ C1] ? syscall_exit_to_user_mode+0xa3/0x370 [ 242.509256][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 242.514953][ C1] do_syscall_64+0x100/0x230 [ 242.519585][ C1] ? clear_bhb_loop+0x35/0x90 [ 242.524457][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.530412][ C1] RIP: 0033:0x7f6a06775bd9 [ 242.534909][ C1] RSP: 002b:00007fffac787678 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 242.543407][ C1] RAX: 0000000000000000 RBX: 00007f6a06905a60 RCX: 00007f6a06775bd9 [ 242.551648][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 242.559722][ C1] RBP: 00007f6a06905a60 R08: 0000000000000006 R09: 0000001eac7879af [ 242.567895][ C1] R10: 00000000003ffbe8 R11: 0000000000000246 R12: 0000000000039df4 [ 242.576058][ C1] R13: 0000000000000032 R14: 00007f6a06905a60 R15: 00007fffac787760 [ 242.584231][ C1] [ 242.587295][ C1] DEBUG: waiting rtnl_mutex for 549 jiffies. [ 242.593578][ C1] task:kworker/0:1 state:D stack:23800 pid:9 tgid:9 ppid:2 flags:0x00004000 [ 242.604110][ C1] Workqueue: events linkwatch_event [ 242.609378][ C1] Call Trace: [ 242.612685][ C1] [ 242.615791][ C1] __schedule+0x1800/0x4a60 [ 242.620522][ C1] ? __pfx___schedule+0x10/0x10 [ 242.625475][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 242.631575][ C1] ? __pfx_lock_release+0x10/0x10 [ 242.636860][ C1] ? kick_pool+0x1bd/0x620 [ 242.641531][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 242.646842][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 242.652074][ C1] ? schedule+0x90/0x320 [ 242.656504][ C1] schedule+0x14b/0x320 [ 242.660724][ C1] schedule_preempt_disabled+0x13/0x30 [ 242.666255][ C1] __mutex_lock+0x6a4/0xd70 [ 242.670783][ C1] ? __mutex_lock+0x527/0xd70 [ 242.675520][ C1] ? linkwatch_event+0xe/0x60 [ 242.680282][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 242.685397][ C1] ? get_rtnl_holder+0x144/0x190 [ 242.690372][ C1] ? process_scheduled_works+0x945/0x1830 [ 242.696173][ C1] linkwatch_event+0xe/0x60 [ 242.700778][ C1] process_scheduled_works+0xa2c/0x1830 [ 242.706690][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 242.712808][ C1] ? assign_work+0x364/0x3d0 [ 242.717658][ C1] worker_thread+0x86d/0xd40 [ 242.722300][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 242.728294][ C1] ? __kthread_parkme+0x169/0x1d0 [ 242.733507][ C1] ? __pfx_worker_thread+0x10/0x10 [ 242.738735][ C1] kthread+0x2f0/0x390 [ 242.742873][ C1] ? __pfx_worker_thread+0x10/0x10 [ 242.748109][ C1] ? __pfx_kthread+0x10/0x10 [ 242.752749][ C1] ret_from_fork+0x4b/0x80 [ 242.757324][ C1] ? __pfx_kthread+0x10/0x10 [ 242.762057][ C1] ret_from_fork_asm+0x1a/0x30 [ 242.767096][ C1] [ 242.770347][ C1] DEBUG: waiting rtnl_mutex for 566 jiffies. [ 242.776975][ C1] task:syz-executor state:D stack:19376 pid:6606 tgid:6606 ppid:6602 flags:0x00004000 [ 242.787751][ C1] Call Trace: [ 242.791110][ C1] [ 242.794291][ C1] __schedule+0x1800/0x4a60 [ 242.799123][ C1] ? __pfx___schedule+0x10/0x10 [ 242.804310][ C1] ? __pfx_lock_release+0x10/0x10 [ 242.809898][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 242.815674][ C1] ? schedule+0x90/0x320 [ 242.820458][ C1] schedule+0x14b/0x320 [ 242.825329][ C1] schedule_preempt_disabled+0x13/0x30 [ 242.831025][ C1] __mutex_lock+0x6a4/0xd70 [ 242.835706][ C1] ? __mutex_lock+0x527/0xd70 [ 242.840448][ C1] ? rtnetlink_rcv_msg+0x847/0x1180 [ 242.845846][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 242.851135][ C1] ? get_rtnl_holder+0x144/0x190 [ 242.856263][ C1] rtnetlink_rcv_msg+0x847/0x1180 [ 242.861536][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 242.867040][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 242.872888][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 242.878565][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 242.883896][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 242.889526][ C1] ? dev_hard_start_xmit+0x773/0x7e0 [ 242.895073][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 242.900297][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 242.906568][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 242.911753][ C1] ? __dev_queue_xmit+0x1763/0x3e90 [ 242.917059][ C1] ? kasan_save_track+0x51/0x80 [ 242.921938][ C1] ? do_syscall_64+0xf3/0x230 [ 242.926835][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 242.931977][ C1] ? __pfx___dev_queue_xmit+0x10/0x10 [ 242.937549][ C1] ? ref_tracker_free+0x643/0x7e0 [ 242.942821][ C1] netlink_rcv_skb+0x1e3/0x430 [ 242.947723][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 242.953549][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 242.958903][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 242.964338][ C1] netlink_unicast+0x7f0/0x990 [ 242.969179][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 242.974544][ C1] ? __virt_addr_valid+0x183/0x530 [ 242.979679][ C1] ? __check_object_size+0x49c/0x900 [ 242.985056][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 242.990225][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 242.995112][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 243.000495][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 243.005617][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 243.011244][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 243.017221][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 243.023251][ C1] __sock_sendmsg+0x221/0x270 [ 243.028217][ C1] __sys_sendto+0x3a4/0x4f0 [ 243.032753][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 243.037853][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 243.043983][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.050373][ C1] __x64_sys_sendto+0xde/0x100 [ 243.055221][ C1] do_syscall_64+0xf3/0x230 [ 243.059745][ C1] ? clear_bhb_loop+0x35/0x90 [ 243.064482][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.070428][ C1] RIP: 0033:0x7f58c4f7796c [ 243.074894][ C1] RSP: 002b:00007fff33898b40 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 243.083330][ C1] RAX: ffffffffffffffda RBX: 00007f58c5c34620 RCX: 00007f58c4f7796c [ 243.091597][ C1] RDX: 000000000000002c RSI: 00007f58c5c34670 RDI: 0000000000000003 [ 243.099721][ C1] RBP: 0000000000000000 R08: 00007fff33898b94 R09: 000000000000000c [ 243.108201][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 243.116438][ C1] R13: 0000000000000000 R14: 00007f58c5c34670 R15: 0000000000000000 [ 243.124558][ C1] [ 243.127617][ C1] DEBUG: waiting rtnl_mutex for 602 jiffies. [ 243.133715][ C1] task:kworker/u8:0 state:D stack:21040 pid:11 tgid:11 ppid:2 flags:0x00004000 [ 243.144270][ C1] Workqueue: ipv6_addrconf addrconf_dad_work [ 243.150324][ C1] Call Trace: [ 243.153706][ C1] [ 243.156754][ C1] __schedule+0x1800/0x4a60 [ 243.161419][ C1] ? __pfx___schedule+0x10/0x10 [ 243.166376][ C1] ? __pfx_lock_release+0x10/0x10 [ 243.171461][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 243.176991][ C1] ? kthread_data+0x52/0xd0 [ 243.181635][ C1] ? schedule+0x90/0x320 [ 243.185997][ C1] ? wq_worker_sleeping+0x66/0x240 [ 243.191164][ C1] ? schedule+0x90/0x320 [ 243.195473][ C1] schedule+0x14b/0x320 [ 243.199674][ C1] schedule_preempt_disabled+0x13/0x30 [ 243.205221][ C1] __mutex_lock+0x6a4/0xd70 [ 243.209760][ C1] ? mark_lock+0x9a/0x360 [ 243.214756][ C1] ? __mutex_lock+0x527/0xd70 [ 243.219453][ C1] ? addrconf_dad_work+0xd0/0x16f0 [ 243.224629][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 243.229800][ C1] ? get_rtnl_holder+0x144/0x190 [ 243.235058][ C1] addrconf_dad_work+0xd0/0x16f0 [ 243.240116][ C1] ? __pfx_addrconf_dad_work+0x10/0x10 [ 243.246018][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.253324][ C1] ? process_scheduled_works+0x945/0x1830 [ 243.259373][ C1] process_scheduled_works+0xa2c/0x1830 [ 243.265055][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 243.271190][ C1] ? assign_work+0x364/0x3d0 [ 243.275884][ C1] worker_thread+0x86d/0xd40 [ 243.280776][ C1] ? __kthread_parkme+0x169/0x1d0 [ 243.285884][ C1] ? __pfx_worker_thread+0x10/0x10 [ 243.291019][ C1] kthread+0x2f0/0x390 [ 243.295192][ C1] ? __pfx_worker_thread+0x10/0x10 [ 243.300332][ C1] ? __pfx_kthread+0x10/0x10 [ 243.305066][ C1] ret_from_fork+0x4b/0x80 [ 243.309588][ C1] ? __pfx_kthread+0x10/0x10 [ 243.314434][ C1] ret_from_fork_asm+0x1a/0x30 [ 243.319341][ C1] [ 243.322391][ C1] DEBUG: waiting rtnl_mutex for 620 jiffies. [ 243.328441][ C1] task:syz-executor state:D stack:21024 pid:6770 tgid:6770 ppid:6750 flags:0x00000000 [ 243.338834][ C1] Call Trace: [ 243.342183][ C1] [ 243.345204][ C1] __schedule+0x1800/0x4a60 [ 243.349836][ C1] ? __pfx___schedule+0x10/0x10 [ 243.354767][ C1] ? __pfx_lock_release+0x10/0x10 [ 243.359828][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 243.365505][ C1] ? schedule+0x90/0x320 [ 243.369798][ C1] schedule+0x14b/0x320 [ 243.374139][ C1] schedule_preempt_disabled+0x13/0x30 [ 243.379695][ C1] __mutex_lock+0x6a4/0xd70 [ 243.384309][ C1] ? __mutex_lock+0x527/0xd70 [ 243.389044][ C1] ? rtnetlink_rcv_msg+0x847/0x1180 [ 243.394354][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 243.399444][ C1] ? get_rtnl_holder+0x144/0x190 [ 243.404493][ C1] rtnetlink_rcv_msg+0x847/0x1180 [ 243.409610][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 243.414896][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 243.420488][ C1] ? is_bpf_text_address+0x285/0x2a0 [ 243.425858][ C1] ? __pfx_validate_chain+0x10/0x10 [ 243.431133][ C1] ? __pfx_validate_chain+0x10/0x10 [ 243.436426][ C1] ? arch_stack_walk+0x16d/0x1b0 [ 243.441596][ C1] ? mark_lock+0x9a/0x360 [ 243.446116][ C1] ? __pfx_validate_chain+0x10/0x10 [ 243.451354][ C1] ? __lock_acquire+0x1359/0x2000 [ 243.456479][ C1] ? mark_lock+0x9a/0x360 [ 243.460837][ C1] ? __lock_acquire+0x1359/0x2000 [ 243.465932][ C1] netlink_rcv_skb+0x1e3/0x430 [ 243.470722][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 243.476270][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 243.481624][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 243.486906][ C1] netlink_unicast+0x7f0/0x990 [ 243.491819][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 243.497465][ C1] ? __virt_addr_valid+0x183/0x530 [ 243.502636][ C1] ? __check_object_size+0x49c/0x900 [ 243.508001][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 243.513142][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 243.517975][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 243.523303][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 243.529382][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 243.534481][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 243.539796][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 243.545326][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 243.550647][ C1] __sock_sendmsg+0x221/0x270 [ 243.555384][ C1] __sys_sendto+0x3a4/0x4f0 [ 243.560005][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 243.565230][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 243.571254][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.577780][ C1] __x64_sys_sendto+0xde/0x100 [ 243.582605][ C1] do_syscall_64+0xf3/0x230 [ 243.587456][ C1] ? clear_bhb_loop+0x35/0x90 [ 243.592282][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.598411][ C1] RIP: 0033:0x7fcdab37796c [ 243.602955][ C1] RSP: 002b:00007fffd4bd0420 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 243.611800][ C1] RAX: ffffffffffffffda RBX: 00007fcdac034620 RCX: 00007fcdab37796c [ 243.619939][ C1] RDX: 0000000000000028 RSI: 00007fcdac034670 RDI: 0000000000000003 [ 243.627998][ C1] RBP: 0000000000000000 R08: 00007fffd4bd0474 R09: 000000000000000c [ 243.636118][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 243.644285][ C1] R13: 0000000000000000 R14: 00007fcdac034670 R15: 0000000000000000 [ 243.652332][ C1] [ 243.655425][ C1] DEBUG: waiting rtnl_mutex for 637 jiffies. [ 243.661415][ C1] task:syz.0.279 state:D stack:26848 pid:6894 tgid:6893 ppid:6005 flags:0x00004004 [ 243.671635][ C1] Call Trace: [ 243.674951][ C1] [ 243.677898][ C1] __schedule+0x1800/0x4a60 [ 243.682435][ C1] ? __pfx___schedule+0x10/0x10 [ 243.687377][ C1] ? __pfx_lock_release+0x10/0x10 [ 243.692444][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 243.698114][ C1] ? schedule+0x90/0x320 [ 243.702413][ C1] schedule+0x14b/0x320 [ 243.706762][ C1] schedule_preempt_disabled+0x13/0x30 [ 243.712248][ C1] __mutex_lock+0x6a4/0xd70 [ 243.716813][ C1] ? __mutex_lock+0x527/0xd70 [ 243.721526][ C1] ? ip6_mroute_setsockopt+0xd4a/0x1340 [ 243.727222][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 243.732307][ C1] ? __might_fault+0xc6/0x120 [ 243.737083][ C1] ? get_rtnl_holder+0x144/0x190 [ 243.742069][ C1] ip6_mroute_setsockopt+0xd4a/0x1340 [ 243.747632][ C1] ? __pfx_ip6_mroute_setsockopt+0x10/0x10 [ 243.754229][ C1] ? __might_fault+0xc6/0x120 [ 243.758956][ C1] do_ipv6_setsockopt+0x48c/0x3630 [ 243.764152][ C1] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 243.769723][ C1] ? schedule+0x90/0x320 [ 243.774140][ C1] ? aa_label_sk_perm+0x4f3/0x6c0 [ 243.779292][ C1] ? futex_wait_queue+0x27/0x1d0 [ 243.784305][ C1] ? futex_wait_queue+0x14e/0x1d0 [ 243.789385][ C1] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 243.794817][ C1] ? __pfx___might_resched+0x10/0x10 [ 243.800127][ C1] ? __lock_acquire+0x1359/0x2000 [ 243.805343][ C1] ? aa_sk_perm+0x967/0xab0 [ 243.809919][ C1] ipv6_setsockopt+0x5c/0x1a0 [ 243.814688][ C1] rawv6_setsockopt+0x327/0x740 [ 243.819574][ C1] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 243.825440][ C1] ? aa_sock_opt_perm+0x79/0x120 [ 243.830422][ C1] ? sock_common_setsockopt+0x37/0xc0 [ 243.836026][ C1] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 243.841967][ C1] do_sock_setsockopt+0x3af/0x720 [ 243.847075][ C1] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 243.852635][ C1] ? __fget_files+0x29/0x470 [ 243.857400][ C1] ? __fget_files+0x3f6/0x470 [ 243.862119][ C1] __sys_setsockopt+0x1ae/0x250 [ 243.867179][ C1] __x64_sys_setsockopt+0xb5/0xd0 [ 243.872262][ C1] do_syscall_64+0xf3/0x230 [ 243.876850][ C1] ? clear_bhb_loop+0x35/0x90 [ 243.881549][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.887518][ C1] RIP: 0033:0x7f832d775bd9 [ 243.891966][ C1] RSP: 002b:00007f832e60b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 243.900466][ C1] RAX: ffffffffffffffda RBX: 00007f832d903f60 RCX: 00007f832d775bd9 [ 243.908617][ C1] RDX: 00000000000000d1 RSI: 0000000000000029 RDI: 0000000000000003 [ 243.916645][ C1] RBP: 00007f832d7e4aa1 R08: 0000000000000004 R09: 0000000000000000 [ 243.924705][ C1] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000 [ 243.932730][ C1] R13: 000000000000000b R14: 00007f832d903f60 R15: 00007fffab320408 [ 243.940976][ C1] [ 243.944044][ C1] DEBUG: waiting rtnl_mutex for 661 jiffies. [ 243.950036][ C1] task:syz.0.279 state:D stack:27424 pid:6895 tgid:6893 ppid:6005 flags:0x00000004 [ 243.960346][ C1] Call Trace: [ 243.963752][ C1] [ 243.966704][ C1] __schedule+0x1800/0x4a60 [ 243.971247][ C1] ? __pfx___schedule+0x10/0x10 [ 243.976170][ C1] ? __pfx_lock_release+0x10/0x10 [ 243.981213][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 243.986832][ C1] ? schedule+0x90/0x320 [ 243.991108][ C1] schedule+0x14b/0x320 [ 243.995325][ C1] schedule_preempt_disabled+0x13/0x30 [ 244.000808][ C1] __mutex_lock+0x6a4/0xd70 [ 244.005366][ C1] ? __mutex_lock+0x527/0xd70 [ 244.010082][ C1] ? ip6_mroute_setsockopt+0xe34/0x1340 [ 244.015733][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 244.020866][ C1] ? __might_fault+0xc6/0x120 [ 244.026629][ C1] ? get_rtnl_holder+0x144/0x190 [ 244.031604][ C1] ip6_mroute_setsockopt+0xe34/0x1340 [ 244.037119][ C1] ? __pfx_ip6_mroute_setsockopt+0x10/0x10 [ 244.043095][ C1] ? __might_fault+0xc6/0x120 [ 244.047876][ C1] do_ipv6_setsockopt+0x48c/0x3630 [ 244.053111][ C1] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 244.058788][ C1] ? schedule+0x90/0x320 [ 244.063164][ C1] ? aa_label_sk_perm+0x4f3/0x6c0 [ 244.068286][ C1] ? futex_wait_queue+0x27/0x1d0 [ 244.073253][ C1] ? futex_wait_queue+0x14e/0x1d0 [ 244.078434][ C1] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 244.083871][ C1] ? __pfx___might_resched+0x10/0x10 [ 244.089183][ C1] ? __lock_acquire+0x1359/0x2000 [ 244.094310][ C1] ? aa_sk_perm+0x967/0xab0 [ 244.098869][ C1] ipv6_setsockopt+0x5c/0x1a0 [ 244.103640][ C1] rawv6_setsockopt+0x327/0x740 [ 244.108609][ C1] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 244.114072][ C1] ? aa_sock_opt_perm+0x79/0x120 [ 244.119072][ C1] ? sock_common_setsockopt+0x37/0xc0 [ 244.124561][ C1] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 244.130580][ C1] do_sock_setsockopt+0x3af/0x720 [ 244.135726][ C1] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 244.141321][ C1] ? __fget_files+0x29/0x470 [ 244.146011][ C1] ? __fget_files+0x3f6/0x470 [ 244.150719][ C1] __sys_setsockopt+0x1ae/0x250 [ 244.155634][ C1] __x64_sys_setsockopt+0xb5/0xd0 [ 244.160718][ C1] do_syscall_64+0xf3/0x230 [ 244.165474][ C1] ? clear_bhb_loop+0x35/0x90 [ 244.170209][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.176217][ C1] RIP: 0033:0x7f832d775bd9 [ 244.180700][ C1] RSP: 002b:00007f832e5ea048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 244.189590][ C1] RAX: ffffffffffffffda RBX: 00007f832d904038 RCX: 00007f832d775bd9 [ 244.197622][ C1] RDX: 00000000000000ca RSI: 0000000000000029 RDI: 0000000000000003 [ 244.205678][ C1] RBP: 00007f832d7e4aa1 R08: 000000000000000c R09: 0000000000000000 [ 244.213844][ C1] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000000 [ 244.222050][ C1] R13: 000000000000006e R14: 00007f832d904038 R15: 00007fffab320408 [ 244.230321][ C1] [ 244.233439][ C1] [ 244.233439][ C1] Showing all locks held in the system: [ 244.241388][ C1] 3 locks held by kworker/0:1/9: [ 244.246507][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 244.258183][ C1] #1: ffffc900000e7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 244.269414][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 244.279365][ C1] 3 locks held by kworker/u8:0/11: [ 244.284611][ C1] #0: ffff88802a1cd948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 244.296558][ C1] #1: ffffc90000107d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 244.309604][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 244.319113][ C1] 3 locks held by kworker/u8:5/339: [ 244.324456][ C1] 1 lock held by jbd2/sda1-8/4508: [ 244.329606][ C1] #0: ffff88802ed503e8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_commit_transaction+0x434/0x67a0 [ 244.342299][ C1] 2 locks held by getty/4848: [ 244.347014][ C1] #0: ffff88802eee90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 244.357150][ C1] #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 244.367538][ C1] 1 lock held by syz.0.105/5825: [ 244.372522][ C1] #0: ffff88801b2be3c8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 244.384212][ C1] 1 lock held by syz.2.208/6502: [ 244.389165][ C1] #0: ffff88801b2be0f8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 244.401150][ C1] 1 lock held by syz-executor/6606: [ 244.406465][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 244.416123][ C1] 1 lock held by syz.4.236/6651: [ 244.421078][ C1] #0: ffff88801b2be8d8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 244.432782][ C1] 1 lock held by syz-executor/6770: [ 244.438090][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 244.447724][ C1] 1 lock held by syz.3.278/6876: [ 244.452667][ C1] 1 lock held by syz.0.279/6894: [ 244.457636][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: ip6_mroute_setsockopt+0xd4a/0x1340 [ 244.467544][ C1] 1 lock held by syz.0.279/6895: [ 244.472571][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: ip6_mroute_setsockopt+0xe34/0x1340 [ 244.482530][ C1] 3 locks held by syz.1.283/6923: [ 244.487724][ C1] #0: ffff88807bcc6098 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x2a9/0xc80 [ 244.496881][ C1] #1: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 244.507357][ C1] #2: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 244.517676][ C1] [ 244.520016][ C1] ============================================= [ 244.520016][ C1] [ 245.105740][ T6606] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 245.450719][ T6770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 245.484223][ T6606] veth0_vlan: entered promiscuous mode [ 245.739011][ T6606] veth1_vlan: entered promiscuous mode [ 245.807800][ T6770] 8021q: adding VLAN 0 to HW filter on device team0 [ 245.870845][ T5151] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.878443][ T5151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.968419][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.976516][ T5094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.032558][ T6606] veth0_macvtap: entered promiscuous mode [ 246.131839][ T6606] veth1_macvtap: entered promiscuous mode [ 246.229021][ T6946] warning: `syz.0.289' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 246.269650][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.308574][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.333559][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.353258][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.365724][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.389066][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.413097][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.432999][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.443585][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.463518][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.484062][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.509208][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.532626][ T6606] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 246.576394][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.623507][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.653889][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.683977][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.705361][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.734713][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.753447][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.776363][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.797980][ T6944] loop1: detected capacity change from 0 to 32768 [ 246.813550][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.838718][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.850010][ T6944] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.287 (6944) [ 246.873072][ T6606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.901174][ T6944] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 246.911636][ T6606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.920819][ T6943] loop3: detected capacity change from 0 to 32768 [ 246.929789][ T6944] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 246.941090][ T6606] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 246.946491][ T6943] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.288 (6943) [ 246.955898][ T6944] BTRFS info (device loop1): using free-space-tree [ 247.000920][ T6606] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.040479][ T6943] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 247.051474][ T6606] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.104550][ T6606] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.124074][ T6943] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 247.135003][ T6943] BTRFS info (device loop3): using free-space-tree [ 247.137344][ T6606] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.290698][ T6944] BTRFS info (device loop1): rebuilding free space tree [ 247.581660][ T5089] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 247.604252][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 247.654699][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 247.772835][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 247.834102][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 247.932263][ T6770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.805530][ T5148] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 249.406740][ T6770] veth0_vlan: entered promiscuous mode [ 249.465243][ T6770] veth1_vlan: entered promiscuous mode [ 249.673841][ T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 249.697432][ T6770] veth0_macvtap: entered promiscuous mode [ 249.717749][ T5148] usb 3-1: Using ep0 maxpacket: 16 [ 249.726873][ T5148] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 249.765048][ T5148] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 249.774300][ T5148] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.782576][ T6770] veth1_macvtap: entered promiscuous mode [ 249.785694][ T5148] usb 3-1: config 0 descriptor?? [ 249.826873][ T6501] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 249.862234][ T7020] loop3: detected capacity change from 0 to 256 [ 250.012030][ T7020] openvswitch: netlink: Key type 9240 is out of range max 32 [ 250.034265][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.083416][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.103436][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.133714][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.163492][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.193703][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.217332][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.253519][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.262164][ T7028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 250.289675][ T7028] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 250.299774][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.330780][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.360870][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.398348][ T5148] hid (null): report_id 0 is invalid [ 250.410917][ T5148] hid (null): unknown global tag 0xc [ 250.416482][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.446350][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.635060][ T5148] hid-generic 0003:0158:0100.0003: unknown main item tag 0x1 [ 250.653706][ T5148] hid-generic 0003:0158:0100.0003: unexpected long global item [ 250.662641][ T5148] hid-generic 0003:0158:0100.0003: probe with driver hid-generic failed with error -22 [ 250.707078][ T7032] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 250.707632][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.781709][ T6770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 250.933861][ T7015] syzkaller0: entered promiscuous mode [ 250.939464][ T7015] syzkaller0: entered allmulticast mode [ 252.275739][ T46] usb 3-1: USB disconnect, device number 10 [ 252.402106][ T7047] FAULT_INJECTION: forcing a failure. [ 252.402106][ T7047] name failslab, interval 1, probability 0, space 0, times 0 [ 252.424857][ T7047] CPU: 1 UID: 0 PID: 7047 Comm: syz.2.302 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 252.434998][ T7047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 252.445096][ T7047] Call Trace: [ 252.448425][ T7047] [ 252.451380][ T7047] dump_stack_lvl+0x241/0x360 [ 252.456160][ T7047] ? __pfx_dump_stack_lvl+0x10/0x10 [ 252.461415][ T7047] ? __pfx__printk+0x10/0x10 [ 252.466056][ T7047] ? __pfx___might_resched+0x10/0x10 [ 252.471478][ T7047] should_fail_ex+0x3b0/0x4e0 [ 252.476334][ T7047] ? __d_alloc+0x31/0x700 [ 252.480683][ T7047] should_failslab+0x9/0x20 [ 252.485369][ T7047] kmem_cache_alloc_lru_noprof+0x71/0x2b0 [ 252.491109][ T7047] __d_alloc+0x31/0x700 [ 252.495295][ T7047] d_alloc_pseudo+0x1f/0xb0 [ 252.499923][ T7047] alloc_file_pseudo+0x123/0x290 [ 252.504915][ T7047] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 252.510442][ T7047] ? alloc_fd+0x5a1/0x640 [ 252.515836][ T7047] sock_alloc_file+0xb8/0x290 [ 252.520553][ T7047] __sys_socket+0x1dd/0x3c0 [ 252.525078][ T7047] ? __pfx___sys_socket+0x10/0x10 [ 252.530128][ T7047] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 252.536478][ T7047] ? do_syscall_64+0x100/0x230 [ 252.541266][ T7047] __x64_sys_socket+0x7a/0x90 [ 252.545951][ T7047] do_syscall_64+0xf3/0x230 [ 252.550479][ T7047] ? clear_bhb_loop+0x35/0x90 [ 252.555442][ T7047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.561363][ T7047] RIP: 0033:0x7f58c4f75bd9 [ 252.565803][ T7047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 252.585619][ T7047] RSP: 002b:00007f58c5ded048 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 252.594049][ T7047] RAX: ffffffffffffffda RBX: 00007f58c5103f60 RCX: 00007f58c4f75bd9 [ 252.602022][ T7047] RDX: 0000000000000010 RSI: 0000000000000002 RDI: 0000000000000022 [ 252.610011][ T7047] RBP: 00007f58c5ded0a0 R08: 0000000000000000 R09: 0000000000000000 [ 252.618011][ T7047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 252.625989][ T7047] R13: 000000000000000b R14: 00007f58c5103f60 R15: 00007fff33898f78 [ 252.634062][ T7047] [ 252.637103][ C1] vkms_vblank_simulate: vblank timer overrun [ 252.683782][ T7047] delete_channel: no stack [ 252.718662][ T7041] loop1: detected capacity change from 0 to 32768 [ 252.738663][ T7041] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.299 (7041) [ 252.784363][ T7041] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 252.795227][ T7041] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 252.806469][ T7041] BTRFS info (device loop1): using free-space-tree [ 253.050801][ T6501] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 256.003497][ C1] DEBUG: waiting rtnl_mutex for 515 jiffies. [ 256.009596][ C1] task:syz-executor state:D stack:20288 pid:6770 tgid:6770 ppid:6750 flags:0x00000000 [ 256.020081][ C1] Call Trace: [ 256.023475][ C1] [ 256.026527][ C1] __schedule+0x1800/0x4a60 [ 256.031115][ C1] ? __pfx___schedule+0x10/0x10 [ 256.036046][ C1] ? __pfx_lock_release+0x10/0x10 [ 256.041187][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 256.046792][ C1] ? schedule+0x90/0x320 [ 256.051042][ C1] schedule+0x14b/0x320 [ 256.055245][ C1] schedule_preempt_disabled+0x13/0x30 [ 256.060910][ C1] __mutex_lock+0x6a4/0xd70 [ 256.065501][ C1] ? __mutex_lock+0x527/0xd70 [ 256.070222][ C1] ? rtnetlink_rcv_msg+0x847/0x1180 [ 256.075462][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 256.080531][ C1] ? get_rtnl_holder+0x144/0x190 [ 256.085590][ C1] rtnetlink_rcv_msg+0x847/0x1180 [ 256.090638][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 256.095897][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 256.101391][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 256.106800][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 256.112032][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 256.117440][ C1] ? dev_hard_start_xmit+0x773/0x7e0 [ 256.122736][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 256.127913][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 256.133714][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 256.138835][ C1] ? __dev_queue_xmit+0x1763/0x3e90 [ 256.144130][ C1] ? kasan_save_track+0x51/0x80 [ 256.149013][ C1] ? do_syscall_64+0xf3/0x230 [ 256.153736][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 256.158954][ C1] ? __pfx___dev_queue_xmit+0x10/0x10 [ 256.164849][ C1] ? ref_tracker_free+0x643/0x7e0 [ 256.170019][ C1] netlink_rcv_skb+0x1e3/0x430 [ 256.174886][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 256.180424][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 256.185870][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 256.191095][ C1] netlink_unicast+0x7f0/0x990 [ 256.196168][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 256.201505][ C1] ? __virt_addr_valid+0x183/0x530 [ 256.206675][ C1] ? __check_object_size+0x49c/0x900 [ 256.212114][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 256.217290][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 256.222071][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 256.227490][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 256.233565][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 256.238578][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 256.243935][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 256.249422][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 256.254922][ C1] __sock_sendmsg+0x221/0x270 [ 256.259640][ C1] __sys_sendto+0x3a4/0x4f0 [ 256.264219][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 256.269286][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 256.275389][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 256.281763][ C1] __x64_sys_sendto+0xde/0x100 [ 256.286741][ C1] do_syscall_64+0xf3/0x230 [ 256.291255][ C1] ? clear_bhb_loop+0x35/0x90 [ 256.296098][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.302044][ C1] RIP: 0033:0x7fcdab37796c [ 256.306509][ C1] RSP: 002b:00007fffd4bd0420 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 256.315174][ C1] RAX: ffffffffffffffda RBX: 00007fcdac034620 RCX: 00007fcdab37796c [ 256.323259][ C1] RDX: 0000000000000028 RSI: 00007fcdac034670 RDI: 0000000000000003 [ 256.331495][ C1] RBP: 0000000000000000 R08: 00007fffd4bd0474 R09: 000000000000000c [ 256.339537][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 256.347570][ C1] R13: 0000000000000000 R14: 00007fcdac034670 R15: 0000000000000000 [ 256.355594][ C1] [ 256.358621][ C1] DEBUG: waiting rtnl_mutex for 548 jiffies. [ 256.364640][ C1] task:kworker/u8:2 state:D stack:20464 pid:35 tgid:35 ppid:2 flags:0x00004000 [ 256.374840][ C1] Workqueue: ipv6_addrconf addrconf_dad_work [ 256.380860][ C1] Call Trace: [ 256.384186][ C1] [ 256.387125][ C1] __schedule+0x1800/0x4a60 [ 256.391654][ C1] ? __pfx___schedule+0x10/0x10 [ 256.396558][ C1] ? __pfx_lock_release+0x10/0x10 [ 256.401601][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 256.407121][ C1] ? kthread_data+0x52/0xd0 [ 256.411660][ C1] ? schedule+0x90/0x320 [ 256.415936][ C1] ? wq_worker_sleeping+0x66/0x240 [ 256.421079][ C1] ? schedule+0x90/0x320 [ 256.425379][ C1] schedule+0x14b/0x320 [ 256.430072][ C1] schedule_preempt_disabled+0x13/0x30 [ 256.435591][ C1] __mutex_lock+0x6a4/0xd70 [ 256.440127][ C1] ? mark_lock+0x9a/0x360 [ 256.444555][ C1] ? __mutex_lock+0x527/0xd70 [ 256.449303][ C1] ? addrconf_dad_work+0xd0/0x16f0 [ 256.454496][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 256.459654][ C1] ? get_rtnl_holder+0x144/0x190 [ 256.464650][ C1] addrconf_dad_work+0xd0/0x16f0 [ 256.469609][ C1] ? __pfx_addrconf_dad_work+0x10/0x10 [ 256.475110][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 256.481490][ C1] ? process_scheduled_works+0x945/0x1830 [ 256.487278][ C1] process_scheduled_works+0xa2c/0x1830 [ 256.493119][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 256.499176][ C1] ? assign_work+0x364/0x3d0 [ 256.503812][ C1] worker_thread+0x86d/0xd40 [ 256.508426][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 256.514377][ C1] ? __kthread_parkme+0x169/0x1d0 [ 256.519425][ C1] ? __pfx_worker_thread+0x10/0x10 [ 256.524598][ C1] kthread+0x2f0/0x390 [ 256.528702][ C1] ? __pfx_worker_thread+0x10/0x10 [ 256.533850][ C1] ? __pfx_kthread+0x10/0x10 [ 256.538469][ C1] ret_from_fork+0x4b/0x80 [ 256.542908][ C1] ? __pfx_kthread+0x10/0x10 [ 256.547552][ C1] ret_from_fork_asm+0x1a/0x30 [ 256.552352][ C1] [ 256.555400][ C1] DEBUG: holding rtnl_mutex for 560 jiffies. [ 256.561458][ C1] task:syz.0.294 state:D stack:23376 pid:7013 tgid:7013 ppid:6005 flags:0x00004006 [ 256.571777][ C1] Call Trace: [ 256.575103][ C1] [ 256.578090][ C1] __schedule+0x1800/0x4a60 [ 256.582622][ C1] ? __pfx___schedule+0x10/0x10 [ 256.587597][ C1] ? __pfx_lock_release+0x10/0x10 [ 256.592645][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 256.598623][ C1] ? schedule+0x90/0x320 [ 256.602877][ C1] schedule+0x14b/0x320 [ 256.607086][ C1] synchronize_rcu_expedited+0x684/0x830 [ 256.612796][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 256.619042][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 256.624374][ C1] ? __pfx___might_resched+0x10/0x10 [ 256.629736][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 256.635771][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 256.641852][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 256.648277][ C1] synchronize_rcu+0x11b/0x360 [ 256.653070][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 256.658530][ C1] lockdep_unregister_key+0x556/0x610 [ 256.663962][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 256.669894][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 256.675132][ C1] ? __qdisc_destroy+0x150/0x410 [ 256.680275][ C1] ? kfree+0x149/0x360 [ 256.684382][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 256.689943][ C1] __qdisc_destroy+0x165/0x410 [ 256.694845][ C1] dev_shutdown+0x9b/0x440 [ 256.699273][ C1] unregister_netdevice_many_notify+0x9c7/0x1d20 [ 256.706141][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 256.713213][ C1] ? mark_lock+0x9a/0x360 [ 256.717617][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 256.723645][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 256.730074][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 256.735365][ C1] unregister_netdevice_queue+0x303/0x370 [ 256.741108][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 256.747515][ C1] __tun_detach+0x6b6/0x1600 [ 256.752452][ C1] tun_chr_close+0x108/0x1b0 [ 256.757083][ C1] ? __pfx_tun_chr_close+0x10/0x10 [ 256.762237][ C1] __fput+0x24a/0x8a0 [ 256.766293][ C1] task_work_run+0x24f/0x310 [ 256.770893][ C1] ? __pfx_task_work_run+0x10/0x10 [ 256.776051][ C1] ? syscall_exit_to_user_mode+0xa3/0x370 [ 256.781805][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 256.787486][ C1] do_syscall_64+0x100/0x230 [ 256.792086][ C1] ? clear_bhb_loop+0x35/0x90 [ 256.796823][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.802752][ C1] RIP: 0033:0x7f832d775bd9 [ 256.807203][ C1] RSP: 002b:00007fffab3204e8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 256.815824][ C1] RAX: 0000000000000000 RBX: 00007f832d905a60 RCX: 00007f832d775bd9 [ 256.823852][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 256.831885][ C1] RBP: 00007f832d905a60 R08: 0000000000000006 R09: 0000001eab32081f [ 256.839931][ C1] R10: 00000000003ffbd8 R11: 0000000000000246 R12: 000000000003d3ce [ 256.848112][ C1] R13: 0000000000000032 R14: 00007f832d905a60 R15: 00007fffab3205d0 [ 256.856308][ C1] [ 256.859357][ C1] DEBUG: waiting rtnl_mutex for 674 jiffies. [ 256.865393][ C1] task:syz.0.294 state:D stack:26048 pid:7023 tgid:7013 ppid:6005 flags:0x00004004 [ 256.875696][ C1] Call Trace: [ 256.879028][ C1] [ 256.881983][ C1] __schedule+0x1800/0x4a60 [ 256.886553][ C1] ? __pfx___schedule+0x10/0x10 [ 256.891452][ C1] ? __pfx_lock_release+0x10/0x10 [ 256.896577][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 256.902175][ C1] ? schedule+0x90/0x320 [ 256.906479][ C1] schedule+0x14b/0x320 [ 256.910715][ C1] schedule_preempt_disabled+0x13/0x30 [ 256.916298][ C1] __mutex_lock+0x6a4/0xd70 [ 256.920841][ C1] ? __mutex_lock+0x527/0xd70 [ 256.925569][ C1] ? rtnl_dumpit+0x9e/0x210 [ 256.930201][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 256.935364][ C1] ? __alloc_skb+0x28f/0x440 [ 256.940399][ C1] ? get_rtnl_holder+0x144/0x190 [ 256.945380][ C1] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 256.950499][ C1] rtnl_dumpit+0x9e/0x210 [ 256.954892][ C1] netlink_dump+0x647/0xd80 [ 256.959505][ C1] ? __pfx_netlink_dump+0x10/0x10 [ 256.964628][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 256.970003][ C1] __netlink_dump_start+0x59f/0x780 [ 256.975297][ C1] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 256.980457][ C1] rtnetlink_rcv_msg+0xdaa/0x1180 [ 256.985640][ C1] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 256.990866][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 256.996157][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 257.001663][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 257.007355][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 257.012596][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 257.018020][ C1] ? dev_hard_start_xmit+0x773/0x7e0 [ 257.023324][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 257.028523][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 257.034283][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 257.039430][ C1] ? __dev_queue_xmit+0x1763/0x3e90 [ 257.044686][ C1] ? kasan_save_track+0x51/0x80 [ 257.049659][ C1] ? do_syscall_64+0xf3/0x230 [ 257.054563][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 257.059778][ C1] ? __pfx___dev_queue_xmit+0x10/0x10 [ 257.065299][ C1] ? __pfx_rtnl_dumpit+0x10/0x10 [ 257.070339][ C1] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 257.075491][ C1] ? ref_tracker_free+0x643/0x7e0 [ 257.080552][ C1] netlink_rcv_skb+0x1e3/0x430 [ 257.085357][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 257.090830][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 257.096186][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 257.101389][ C1] netlink_unicast+0x7f0/0x990 [ 257.106198][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 257.111545][ C1] ? __virt_addr_valid+0x183/0x530 [ 257.116732][ C1] ? __check_object_size+0x49c/0x900 [ 257.122040][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 257.127234][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 257.132052][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 257.137396][ C1] ? __import_iovec+0x536/0x820 [ 257.142271][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 257.147430][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 257.152750][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 257.158493][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 257.163839][ C1] __sock_sendmsg+0x221/0x270 [ 257.168536][ C1] ____sys_sendmsg+0x525/0x7d0 [ 257.173375][ C1] ? __pfx_____sys_sendmsg+0x10/0x10 [ 257.178732][ C1] __sys_sendmsg+0x2b0/0x3a0 [ 257.183400][ C1] ? __pfx___sys_sendmsg+0x10/0x10 [ 257.188580][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 257.194973][ C1] ? do_syscall_64+0x100/0x230 [ 257.199759][ C1] ? do_syscall_64+0xb6/0x230 [ 257.204469][ C1] do_syscall_64+0xf3/0x230 [ 257.209342][ C1] ? clear_bhb_loop+0x35/0x90 [ 257.214083][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.220008][ C1] RIP: 0033:0x7f832d775bd9 [ 257.224481][ C1] RSP: 002b:00007f832e5a8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 257.232924][ C1] RAX: ffffffffffffffda RBX: 00007f832d9041e8 RCX: 00007f832d775bd9 [ 257.240947][ C1] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000008 [ 257.249133][ C1] RBP: 00007f832d7e4aa1 R08: 0000000000000000 R09: 0000000000000000 [ 257.257138][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.265166][ C1] R13: 000000000000006e R14: 00007f832d9041e8 R15: 00007fffab320408 [ 257.273159][ C1] [ 257.276207][ C1] DEBUG: waiting rtnl_mutex for 650 jiffies. [ 257.282226][ C1] task:kworker/1:3 state:D stack:23184 pid:5094 tgid:5094 ppid:2 flags:0x00004000 [ 257.292427][ C1] Workqueue: events linkwatch_event [ 257.297697][ C1] Call Trace: [ 257.300981][ C1] [ 257.303944][ C1] __schedule+0x1800/0x4a60 [ 257.308475][ C1] ? __pfx___schedule+0x10/0x10 [ 257.313460][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 257.319450][ C1] ? __pfx_lock_release+0x10/0x10 [ 257.324624][ C1] ? kick_pool+0x1bd/0x620 [ 257.329092][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 257.334325][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 257.339537][ C1] ? schedule+0x90/0x320 [ 257.343914][ C1] schedule+0x14b/0x320 [ 257.348109][ C1] schedule_preempt_disabled+0x13/0x30 [ 257.353611][ C1] __mutex_lock+0x6a4/0xd70 [ 257.358216][ C1] ? __mutex_lock+0x527/0xd70 [ 257.362925][ C1] ? linkwatch_event+0xe/0x60 [ 257.367639][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 257.372684][ C1] ? get_rtnl_holder+0x144/0x190 [ 257.377690][ C1] ? process_scheduled_works+0x945/0x1830 [ 257.383466][ C1] linkwatch_event+0xe/0x60 [ 257.387987][ C1] process_scheduled_works+0xa2c/0x1830 [ 257.393718][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 257.399731][ C1] ? assign_work+0x364/0x3d0 [ 257.404367][ C1] worker_thread+0x86d/0xd40 [ 257.409066][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 257.415021][ C1] ? __kthread_parkme+0x169/0x1d0 [ 257.420072][ C1] ? __pfx_worker_thread+0x10/0x10 [ 257.425676][ C1] kthread+0x2f0/0x390 [ 257.429802][ C1] ? __pfx_worker_thread+0x10/0x10 [ 257.435145][ C1] ? __pfx_kthread+0x10/0x10 [ 257.439754][ C1] ret_from_fork+0x4b/0x80 [ 257.444330][ C1] ? __pfx_kthread+0x10/0x10 [ 257.448933][ C1] ret_from_fork_asm+0x1a/0x30 [ 257.453779][ C1] [ 257.456803][ C1] [ 257.456803][ C1] Showing all locks held in the system: [ 257.464653][ C1] 3 locks held by kworker/u8:2/35: [ 257.469868][ C1] #0: ffff88802a1cd948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 257.481693][ C1] #1: ffffc90000ab7d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 257.494663][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 257.504329][ C1] 2 locks held by getty/4848: [ 257.509026][ C1] #0: ffff88802eee90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 257.518889][ C1] #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 257.529149][ C1] 3 locks held by kworker/1:3/5094: [ 257.534464][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 257.545496][ C1] #1: ffffc90003537d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 257.556530][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 257.565565][ C1] 1 lock held by syz.0.105/5825: [ 257.570587][ C1] #0: ffff88801b2be3c8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 257.582951][ C1] 1 lock held by syz.2.208/6502: [ 257.587931][ C1] #0: ffff88801b2be0f8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 257.599840][ C1] 1 lock held by syz.4.236/6651: [ 257.604853][ C1] #0: ffff88801b2be8d8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 257.616512][ C1] 1 lock held by syz-executor/6770: [ 257.621851][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 257.631426][ C1] 2 locks held by syz.0.294/7013: [ 257.636567][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 257.645594][ C1] #1: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 257.656656][ C1] 2 locks held by syz.0.294/7023: [ 257.661790][ C1] #0: ffff88805320b678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x780 [ 257.672210][ C1] #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 257.681075][ C1] 1 lock held by syz.2.303/7051: [ 257.686037][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: ip6_mroute_setsockopt+0xe34/0x1340 [ 257.695964][ C1] 1 lock held by syz.1.306/7079: [ 257.700902][ C1] 2 locks held by syz.1.306/7082: [ 257.705950][ C1] 1 lock held by syz.3.307/7081: [ 257.711272][ C1] #0: ffffffff8eb3e5e8 (reading_mutex){+.+.}-{3:3}, at: rng_dev_read+0x171/0x6d0 [ 257.720548][ C1] [ 257.722877][ C1] ============================================= [ 257.722877][ C1] [ 257.742500][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 257.749896][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.463072][ T7097] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 258.805630][ C1] DEBUG: waiting rtnl_mutex for 598 jiffies. [ 258.821206][ C1] task:syz.2.303 state:D stack:26848 pid:7051 tgid:7048 ppid:6606 flags:0x00000004 [ 258.831488][ C1] Call Trace: [ 258.834872][ C1] [ 258.837824][ C1] __schedule+0x1800/0x4a60 [ 258.842376][ C1] ? __pfx___schedule+0x10/0x10 [ 258.847344][ C1] ? __pfx_lock_release+0x10/0x10 [ 258.852449][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 258.858052][ C1] ? schedule+0x90/0x320 [ 258.862338][ C1] schedule+0x14b/0x320 [ 258.866624][ C1] schedule_preempt_disabled+0x13/0x30 [ 258.872151][ C1] __mutex_lock+0x6a4/0xd70 [ 258.876780][ C1] ? __mutex_lock+0x527/0xd70 [ 258.881610][ C1] ? ip6_mroute_setsockopt+0xe34/0x1340 [ 258.887240][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 258.892314][ C1] ? __might_fault+0xc6/0x120 [ 258.897103][ C1] ? get_rtnl_holder+0x144/0x190 [ 258.902173][ C1] ip6_mroute_setsockopt+0xe34/0x1340 [ 258.907641][ C1] ? __pfx_ip6_mroute_setsockopt+0x10/0x10 [ 258.913674][ C1] ? __might_fault+0xc6/0x120 [ 258.918421][ C1] do_ipv6_setsockopt+0x48c/0x3630 [ 258.923647][ C1] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 258.929242][ C1] ? schedule+0x90/0x320 [ 258.933577][ C1] ? aa_label_sk_perm+0x4f3/0x6c0 [ 258.938664][ C1] ? futex_wait_queue+0x27/0x1d0 [ 258.943821][ C1] ? futex_wait_queue+0x14e/0x1d0 [ 258.948907][ C1] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 258.954492][ C1] ? __pfx___might_resched+0x10/0x10 [ 258.959846][ C1] ? __lock_acquire+0x1359/0x2000 [ 258.964988][ C1] ? aa_sk_perm+0x967/0xab0 [ 258.969536][ C1] ipv6_setsockopt+0x5c/0x1a0 [ 258.974347][ C1] rawv6_setsockopt+0x327/0x740 [ 258.979276][ C1] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 258.984756][ C1] ? aa_sock_opt_perm+0x79/0x120 [ 258.989777][ C1] ? sock_common_setsockopt+0x37/0xc0 [ 258.995444][ C1] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 259.001430][ C1] do_sock_setsockopt+0x3af/0x720 [ 259.006575][ C1] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 259.012168][ C1] ? __fget_files+0x29/0x470 [ 259.016869][ C1] ? __fget_files+0x3f6/0x470 [ 259.021675][ C1] __sys_setsockopt+0x1ae/0x250 [ 259.026622][ C1] __x64_sys_setsockopt+0xb5/0xd0 [ 259.031690][ C1] do_syscall_64+0xf3/0x230 [ 259.036307][ C1] ? clear_bhb_loop+0x35/0x90 [ 259.041035][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.047033][ C1] RIP: 0033:0x7f58c4f75bd9 [ 259.051486][ C1] RSP: 002b:00007f58c5ded048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 259.060271][ C1] RAX: ffffffffffffffda RBX: 00007f58c5103f60 RCX: 00007f58c4f75bd9 [ 259.068515][ C1] RDX: 00000000000000ca RSI: 0000000000000029 RDI: 0000000000000003 [ 259.076610][ C1] RBP: 00007f58c4fe4aa1 R08: 000000000000000c R09: 0000000000000000 [ 259.084877][ C1] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000000 [ 259.092888][ C1] R13: 000000000000000b R14: 00007f58c5103f60 R15: 00007fff33898f78 [ 259.101007][ C1] [ 259.104139][ C1] DEBUG: waiting rtnl_mutex for 825 jiffies. [ 259.110146][ C1] task:syz-executor state:D stack:20288 pid:6770 tgid:6770 ppid:6750 flags:0x00000000 [ 259.120409][ C1] Call Trace: [ 259.123785][ C1] [ 259.126763][ C1] __schedule+0x1800/0x4a60 [ 259.131317][ C1] ? __pfx___schedule+0x10/0x10 [ 259.136445][ C1] ? __pfx_lock_release+0x10/0x10 [ 259.141617][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 259.147194][ C1] ? schedule+0x90/0x320 [ 259.151482][ C1] schedule+0x14b/0x320 [ 259.155775][ C1] schedule_preempt_disabled+0x13/0x30 [ 259.161290][ C1] __mutex_lock+0x6a4/0xd70 [ 259.165928][ C1] ? __mutex_lock+0x527/0xd70 [ 259.170655][ C1] ? rtnetlink_rcv_msg+0x847/0x1180 [ 259.175985][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 259.181096][ C1] ? get_rtnl_holder+0x144/0x190 [ 259.186119][ C1] rtnetlink_rcv_msg+0x847/0x1180 [ 259.191200][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 259.196660][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 259.202182][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 259.207655][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 259.212918][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 259.218380][ C1] ? dev_hard_start_xmit+0x773/0x7e0 [ 259.223784][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 259.228938][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 259.234833][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 259.240042][ C1] ? __dev_queue_xmit+0x1763/0x3e90 [ 259.245361][ C1] ? kasan_save_track+0x51/0x80 [ 259.250386][ C1] ? do_syscall_64+0xf3/0x230 [ 259.255235][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 259.260505][ C1] ? __pfx___dev_queue_xmit+0x10/0x10 [ 259.266198][ C1] ? ref_tracker_free+0x643/0x7e0 [ 259.271272][ C1] netlink_rcv_skb+0x1e3/0x430 [ 259.276134][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 259.282004][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 259.287669][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 259.293008][ C1] netlink_unicast+0x7f0/0x990 [ 259.297885][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 259.303239][ C1] ? __virt_addr_valid+0x183/0x530 [ 259.308471][ C1] ? __check_object_size+0x49c/0x900 [ 259.313871][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 259.319011][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 259.323881][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 259.329198][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 259.335346][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 259.340325][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 259.345711][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 259.351311][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 259.356714][ C1] __sock_sendmsg+0x221/0x270 [ 259.361447][ C1] __sys_sendto+0x3a4/0x4f0 [ 259.366050][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 259.371200][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 259.377547][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 259.384014][ C1] __x64_sys_sendto+0xde/0x100 [ 259.388845][ C1] do_syscall_64+0xf3/0x230 [ 259.393454][ C1] ? clear_bhb_loop+0x35/0x90 [ 259.398383][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.404378][ C1] RIP: 0033:0x7fcdab37796c [ 259.408922][ C1] RSP: 002b:00007fffd4bd0420 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 259.417412][ C1] RAX: ffffffffffffffda RBX: 00007fcdac034620 RCX: 00007fcdab37796c [ 259.425510][ C1] RDX: 0000000000000028 RSI: 00007fcdac034670 RDI: 0000000000000003 [ 259.433660][ C1] RBP: 0000000000000000 R08: 00007fffd4bd0474 R09: 000000000000000c [ 259.441857][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 259.449902][ C1] R13: 0000000000000000 R14: 00007fcdac034670 R15: 0000000000000000 [ 259.457973][ C1] [ 259.461012][ C1] DEBUG: waiting rtnl_mutex for 858 jiffies. [ 259.467082][ C1] task:kworker/u8:2 state:D stack:20464 pid:35 tgid:35 ppid:2 flags:0x00004000 [ 259.477331][ C1] Workqueue: ipv6_addrconf addrconf_dad_work [ 259.483498][ C1] Call Trace: [ 259.486821][ C1] [ 259.489782][ C1] __schedule+0x1800/0x4a60 [ 259.494387][ C1] ? __pfx___schedule+0x10/0x10 [ 259.499293][ C1] ? __pfx_lock_release+0x10/0x10 [ 259.504503][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 259.510016][ C1] ? kthread_data+0x52/0xd0 [ 259.514617][ C1] ? schedule+0x90/0x320 [ 259.518898][ C1] ? wq_worker_sleeping+0x66/0x240 [ 259.524113][ C1] ? schedule+0x90/0x320 [ 259.528414][ C1] schedule+0x14b/0x320 [ 259.532752][ C1] schedule_preempt_disabled+0x13/0x30 [ 259.538314][ C1] __mutex_lock+0x6a4/0xd70 [ 259.542869][ C1] ? mark_lock+0x9a/0x360 [ 259.547300][ C1] ? __mutex_lock+0x527/0xd70 [ 259.552115][ C1] ? addrconf_dad_work+0xd0/0x16f0 [ 259.557459][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 259.562561][ C1] ? get_rtnl_holder+0x144/0x190 [ 259.567593][ C1] addrconf_dad_work+0xd0/0x16f0 [ 259.572586][ C1] ? __pfx_addrconf_dad_work+0x10/0x10 [ 259.578146][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 259.584724][ C1] ? process_scheduled_works+0x945/0x1830 [ 259.590494][ C1] process_scheduled_works+0xa2c/0x1830 [ 259.596150][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 259.602183][ C1] ? assign_work+0x364/0x3d0 [ 259.606869][ C1] worker_thread+0x86d/0xd40 [ 259.611528][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 259.617531][ C1] ? __kthread_parkme+0x169/0x1d0 [ 259.622707][ C1] ? __pfx_worker_thread+0x10/0x10 [ 259.627899][ C1] kthread+0x2f0/0x390 [ 259.632018][ C1] ? __pfx_worker_thread+0x10/0x10 [ 259.637219][ C1] ? __pfx_kthread+0x10/0x10 [ 259.641857][ C1] ret_from_fork+0x4b/0x80 [ 259.646384][ C1] ? __pfx_kthread+0x10/0x10 [ 259.651028][ C1] ret_from_fork_asm+0x1a/0x30 [ 259.655927][ C1] [ 259.658978][ C1] DEBUG: holding rtnl_mutex for 870 jiffies. [ 259.665170][ C1] task:syz.0.294 state:R running task stack:23376 pid:7013 tgid:7013 ppid:6005 flags:0x0000400e [ 259.677025][ C1] Call Trace: [ 259.680393][ C1] [ 259.683257][ C1] sched_show_task+0x506/0x6d0 [ 259.688139][ C1] ? report_rtnl_holders+0x29e/0x3f0 [ 259.693525][ C1] ? __pfx__printk+0x10/0x10 [ 259.698148][ C1] ? __pfx_sched_show_task+0x10/0x10 [ 259.703532][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 259.709499][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 259.715944][ C1] report_rtnl_holders+0x320/0x3f0 [ 259.721126][ C1] call_timer_fn+0x18e/0x650 [ 259.725806][ C1] ? call_timer_fn+0xc0/0x650 [ 259.730612][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 259.736371][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 259.741526][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 259.747419][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 259.753429][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 259.759213][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 259.764496][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 259.769752][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 259.775650][ C1] __run_timer_base+0x66a/0x8e0 [ 259.780578][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 259.786189][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 259.792748][ C1] run_timer_softirq+0xb7/0x170 [ 259.798081][ C1] handle_softirqs+0x2c4/0x970 [ 259.802909][ C1] ? __irq_exit_rcu+0xf4/0x1c0 [ 259.807804][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 259.813142][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 259.818449][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 259.823097][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 259.828408][ C1] irq_exit_rcu+0x9/0x30 [ 259.832795][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 259.838524][ C1] [ 259.841575][ C1] [ 259.844570][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 259.850632][ C1] RIP: 0010:preempt_schedule_irq+0xf6/0x1c0 [ 259.856633][ C1] Code: 89 f5 49 c1 ed 03 eb 0d 48 f7 03 08 00 00 00 0f 84 8b 00 00 00 bf 01 00 00 00 e8 15 24 c8 f5 e8 10 c3 00 f6 fb bf 01 00 00 00 55 ad ff ff 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 45 de 5f f6 48 [ 259.876318][ C1] RSP: 0018:ffffc900030176a0 EFLAGS: 00000286 [ 259.882413][ C1] RAX: 7bcf3dea3cadfa00 RBX: 1ffff92000602edc RCX: ffffffff816fddda [ 259.890486][ C1] RDX: dffffc0000000000 RSI: ffffffff8bcac900 RDI: 0000000000000001 [ 259.898539][ C1] RBP: ffffc90003017760 R08: ffffffff9301078f R09: 1ffffffff26020f1 [ 259.906613][ C1] R10: dffffc0000000000 R11: fffffbfff26020f2 R12: 1ffff92000602ed4 [ 259.914661][ C1] R13: 1ffff92000602ed8 R14: ffffc900030176c0 R15: dffffc0000000000 [ 259.922657][ C1] ? mark_lock+0x9a/0x360 [ 259.927086][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 259.932854][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 259.938535][ C1] irqentry_exit+0x5e/0x90 [ 259.943100][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 259.948687][ C1] RIP: 0010:lockdep_unregister_key+0x56d/0x610 [ 259.954933][ C1] Code: ff 92 48 c7 c6 10 bc 6f 81 e8 8f 04 0a 00 e8 fa 18 0a 00 e9 e5 fb ff ff e8 c0 62 21 0a 41 f7 c7 00 02 00 00 74 d0 fb 45 84 f6 <75> cf eb e0 90 0f 0b 90 45 31 f6 e9 62 ff ff ff 90 0f 0b 90 e9 a1 [ 259.974637][ C1] RSP: 0018:ffffc90003017820 EFLAGS: 00000246 [ 259.980746][ C1] RAX: dffffc0000000000 RBX: 1ffff92000602f0c RCX: ffffffff947f4803 [ 259.988920][ C1] RDX: 0000000000000001 RSI: ffffffff8bcad5e0 RDI: ffffffff8c207f20 [ 259.997053][ C1] RBP: ffffc900030178f8 R08: ffffffff92ffdff7 R09: 1ffffffff25ffbfe [ 260.005223][ C1] R10: dffffc0000000000 R11: fffffbfff25ffbff R12: ffffc90003017860 [ 260.013242][ C1] R13: 1ffff92000602f08 R14: 0000000000000000 R15: 0000000000000206 [ 260.021334][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 260.027373][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 260.032635][ C1] ? __qdisc_destroy+0x150/0x410 [ 260.037717][ C1] ? kfree+0x149/0x360 [ 260.041951][ C1] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 260.047644][ C1] __qdisc_destroy+0x165/0x410 [ 260.052469][ C1] dev_shutdown+0x9b/0x440 [ 260.057032][ C1] unregister_netdevice_many_notify+0x9c7/0x1d20 [ 260.063534][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 260.070372][ C1] ? mark_lock+0x9a/0x360 [ 260.074849][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 260.081145][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 260.087682][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 260.093046][ C1] unregister_netdevice_queue+0x303/0x370 [ 260.098919][ C1] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 260.105301][ C1] __tun_detach+0x6b6/0x1600 [ 260.110584][ C1] tun_chr_close+0x108/0x1b0 [ 260.115269][ C1] ? __pfx_tun_chr_close+0x10/0x10 [ 260.120454][ C1] __fput+0x24a/0x8a0 [ 260.124569][ C1] task_work_run+0x24f/0x310 [ 260.129224][ C1] ? __pfx_task_work_run+0x10/0x10 [ 260.134712][ C1] ? syscall_exit_to_user_mode+0xa3/0x370 [ 260.140497][ C1] syscall_exit_to_user_mode+0x168/0x370 [ 260.146256][ C1] do_syscall_64+0x100/0x230 [ 260.150905][ C1] ? clear_bhb_loop+0x35/0x90 [ 260.155787][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.161779][ C1] RIP: 0033:0x7f832d775bd9 [ 260.166318][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.186401][ C1] RSP: 002b:00007fffab3204e8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 260.194963][ C1] RAX: 0000000000000000 RBX: 00007f832d905a60 RCX: 00007f832d775bd9 [ 260.203174][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 260.211249][ C1] RBP: 00007f832d905a60 R08: 0000000000000006 R09: 0000001eab32081f [ 260.219374][ C1] R10: 00000000003ffbd8 R11: 0000000000000246 R12: 000000000003d3ce [ 260.227809][ C1] R13: 0000000000000032 R14: 00007f832d905a60 R15: 00007fffab3205d0 [ 260.235956][ C1] [ 260.239010][ C1] DEBUG: waiting rtnl_mutex for 1012 jiffies. [ 260.245164][ C1] task:syz.0.294 state:D stack:26048 pid:7023 tgid:7013 ppid:6005 flags:0x00004004 [ 260.255544][ C1] Call Trace: [ 260.258861][ C1] [ 260.261841][ C1] __schedule+0x1800/0x4a60 [ 260.266488][ C1] ? __pfx___schedule+0x10/0x10 [ 260.271392][ C1] ? __pfx_lock_release+0x10/0x10 [ 260.276537][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 260.282077][ C1] ? schedule+0x90/0x320 [ 260.286434][ C1] schedule+0x14b/0x320 [ 260.290642][ C1] schedule_preempt_disabled+0x13/0x30 [ 260.296214][ C1] __mutex_lock+0x6a4/0xd70 [ 260.300791][ C1] ? __mutex_lock+0x527/0xd70 [ 260.305591][ C1] ? rtnl_dumpit+0x9e/0x210 [ 260.310161][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 260.315824][ C1] ? __alloc_skb+0x28f/0x440 [ 260.320649][ C1] ? get_rtnl_holder+0x144/0x190 [ 260.325691][ C1] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 260.330867][ C1] rtnl_dumpit+0x9e/0x210 [ 260.335417][ C1] netlink_dump+0x647/0xd80 [ 260.340089][ C1] ? __pfx_netlink_dump+0x10/0x10 [ 260.345251][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 260.350620][ C1] __netlink_dump_start+0x59f/0x780 [ 260.355999][ C1] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 260.361166][ C1] rtnetlink_rcv_msg+0xdaa/0x1180 [ 260.366348][ C1] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 260.371551][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 260.376891][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 260.382479][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 260.387967][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 260.393398][ C1] ? __local_bh_enable_ip+0x168/0x200 [ 260.398827][ C1] ? dev_hard_start_xmit+0x773/0x7e0 [ 260.404174][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 260.409822][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 260.415637][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 260.420808][ C1] ? __dev_queue_xmit+0x1763/0x3e90 [ 260.426196][ C1] ? kasan_save_track+0x51/0x80 [ 260.428235][ T4489] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 260.431338][ C1] ? do_syscall_64+0xf3/0x230 [ 260.442964][ T4489] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 260.443302][ C1] ? __dev_queue_xmit+0x2da/0x3e90 [ 260.452072][ T4489] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 260.455393][ C1] ? __pfx___dev_queue_xmit+0x10/0x10 [ 260.464015][ T4489] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 260.467787][ C1] ? __pfx_rtnl_dumpit+0x10/0x10 [ 260.479774][ C1] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 260.479981][ T4489] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 260.484970][ C1] ? ref_tracker_free+0x643/0x7e0 [ 260.485013][ C1] netlink_rcv_skb+0x1e3/0x430 [ 260.485054][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 260.485094][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 260.485157][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 260.485181][ C1] netlink_unicast+0x7f0/0x990 [ 260.485222][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 260.485252][ C1] ? __virt_addr_valid+0x183/0x530 [ 260.485290][ C1] ? __check_object_size+0x49c/0x900 [ 260.485321][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 260.485354][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 260.485391][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 260.493118][ T4489] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 260.497450][ C1] ? __import_iovec+0x536/0x820 [ 260.497486][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 260.497516][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 260.497549][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 260.497586][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 260.497609][ C1] __sock_sendmsg+0x221/0x270 [ 260.497649][ C1] ____sys_sendmsg+0x525/0x7d0 [ 260.497692][ C1] ? __pfx_____sys_sendmsg+0x10/0x10 [ 260.497741][ C1] __sys_sendmsg+0x2b0/0x3a0 [ 260.497775][ C1] ? __pfx___sys_sendmsg+0x10/0x10 [ 260.497855][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 260.497890][ C1] ? do_syscall_64+0x100/0x230 [ 260.497918][ C1] ? do_syscall_64+0xb6/0x230 [ 260.497945][ C1] do_syscall_64+0xf3/0x230 [ 260.497968][ C1] ? clear_bhb_loop+0x35/0x90 [ 260.498001][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.498031][ C1] RIP: 0033:0x7f832d775bd9 [ 260.498052][ C1] RSP: 002b:00007f832e5a8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 260.498081][ C1] RAX: ffffffffffffffda RBX: 00007f832d9041e8 RCX: 00007f832d775bd9 [ 260.498101][ C1] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000008 [ 260.498118][ C1] RBP: 00007f832d7e4aa1 R08: 0000000000000000 R09: 0000000000000000 [ 260.498135][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.498152][ C1] R13: 000000000000006e R14: 00007f832d9041e8 R15: 00007fffab320408 [ 260.498186][ C1] [ 260.498199][ C1] DEBUG: waiting rtnl_mutex for 972 jiffies. [ 260.498214][ C1] task:kworker/1:3 state:D stack:23184 pid:5094 tgid:5094 ppid:2 flags:0x00004000 [ 260.498259][ C1] Workqueue: events linkwatch_event [ 260.498287][ C1] Call Trace: [ 260.498297][ C1] [ 260.498312][ C1] __schedule+0x1800/0x4a60 [ 260.498367][ C1] ? __pfx___schedule+0x10/0x10 [ 260.498405][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 260.498437][ C1] ? __pfx_lock_release+0x10/0x10 [ 260.498470][ C1] ? kick_pool+0x1bd/0x620 [ 260.498508][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 260.498535][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 260.498571][ C1] ? schedule+0x90/0x320 [ 260.498598][ C1] schedule+0x14b/0x320 [ 260.498630][ C1] schedule_preempt_disabled+0x13/0x30 [ 260.779118][ C1] __mutex_lock+0x6a4/0xd70 [ 260.783742][ C1] ? __mutex_lock+0x527/0xd70 [ 260.788644][ C1] ? linkwatch_event+0xe/0x60 [ 260.793440][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 260.798541][ C1] ? get_rtnl_holder+0x144/0x190 [ 260.803595][ C1] ? process_scheduled_works+0x945/0x1830 [ 260.809367][ C1] linkwatch_event+0xe/0x60 [ 260.813957][ C1] process_scheduled_works+0xa2c/0x1830 [ 260.819856][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 260.826165][ C1] ? assign_work+0x364/0x3d0 [ 260.830872][ C1] worker_thread+0x86d/0xd40 [ 260.835559][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 260.841677][ C1] ? __kthread_parkme+0x169/0x1d0 [ 260.846819][ C1] ? __pfx_worker_thread+0x10/0x10 [ 260.851989][ C1] kthread+0x2f0/0x390 [ 260.856202][ C1] ? __pfx_worker_thread+0x10/0x10 [ 260.861489][ C1] ? __pfx_kthread+0x10/0x10 [ 260.866202][ C1] ret_from_fork+0x4b/0x80 [ 260.870672][ C1] ? __pfx_kthread+0x10/0x10 [ 260.875361][ C1] ret_from_fork_asm+0x1a/0x30 [ 260.880345][ C1] [ 260.884311][ C1] [ 260.884311][ C1] Showing all locks held in the system: [ 260.892057][ C1] 3 locks held by kworker/u8:1/12: [ 260.897364][ C1] #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 260.909240][ C1] #1: ffffc90000117d00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 260.921016][ C1] #2: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 260.932133][ C1] 3 locks held by kworker/u8:2/35: [ 260.937339][ C1] #0: ffff88802a1cd948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 260.949076][ C1] #1: ffffc90000ab7d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 260.962302][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 260.972092][ C1] 2 locks held by getty/4848: [ 260.976874][ C1] #0: ffff88802eee90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 260.986779][ C1] #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 260.996998][ C1] 3 locks held by kworker/1:3/5094: [ 261.002258][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 261.013452][ C1] #1: ffffc90003537d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 261.024663][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 261.034003][ C1] 1 lock held by syz.0.105/5825: [ 261.039062][ C1] #0: ffff88801b2be3c8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 261.050751][ C1] 1 lock held by syz.2.208/6502: [ 261.055791][ C1] #0: ffff88801b2be0f8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 261.067510][ C1] 1 lock held by syz.4.236/6651: [ 261.072565][ C1] #0: ffff88801b2be8d8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 261.084364][ C1] 1 lock held by syz-executor/6770: [ 261.089604][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 261.099264][ C1] 3 locks held by syz.0.294/7013: [ 261.104380][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 261.113496][ C1] #1: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 261.123833][ C1] #2: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 261.133921][ C1] 2 locks held by syz.0.294/7023: [ 261.138985][ C1] #0: ffff88805320b678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x780 [ 261.149475][ C1] #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 261.158402][ C1] 1 lock held by syz.2.303/7051: [ 261.163415][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: ip6_mroute_setsockopt+0xe34/0x1340 [ 261.173404][ C1] 1 lock held by syz.3.307/7083: [ 261.178375][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48f/0x2400 [ 261.187829][ C1] 1 lock held by syz.3.307/7087: [ 261.192980][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 261.202140][ C1] 1 lock held by syz.3.307/7091: [ 261.207143][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x706/0x1340 [ 261.216166][ C1] 2 locks held by syz.3.307/7094: [ 261.221233][ C1] #0: ffff88801ec83678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x780 [ 261.231762][ C1] #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 [ 261.240698][ C1] 2 locks held by syz.1.308/7089: [ 261.245842][ C1] #0: ffff888060fca008 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 [ 261.256184][ C1] #1: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 261.267269][ C1] 1 lock held by syz.1.308/7090: [ 261.272256][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 261.281844][ C1] 1 lock held by syz-executor/7099: [ 261.287134][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 261.296953][ C1] [ 261.299328][ C1] ============================================= [ 261.299328][ C1] [ 262.128514][ T7051] pim6reg: entered allmulticast mode [ 262.182892][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.243619][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.273430][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.304547][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.315459][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.326878][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.337253][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.350632][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.366648][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.387660][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.418207][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.451371][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.492310][ T6770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.513562][ T6770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.536189][ T6770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.585118][ T5095] Bluetooth: hci8: command tx timeout [ 262.722296][ T6770] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.731399][ T5149] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 262.745874][ T6770] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.761758][ T6770] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.771095][ T6770] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.968422][ T5149] usb 3-1: Using ep0 maxpacket: 32 [ 263.047502][ T5149] usb 3-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08 [ 263.099628][ T5149] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.262539][ T5149] usb 3-1: Product: syz [ 263.265996][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.294071][ T5149] usb 3-1: Manufacturer: syz [ 263.300395][ T5149] usb 3-1: SerialNumber: syz [ 263.313674][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.346861][ T5149] usb 3-1: config 0 descriptor?? [ 263.371017][ T5149] go7007 3-1:0.0: probe with driver go7007 failed with error -12 [ 263.520681][ T2908] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.529456][ T2908] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.558722][ T931] usb 3-1: USB disconnect, device number 11 [ 263.564982][ T5148] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 263.597306][ T7099] chnl_net:caif_netlink_parms(): no params data found [ 263.803760][ T5148] usb 4-1: Using ep0 maxpacket: 16 [ 263.814957][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 263.827508][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.836810][ T5148] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 263.855324][ T5148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.879489][ T5148] usb 4-1: config 0 descriptor?? [ 263.969453][ T7099] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.981449][ T7099] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.989342][ T7099] bridge_slave_0: entered allmulticast mode [ 264.023890][ T7099] bridge_slave_0: entered promiscuous mode [ 264.045263][ T7099] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.062941][ T7099] bridge0: port 2(bridge_slave_1) entered disabled state [ 264.093810][ T7099] bridge_slave_1: entered allmulticast mode [ 264.114152][ T7099] bridge_slave_1: entered promiscuous mode [ 264.296922][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.544027][ T4489] Bluetooth: hci4: command tx timeout [ 264.644873][ T4489] Bluetooth: hci8: command tx timeout [ 264.886821][ T7126] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 264.974383][ T7126] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 265.036459][ T5148] hid (null): report_id 0 is invalid [ 265.106857][ T5148] hid (null): unknown global tag 0xc [ 265.135763][ T7099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.149225][ T5148] hid-generic 0003:0158:0100.0004: unknown main item tag 0x1 [ 265.197168][ T5148] hid-generic 0003:0158:0100.0004: unexpected long global item [ 265.241973][ T5148] hid-generic 0003:0158:0100.0004: probe with driver hid-generic failed with error -22 [ 265.281126][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.352241][ T7099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.473733][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.577077][ T7099] team0: Port device team_slave_0 added [ 265.599775][ T7099] team0: Port device team_slave_1 added [ 265.712962][ T7144] 9pnet_fd: Insufficient options for proto=fd [ 265.747139][ T7099] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 265.747171][ T7099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.747280][ T7099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 265.756051][ T7099] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 265.756074][ T7099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.756105][ T7099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 265.803639][ T5151] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 265.993752][ T5151] usb 5-1: Using ep0 maxpacket: 8 [ 266.001181][ T5151] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 266.001216][ T5151] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 266.001241][ T5151] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 266.005040][ T5151] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 266.005080][ T5151] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.005106][ T5151] usb 5-1: Product: syz [ 266.005124][ T5151] usb 5-1: Manufacturer: syz [ 266.005144][ T5151] usb 5-1: SerialNumber: syz [ 266.212799][ T12] bridge_slave_1: left allmulticast mode [ 266.328288][ T12] bridge_slave_1: left promiscuous mode [ 266.344953][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.366087][ T12] bridge_slave_0: left allmulticast mode [ 266.384495][ T12] bridge_slave_0: left promiscuous mode [ 266.390765][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.447125][ T8] usb 4-1: USB disconnect, device number 6 [ 266.483238][ T7154] netlink: 12 bytes leftover after parsing attributes in process `syz.4.248'. [ 266.723481][ T4489] Bluetooth: hci8: command tx timeout [ 267.620074][ T7172] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 268.803549][ T4489] Bluetooth: hci8: command tx timeout [ 268.838493][ T7179] loop1: detected capacity change from 0 to 256 [ 268.925691][ T7179] FAT-fs (loop1): Directory bread(block 1285) failed [ 268.958907][ T7179] FAT-fs (loop1): Directory bread(block 1285) failed [ 268.967230][ T7179] FAT-fs (loop1): Directory bread(block 1285) failed [ 268.991818][ T7179] FAT-fs (loop1): Directory bread(block 1285) failed [ 269.025009][ T7179] FAT-fs (loop1): Directory bread(block 1285) failed [ 269.031964][ T7179] FAT-fs (loop1): Directory bread(block 1285) failed [ 269.070293][ T7179] FAT-fs (loop1): Directory bread(block 1285) failed [ 269.221150][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 269.247152][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 269.270573][ T12] bond0 (unregistering): Released all slaves [ 269.319746][ T7099] hsr_slave_0: entered promiscuous mode [ 269.347557][ T7099] hsr_slave_1: entered promiscuous mode [ 269.369041][ T7099] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 269.377068][ T7099] Cannot create hsr debugfs directory [ 269.386109][ T7118] netlink: 4 bytes leftover after parsing attributes in process `syz.4.248'. [ 269.399950][ T7181] loop3: detected capacity change from 0 to 32768 [ 269.410273][ T5094] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 269.465751][ T5148] usb 5-1: USB disconnect, device number 5 [ 269.625084][ T5094] usb 2-1: Using ep0 maxpacket: 32 [ 269.654445][ T5094] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08 [ 269.687379][ T5094] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 269.733445][ T5094] usb 2-1: Product: syz [ 269.737754][ T5094] usb 2-1: Manufacturer: syz [ 269.742519][ T5094] usb 2-1: SerialNumber: syz [ 269.808160][ T5094] usb 2-1: config 0 descriptor?? [ 269.855298][ T4489] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 269.871060][ T4489] Bluetooth: hci4: Injecting HCI hardware error event [ 269.881455][ T4489] Bluetooth: hci4: hardware error 0x00 [ 269.898988][ T5094] go7007 2-1:0.0: probe with driver go7007 failed with error -12 [ 270.129528][ T5151] usb 2-1: USB disconnect, device number 3 [ 270.333747][ T7184] pim6reg: entered allmulticast mode [ 270.404721][ T29] audit: type=1326 audit(1720397259.535:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.3.328" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a06775bd9 code=0x0 [ 270.426316][ C1] vkms_vblank_simulate: vblank timer overrun [ 270.601311][ T7204] binder: 7197:7204 ioctl 541b 20000380 returned -22 [ 271.123488][ T5095] Bluetooth: hci6: command tx timeout [ 271.653632][ T12] hsr_slave_0: left promiscuous mode [ 271.693665][ T12] hsr_slave_1: left promiscuous mode [ 271.716495][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 271.745829][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 271.787459][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 271.823587][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 271.864196][ T5094] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 271.893786][ T12] veth1_macvtap: left promiscuous mode [ 271.899554][ T12] veth0_macvtap: left promiscuous mode [ 271.943814][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 272.005834][ T12] veth1_vlan: left promiscuous mode [ 272.488286][ T4489] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 272.495325][ T12] veth0_vlan: left promiscuous mode [ 272.793631][ T5094] usb 5-1: Using ep0 maxpacket: 16 [ 272.808843][ T5094] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 272.835643][ T7226] netlink: 48 bytes leftover after parsing attributes in process `syz.1.336'. [ 272.851021][ T5094] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 272.878525][ T5094] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 272.915046][ T5094] usb 5-1: config 0 descriptor?? [ 273.144867][ T5151] IPVS: starting estimator thread 0... [ 273.261283][ T7231] IPVS: using max 15 ests per chain, 36000 per kthread [ 273.562988][ T12] pim6reg (unregistering): left allmulticast mode [ 273.767059][ T7235] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 273.800079][ T7235] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 273.820803][ T12] pim6reg527 (unregistering): left allmulticast mode [ 273.879484][ T5094] hid (null): report_id 0 is invalid [ 273.914825][ T5094] hid (null): unknown global tag 0xc [ 273.950518][ T5094] hid-generic 0003:0158:0100.0005: unknown main item tag 0x1 [ 273.964508][ T5094] hid-generic 0003:0158:0100.0005: unexpected long global item [ 273.982339][ T5094] hid-generic 0003:0158:0100.0005: probe with driver hid-generic failed with error -22 [ 274.441068][ T7246] sctp: [Deprecated]: syz.3.339 (pid 7246) Use of int in max_burst socket option deprecated. [ 274.441068][ T7246] Use struct sctp_assoc_value instead [ 274.695310][ T12] team0 (unregistering): Port device team_slave_1 removed [ 274.758192][ T12] team0 (unregistering): Port device team_slave_0 removed [ 275.208394][ T5148] usb 5-1: USB disconnect, device number 6 [ 276.819297][ T7275] ptrace attach of "./syz-executor exec"[5089] was attempted by "./syz-executor exec"[7275] [ 277.400594][ T7282] loop1: detected capacity change from 0 to 8192 [ 277.428328][ T7282] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 277.441792][ T7099] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 277.451230][ T7287] loop3: detected capacity change from 0 to 8192 [ 277.488170][ T7099] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 277.569169][ T7099] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 277.621895][ T7099] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 277.634225][ T7304] ptrace attach of "./syz-executor exec"[6501] was attempted by "./syz-executor exec"[7304] [ 278.251251][ T7099] 8021q: adding VLAN 0 to HW filter on device bond0 [ 278.738747][ T7099] 8021q: adding VLAN 0 to HW filter on device team0 [ 278.921375][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 278.928853][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 279.005847][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.013129][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 279.126321][ T7324] netlink: 8 bytes leftover after parsing attributes in process `syz.2.367'. [ 279.182011][ T7325] syz.4.366 uses obsolete (PF_INET,SOCK_PACKET) [ 279.638108][ T7344] pim6reg: entered allmulticast mode [ 280.150125][ T7099] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 280.892697][ T7366] netlink: 12 bytes leftover after parsing attributes in process `syz.3.380'. [ 280.981920][ T7366] vlan2: entered promiscuous mode [ 281.007865][ T7366] vlan0: entered promiscuous mode [ 281.055304][ T7366] vlan0: left promiscuous mode [ 281.145185][ T7371] veth1_to_batadv: Caught tx_queue_len zero misconfig [ 281.213935][ T7371] netlink: 8 bytes leftover after parsing attributes in process `syz.4.381'. [ 281.266654][ T7099] veth0_vlan: entered promiscuous mode [ 281.388770][ T7099] veth1_vlan: entered promiscuous mode [ 281.903918][ T5146] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 282.123509][ T5146] usb 5-1: Using ep0 maxpacket: 16 [ 282.137202][ T5146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 282.179016][ T5146] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 282.222844][ T5146] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 282.250111][ T5146] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.294818][ T5146] usb 5-1: config 0 descriptor?? [ 282.520144][ T7099] veth0_macvtap: entered promiscuous mode [ 282.677519][ T7402] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 282.846396][ T7427] kvm: emulating exchange as write [ 282.879789][ T7412] syzkaller0: entered promiscuous mode [ 282.891767][ T7412] syzkaller0: entered allmulticast mode [ 283.155781][ T5146] usbhid 5-1:0.0: can't add hid device: -71 [ 283.180335][ T5146] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 283.221796][ T5146] usb 5-1: USB disconnect, device number 7 [ 283.427193][ T7099] veth1_macvtap: entered promiscuous mode [ 287.608349][ T7493] ipvlan1: Caught tx_queue_len zero misconfig [ 287.624894][ T7493] netlink: 8 bytes leftover after parsing attributes in process `syz.4.402'. [ 287.695468][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.731622][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.747560][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.768424][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.793589][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.813451][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.827802][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.841540][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.857639][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.870604][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.880605][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.891308][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.901209][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.911972][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.955450][ T7099] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 287.980051][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 288.000386][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.034771][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 288.052469][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.062629][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 288.073490][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.083541][ T5151] usb 5-1: new low-speed USB device number 8 using dummy_hcd [ 288.091756][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 288.103274][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.113862][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 288.124950][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.136047][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 288.150725][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.162709][ T7099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 288.185186][ T7099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.203000][ T7099] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 288.226550][ T7099] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.235836][ T7099] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.250064][ T7099] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.260657][ T7099] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.284186][ T5148] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 288.285379][ T5151] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 288.321559][ T5151] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 288.334250][ T5151] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.463645][ T5148] usb 4-1: Using ep0 maxpacket: 16 [ 288.475192][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 288.510434][ T5148] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 288.543671][ T5285] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 288.572079][ T5285] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 288.581096][ T5148] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 288.633389][ T5148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.701600][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 288.709451][ T5151] usb 5-1: string descriptor 0 read error: -71 [ 288.710167][ T5151] hub 5-1:32.0: bad descriptor, ignoring hub [ 288.733579][ T5148] usb 4-1: config 0 descriptor?? [ 288.733635][ T5151] hub 5-1:32.0: probe with driver hub failed with error -5 [ 288.777280][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 289.506002][ T5151] usb 5-1: USB disconnect, device number 8 [ 289.690757][ T29] audit: type=1326 audit(1720397278.825:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7521 comm="syz.4.411" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcdab375bd9 code=0x0 [ 289.742437][ T5148] usbhid 4-1:0.0: can't add hid device: -71 [ 289.749895][ T5148] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 289.771153][ T5148] usb 4-1: USB disconnect, device number 7 [ 290.178775][ T7525] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 290.479612][ T7532] syzkaller0: entered promiscuous mode [ 290.487275][ T7532] syzkaller0: entered allmulticast mode [ 290.586194][ T7536] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 292.761511][ T5140] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 292.994439][ T5140] usb 3-1: Using ep0 maxpacket: 16 [ 293.002847][ T5140] usb 3-1: config index 0 descriptor too short (expected 36164, got 36) [ 293.020692][ T5140] usb 3-1: config 85 has too many interfaces: 95, using maximum allowed: 32 [ 293.029598][ T5140] usb 3-1: config 85 has an invalid descriptor of length 123, skipping remainder of the config [ 293.060663][ T5140] usb 3-1: config 85 has 0 interfaces, different from the descriptor's value: 95 [ 293.090712][ T5140] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 293.120511][ T5140] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.237942][ T7557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.423'. [ 293.408382][ T5140] usb 3-1: string descriptor 0 read error: -71 [ 293.444932][ T5140] usb 3-1: USB disconnect, device number 12 [ 294.195087][ T5095] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 294.208303][ T5095] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 294.218932][ T5095] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 294.235478][ T5095] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 294.244859][ T5095] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 294.254261][ T5095] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 295.690468][ T7558] veth1_to_bridge: Caught tx_queue_len zero misconfig [ 295.699111][ T7558] sch_tbf: burst 0 is lower than device veth1_to_bridge mtu (1514) ! [ 295.939869][ T7576] netlink: 20 bytes leftover after parsing attributes in process `syz.2.428'. [ 296.353896][ T5095] Bluetooth: hci5: command tx timeout [ 297.100139][ T7565] chnl_net:caif_netlink_parms(): no params data found [ 298.403612][ T5095] Bluetooth: hci5: command tx timeout [ 298.615116][ T7565] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.622539][ T7565] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.630628][ T7565] bridge_slave_0: entered allmulticast mode [ 298.638443][ T7565] bridge_slave_0: entered promiscuous mode [ 298.648063][ T7565] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.655447][ T7565] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.663277][ T7565] bridge_slave_1: entered allmulticast mode [ 298.678818][ T7565] bridge_slave_1: entered promiscuous mode [ 298.906499][ T7615] netlink: 'syz.3.439': attribute type 6 has an invalid length. [ 298.933472][ T7615] netlink: 'syz.3.439': attribute type 7 has an invalid length. [ 298.955554][ T7615] netlink: 'syz.3.439': attribute type 8 has an invalid length. [ 299.000340][ T7565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 299.013729][ T7177] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 299.042515][ T7565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 299.053541][ T30] INFO: task syz.0.105:5825 blocked for more than 143 seconds. [ 299.061581][ T30] Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 299.070884][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 299.089461][ T30] task:syz.0.105 state:D stack:26624 pid:5825 tgid:5825 ppid:5298 flags:0x00000004 [ 299.187564][ T30] Call Trace: [ 299.199778][ T30] [ 299.233691][ T7177] usb 3-1: Using ep0 maxpacket: 16 [ 299.243481][ T30] __schedule+0x1800/0x4a60 [ 299.257653][ T7177] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 299.272553][ T7177] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 299.295424][ T7177] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.313505][ T30] ? __pfx___schedule+0x10/0x10 [ 299.318516][ T30] ? __pfx_lock_release+0x10/0x10 [ 299.344260][ T7177] usb 3-1: config 0 descriptor?? [ 299.367527][ T7621] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 299.370351][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 299.400290][ T30] ? schedule+0x90/0x320 [ 299.444381][ T30] schedule+0x14b/0x320 [ 299.449294][ T30] io_schedule+0x8d/0x110 [ 299.463421][ T30] folio_wait_bit_common+0x882/0x12b0 [ 299.468916][ T30] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 299.493960][ T30] ? __pfx_wake_page_function+0x10/0x10 [ 299.499668][ T30] remove_inode_hugepages+0x508/0x1520 [ 299.514385][ T30] ? __pfx_remove_inode_hugepages+0x10/0x10 [ 299.520435][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 299.525928][ T30] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 299.532167][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 299.538083][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 299.543491][ T30] ? __pfx_hugetlbfs_evict_inode+0x10/0x10 [ 299.549416][ T30] hugetlbfs_evict_inode+0x23/0x70 [ 299.557111][ T30] ? __pfx_hugetlbfs_evict_inode+0x10/0x10 [ 299.563041][ T30] evict+0x2a8/0x630 [ 299.567260][ T30] __dentry_kill+0x20d/0x630 [ 299.571949][ T30] ? dput+0x37/0x2b0 [ 299.576178][ T30] dput+0x19f/0x2b0 [ 299.580044][ T30] __fput+0x5f8/0x8a0 [ 299.584251][ T30] task_work_run+0x24f/0x310 [ 299.589005][ T30] ? __pfx_task_work_run+0x10/0x10 [ 299.594386][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 299.600233][ T30] syscall_exit_to_user_mode+0x168/0x370 [ 299.606219][ T30] do_syscall_64+0x100/0x230 [ 299.610891][ T30] ? clear_bhb_loop+0x35/0x90 [ 299.619123][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.625538][ T30] RIP: 0033:0x7fbccab75bd9 [ 299.630023][ T30] RSP: 002b:00007fff962e4da8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 299.639543][ T30] RAX: 0000000000000000 RBX: 000000000002319f RCX: 00007fbccab75bd9 [ 299.648135][ T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 299.656624][ T30] RBP: ffffffffffffffff R08: 0000000000000001 R09: 00000011962e50df [ 299.665140][ T30] R10: 00007fbccaa00000 R11: 0000000000000246 R12: 00007fbccad03f6c [ 299.674861][ T30] R13: 0000000000000032 R14: 00007fbccad05a60 R15: 00007fbccad03f60 [ 299.683031][ T30] [ 299.688594][ T30] [ 299.688594][ T30] Showing all locks held in the system: [ 299.731541][ T30] 1 lock held by pool_workqueue_/3: [ 299.767044][ T30] 3 locks held by kworker/1:0/25: [ 299.773004][ T30] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 299.823855][ T30] #1: ffffc900001f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 299.863841][ T30] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 299.872992][ T30] 1 lock held by khungtaskd/30: [ 299.915358][ T30] #0: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 299.963693][ T30] 2 locks held by getty/4848: [ 299.968515][ T30] #0: ffff88802eee90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 300.041129][ T30] #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 300.083479][ T30] 2 locks held by kworker/0:3/5146: [ 300.088806][ T30] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 300.183435][ T30] #1: ffffc900034d7d00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 300.228456][ T30] 3 locks held by kworker/1:5/5151: [ 300.255149][ T30] 1 lock held by syz.0.105/5825: [ 300.260204][ T30] #0: ffff88801b2be3c8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 300.278480][ T30] 1 lock held by syz.2.208/6502: [ 300.288192][ T30] #0: ffff88801b2be0f8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 300.317275][ T30] 1 lock held by syz.4.236/6651: [ 300.322327][ T30] #0: ffff88801b2be8d8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 300.353750][ T30] 5 locks held by kworker/0:8/7177: [ 300.359390][ T30] #0: ffff8880186a5948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 300.382320][ T30] #1: ffffc9000ccd7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 300.394592][ T30] #2: ffff88823bc76990 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150 [ 300.413430][ T30] #3: ffff88801caf8190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520 [ 300.422914][ T30] #4: ffff88801eed9068 (hcd->bandwidth_mutex){+.+.}-{3:3}, at: usb_set_configuration+0x4fb/0x1fb0 [ 300.438288][ T30] 1 lock held by syz.1.394/7450: [ 300.443306][ T30] #0: ffff88801b2be188 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 300.455285][ T30] 1 lock held by syz.0.309/7515: [ 300.460295][ T30] #0: ffff88801b2be7b8 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x38e/0x1520 [ 300.472242][ T30] 3 locks held by syz.4.437/7618: [ 300.479837][ T30] #0: ffff888023c10d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 300.490414][ T30] #1: ffff888023c10078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x494/0xf70 [ 300.494534][ T5095] Bluetooth: hci5: command tx timeout [ 300.500347][ T30] #2: ffffffff8f76ede8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 300.515898][ T30] 1 lock held by syz.2.438/7611: [ 300.520921][ T30] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 300.530133][ T30] 4 locks held by syz.3.440/7623: [ 300.540041][ T30] #0: ffff88807efc4d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 [ 300.550674][ T30] #1: ffff88807efc4078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x494/0xf70 [ 300.560964][ T30] #2: ffffffff8f76ede8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240 [ 300.571425][ T30] #3: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 300.585799][ T30] [ 300.588290][ T30] ============================================= [ 300.588290][ T30] [ 300.619049][ T30] NMI backtrace for cpu 0 [ 300.623467][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 300.633678][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 300.643792][ T30] Call Trace: [ 300.647126][ T30] [ 300.650187][ T30] dump_stack_lvl+0x241/0x360 [ 300.654928][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 300.660245][ T30] ? __pfx__printk+0x10/0x10 [ 300.664883][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 300.669954][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 300.674926][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 300.680396][ T30] ? _printk+0xd5/0x120 [ 300.684596][ T30] ? __pfx__printk+0x10/0x10 [ 300.689198][ T30] ? __wake_up_klogd+0x109/0x140 [ 300.694148][ T30] ? __pfx__printk+0x10/0x10 [ 300.698881][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 300.703917][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 300.709994][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 300.716005][ T30] watchdog+0xfee/0x1030 [ 300.720276][ T30] ? watchdog+0x1ea/0x1030 [ 300.724897][ T30] ? __pfx_watchdog+0x10/0x10 [ 300.729612][ T30] kthread+0x2f0/0x390 [ 300.733741][ T30] ? __pfx_watchdog+0x10/0x10 [ 300.738534][ T30] ? __pfx_kthread+0x10/0x10 [ 300.743161][ T30] ret_from_fork+0x4b/0x80 [ 300.747607][ T30] ? __pfx_kthread+0x10/0x10 [ 300.752224][ T30] ret_from_fork_asm+0x1a/0x30 [ 300.757024][ T30] [ 300.761661][ T30] Sending NMI from CPU 0 to CPUs 1: [ 300.768619][ C1] NMI backtrace for cpu 1 [ 300.768636][ C1] CPU: 1 UID: 0 PID: 1109 Comm: kworker/u8:6 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 300.768662][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 300.768674][ C1] Workqueue: events_unbound cfg80211_wiphy_work [ 300.768704][ C1] RIP: 0010:alloc_object+0x128/0x6d0 [ 300.768725][ C1] Code: 08 4c 89 f7 e8 a9 e8 42 fd 49 89 2e 48 85 ed 74 27 48 83 c5 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 <74> 08 48 89 ef e8 7e e8 42 fd 4c 89 75 00 49 be 00 00 00 00 00 fc [ 300.768740][ C1] RSP: 0018:ffffc900045deb70 EFLAGS: 00000046 [ 300.768755][ C1] RAX: 1ffff110043c24be RBX: ffff8880642ebee0 RCX: dffffc0000000000 [ 300.768768][ C1] RDX: ffffffff8bcbe300 RSI: ffffffff8c207f00 RDI: ffffffff8c207ec0 [ 300.768781][ C1] RBP: ffff888021e125f0 R08: 0000000000000003 R09: fffff520008bbd5c [ 300.768795][ C1] R10: dffffc0000000000 R11: ffffffff81785820 R12: 1ffff1100c85d7dc [ 300.768808][ C1] R13: ffff8880642ebee8 R14: ffff8880b953a440 R15: 1ffff1100c85d7dd [ 300.768822][ C1] FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 300.768837][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 300.768849][ C1] CR2: 00007f6a07504fa8 CR3: 000000007c39c000 CR4: 00000000003506f0 [ 300.768865][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 300.768876][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 300.768887][ C1] Call Trace: [ 300.768894][ C1] [ 300.768902][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 300.768924][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 300.768950][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 300.768970][ C1] ? nmi_handle+0x2a/0x5a0 [ 300.768996][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 300.769018][ C1] ? nmi_handle+0x14f/0x5a0 [ 300.769034][ C1] ? nmi_handle+0x2a/0x5a0 [ 300.769051][ C1] ? alloc_object+0x128/0x6d0 [ 300.769067][ C1] ? default_do_nmi+0x63/0x160 [ 300.769088][ C1] ? exc_nmi+0x123/0x1f0 [ 300.769108][ C1] ? end_repeat_nmi+0xf/0x53 [ 300.769132][ C1] ? __pfx_rcuhead_is_static_object+0x10/0x10 [ 300.769154][ C1] ? alloc_object+0x128/0x6d0 [ 300.769171][ C1] ? alloc_object+0x128/0x6d0 [ 300.769189][ C1] ? alloc_object+0x128/0x6d0 [ 300.769205][ C1] [ 300.769211][ C1] [ 300.769220][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 300.769249][ C1] debug_object_activate+0x249/0x510 [ 300.769281][ C1] ? __pfx_debug_object_activate+0x10/0x10 [ 300.769310][ C1] ? stack_depot_save_flags+0x29/0x830 [ 300.769341][ C1] ? mark_lock+0x9a/0x360 [ 300.769366][ C1] kvfree_call_rcu+0x99/0x790 [ 300.769392][ C1] ? __lock_acquire+0x1359/0x2000 [ 300.769418][ C1] ? __pfx_kvfree_call_rcu+0x10/0x10 [ 300.769450][ C1] cfg80211_update_known_bss+0xb39/0x1500 [ 300.769475][ C1] ? cmp_bss+0x8c7/0xea0 [ 300.769493][ C1] __cfg80211_bss_update+0x153/0x2170 [ 300.769512][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 300.769531][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 300.769555][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 300.769573][ C1] ? cfg80211_inform_single_bss_data+0xaff/0x2030 [ 300.769593][ C1] ? cfg80211_inform_single_bss_data+0xaff/0x2030 [ 300.769611][ C1] ? cfg80211_inform_single_bss_data+0xaff/0x2030 [ 300.769630][ C1] ? cfg80211_inform_single_bss_data+0xd3d/0x2030 [ 300.769652][ C1] cfg80211_inform_single_bss_data+0xd51/0x2030 [ 300.769677][ C1] ? __read_once_word_nocheck+0x9/0x20 [ 300.769708][ C1] ? __read_once_word_nocheck+0x9/0x20 [ 300.769735][ C1] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 300.769765][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 300.769790][ C1] ? __kernel_text_address+0xd/0x40 [ 300.769806][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 300.769832][ C1] ? cfg80211_inform_bss_data+0x3c5/0x5a70 [ 300.769853][ C1] cfg80211_inform_bss_data+0x3dd/0x5a70 [ 300.769887][ C1] ? __pfx_validate_chain+0x10/0x10 [ 300.769930][ C1] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 300.769954][ C1] ? mark_lock+0x9a/0x360 [ 300.769980][ C1] ? __lock_acquire+0x1359/0x2000 [ 300.770019][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 300.770042][ C1] ? ieee80211_bss_info_update+0x3d9/0xbc0 [ 300.770070][ C1] cfg80211_inform_bss_frame_data+0x3bc/0x720 [ 300.770096][ C1] ? ieee80211_bss_info_update+0x3d9/0xbc0 [ 300.770121][ C1] ieee80211_bss_info_update+0x8a7/0xbc0 [ 300.770149][ C1] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 300.770175][ C1] ? __pfx_lock_release+0x10/0x10 [ 300.770208][ C1] ieee80211_ibss_rx_queued_mgmt+0x1962/0x2d70 [ 300.770242][ C1] ? ieee80211_ibss_rx_queued_mgmt+0xf7e/0x2d70 [ 300.770267][ C1] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 300.770297][ C1] ? mark_lock+0x9a/0x360 [ 300.770323][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 300.770347][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 300.770370][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 300.770399][ C1] ieee80211_iface_work+0x8a5/0xf20 [ 300.770430][ C1] cfg80211_wiphy_work+0x2db/0x490 [ 300.770456][ C1] ? process_scheduled_works+0x945/0x1830 [ 300.770477][ C1] process_scheduled_works+0xa2c/0x1830 [ 300.770516][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 300.770543][ C1] ? assign_work+0x364/0x3d0 [ 300.770566][ C1] worker_thread+0x86d/0xd40 [ 300.770597][ C1] ? __kthread_parkme+0x169/0x1d0 [ 300.770621][ C1] ? __pfx_worker_thread+0x10/0x10 [ 300.770643][ C1] kthread+0x2f0/0x390 [ 300.770672][ C1] ? __pfx_worker_thread+0x10/0x10 [ 300.770693][ C1] ? __pfx_kthread+0x10/0x10 [ 300.770718][ C1] ret_from_fork+0x4b/0x80 [ 300.770742][ C1] ? __pfx_kthread+0x10/0x10 [ 300.770766][ C1] ret_from_fork_asm+0x1a/0x30 [ 300.770800][ C1] [ 301.366434][ T7177] usb 3-1: can't set config #0, error -71 [ 301.398417][ T7177] usb 3-1: USB disconnect, device number 13 [ 301.436636][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 301.443646][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 301.453671][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 301.463937][ T30] Call Trace: [ 301.467222][ T30] [ 301.470157][ T30] dump_stack_lvl+0x241/0x360 [ 301.474860][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 301.480080][ T30] ? __pfx__printk+0x10/0x10 [ 301.484707][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 301.490703][ T30] ? vscnprintf+0x5d/0x90 [ 301.495216][ T30] panic+0x349/0x870 [ 301.499125][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 301.505291][ T30] ? __pfx_panic+0x10/0x10 [ 301.509725][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 301.515107][ T30] ? __irq_work_queue_local+0x137/0x410 [ 301.520839][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 301.526319][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 301.532473][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 301.538646][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 301.544914][ T30] watchdog+0x102d/0x1030 [ 301.549301][ T30] ? watchdog+0x1ea/0x1030 [ 301.553759][ T30] ? __pfx_watchdog+0x10/0x10 [ 301.558469][ T30] kthread+0x2f0/0x390 [ 301.562595][ T30] ? __pfx_watchdog+0x10/0x10 [ 301.567316][ T30] ? __pfx_kthread+0x10/0x10 [ 301.571943][ T30] ret_from_fork+0x4b/0x80 [ 301.576421][ T30] ? __pfx_kthread+0x10/0x10 [ 301.581042][ T30] ret_from_fork_asm+0x1a/0x30 [ 301.585846][ T30] [ 301.589096][ T30] Kernel Offset: disabled [ 301.593459][ T30] Rebooting in 86400 seconds..