last executing test programs:

12.68843692s ago: executing program 1 (id=3221):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
prlimit64(0x0, 0xe, &(0x7f0000000400)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dos1xfloppy,usefree,nodots,fmask=0000000000000010,flush,nfs=nostale_ro,dots,nodots,\x00'], 0x1, 0x159, &(0x7f00000004c0)="$eJzs27GKE0EcBvB/TKJRm9RisWBjFdQnUCSCuKAoKbRSiDaJBEyz2phH8QUFSZVuRPdI7nLJkRzs7ZH8fk0++GZgpsgOs7Af738dDSfTL5M38+g0GtF6GlksGtGNG9GM0iwAgEOySCn+pJTSrVnc/hUppXNDftayMACgMjuc/wDAgXH+A8Dxcf4DwPF59/7Dq2d53n+bZZ2I37NiUAzK37J/8TLvP8r+665mzYti0Fz2j8s+O9u3485J/2RjfzMePij7f93z1/lafzeG1W8fAAAAjkIvW9p4v+/1tvVlOvV+YO3+3op7rSvbBgCwh+n3H6NP4/Hnb3uFiMvMOojQjohrsAxBqDbU/WQCqrb609e9EgAAAAAAAAAAAAAAYJudvwfqXDx4kbZPr3uPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsO5vAAAA//9XS09N")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket(0x10, 0x80002, 0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000003c0)='.\x00', 0x1b4a47c, &(0x7f00000018c0)=ANY=[@ANYRES32=0x0, @ANYRES64=0x0, @ANYRES32, @ANYRESHEX, @ANYRES16=r3, @ANYRES64, @ANYBLOB="3093e121f7523fece90a37d5a927c18dd10d3154456ac66e96749c346fd71173e12fcf6d1160b1a8ed194deb98dc67b07edd64d7e1afef339c828e956edf4068785cb0d7d4a24137cf9c2cac79060c0beb7d1ab2be0fac9a6d6028d2e9d895ec67dec6914528a112adced19a86ad8403eb4e04bc7d51afc6561063bbb696c825a82153efcf06941b3ae039ef7761b7a2bbddc32f3cc39f6ffb5d2a808f3e7ecd9039d8c7895b00ebbf6dc950788fbca296f89178e938440f8e57819e17eb79736882e9699d96b1959c119730542c4baf0af7acac79531d0c4623bb5055768b6228217225ea7782904746898b13fc6dab1c63a2c2d5a724a8bb745da18da54627d618842162c1367e4361737545a8628fb76106c1212ce6152ef12ebda119a33e28f17ba3fbf9eed69447ca88876cbabfce8b2aba2f668f5b91d00d5de2be7bf028b273ec31e63b4fbf87f6cbf1efb41a7e538e4f4a66962d7c7a0b2ff01e86df58b94f1a321aa1297c5a4cc42b656d9acb7a40490ede8099679fb86b4ee7a852aa68358dcea38ad3d2b3b794db5b3caec0228b39709eedd31a55aaf2b49146d0effdc3dfce3ec78e4bb2f65ceb9ca94a2e2fed7efc2b6bcd462955cf911ed5dbb62d6339d001bee46a4989d87cf0578d0f8913ed29d36c31e9b41678ec127f48d40003c0569b6102757c87f00adb7920ab2b78a82bfc115f831ab9abc72a93299c0e1971d17a2b3d376d66e6ddfe3dd86166507f87b6db73fe284aa52db7645601329b6087cab267eefc8bb846cad8ade3e61be692a066d0e6a3f0603d0405d58aa07c406950a69fff78a37cb9e2c9d420bb9394e483252739cabecc7418b142ec8c84e394b42c05c3f116409fc830fac08788bc2b93cb491696a8385d07cd1e19a9de182abeceb435e92d4eda2d2710cb06180c6271e5c1a26edf630ee16848993e3c3ef8804a87407b7e7cdb8d263238cec45424f7dfda3b1a8390e39820ac367c33aafc4edb3223578c108628e6fa84d7805208d796d91e4b83794fdea7fa49ed4c422aed72db2d46df97082b904dd80ed9cb4ab29b4cc1e345d76999971bb7a3bcf191634020eeda9c58c3b2a306921ef7830f672cc1da4905963b0a4aede35913fdf8dbd4e8ba22e39bfba342c6a302f7a03225d021f0e0e357200f7301ce560b065d1431ad16702e035caab022382d6251e88ef861145c1a3121ff099feda4dcf6561a026889ac3f0474d6a868a4f24ea60f7bc95bf7f2afb85a430658eb3b2b84b61a695f90e01f30a417c79caa44640e7eb9195f844346100c551d4fc23ef249f29ec1a5489839d153c3fce79b288d86a48eadc7024cab6f9b626c7eeb87e8f76ec6205c3487deaef65133ec2677c642887de743d1dcc2dbf72f7b9062b9654ff693aa688dd5e05ed48c8d681cd426bde017c08d31d83994284efb804a9beda7091240e7feb740307412e4c64aa422b91dfd31874a43aa2e76988e5933f557c884cd4b960a6321828692975a76f6473cd0650cbd9dd09acfad7aec17c7a6c34e3c9327469d77d1ee32992f1f2c47ff36026f74b4c8d01cf52eefd44d30519f33cc13cb30cf7a43f7305fd76b063d2363ac318e0090d3516cbbd82da99b3f53d570c2e2b85883abf68332f0ea3e0721bd251cea500281405d34aaed523c2684cd5e255919d828bf00f2d62a3d0b56d3d7cd18c5fa6f0764aeea0405e8731f0b223bd19471b8188c4b00cb5c2d057444148a390f36f2ddbf3bb6c46f4c96058ff00057311d2cff2a9c081f3f47967bc5c7c1dc554cd66c39ee403cd426a659131f3e2b9f0109af5414214e81344e0ff0129fe9ec7c01814823c995bf1b437e4f1f07f83055ded75331575d921231b448609f1aa76ae28edc70612e8de047c338712a43413a047c67a2fb3ec7c525a1720d01d8e0e92ae34f3b88c9b4e6c3e938919a4390628f6529dfa8d1f5666c28d4ae9bf8d5a579d5117e027a4cbbc5193a1c3f811a4822746e4c10fe9fd0ac93df86fb41e3d3993cdacb05f633be404a0d7fd256ca01c131859d08e5cd26809f786c5c57866d76f25ae000fc7517e2e74c29f1cf804fa6ae0bd985926daadbc1c61b9e042d8b6367d1e68e3e23476830f8fa2ff4999f17120d64537d601990fa130eaa19b6b660730f37f2256e028689c5b86582819ee5103d8cb23c246f4f34dfb7adebf2a14eb41eef768ecd6dbb37075ed8bf462104e0303f74fd81e69209c0d89cef3b0231a1b24b60d3edf5cb96043ef449823440c2edb1fcee97a9b56e811989ead072123d1090f1f7be126112497c2042bfdea16a14c34d6c90fe8be6a3558ecbcadba53a939f78bd2af5efcb96d697e78fdf099a57981099d4c3b10c560b814c3eb719bd441cc7fc1667776fe21b1a2288804a6b2a0c65341660053f800fef460b93d2dd27b38cdc32fd781fd34480278756e8b9ea8a3fd7687b55064bf95b80d01122f81ac7b1b33c08e92f9736dd80bd850f0f5d54197e28624e8aee1e171a449c21576f420f41d09c3f15c8723303338ede1f73020d1d637a59596092d02b7df0a649be2890b825978f5a571b88425cabbadbff56bbd2bcd3e1ff4c9197e7f639fec41ce603e34a18eb21fac02fcd0c68025c3eba6aa01a8470915ec51a499659a179b12deed0153e02c88dbf4429ecd922675132de722b0d225125e8650cbec160ea8dde590d87d37dda05aa4ebf21a9b2f96bebfc0a495cdea3258f732451716ee60bb9c69d7a1c87ea7e804ec2864234805f3f698f32289de4beecf3fa0cb3649aa6b2d6191ad9493dd01a5380a89af9fbbdcf8482429e254dce6e3d55cd012cf937ec058c922d9490228a7a75c8f28691452bc65184e89bc9b59278c05356c1e9db634b4c3d69ac5b0ac074e21b06cda6f57727dc67503cb78124c9ba71a98138ff73ff83344562a6835262517b239eb12244bafe6200595576f520b6cec0128cc18e94df1a2404dafa7b8631870d4b0b28706463fcdb12ff30a4dae6836cdb00080000d9a2a00d354ac4489be77b69de05646a12406473e2803bab37ca3a8e4057c8c1acdfe64529affda8ab2dc2a2912901dbdaf31add3db2a1998ac2524a6544cbbeea0015f2e3e219d9f65892345b9707a75e47308a0803076b1f3599804410513619a2224e51669d25b3d9ad1d795df41f6718a6bfec935fe61d5b4ed48c9b3506afac9e6215a64b56cc35d69c84914886da4f443aeb9ba4d7b92de2afcaae0d27dcb9fb587de4cfb501419ec1ecf6409761ac42a92d6bf9067f76eee3f459815459dadf700ffc024c511159626bc33f4b67ff894cada0dfd232639d1cb979d4f7f6064b2ff18c5376dd3bddcf70e0db0cbc4169aff2f81295cbcda865bb4d38b135003bf0db7264a80d74628c4e14a24d4453fbfa6ec81befc58c8dc52806961c90aacfbfcafd097d07e285158e96129b7d7fc1e692bb47e59fe42c86be772ce525f2df3cd7fee26fa6f2c4ae8820af6bd86f71a650a8fc636f50fa0be68986d8bc9c4af917c8483057f85700d177efc36127c5737439ccaae4753a97ab57b701a73a9580c497e11f07c60d47407898404f0b8b4187a51a6fa83ea3bca73d58e601f6d62eb86be9675dfc61620f09099de918c1e5d661d8cac1b4a638689ecc5ab23af6807a48be79af1a6fe9a0c4dd0496f8ff2c3e7e395719523d529a57c8cbde9594196e381a549b24e92f62e53f267bdfa214e5830513ca33fdc6abd42c274926eec5b9b26df5b1d19a4e5a33751419853cf372ff3b1f19b7f69b8cc21325828ab5a27ec12a6c6be92b3fe86cc1947e90032535c01dbf4bc8f511d71c2af2b5a2839be10d41786cac3037af2edc90e10005de6c7cd8c8f212ced643b901880e797cf39819200f2d7a52737ffb928798589a399ca3476cee2371e278d7a617cbc0ad3291f4c118d33366316be15a11738b0b36824064fd6e24a17e11c83a72fe54afe4b62d3280df32c0d7089cf67ca673613f223f0b66134c74878ca46fd11f965cbe337258f9e313da2edcd5fdeffc85d6ca8db1355b15d389d4068cefefc1e3e2dea21b22d07fb5120fd4827dd4b3dd6f0c1cdf773820f9b539065569f5e9bdeb6b8dd48cd01b30b3b9ed6b9fb48fa7dc87ceeff8f54cf0744b8c307319615ecb0d7b240cd663425d945cd00906e5b9bd63b89bcac0f4b28837fbfa299866f2b228e7341e517694f4a30c451512eb85e8e011911df0e050d125e63d559f1deae50745dc0a73eb6f0c04b725d8b0e2dfa7668442e9e0da2b83d07b6180a8152e6a35b61b642effaa6a57815d032dd643ed925884d4fdf0d115d5d75ea50999933a770ff1b10b4e172104ee61c2455987db88a053782b97a77af12f01f3f74d1d6224a14a047fda4c181e6b01de067d764d5e666e08d9be7bf5f936a3e3442f741d1619983c77e3bbedf97c4430ac96fe3cc8df98f15188ea9f796dd0e3e0e4bde70cf534a15d0e82d27ffbbafba15d8889451ec8cb0c4a63ef2d6907db89555385e11ec7ef2534ca29cc64df6dc5b3b92697ec11b826449c5db22f81b93868caf8e3df973edfa578b79c012ef8ef433a1eda720e22e30b2901e955dee0646c1efafdf997cd1163e08cf03e9d33f02bdffe0a89cf91acf2ac99796fa05018984ea13ce514460e159b49421c4356928031595dea599f000f0debe2c42e8d3bdd05207e74588ab36a6daaddc8ea2c7c4c5294c385886e58fc6309b94fd91b9b56a37b73a1c163a5a5ea1bfaecc1898c4fe857fec7e9b7f3a24c2f90f61119a9c72aa8df532787db0d25ac60db91b456d03baba0577d96ab9b8439ffc2b7b72e0146e3f2f61118d08449c2a816644c895345fd0a4c019bb4a983095e236a8c1a38b946bdb877c2ae202592cb0266f7d80e2c1d1292532204f9be9f2f5954ce2fa99697c9b20fe138db57ac3134ad556d16d8d615c356d05fd95ab1bef26b23e1ad2ea5abaffede3e14bfe2ee55f593700c49a6c9ecf28d1a01d72b1920b1b7944ef7ed7a2f96a6f5ee4f40f54978a735d155b259d7afd53ac19ed2443d45dcbc84335a419109ab159403b0f828d94079c0c5e5320f91496a043b92901a1e8a4966315ada9f8ffc5ac70868c0df278afe7bfe0affb68aa13ed029bb965b6d6a9ebaba1d0d1a2c17b69d0ca3b0edfa3fefedb5bc0064272577ac22fa84bf819a4eea0ab2ba920888e4c2bc89286184fc10b6dcce84466f3db078fe3af1a90a5b9aa7b66a9e5450807601c2a17460027109908618ac2cc1508029151fc96ee5ab264d2c4236aacfca06c0e6b71b748900652de55f7761a4606a237bd11902178e3a2afde4cc4964b3dfe1abdaad79ed0d80693674c4737a0b17c2e42ba390f98e776a4e758ed98ce8bdeb914b01707602b10fffca3992f1168e7ab3793ad47236351ff7a20ecd50b4edb63e95ed05d6093ead98bbc2dec9dda3ac4b902bd02e4d0eb528653ce3aa313cee066181d7612f40234c1c3aef14fc99b7d9196cd7dab2ff27c388ef67de7b351cf40d343059eeda90e45700c36febfde7a07fce384200618548cb76d8017c2053b332507045a914e39b93f927b33396ab82feb532870c4323c2305398867aac393339656bd4b39c5da5d676fa5a233c7c62f8cc9ab4417a658bf9e679d22bb801ab10d855897a75e4b3e523e87e4ea1e17f270830cee4185d62ea0afd170508453ab0f42d3b35292c4e0000000000000000", @ANYRESDEC=r3, @ANYRES8, @ANYRESHEX, @ANYRES64, @ANYRES16=r3, @ANYRESDEC=0x0, @ANYRES32, @ANYRES16], 0x5, 0x0, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000017c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x189d051, 0x0, 0x40, 0x0, &(0x7f0000000140))
rmdir(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

12.370322239s ago: executing program 3 (id=3224):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001000ff1df4b7", @ANYRES32=0x0, @ANYBLOB="2911010020100000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1, @ANYBLOB="0500110002"], 0x4c}, 0x1, 0x0, 0x0, 0x8014}, 0x40040)

10.694936184s ago: executing program 3 (id=3225):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000080)=@in={0x2, 0x4e23, @local}, 0x80, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x10b8}, 0x20048000)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x428, 0x290, 0xc8, 0x8, 0x0, 0x5803, 0x358, 0x2e8, 0x2e8, 0x358, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xff, 0xff], [0xff000000, 0xff000000, 0xff, 0x1fe0000ff], 'bridge0\x00', 'batadv_slave_1\x00', {0xff}, {}, 0x89, 0x3, 0x0, 0x12}, 0x0, 0x228, 0x290, 0x0, {0x0, 0x2000000000000}, [@inet=@rpfilter={{0x28}, {0xc}}, @common=@inet=@hashlimit3={{0x158}, {'veth1_macvtap\x00', {0xeb98, 0x101, 0x7a, 0xfffd, 0x4, 0x9, 0x0, 0x7f, 0x8, 0x78}, {0xaa}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x8, 0x7, 0x2, 0x563, 'netbios-ns\x00', 'syz1\x00', {0x6}}}}, {{@ipv6={@private1={0xfc, 0x1, '\x00', 0xf0}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1c}}, [0xffffffff, 0x0, 0xff, 0xffffff00], [0xff000000, 0x0, 0x0, 0xff000000], 'pim6reg\x00', 'veth0_to_bond\x00', {0xff}, {0xff}, 0x11, 0x2, 0x3, 0x40}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x488)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000010400)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$int_in(r4, 0x5452, &(0x7f0000000280)=0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r5, 0x0, 0xc100)
sendto$inet6(r4, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r4, 0x1)
sendmmsg$inet_sctp(r3, &(0x7f00000032c0)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x48, 0x10, 0x421, 0x0, 0x2, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @empty}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x48}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
sendmmsg$inet_sctp(r3, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0xdd02}], 0xc, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r7 = accept4(r2, 0x0, 0x0, 0x80800)
setsockopt$sock_int(r7, 0x1, 0x7, &(0x7f00000014c0)=0x10000b, 0x4)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa", 0x32}, {&(0x7f00000003c0)}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000640)=""/88, 0x58}, {&(0x7f0000000280)=""/121, 0xa2ec4ae9}], 0x2, 0x0, 0x8dff}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x40000040)

10.653874934s ago: executing program 1 (id=3227):
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r3)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="070600000000000000002d00000006000400000000000c0005000201aaaa"], 0x4c}}, 0x20048840)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x400, &(0x7f00000001c0))
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000700)={@remote, @broadcast}, 0x7)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x420, &(0x7f00000000c0))

9.726862159s ago: executing program 3 (id=3230):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000580), 0x400)
socket(0x400000000010, 0x3, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0), 0x0, 0x4})

8.58174928s ago: executing program 3 (id=3235):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dos1xfloppy,usefree,nodots,fmask=0000000000000010,flush,nfs=nostale_ro,dots,nodots,\x00'], 0x1, 0x159, &(0x7f00000004c0)="$eJzs27GKE0EcBvB/TKJRm9RisWBjFdQnUCSCuKAoKbRSiDaJBEyz2phH8QUFSZVuRPdI7nLJkRzs7ZH8fk0++GZgpsgOs7Af738dDSfTL5M38+g0GtF6GlksGtGNG9GM0iwAgEOySCn+pJTSrVnc/hUppXNDftayMACgMjuc/wDAgXH+A8Dxcf4DwPF59/7Dq2d53n+bZZ2I37NiUAzK37J/8TLvP8r+665mzYti0Fz2j8s+O9u3485J/2RjfzMePij7f93z1/lafzeG1W8fAAAAjkIvW9p4v+/1tvVlOvV+YO3+3op7rSvbBgCwh+n3H6NP4/Hnb3uFiMvMOojQjohrsAxBqDbU/WQCqrb609e9EgAAAAAAAAAAAAAAYJudvwfqXDx4kbZPr3uPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsO5vAAAA//9XS09N")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket(0x10, 0x80002, 0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000003c0)='.\x00', 0x1b4a47c, &(0x7f00000018c0)=ANY=[@ANYRES32=0x0, @ANYRES64=0x0, @ANYRES32, @ANYRESHEX, @ANYRES16=r3, @ANYRES64, @ANYBLOB="3093e121f7523fece90a37d5a927c18dd10d3154456ac66e96749c346fd71173e12fcf6d1160b1a8ed194deb98dc67b07edd64d7e1afef339c828e956edf4068785cb0d7d4a24137cf9c2cac79060c0beb7d1ab2be0fac9a6d6028d2e9d895ec67dec6914528a112adced19a86ad8403eb4e04bc7d51afc6561063bbb696c825a82153efcf06941b3ae039ef7761b7a2bbddc32f3cc39f6ffb5d2a808f3e7ecd9039d8c7895b00ebbf6dc950788fbca296f89178e938440f8e57819e17eb79736882e9699d96b1959c119730542c4baf0af7acac79531d0c4623bb5055768b6228217225ea7782904746898b13fc6dab1c63a2c2d5a724a8bb745da18da54627d618842162c1367e4361737545a8628fb76106c1212ce6152ef12ebda119a33e28f17ba3fbf9eed69447ca88876cbabfce8b2aba2f668f5b91d00d5de2be7bf028b273ec31e63b4fbf87f6cbf1efb41a7e538e4f4a66962d7c7a0b2ff01e86df58b94f1a321aa1297c5a4cc42b656d9acb7a40490ede8099679fb86b4ee7a852aa68358dcea38ad3d2b3b794db5b3caec0228b39709eedd31a55aaf2b49146d0effdc3dfce3ec78e4bb2f65ceb9ca94a2e2fed7efc2b6bcd462955cf911ed5dbb62d6339d001bee46a4989d87cf0578d0f8913ed29d36c31e9b41678ec127f48d40003c0569b6102757c87f00adb7920ab2b78a82bfc115f831ab9abc72a93299c0e1971d17a2b3d376d66e6ddfe3dd86166507f87b6db73fe284aa52db7645601329b6087cab267eefc8bb846cad8ade3e61be692a066d0e6a3f0603d0405d58aa07c406950a69fff78a37cb9e2c9d420bb9394e483252739cabecc7418b142ec8c84e394b42c05c3f116409fc830fac08788bc2b93cb491696a8385d07cd1e19a9de182abeceb435e92d4eda2d2710cb06180c6271e5c1a26edf630ee16848993e3c3ef8804a87407b7e7cdb8d263238cec45424f7dfda3b1a8390e39820ac367c33aafc4edb3223578c108628e6fa84d7805208d796d91e4b83794fdea7fa49ed4c422aed72db2d46df97082b904dd80ed9cb4ab29b4cc1e345d76999971bb7a3bcf191634020eeda9c58c3b2a306921ef7830f672cc1da4905963b0a4aede35913fdf8dbd4e8ba22e39bfba342c6a302f7a03225d021f0e0e357200f7301ce560b065d1431ad16702e035caab022382d6251e88ef861145c1a3121ff099feda4dcf6561a026889ac3f0474d6a868a4f24ea60f7bc95bf7f2afb85a430658eb3b2b84b61a695f90e01f30a417c79caa44640e7eb9195f844346100c551d4fc23ef249f29ec1a5489839d153c3fce79b288d86a48eadc7024cab6f9b626c7eeb87e8f76ec6205c3487deaef65133ec2677c642887de743d1dcc2dbf72f7b9062b9654ff693aa688dd5e05ed48c8d681cd426bde017c08d31d83994284efb804a9beda7091240e7feb740307412e4c64aa422b91dfd31874a43aa2e76988e5933f557c884cd4b960a6321828692975a76f6473cd0650cbd9dd09acfad7aec17c7a6c34e3c9327469d77d1ee32992f1f2c47ff36026f74b4c8d01cf52eefd44d30519f33cc13cb30cf7a43f7305fd76b063d2363ac318e0090d3516cbbd82da99b3f53d570c2e2b85883abf68332f0ea3e0721bd251cea500281405d34aaed523c2684cd5e255919d828bf00f2d62a3d0b56d3d7cd18c5fa6f0764aeea0405e8731f0b223bd19471b8188c4b00cb5c2d057444148a390f36f2ddbf3bb6c46f4c96058ff00057311d2cff2a9c081f3f47967bc5c7c1dc554cd66c39ee403cd426a659131f3e2b9f0109af5414214e81344e0ff0129fe9ec7c01814823c995bf1b437e4f1f07f83055ded75331575d921231b448609f1aa76ae28edc70612e8de047c338712a43413a047c67a2fb3ec7c525a1720d01d8e0e92ae34f3b88c9b4e6c3e938919a4390628f6529dfa8d1f5666c28d4ae9bf8d5a579d5117e027a4cbbc5193a1c3f811a4822746e4c10fe9fd0ac93df86fb41e3d3993cdacb05f633be404a0d7fd256ca01c131859d08e5cd26809f786c5c57866d76f25ae000fc7517e2e74c29f1cf804fa6ae0bd985926daadbc1c61b9e042d8b6367d1e68e3e23476830f8fa2ff4999f17120d64537d601990fa130eaa19b6b660730f37f2256e028689c5b86582819ee5103d8cb23c246f4f34dfb7adebf2a14eb41eef768ecd6dbb37075ed8bf462104e0303f74fd81e69209c0d89cef3b0231a1b24b60d3edf5cb96043ef449823440c2edb1fcee97a9b56e811989ead072123d1090f1f7be126112497c2042bfdea16a14c34d6c90fe8be6a3558ecbcadba53a939f78bd2af5efcb96d697e78fdf099a57981099d4c3b10c560b814c3eb719bd441cc7fc1667776fe21b1a2288804a6b2a0c65341660053f800fef460b93d2dd27b38cdc32fd781fd34480278756e8b9ea8a3fd7687b55064bf95b80d01122f81ac7b1b33c08e92f9736dd80bd850f0f5d54197e28624e8aee1e171a449c21576f420f41d09c3f15c8723303338ede1f73020d1d637a59596092d02b7df0a649be2890b825978f5a571b88425cabbadbff56bbd2bcd3e1ff4c9197e7f639fec41ce603e34a18eb21fac02fcd0c68025c3eba6aa01a8470915ec51a499659a179b12deed0153e02c88dbf4429ecd922675132de722b0d225125e8650cbec160ea8dde590d87d37dda05aa4ebf21a9b2f96bebfc0a495cdea3258f732451716ee60bb9c69d7a1c87ea7e804ec2864234805f3f698f32289de4beecf3fa0cb3649aa6b2d6191ad9493dd01a5380a89af9fbbdcf8482429e254dce6e3d55cd012cf937ec058c922d9490228a7a75c8f28691452bc65184e89bc9b59278c05356c1e9db634b4c3d69ac5b0ac074e21b06cda6f57727dc67503cb78124c9ba71a98138ff73ff83344562a6835262517b239eb12244bafe6200595576f520b6cec0128cc18e94df1a2404dafa7b8631870d4b0b28706463fcdb12ff30a4dae6836cdb00080000d9a2a00d354ac4489be77b69de05646a12406473e2803bab37ca3a8e4057c8c1acdfe64529affda8ab2dc2a2912901dbdaf31add3db2a1998ac2524a6544cbbeea0015f2e3e219d9f65892345b9707a75e47308a0803076b1f3599804410513619a2224e51669d25b3d9ad1d795df41f6718a6bfec935fe61d5b4ed48c9b3506afac9e6215a64b56cc35d69c84914886da4f443aeb9ba4d7b92de2afcaae0d27dcb9fb587de4cfb501419ec1ecf6409761ac42a92d6bf9067f76eee3f459815459dadf700ffc024c511159626bc33f4b67ff894cada0dfd232639d1cb979d4f7f6064b2ff18c5376dd3bddcf70e0db0cbc4169aff2f81295cbcda865bb4d38b135003bf0db7264a80d74628c4e14a24d4453fbfa6ec81befc58c8dc52806961c90aacfbfcafd097d07e285158e96129b7d7fc1e692bb47e59fe42c86be772ce525f2df3cd7fee26fa6f2c4ae8820af6bd86f71a650a8fc636f50fa0be68986d8bc9c4af917c8483057f85700d177efc36127c5737439ccaae4753a97ab57b701a73a9580c497e11f07c60d47407898404f0b8b4187a51a6fa83ea3bca73d58e601f6d62eb86be9675dfc61620f09099de918c1e5d661d8cac1b4a638689ecc5ab23af6807a48be79af1a6fe9a0c4dd0496f8ff2c3e7e395719523d529a57c8cbde9594196e381a549b24e92f62e53f267bdfa214e5830513ca33fdc6abd42c274926eec5b9b26df5b1d19a4e5a33751419853cf372ff3b1f19b7f69b8cc21325828ab5a27ec12a6c6be92b3fe86cc1947e90032535c01dbf4bc8f511d71c2af2b5a2839be10d41786cac3037af2edc90e10005de6c7cd8c8f212ced643b901880e797cf39819200f2d7a52737ffb928798589a399ca3476cee2371e278d7a617cbc0ad3291f4c118d33366316be15a11738b0b36824064fd6e24a17e11c83a72fe54afe4b62d3280df32c0d7089cf67ca673613f223f0b66134c74878ca46fd11f965cbe337258f9e313da2edcd5fdeffc85d6ca8db1355b15d389d4068cefefc1e3e2dea21b22d07fb5120fd4827dd4b3dd6f0c1cdf773820f9b539065569f5e9bdeb6b8dd48cd01b30b3b9ed6b9fb48fa7dc87ceeff8f54cf0744b8c307319615ecb0d7b240cd663425d945cd00906e5b9bd63b89bcac0f4b28837fbfa299866f2b228e7341e517694f4a30c451512eb85e8e011911df0e050d125e63d559f1deae50745dc0a73eb6f0c04b725d8b0e2dfa7668442e9e0da2b83d07b6180a8152e6a35b61b642effaa6a57815d032dd643ed925884d4fdf0d115d5d75ea50999933a770ff1b10b4e172104ee61c2455987db88a053782b97a77af12f01f3f74d1d6224a14a047fda4c181e6b01de067d764d5e666e08d9be7bf5f936a3e3442f741d1619983c77e3bbedf97c4430ac96fe3cc8df98f15188ea9f796dd0e3e0e4bde70cf534a15d0e82d27ffbbafba15d8889451ec8cb0c4a63ef2d6907db89555385e11ec7ef2534ca29cc64df6dc5b3b92697ec11b826449c5db22f81b93868caf8e3df973edfa578b79c012ef8ef433a1eda720e22e30b2901e955dee0646c1efafdf997cd1163e08cf03e9d33f02bdffe0a89cf91acf2ac99796fa05018984ea13ce514460e159b49421c4356928031595dea599f000f0debe2c42e8d3bdd05207e74588ab36a6daaddc8ea2c7c4c5294c385886e58fc6309b94fd91b9b56a37b73a1c163a5a5ea1bfaecc1898c4fe857fec7e9b7f3a24c2f90f61119a9c72aa8df532787db0d25ac60db91b456d03baba0577d96ab9b8439ffc2b7b72e0146e3f2f61118d08449c2a816644c895345fd0a4c019bb4a983095e236a8c1a38b946bdb877c2ae202592cb0266f7d80e2c1d1292532204f9be9f2f5954ce2fa99697c9b20fe138db57ac3134ad556d16d8d615c356d05fd95ab1bef26b23e1ad2ea5abaffede3e14bfe2ee55f593700c49a6c9ecf28d1a01d72b1920b1b7944ef7ed7a2f96a6f5ee4f40f54978a735d155b259d7afd53ac19ed2443d45dcbc84335a419109ab159403b0f828d94079c0c5e5320f91496a043b92901a1e8a4966315ada9f8ffc5ac70868c0df278afe7bfe0affb68aa13ed029bb965b6d6a9ebaba1d0d1a2c17b69d0ca3b0edfa3fefedb5bc0064272577ac22fa84bf819a4eea0ab2ba920888e4c2bc89286184fc10b6dcce84466f3db078fe3af1a90a5b9aa7b66a9e5450807601c2a17460027109908618ac2cc1508029151fc96ee5ab264d2c4236aacfca06c0e6b71b748900652de55f7761a4606a237bd11902178e3a2afde4cc4964b3dfe1abdaad79ed0d80693674c4737a0b17c2e42ba390f98e776a4e758ed98ce8bdeb914b01707602b10fffca3992f1168e7ab3793ad47236351ff7a20ecd50b4edb63e95ed05d6093ead98bbc2dec9dda3ac4b902bd02e4d0eb528653ce3aa313cee066181d7612f40234c1c3aef14fc99b7d9196cd7dab2ff27c388ef67de7b351cf40d343059eeda90e45700c36febfde7a07fce384200618548cb76d8017c2053b332507045a914e39b93f927b33396ab82feb532870c4323c2305398867aac393339656bd4b39c5da5d676fa5a233c7c62f8cc9ab4417a658bf9e679d22bb801ab10d855897a75e4b3e523e87e4ea1e17f270830cee4185d62ea0afd170508453ab0f42d3b35292c4e0000000000000000", @ANYRESDEC=r3, @ANYRES8, @ANYRESHEX, @ANYRES64, @ANYRES16=r3, @ANYRESDEC=0x0, @ANYRES32, @ANYRES16], 0x5, 0x0, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000017c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x189d051, 0x0, 0x40, 0x0, &(0x7f0000000140))
rmdir(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

7.122519179s ago: executing program 2 (id=3236):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0xc2010)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0xa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r3 = getpgrp(0xffffffffffffffff)
getpgrp(r3)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000440), 0x8)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r6 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r6, 0x1, &(0x7f0000000380)={0x300a, r5}, 0x0)
symlinkat(&(0x7f00000000c0)='./file0\x00', r5, &(0x7f0000000200)='./file0\x00')
link(&(0x7f0000000440)='./file0\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
io_uring_setup(0x3d7d, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setresgid(0xee00, 0xee01, 0x0)

7.09942128s ago: executing program 0 (id=3237):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x80000c, &(0x7f0000000400)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES32, @ANYBLOB=',uid=', @ANYRESHEX, @ANYBLOB="2c4b454c8325e01cb24c2f3c7bd462c5b8f86ca56891f8085db68de13331ff83f0b12d3c55ab09898b831162e94af5aab93746cc9c2846172beff34b815944f62e60470cf4d16331b53bb359d1c446b18974ae35bced61d48cfc8149eb43bec86d871bc7c43763c6e7daebe349c300000001000000012dc90b9a5f8d0ff4117ef90aff1413e2e919558d4a6412b5fdaa2694c41bab32c5c81e01243ccef8dcd85a46cfb92323a8070db43b1ef562691c070e2749"], 0x1, 0x6f6, &(0x7f0000000b00)="$eJzs3UtoHOcdAPD/rHZXuyo4cuJHWgIRMaSlorZkIbfqpW4pRYdQQnroebHlWHgtB0kpsimN3Me9h5x6Sg+6hR5Keje054ZAyVXHQCGXnHRTmdnZl/ZtWY+kv5+YmW/me85/dmb2gZgA/m+tzkfxWSSxOv/WTrq+v7dUn9pbms6z6xFRjohCRLGxiGQjstzb+RTfTjfm5ZNB/Xy4vvLO51/tf9FYK+ZTVj4ZVq+Pcu+m3XyKuYiYype9SgNa/ORo913t3RnY3rjae5gG7FozcPGXY7UKx3bYY7eV9/F/svmw6pOct8A5leQ396PbZyNmIqIS0bjr78atyN8IfK3tnvUAAAAAYFLVyau8dBAHsRMXTmI4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8E2VREzlz/9P8uf7Z+m5SJrP/y9nJRrKZzrYgUY/CPGz6cby2ckPBgAAAAAAAABO3OsHcRA7caG5fphkv/m/kf/un/pWvB9bsRabcT12ohbbsR2bsRgRsx0NlXdq29ubi1nNiEtDat6MT/vUvDl4jLdf8D4DAAAAAAAAwDlXGZH/oNS77fex2v79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzoMkYqqxyKZLzfRsFIoRUWmW2434NCLKZzvaiST9Nj47/XEAAADAsVS6V5PKGHVe+iAOYicuNNcPk+wz/5Xs83Il3o+N2I712I56rMXd/DN0+qm/sL+3VN/fW3qYTr3t/vTLiYaetRiN7x769/xqVqIa92I923I97kQSh5lC3sqr+3tL6fJh/3E9TceU/CQ3ZDRTHem76ezqJ1n6z93fIhQn2sXnVBiYM5vllloRWcjHlta42IxA/0iMPDrFoT0tRqH1zc+l4T31j/nToZ0/nTlSqu83N2fiaCRuRqF1hK4Mj0TEd//x8a/v1zce3L+3NX9+dqmvD0aWOBqJpY5IXP0GRWK0hSwSl1vrq/GL+FXMx5fTb8dmrMdvohbbsTbXzK/lr+d0Pjs8Up/NdK69Pe6IGtevfmOai64xxVz8PEvV4o3smF6I9UjiUUSsxa3s72Ystq4G7SN8eYyzvjDGlbbDte9li1aYojq47N/Ga/JFSa91Fzvi2nnNnc3yOre0o/Ry3yg173Xj3486FL+TJ9IW/jD0/nDajkZisSMSrwx6vTRC+tfDdL5V33iweb/23pj9vZkv0/PoT+fqLpEe4Zejku/cxWyeZOfUQpb3SusO2x2vcv6LS0OhJ+9yq17jTP1lPIq7XWfqD2M5lmMlK30lK13quWOleVdbLXVfw9O89J1WsfXDTuf7rUdRb7wfAuB8m/n+TLn63+q/qx9V/1i9X32r8rPpH02/Vo7Sv0o/Li5MvVl4Lfl7fBS/a3/+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnt/W4ycPavX62mb/RKF/VjK8Vq1+2HyQ2JAyXYkkf1TOGIWTrcdPDkc2ODwxnQ9vglqF8SI2caL5tMaOrKmI6FN47sV12pNIdo8er8roPW2GZIwukp6Ap5Wfe8zNnttbSiNrHZb6RvUEE3PHqF7s3tJ8wXaUmejVmyWq/Y7XgBdbfcSFY+q4Vx7grN3Yfvjeja3HT36w/rD27tq7axul5eWVhZXlW0s37q3X1xYa844Kp/LwW+A0dL6daClHxOuj6w55UCsAAAAAAAAAAABwgk7jfyHOeh8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7fV+Sg+iyQWF64vpOv7e0v1dGqm2yWLEVGIiOS3Eck/I25HY4rZjuaSQf18uL7yzudf7X/RbqvYLF+I2B1Ybzy7+RRzETGVL59Xpd1m1s6d0e2V28npPtlJKzJpwK41A1c5xiDhRfhfAAAA//8DmeZD")
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
acct(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

6.3538165s ago: executing program 2 (id=3238):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000080)=@in={0x2, 0x4e23, @local}, 0x80, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x10b8}, 0x20048000)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x428, 0x290, 0xc8, 0x8, 0x0, 0x5803, 0x358, 0x2e8, 0x2e8, 0x358, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xff, 0xff], [0xff000000, 0xff000000, 0xff, 0x1fe0000ff], 'bridge0\x00', 'batadv_slave_1\x00', {0xff}, {}, 0x89, 0x3, 0x0, 0x12}, 0x0, 0x228, 0x290, 0x0, {0x0, 0x2000000000000}, [@inet=@rpfilter={{0x28}, {0xc}}, @common=@inet=@hashlimit3={{0x158}, {'veth1_macvtap\x00', {0xeb98, 0x101, 0x7a, 0xfffd, 0x4, 0x9, 0x0, 0x7f, 0x8, 0x78}, {0xaa}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x8, 0x7, 0x2, 0x563, 'netbios-ns\x00', 'syz1\x00', {0x6}}}}, {{@ipv6={@private1={0xfc, 0x1, '\x00', 0xf0}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1c}}, [0xffffffff, 0x0, 0xff, 0xffffff00], [0xff000000, 0x0, 0x0, 0xff000000], 'pim6reg\x00', 'veth0_to_bond\x00', {0xff}, {0xff}, 0x11, 0x2, 0x3, 0x40}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x488)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000010400)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$int_in(r4, 0x5452, &(0x7f0000000280)=0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r5, 0x0, 0xc100)
sendto$inet6(r4, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r4, 0x1)
sendmmsg$inet_sctp(r3, &(0x7f00000032c0)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x48, 0x10, 0x421, 0x0, 0x2, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @empty}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x48}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
sendmmsg$inet_sctp(r3, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0xdd02}], 0xc, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r7 = accept4(r2, 0x0, 0x0, 0x80800)
setsockopt$sock_int(r7, 0x1, 0x7, &(0x7f00000014c0)=0x10000b, 0x4)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa", 0x32}, {&(0x7f00000003c0)}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000640)=""/88, 0x58}, {&(0x7f0000000280)=""/121, 0xa2ec4ae9}], 0x2, 0x0, 0x8dff}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x40000040)

5.663139649s ago: executing program 2 (id=3239):
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELTABLE={0x28, 0x2, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELFLOWTABLE={0x3c, 0x18, 0xa, 0x0, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x4000089}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x4c, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0xd4}, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000180)={<r4=>r3, 0x5}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000280)={r4}, &(0x7f00000000c0)=0x8)
socket$kcm(0x10, 0x2, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0x8b9, @private2, 0x2}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000000040)=')', 0x1}], 0x1, &(0x7f00000000c0)=[@dstaddrv6={0x20, 0x84, 0x8, @dev={0xfe, 0x80, '\x00', 0x3f}}], 0x20, 0x4008000}, 0x28008841)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=@can_newroute={0x14c, 0x18, 0x1, 0x70bd29, 0x25dfdbfe, {0x1d, 0x1, 0x5}, [@CGW_CS_CRC8={0x11e, 0x6, {0x6d, 0x39, 0x7e, 0x9, 0x1, "d86b31f89b190135adb594c14a42dfccd8893222935bf4e9fe4417b5ad90bae99c1b9d225a7b734ccb4c6d08c918928b40da9f4e9821dbd5f905d32130902f32f7992b92532947f94167e8332487376842550db02b32ce508eac88b1d697d39399441f80eb5b72d65e0eabad908f09e4ca5ccdd55b1819fdbecfbdeb0636661791781147f506362a3ae7713952a367b88b4619f2c7270d36b090ac83d07ec8c63640595f15204768881b66089a6e8f228940dfd844465c9271ac0b9641d7d34ffc8d82e9809e4ae7c5d64e46d78c0fb6c715c0b4b5bc580f3b358993f4298953eafe72cdee6a283599cd76b2f89c85d2f0e81bf9a740e98c92ec4b26b02a2a63", 0x2, "2b96cf55e33acb64e44cee9950dfd9d52320c2a9"}}, @CGW_MOD_SET={0x15, 0x4, {{{0x4}, 0x3, 0x3, 0x0, 0x0, "918a76e1efa19e91"}, 0x5}}]}, 0x14c}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x44, 0x0, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_OURS={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x8, 0x4, '\x00\x00\x00\x00'}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x20}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x5c, 0x2c, 0xf25, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0x8}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x2c, 0x2, [@TCA_FLOW_EMATCHES={0x28, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x100}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0xd, 0x1, 0x0, 0x0, {{0x7, 0x1, 0xbc}, {0x5, 0x100000, 0x3, 0x4, 0x0, 0x1, 0x1}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

5.566333002s ago: executing program 0 (id=3240):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x40080)
r3 = epoll_create(0x7)
keyctl$clear(0x3, 0xfffffffffffffffd)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000000200))
syz_emit_ethernet(0xf5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
dup3(r4, r3, 0x80000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000280)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000300)=r0, 0x12)

4.943669398s ago: executing program 2 (id=3241):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x4, 0x0, 0x4}, 0xc)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, 0x0, 0x800)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0xc008001, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
open(0x0, 0x4c37e, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x2014000, &(0x7f0000000580)=ANY=[], 0x12, 0xc49, &(0x7f0000001cc0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThq3m6ZIZcVy9S+mYhXuqqbZBpBlIRRzC8CVuFIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNEWQI9O6QHLxocipJ6KFjaDogW0D+BQwmNm34pKiIloUJUr+fGzquzv73ux7M6s3FME3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiD945dzxE2m7pT9Y293WAAAPwoWxrxw/ue3rPwDwOLj0of79DwAAAAAAAAAAAAAAPAQpingyUsxeWE0T1fOu+vnOwI2b4yOjW1c7kKqa+6ry5Vf9xMlTp7/4wvCZXp7vTK/XH9ztbnw6Xhu7dK7x8sz12bn2/Hx7sjE+3bkyM9ne9h52Wn+zo9UBaFx//cbk1avzjZPPn9rw8s2h9wefODx0dvjZY8/0yo6PjI6OrRep95ev3XNDuu40w2N/FHEsUjz33Z+mVkQUsfNjUd9w7h+4A1UnjladGB8ZrToy1WlNL5QvXuwdiCKi0Vep2TtGW5+LqA080D7cWTNisWx+2eCjZffGZltzrctT7cbF1txCZ6EzM30xdVtb9qcRRZxJEUsRsbLFX8OBKKIWKb59aDVdjoh9vePwhWpi8J3bUexiH7ehbGdjIGKpeATO2R42GEW8Gil+9s6RuJLHmWqs+XzEq2V+P+KtMl+KSOUH43TEe7s+nPOg1KKIvyzP/9nVNFmNB71x5fxXG1+evjrTV7Y3rnzI68NtI8VDuj4c2JQPxh4fm+pRRKsa8VfTvX+zAwAAAAAAAAAAAAAAAMD9diCK+FSkeOXf/6SaVxzVvPRDZ4f/cOhX++eMP32X/ZRln4+IxWJ7c3L354mBF9PFlB7yXOKPsnoU8ad5/t83H3ZjAAAAAAAAAAAAAAAAAAAAPtKK+EmkePHdI2kp+tcU70xfa1xqXZ7qrgrbW/u3t2b62traWiN1s5lzIudizqWcyzlXckaR6+ds5pzIuZhzKedyzpWcsS/Xz9nMOZFzMedSzuWcKzmjluvnbOacyLmYcykvur+cn6/kjD2ydi8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOOkiCJ+Him+9fXVFCkimhET0c3lwYfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNJiK+F6kaPxR89a2WkSk6v+uI+Ufp6O5v8yPR3O4zJeieS5nq8pa85sPof3szEAq4seRYrD+9q0Tns//QPfZrY9BvPWN9WefrnVzX+/FofcHnzh86Ozw6G88fafHaasGHD3fmb5xszE+Mjo61re5lt/9433bhvL7Fven60TE/Btvvt6ammrP3fuD8iOwg+qP0INU+6j09NF+8Jv3a4dR2wvdeTgP7j52/P+DGKDYVeX1/71I8bvv/kfvgt+9/tfjV7rPbl3h44M/W7/+v7h5R9u8/tc218vX//KavtX1/8m+bS/m70YGahH1heuzA4cj6vNvvHmsc711rX2tPX36+PEvDQ9/6dTxgf0R9audqXb3UYqp9vH7crgAAAAAAAAAAAAAAAAAHpxUxO9HitaPV1MjIm5W87WGzg4/e+yZfbGvmm+1Yd72a2OXzjVenrk+O9een29PNsanO1dmJtvbfbt6Nd1rfGR0VzpzVwd2uf0H6i/PzL4x17n2xwtbvn6wfu7y/MJc68rWL8eBKCKa/VuOVg0eHxmtGj3VaU1XVS9uOZn+wxtIRfxnpLhyupE+m7fl+f+bZ/hvmP+/uHlHuzT//2N928r3TKmIDyLF7/zV0/HZqp0H47Zjlsv9XaQ4euYzuVzsL8v12tC9r0B3jmBZ9n8jxT/9fGPZ3nzIJ9fLntj2gX1ElOf/UKT43l98J34rb9t4/4etz//BzTvapfP/VN+2gxvuV7DjrpPP/7FI8dKTb8fn8rZfdv+P3r03juTCt+7PsUvn/xN924by+/72/ek6AAAAAAAAAADAI20gFfH3keKHo7X0Qt62nd//m9y8o136/a9P9m2bvD/rFd31wY4PKgAAAADsEQOpiJ9EimsLb9+aQ71x/nff/M/fW5//OZI2vVr9nO/XqvsG3M+f//Ubyu87sfNuAwAAAAAAAAAAAAAAAAAAwJ6SUhEv5PXUJ6r5/JN3XE99OVK88t/P5XLpcFmutw78UPVn/cLM9LFzU1MzV1oLrctT7cbYbOtKu6z7VKRY/dvP5LpFtb56b7357hrv62uxz0WK0X/ole2uxd5bm/yp9bInyrIfixT/9Y8by34ul/vEetmTZdm/iRRf+8HtZUuH18ueKst+J1L86GuNXtmDZdne/VE/uV72+R/cuiMCAAAAAAAAAAAAAAAAAAAA3LuBVMSfR4r/ub50ay5/Xv9/oO9p5a1v9K33v8nNap3/oWr9/zs9vpf1/6v7Cize6V0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODxlKKINyPF7IXVtDxYPu+qn+9M37g5PjK6dbUDqaq5rypfftVPnDx1+osvDJ/p5S+vf799Kl4bu3Su8fLM9dm59vx8e7IxPt25MjPZ3vYedlp/s6PVAWhcf/3G5NWr842Tz5/a8PLNofcHnzg8dHb42WPP9MqOj4yOjvWVqQ3c87vfJt1h+/4o4q8jxXPf/Wn64WBEETs/Fnf57Oy2A1UnjladGB8ZrToy1WlNL5QvXuwdiCKi0Vep2TtGD+Bc7EgzYrFsftngo2X3xmZbc63LU+3GxdbcQmehMzN9MXVbW/anEUWcSRFLEbEyePvuBqKI1yPFtw+tpn8ZjNjXOw5fuDD2leMn79yOYhf7uA1lOxsDEUvFI3DO9rDBKOKfI8XP3jkS/zoYUYvuV3w+4tUyvx/xVnTPdyo/GKcj3tvic8SjqRZF/F95/s+upncGy/GgN66c/2rjy9NXZ/rK9saVR/768CDt8bGpHkX8qBrxV9O/+XsNAAAAAAAAAAAAAAAAsIcU8euR4sV3j6RqfvCtOcWd6WuNS63LU91pfb25f70502tra2uN1M1mzomcizmXci7nXMkZRa6fs1lmfW1tIj9fzLmUcznnSs7Yl+vnbOacyLmYcynncs6VnFHL9XM2c07kXMy5lHM550rO2CNz9wAAAAAAAAAAAAAAAAAAgMdLUf2X4ltfX01rg931pSeim8vWA33s/SIAAP//YnX2fg==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x20020c0, 0x0, 0x1, 0x0, &(0x7f0000001a00))
name_to_handle_at(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x1000021, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000780)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)

4.217109367s ago: executing program 0 (id=3242):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001000ff1df4b7a000fbdbdf", @ANYRES32=0x0, @ANYBLOB="2911010020100000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1, @ANYBLOB="0500110002"], 0x4c}, 0x1, 0x0, 0x0, 0x8014}, 0x40040)

4.195246797s ago: executing program 1 (id=3243):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000580), 0x400)
socket(0x400000000010, 0x3, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0), 0x0, 0x4})

4.194338807s ago: executing program 3 (id=3244):
r0 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\xfd\x89\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\rW\xef\x10\xd6d#\xf2\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8\x1f\xb2C\xf8\'?]\x16C\x166\xc0\xbcJT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8', 0x2)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f0000000880)="eb", 0x1}], 0x1, 0x7ffffd, 0x8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58)
r2 = accept$alg(r1, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0x2000081)
write$cgroup_pressure(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000037580)=""/102400, 0x19000)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, 0x0, 0x0)

3.70522427s ago: executing program 0 (id=3245):
socket$inet_udp(0x2, 0x2, 0x0)
mq_open(0x0, 0x42, 0x197, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8)
shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f00000000c0)=""/13, 0x214000, 0x800}, 0x20)

3.235437953s ago: executing program 1 (id=3246):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0xc2010)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0xa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r3 = getpgrp(0xffffffffffffffff)
getpgrp(r3)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000440), 0x8)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r6 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r6, 0x1, &(0x7f0000000380)={0x300a, r5}, 0x0)
symlinkat(&(0x7f00000000c0)='./file0\x00', r5, &(0x7f0000000200)='./file0\x00')
link(&(0x7f0000000440)='./file0\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
io_uring_setup(0x3d7d, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setresgid(0xee00, 0xee01, 0x0)

3.172683385s ago: executing program 2 (id=3247):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r3, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c)

2.500413733s ago: executing program 0 (id=3248):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x80000c, &(0x7f0000000400)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES32, @ANYBLOB=',uid=', @ANYRESHEX, @ANYBLOB="2c4b454c8325e01cb24c2f3c7bd462c5b8f86ca56891f8085db68de13331ff83f0b12d3c55ab09898b831162e94af5aab93746cc9c2846172beff34b815944f62e60470cf4d16331b53bb359d1c446b18974ae35bced61d48cfc8149eb43bec86d871bc7c43763c6e7daebe349c300000001000000012dc90b9a5f8d0ff4117ef90aff1413e2e919558d4a6412b5fdaa2694c41bab32c5c81e01243ccef8dcd85a46cfb92323a8070db43b1ef562691c070e2749"], 0x1, 0x6f6, &(0x7f0000000b00)="$eJzs3UtoHOcdAPD/rHZXuyo4cuJHWgIRMaSlorZkIbfqpW4pRYdQQnroebHlWHgtB0kpsimN3Me9h5x6Sg+6hR5Keje054ZAyVXHQCGXnHRTmdnZl/ZtWY+kv5+YmW/me85/dmb2gZgA/m+tzkfxWSSxOv/WTrq+v7dUn9pbms6z6xFRjohCRLGxiGQjstzb+RTfTjfm5ZNB/Xy4vvLO51/tf9FYK+ZTVj4ZVq+Pcu+m3XyKuYiYype9SgNa/ORo913t3RnY3rjae5gG7FozcPGXY7UKx3bYY7eV9/F/svmw6pOct8A5leQ396PbZyNmIqIS0bjr78atyN8IfK3tnvUAAAAAYFLVyau8dBAHsRMXTmI4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8E2VREzlz/9P8uf7Z+m5SJrP/y9nJRrKZzrYgUY/CPGz6cby2ckPBgAAAAAAAABO3OsHcRA7caG5fphkv/m/kf/un/pWvB9bsRabcT12ohbbsR2bsRgRsx0NlXdq29ubi1nNiEtDat6MT/vUvDl4jLdf8D4DAAAAAAAAwDlXGZH/oNS77fex2v79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzoMkYqqxyKZLzfRsFIoRUWmW2434NCLKZzvaiST9Nj47/XEAAADAsVS6V5PKGHVe+iAOYicuNNcPk+wz/5Xs83Il3o+N2I712I56rMXd/DN0+qm/sL+3VN/fW3qYTr3t/vTLiYaetRiN7x769/xqVqIa92I923I97kQSh5lC3sqr+3tL6fJh/3E9TceU/CQ3ZDRTHem76ezqJ1n6z93fIhQn2sXnVBiYM5vllloRWcjHlta42IxA/0iMPDrFoT0tRqH1zc+l4T31j/nToZ0/nTlSqu83N2fiaCRuRqF1hK4Mj0TEd//x8a/v1zce3L+3NX9+dqmvD0aWOBqJpY5IXP0GRWK0hSwSl1vrq/GL+FXMx5fTb8dmrMdvohbbsTbXzK/lr+d0Pjs8Up/NdK69Pe6IGtevfmOai64xxVz8PEvV4o3smF6I9UjiUUSsxa3s72Ystq4G7SN8eYyzvjDGlbbDte9li1aYojq47N/Ga/JFSa91Fzvi2nnNnc3yOre0o/Ry3yg173Xj3486FL+TJ9IW/jD0/nDajkZisSMSrwx6vTRC+tfDdL5V33iweb/23pj9vZkv0/PoT+fqLpEe4Zejku/cxWyeZOfUQpb3SusO2x2vcv6LS0OhJ+9yq17jTP1lPIq7XWfqD2M5lmMlK30lK13quWOleVdbLXVfw9O89J1WsfXDTuf7rUdRb7wfAuB8m/n+TLn63+q/qx9V/1i9X32r8rPpH02/Vo7Sv0o/Li5MvVl4Lfl7fBS/a3/+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnt/W4ycPavX62mb/RKF/VjK8Vq1+2HyQ2JAyXYkkf1TOGIWTrcdPDkc2ODwxnQ9vglqF8SI2caL5tMaOrKmI6FN47sV12pNIdo8er8roPW2GZIwukp6Ap5Wfe8zNnttbSiNrHZb6RvUEE3PHqF7s3tJ8wXaUmejVmyWq/Y7XgBdbfcSFY+q4Vx7grN3Yfvjeja3HT36w/rD27tq7axul5eWVhZXlW0s37q3X1xYa844Kp/LwW+A0dL6daClHxOuj6w55UCsAAAAAAAAAAABwgk7jfyHOeh8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7fV+Sg+iyQWF64vpOv7e0v1dGqm2yWLEVGIiOS3Eck/I25HY4rZjuaSQf18uL7yzudf7X/RbqvYLF+I2B1Ybzy7+RRzETGVL59Xpd1m1s6d0e2V28npPtlJKzJpwK41A1c5xiDhRfhfAAAA//8DmeZD")
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
acct(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2.493577553s ago: executing program 1 (id=3249):
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f907864"], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELTABLE={0x28, 0x2, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELFLOWTABLE={0x3c, 0x18, 0xa, 0x0, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x4000089}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x4c, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0xd4}, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000180)={<r4=>r3, 0x5}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000280)={r4}, &(0x7f00000000c0)=0x8)
socket$kcm(0x10, 0x2, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0x8b9, @private2, 0x2}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000000040)=')', 0x1}], 0x1, &(0x7f00000000c0)=[@dstaddrv6={0x20, 0x84, 0x8, @dev={0xfe, 0x80, '\x00', 0x3f}}], 0x20, 0x4008000}, 0x28008841)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=@can_newroute={0x14c, 0x18, 0x1, 0x70bd29, 0x25dfdbfe, {0x1d, 0x1, 0x5}, [@CGW_CS_CRC8={0x11e, 0x6, {0x6d, 0x39, 0x7e, 0x9, 0x1, "d86b31f89b190135adb594c14a42dfccd8893222935bf4e9fe4417b5ad90bae99c1b9d225a7b734ccb4c6d08c918928b40da9f4e9821dbd5f905d32130902f32f7992b92532947f94167e8332487376842550db02b32ce508eac88b1d697d39399441f80eb5b72d65e0eabad908f09e4ca5ccdd55b1819fdbecfbdeb0636661791781147f506362a3ae7713952a367b88b4619f2c7270d36b090ac83d07ec8c63640595f15204768881b66089a6e8f228940dfd844465c9271ac0b9641d7d34ffc8d82e9809e4ae7c5d64e46d78c0fb6c715c0b4b5bc580f3b358993f4298953eafe72cdee6a283599cd76b2f89c85d2f0e81bf9a740e98c92ec4b26b02a2a63", 0x2, "2b96cf55e33acb64e44cee9950dfd9d52320c2a9"}}, @CGW_MOD_SET={0x15, 0x4, {{{0x4}, 0x3, 0x3, 0x0, 0x0, "918a76e1efa19e91"}, 0x5}}]}, 0x14c}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x44, 0x0, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_OURS={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x8, 0x4, '\x00\x00\x00\x00'}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x20}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x5c, 0x2c, 0xf25, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0x8}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x2c, 0x2, [@TCA_FLOW_EMATCHES={0x28, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x100}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0xd, 0x1, 0x0, 0x0, {{0x7, 0x1, 0xbc}, {0x5, 0x100000, 0x3, 0x4, 0x0, 0x1, 0x1}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

2.271034899s ago: executing program 3 (id=3250):
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x200, &(0x7f00000010c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0xfffe, r2, 0x0}])
socket(0x10, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000640)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x80800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280", 0x13}, {&(0x7f00000003c0)}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)

1.302111525s ago: executing program 2 (id=3251):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r0, 0xfffffffc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2800000010005fba00"/20, @ANYRES32=0x0, @ANYBLOB="00010000c580000008001b00"], 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

461.584867ms ago: executing program 0 (id=3252):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
read$msr(r0, &(0x7f0000000300)=""/102400, 0x19000)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000009, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
unshare(0x22020600)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ipv6_route\x00')
pread64(r1, &(0x7f000001a240)=""/102399, 0x18fff, 0x100008)

0s ago: executing program 1 (id=3253):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001000ff1df4b7a000fbdbdf", @ANYRES32=0x0, @ANYBLOB="2911010020100000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1, @ANYBLOB="0500110002"], 0x4c}, 0x1, 0x0, 0x0, 0x8014}, 0x40040)

kernel console output (not intermixed with test programs):

ace activated: batadv_slave_1
[  665.205180][T13923] 8021q: adding VLAN 0 to HW filter on device ipvlan1
[  665.283508][T13527] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  665.303781][T13527] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  665.322090][T13527] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  665.331206][T13527] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  665.363129][T13932] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  665.493122][T13932] tipc: Resetting bearer <eth:syzkaller0>
[  665.579878][T13931] tipc: Disabling bearer <eth:syzkaller0>
[  665.683203][ T9570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  665.706135][ T9570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  665.712187][T13947] syzkaller0: entered promiscuous mode
[  665.739431][T13947] syzkaller0: entered allmulticast mode
[  665.918074][T13951] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2427'.
[  665.967158][ T9575] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  666.016243][ T9575] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  667.411437][T13993] syzkaller0: entered promiscuous mode
[  667.427719][T13993] syzkaller0: entered allmulticast mode
[  667.598199][ T5083] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  667.641464][ T5083] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  667.669174][ T5083] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  667.684101][ T5083] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  667.697208][ T5083] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  667.705098][ T5083] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  667.928121][T14012] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  667.972936][T14006] syzkaller0: entered promiscuous mode
[  667.982185][T14006] syzkaller0: entered allmulticast mode
[  668.588263][T14000] chnl_net:caif_netlink_parms(): no params data found
[  668.822066][T14000] bridge0: port 1(bridge_slave_0) entered blocking state
[  668.863178][T14000] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.879851][T14000] bridge_slave_0: entered allmulticast mode
[  668.903096][T14000] bridge_slave_0: entered promiscuous mode
[  668.929736][T14000] bridge0: port 2(bridge_slave_1) entered blocking state
[  668.947454][T14000] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.956518][T14000] bridge_slave_1: entered allmulticast mode
[  668.964625][T14000] bridge_slave_1: entered promiscuous mode
[  669.054075][T14000] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  669.065083][T14051] syzkaller0: entered promiscuous mode
[  669.070602][T14051] syzkaller0: entered allmulticast mode
[  669.087607][T14000] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  669.197915][T14054] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  669.210692][T14053] syzkaller0: entered promiscuous mode
[  669.216950][T14053] syzkaller0: entered allmulticast mode
[  669.309230][T14000] team0: Port device team_slave_0 added
[  669.335940][T14000] team0: Port device team_slave_1 added
[  669.548267][T14000] batman_adv: batadv0: Adding interface: batadv_slave_0
[  669.596389][T14000] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  669.667542][T14000] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  669.701297][T14000] batman_adv: batadv0: Adding interface: batadv_slave_1
[  669.732252][ T5083] Bluetooth: hci2: command tx timeout
[  669.740471][T14000] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  669.848532][T14000] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  669.962872][T14000] hsr_slave_0: entered promiscuous mode
[  669.969592][T14000] hsr_slave_1: entered promiscuous mode
[  669.977267][T14000] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  669.985327][T14000] Cannot create hsr debugfs directory
[  670.141997][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 330 seconds
[  670.309740][T14087] syzkaller0: entered promiscuous mode
[  670.346564][T14087] syzkaller0: entered allmulticast mode
[  670.587509][T14000] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  670.610721][T14000] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  670.655402][T14098] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  670.672342][T14094] syzkaller0: entered promiscuous mode
[  670.686712][T14094] syzkaller0: entered allmulticast mode
[  670.778011][T14000] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  670.788945][T14000] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  670.946588][T14000] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  670.958326][T14000] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.077390][T14000] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  671.088266][T14000] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  671.461269][T14000] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  671.508618][T14000] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  671.555655][T14000] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  671.598296][T14118] syzkaller0: entered promiscuous mode
[  671.621858][T14118] syzkaller0: entered allmulticast mode
[  671.629033][T14000] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  671.812142][ T5083] Bluetooth: hci2: command tx timeout
[  671.846251][T14132] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  671.913964][T14132] syzkaller0: entered promiscuous mode
[  671.919523][T14132] syzkaller0: entered allmulticast mode
[  672.039223][T14000] 8021q: adding VLAN 0 to HW filter on device bond0
[  672.094031][T14000] 8021q: adding VLAN 0 to HW filter on device team0
[  672.146558][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  672.153897][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  672.179735][ T9575] bridge0: port 2(bridge_slave_1) entered blocking state
[  672.187068][ T9575] bridge0: port 2(bridge_slave_1) entered forwarding state
[  672.649614][T14155] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2484'.
[  672.674773][T14155] bond0: (slave macvlan5): Error -98 calling set_mac_address
[  672.758276][T14162] syzkaller0: entered promiscuous mode
[  672.777376][T14162] syzkaller0: entered allmulticast mode
[  673.002278][T14000] 8021q: adding VLAN 0 to HW filter on device batadv0
[  673.147289][T14000] veth0_vlan: entered promiscuous mode
[  673.176358][T14173] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  673.237804][T14173] syzkaller0: entered promiscuous mode
[  673.246424][T14173] syzkaller0: entered allmulticast mode
[  673.277096][T14000] veth1_vlan: entered promiscuous mode
[  673.319186][T14178] netlink: 272 bytes leftover after parsing attributes in process `syz.3.2490'.
[  673.476885][T14000] veth0_macvtap: entered promiscuous mode
[  673.506633][T14000] veth1_macvtap: entered promiscuous mode
[  673.556031][T14000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  673.582292][T14000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.600019][T14000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  673.619787][T14000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.640401][T14000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  673.654279][T14000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.666416][T14000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  673.683398][T14000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.710908][T14000] batman_adv: batadv0: Interface activated: batadv_slave_0
[  673.754635][T14000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  673.820372][T14000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.858413][T14000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  673.877999][T14000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.891947][ T5083] Bluetooth: hci2: command tx timeout
[  673.901558][T14000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  673.912781][T14000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.947319][T14000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  673.983855][T14000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.016524][T14000] batman_adv: batadv0: Interface activated: batadv_slave_1
[  674.063923][T14000] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  674.091800][T14000] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  674.121810][T14000] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  674.151783][T14000] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  674.258070][T14194] syzkaller0: entered promiscuous mode
[  674.273966][T14194] syzkaller0: entered allmulticast mode
[  674.378085][T14209] netlink: 272 bytes leftover after parsing attributes in process `syz.0.2500'.
[  675.971858][ T5083] Bluetooth: hci2: command tx timeout
[  676.933436][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  676.966431][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  677.067052][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  677.101189][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  677.348788][T14245] loop2: detected capacity change from 0 to 8
[  678.982900][T14259] syzkaller0: entered promiscuous mode
[  678.988463][T14259] syzkaller0: entered allmulticast mode
[  679.276288][T14262] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  679.308090][T14263] syzkaller0: entered promiscuous mode
[  679.348996][T14263] syzkaller0: entered allmulticast mode
[  679.388607][T13529] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  679.401564][T13529] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  679.410508][T13529] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  679.422902][T13529] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  679.432157][T13529] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  679.440717][T13529] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  679.795124][ T9573] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  679.815282][T14277] loop3: detected capacity change from 0 to 8
[  681.194309][ T9573] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.337497][ T9573] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.451466][ T9573] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.500967][T13529] Bluetooth: hci0: command tx timeout
[  681.627258][T14298] syzkaller0: entered promiscuous mode
[  681.633566][T14298] syzkaller0: entered allmulticast mode
[  681.840547][T14314] loop0: detected capacity change from 0 to 8
[  682.428387][T14313] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  682.824966][T14315] syzkaller0: entered promiscuous mode
[  682.857842][T14315] syzkaller0: entered allmulticast mode
[  683.134725][T14266] chnl_net:caif_netlink_parms(): no params data found
[  683.445395][ T9573] tipc: Left network mode
[  683.580873][T13529] Bluetooth: hci0: command tx timeout
[  683.859488][T14266] bridge0: port 1(bridge_slave_0) entered blocking state
[  683.879326][T14266] bridge0: port 1(bridge_slave_0) entered disabled state
[  683.920566][T14266] bridge_slave_0: entered allmulticast mode
[  683.953223][T14266] bridge_slave_0: entered promiscuous mode
[  683.976384][T14266] bridge0: port 2(bridge_slave_1) entered blocking state
[  684.012416][T14266] bridge0: port 2(bridge_slave_1) entered disabled state
[  684.033597][T14266] bridge_slave_1: entered allmulticast mode
[  684.059187][T14266] bridge_slave_1: entered promiscuous mode
[  684.139495][T14365] loop0: detected capacity change from 0 to 8
[  685.397757][T14370] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  685.528016][T14266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  685.594798][T14266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  685.659792][T13529] Bluetooth: hci0: command tx timeout
[  685.746395][T14392] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2540'.
[  685.910540][T14266] team0: Port device team_slave_0 added
[  685.928400][T14391] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2540'.
[  686.063376][T14266] team0: Port device team_slave_1 added
[  686.140625][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  686.149398][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  686.354801][T14266] batman_adv: batadv0: Adding interface: batadv_slave_0
[  686.382102][T14266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  686.459279][T14266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  686.652809][T14266] batman_adv: batadv0: Adding interface: batadv_slave_1
[  686.681914][T14266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  686.768971][T14266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  686.869335][T14427] loop3: detected capacity change from 0 to 8
[  687.731799][T13529] Bluetooth: hci0: command tx timeout
[  688.028585][T14266] hsr_slave_0: entered promiscuous mode
[  688.126998][T14266] hsr_slave_1: entered promiscuous mode
[  688.147331][T14266] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  688.159606][T14266] Cannot create hsr debugfs directory
[  688.598881][T14442] syzkaller0: entered promiscuous mode
[  688.612359][T14442] syzkaller0: entered allmulticast mode
[  688.678424][ T9573] hsr_slave_0: left promiscuous mode
[  688.686837][ T9573] hsr_slave_1: left promiscuous mode
[  688.695870][ T9573] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  688.706101][ T9573] batman_adv: batadv0: Removing interface: batadv_slave_0
[  688.715574][ T9573] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  688.723616][ T9573] batman_adv: batadv0: Removing interface: batadv_slave_1
[  688.752512][ T9573] bridge_slave_1: left allmulticast mode
[  688.758515][ T9573] bridge_slave_1: left promiscuous mode
[  688.774409][ T9573] bridge0: port 2(bridge_slave_1) entered disabled state
[  688.810417][ T9573] bridge_slave_0: left allmulticast mode
[  688.826492][ T9573] bridge_slave_0: left promiscuous mode
[  688.847730][ T9573] bridge0: port 1(bridge_slave_0) entered disabled state
[  688.903875][ T9573] veth1_macvtap: left promiscuous mode
[  688.915800][ T9573] veth0_macvtap: left promiscuous mode
[  688.922399][ T9573] veth1_vlan: left promiscuous mode
[  689.042582][T14459] loop0: detected capacity change from 0 to 8
[  691.116796][ T9573] team0 (unregistering): Port device 
7
6žÿ removed
[  691.181103][ T9573] team0 (unregistering): Port device team_slave_0 removed
[  691.237483][ T9573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  691.301306][ T9573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  691.691084][ T9573] bond0 (unregistering): Released all slaves
[  692.453843][T14487] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2556'.
[  692.814129][T14487] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  694.452806][T13529] Bluetooth: hci4: command tx timeout
[  695.444839][ T9573] IPVS: stop unused estimator thread 0...
[  695.759469][T14508] loop3: detected capacity change from 0 to 8
[  697.102647][T14514] syzkaller0: entered promiscuous mode
[  697.115573][T14514] syzkaller0: entered allmulticast mode
[  697.201853][T14266] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  697.240550][T14266] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  697.277814][T14266] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  697.311887][T14266] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  697.455636][T14519] syzkaller0: entered promiscuous mode
[  697.466074][T14519] syzkaller0: entered allmulticast mode
[  698.068976][T14266] 8021q: adding VLAN 0 to HW filter on device bond0
[  698.122878][T14266] 8021q: adding VLAN 0 to HW filter on device team0
[  698.357523][T14537] loop0: detected capacity change from 0 to 128
[  698.415247][ T9575] bridge0: port 1(bridge_slave_0) entered blocking state
[  698.422479][ T9575] bridge0: port 1(bridge_slave_0) entered forwarding state
[  699.879631][ T9575] bridge0: port 2(bridge_slave_1) entered blocking state
[  699.886901][ T9575] bridge0: port 2(bridge_slave_1) entered forwarding state
[  700.136150][T14542] loop2: detected capacity change from 0 to 8
[  700.214157][T14244] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 360 seconds
[  701.632953][T14266] 8021q: adding VLAN 0 to HW filter on device batadv0
[  702.386509][T14266] veth0_vlan: entered promiscuous mode
[  702.688039][T14266] veth1_vlan: entered promiscuous mode
[  702.899216][T14572] syzkaller0: entered promiscuous mode
[  702.912968][T14572] syzkaller0: entered allmulticast mode
[  703.557337][T14266] veth0_macvtap: entered promiscuous mode
[  703.577977][T14266] veth1_macvtap: entered promiscuous mode
[  703.615054][T14266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.628276][  T968] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  703.683008][T14266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.693383][T14266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.704373][T14266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.714308][T14266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.725825][T14266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.736363][T14266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.758136][T14266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.789532][T14266] batman_adv: batadv0: Interface activated: batadv_slave_0
[  703.872638][  T968] usb 4-1: Using ep0 maxpacket: 8
[  703.890670][  T968] usb 4-1: config 0 has no interfaces?
[  703.898083][  T968] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  704.051544][  T968] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.397161][T14266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.409330][  T968] usb 4-1: config 0 descriptor??
[  704.469348][T14266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.500030][T14266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.526850][T14266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.562231][T14266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.588135][T14266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.602599][T14266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.623482][T14266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.712264][T14595] loop2: detected capacity change from 0 to 8
[  704.740411][T14266] batman_adv: batadv0: Interface activated: batadv_slave_1
[  704.930599][ T5756] usb 4-1: USB disconnect, device number 6
[  705.112536][T14266] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  705.228694][T14266] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  705.313210][T14266] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  705.413487][T14266] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  706.209969][ T9577] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  706.293062][ T9577] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  706.655571][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  706.663820][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  706.784777][T14622] loop0: detected capacity change from 0 to 512
[  706.874983][T14622] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  706.888519][T14622] ext4 filesystem being mounted at /662/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  706.973705][T14631] netlink: 272 bytes leftover after parsing attributes in process `syz.1.2509'.
[  708.125399][T14642] tipc: Started in network mode
[  708.171174][T14642] tipc: Node identity ac1414aa, cluster identity 4711
[  708.238941][T14642] tipc: Enabled bearer <udp:s>, priority 10
[  708.267233][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.602181][    T9] tipc: Node number set to 2886997162
[  710.779153][T14673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2595'.
[  710.791946][T14673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2595'.
[  713.746893][T14691] syzkaller0: entered promiscuous mode
[  713.767128][T14691] syzkaller0: entered allmulticast mode
[  713.814751][T14694] loop2: detected capacity change from 0 to 2048
[  713.845218][ T5083] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  713.856580][ T5083] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  713.868645][ T5083] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  713.879023][ T5083] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  713.886400][T14694] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  713.899888][ T5083] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  713.910242][ T5083] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  713.936912][T14694] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  713.959138][T14694] UDF-fs: Scanning with blocksize 512 failed
[  714.028218][T14694] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  714.131143][T14705] syzkaller0: entered promiscuous mode
[  714.137007][T14705] syzkaller0: entered allmulticast mode
[  714.148882][   T28] audit: type=1800 audit(1777490757.087:5): pid=14694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2599" name="ion=00000000000000000000,noadinicb,nostrict,uid=00000000000000000000,shortad,uid=ignore,shortad,utf8," dev="loop2" ino=851 res=0 errno=0
[  714.394195][T14708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2603'.
[  714.869756][T14708] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  714.878926][T14708] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  714.889980][T14708] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  714.899050][T14708] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  714.959184][T14712] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2604'.
[  715.186621][T14718] loop1: detected capacity change from 0 to 16
[  715.200481][T14718] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  715.226413][T14708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2603'.
[  715.972060][ T5083] Bluetooth: hci1: command tx timeout
[  716.583112][T14744] syzkaller0: entered promiscuous mode
[  716.601330][T14744] syzkaller0: entered allmulticast mode
[  716.815331][T14753] Cannot find del_set index 1 as target
[  716.852535][T14753] overlayfs: missing 'lowerdir'
[  716.916067][T14696] chnl_net:caif_netlink_parms(): no params data found
[  717.997911][T14756] syzkaller0: entered promiscuous mode
[  718.021955][T14756] syzkaller0: entered allmulticast mode
[  718.060847][ T5083] Bluetooth: hci1: command tx timeout
[  718.087744][T14760] loop3: detected capacity change from 0 to 2048
[  718.146223][T14760] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  718.190179][T14760] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  718.270089][T14770] loop1: detected capacity change from 0 to 16
[  718.282684][T14770] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  718.420881][T14696] bridge0: port 1(bridge_slave_0) entered blocking state
[  718.489617][T14696] bridge0: port 1(bridge_slave_0) entered disabled state
[  718.511851][T14696] bridge_slave_0: entered allmulticast mode
[  718.548793][T14696] bridge_slave_0: entered promiscuous mode
[  718.582892][T14696] bridge0: port 2(bridge_slave_1) entered blocking state
[  718.590454][T14696] bridge0: port 2(bridge_slave_1) entered disabled state
[  718.664165][T14696] bridge_slave_1: entered allmulticast mode
[  718.712558][T14696] bridge_slave_1: entered promiscuous mode
[  718.748344][T14775] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  718.982417][T14696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  719.242499][T14696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  719.758077][T14696] team0: Port device team_slave_0 added
[  719.831190][T14696] team0: Port device team_slave_1 added
[  719.989784][T14787] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  720.026597][T14799] loop3: detected capacity change from 0 to 8
[  720.133102][ T5083] Bluetooth: hci1: command tx timeout
[  721.036132][T14787] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  721.205469][T14696] batman_adv: batadv0: Adding interface: batadv_slave_0
[  721.212689][T14696] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  721.262299][T14696] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  721.272124][T14787] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  721.307130][T14696] batman_adv: batadv0: Adding interface: batadv_slave_1
[  721.360743][T14787] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  721.363900][T14696] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  721.411785][T14696] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  721.527686][T14787] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  721.564149][T14787] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  721.618805][T14787] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  721.660116][T14787] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  721.680615][T14787] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  721.724105][T14696] hsr_slave_0: entered promiscuous mode
[  721.731512][T14787] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  721.739241][ T5083] Bluetooth: hci4: command 0x0c1a tx timeout
[  721.749393][T14696] hsr_slave_1: entered promiscuous mode
[  721.792100][T14787] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  721.819816][T14787] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  721.832387][T14696] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  721.878892][T14696] Cannot create hsr debugfs directory
[  721.892888][T14787] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  722.241135][T14815] loop3: detected capacity change from 0 to 16
[  722.255879][T14815] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  722.518288][T14816] syzkaller0: entered promiscuous mode
[  722.536842][T14816] syzkaller0: entered allmulticast mode
[  723.574245][ T5083] Bluetooth: hci2: command 0x0c1a tx timeout
[  723.585821][T14696] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.731689][ T5083] Bluetooth: hci0: command 0x0c1a tx timeout
[  723.756414][T14696] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.813015][ T5083] Bluetooth: hci1: command 0x0c1a tx timeout
[  723.813356][T13529] Bluetooth: hci4: command 0x0c1a tx timeout
[  723.910958][T14834] loop3: detected capacity change from 0 to 8
[  724.800595][T14696] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  724.963525][T14838] loop3: detected capacity change from 0 to 16
[  724.970755][T14838] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  725.030916][T14696] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.653144][ T5083] Bluetooth: hci2: command 0x0c1a tx timeout
[  725.813722][ T5083] Bluetooth: hci0: command 0x0c1a tx timeout
[  725.892236][ T5083] Bluetooth: hci4: command 0x0c1a tx timeout
[  725.898357][T13529] Bluetooth: hci1: command 0x0c1a tx timeout
[  727.736096][ T5083] Bluetooth: hci2: command 0x0c1a tx timeout
[  727.892025][ T5083] Bluetooth: hci0: command 0x0c1a tx timeout
[  727.907451][T14696] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  727.971841][T13529] Bluetooth: hci1: command 0x0c1a tx timeout
[  727.978088][ T5083] Bluetooth: hci4: command 0x0c1a tx timeout
[  728.263223][T14696] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  728.368216][T14696] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  728.464075][T14696] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  728.646536][T14867] loop3: detected capacity change from 0 to 8
[  729.543261][T14696] 8021q: adding VLAN 0 to HW filter on device bond0
[  729.613800][T14696] 8021q: adding VLAN 0 to HW filter on device team0
[  729.669908][T14696] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  729.680956][T14696] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  729.720196][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  729.727806][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  729.779354][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  729.786672][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  729.958126][T14880] loop1: detected capacity change from 0 to 128
[  730.314708][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 390 seconds
[  730.326079][ T5083] Bluetooth: hci4: command 0x0c1a tx timeout
[  730.996434][ T5083] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  731.007349][ T5083] CPU: 0 PID: 5083 Comm: kworker/u5:1 Not tainted syzkaller #0
[  731.015765][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  731.026141][ T5083] Workqueue: hci4 hci_rx_work
[  731.031143][ T5083] Call Trace:
[  731.034635][ T5083]  <TASK>
[  731.037591][ T5083]  dump_stack_lvl+0x18c/0x250
[  731.042462][ T5083]  ? show_regs_print_info+0x20/0x20
[  731.047784][ T5083]  ? load_image+0x420/0x420
[  731.052328][ T5083]  sysfs_create_dir_ns+0x26e/0x2a0
[  731.057475][ T5083]  ? sysfs_warn_dup+0xa0/0xa0
[  731.062200][ T5083]  ? do_raw_spin_unlock+0x121/0x230
[  731.067434][ T5083]  kobject_add_internal+0x61c/0xcc0
[  731.072769][ T5083]  kobject_add+0x164/0x240
[  731.077220][ T5083]  ? __rwlock_init+0x150/0x150
[  731.082124][ T5083]  ? kobject_init+0x1e0/0x1e0
[  731.086847][ T5083]  ? _raw_spin_unlock+0x28/0x40
[  731.091731][ T5083]  ? get_device_parent+0x366/0x390
[  731.096869][ T5083]  device_add+0x408/0xc20
[  731.101222][ T5083]  hci_conn_add_sysfs+0xd5/0x1e0
[  731.106440][ T5083]  le_conn_complete_evt+0xf5d/0x1540
[  731.111768][ T5083]  ? hci_event_packet+0x4cb/0x1270
[  731.116948][ T5083]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  731.123397][ T5083]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  731.129170][ T5083]  ? skb_pull_data+0xfb/0x200
[  731.133894][ T5083]  hci_le_conn_complete_evt+0x187/0x440
[  731.139638][ T5083]  ? hci_remote_host_features_evt+0x150/0x150
[  731.145804][ T5083]  hci_event_packet+0x7ba/0x1270
[  731.150844][ T5083]  ? bis_list+0x290/0x290
[  731.155275][ T5083]  ? lockdep_hardirqs_on+0x98/0x150
[  731.160620][ T5083]  ? hci_send_to_monitor+0xd7/0x4f0
[  731.166023][ T5083]  hci_rx_work+0x43a/0xd60
[  731.170496][ T5083]  ? process_scheduled_works+0x96f/0x15d0
[  731.176231][ T5083]  process_scheduled_works+0xa5d/0x15d0
[  731.181820][ T5083]  ? worker_attach_to_pool+0x380/0x380
[  731.187303][ T5083]  ? assign_work+0x3d2/0x5d0
[  731.192154][ T5083]  worker_thread+0xa55/0xfc0
[  731.196784][ T5083]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  731.202790][ T5083]  ? _raw_spin_unlock+0x40/0x40
[  731.207675][ T5083]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  731.213667][ T5083]  kthread+0x2fa/0x390
[  731.217782][ T5083]  ? pr_cont_work+0x560/0x560
[  731.222479][ T5083]  ? kthread_blkcg+0xd0/0xd0
[  731.227215][ T5083]  ret_from_fork+0x48/0x80
[  731.231649][ T5083]  ? kthread_blkcg+0xd0/0xd0
[  731.236245][ T5083]  ret_from_fork_asm+0x11/0x20
[  731.241022][ T5083]  </TASK>
[  731.265078][ T5083] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  731.286697][ T5083] Bluetooth: hci4: failed to register connection device
[  733.331777][ T5083] Bluetooth: hci4: command 0x0c1a tx timeout
[  735.173707][T14696] 8021q: adding VLAN 0 to HW filter on device batadv0
[  735.298978][T14696] veth0_vlan: entered promiscuous mode
[  735.333571][T14696] veth1_vlan: entered promiscuous mode
[  735.373115][T14914] netlink: 832 bytes leftover after parsing attributes in process `syz.1.2652'.
[  735.407709][T14696] veth0_macvtap: entered promiscuous mode
[  735.426793][T14696] veth1_macvtap: entered promiscuous mode
[  735.452693][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  735.464789][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  735.478345][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  735.549256][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  735.766624][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  735.972072][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.096214][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  736.110754][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.131334][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  736.154464][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.188571][T14696] batman_adv: batadv0: Interface activated: batadv_slave_0
[  736.267084][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  736.321732][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.351673][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  736.384913][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.407630][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  736.453182][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.479075][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  736.501136][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.542197][T14696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  736.581988][T14696] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.699235][T14696] batman_adv: batadv0: Interface activated: batadv_slave_1
[  737.120470][T14696] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  737.336817][T14696] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  737.531862][T14696] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  737.696049][T14696] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  738.691830][ T5083] Bluetooth: hci2: command 0x0c1a tx timeout
[  739.868657][ T9583] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  739.991033][ T9583] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  740.360904][T14959] syzkaller0: entered promiscuous mode
[  740.381721][T14959] syzkaller0: entered allmulticast mode
[  740.645885][T14683] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  740.703583][T14683] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  742.475483][T15002] syzkaller0: entered promiscuous mode
[  742.503127][T15002] syzkaller0: entered allmulticast mode
[  743.264571][T15017] tipc: Started in network mode
[  743.270950][T15017] tipc: Node identity 4004, cluster identity 4711
[  743.277754][T15017] tipc: Node number set to 16388
[  743.761871][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[  744.571220][T15019] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  744.621844][T15019] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  744.648962][T15019] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  744.658012][T15019] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  744.670826][T15019] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  744.679412][T15019] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  744.823460][T15019] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  746.006297][T15055] syzkaller0: entered promiscuous mode
[  746.026110][T15055] syzkaller0: entered allmulticast mode
[  746.462365][ T5083] Bluetooth: hci4: command 0x0c1a tx timeout
[  746.727459][ T5083] Bluetooth: hci0: command 0x0c1a tx timeout
[  746.735170][ T5083] Bluetooth: hci2: command 0x0c1a tx timeout
[  746.861869][T13529] Bluetooth: hci1: command 0x0c1a tx timeout
[  747.599499][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  747.629018][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  748.048678][T15079] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  748.067639][T15079] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  748.091231][T15079] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  748.114236][T15079] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  748.403330][T15101] tipc: Started in network mode
[  748.408373][T15101] tipc: Node identity aa660510d7be, cluster identity 4711
[  748.418281][T15098] loop3: detected capacity change from 0 to 512
[  748.440826][T15098] FAT-fs (loop3): Unrecognized mount option "dmaso=e0000000000000000000062" or missing value
[  748.472942][T15101] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  748.514297][T15101] tipc: Resetting bearer <eth:syzkaller0>
[  748.598003][T15099] tipc: Disabling bearer <eth:syzkaller0>
[  749.502891][T13529] Bluetooth: hci4: command 0x0c1a tx timeout
[  749.631389][T15140] syzkaller0: entered promiscuous mode
[  749.659326][T15140] syzkaller0: entered allmulticast mode
[  749.721473][T15138] tipc: Started in network mode
[  749.730098][T15138] tipc: Node identity e24cb5b06423, cluster identity 4711
[  749.741461][T15138] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  749.768623][T15138] tipc: Resetting bearer <eth:syzkaller0>
[  749.862511][T15137] tipc: Disabling bearer <eth:syzkaller0>
[  750.132765][T13529] Bluetooth: hci1: command 0x0c1a tx timeout
[  750.132798][ T5083] Bluetooth: hci0: command 0x0c1a tx timeout
[  750.139289][T13529] Bluetooth: hci2: command 0x0c1a tx timeout
[  750.223151][T15158] syzkaller0: entered promiscuous mode
[  750.239301][T15158] syzkaller0: entered allmulticast mode
[  750.568975][T15174] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  750.582808][T15174] tipc: Resetting bearer <eth:syzkaller0>
[  750.716695][T15173] tipc: Disabling bearer <eth:syzkaller0>
[  751.454240][T15182] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  751.490149][T15182] tipc: Resetting bearer <eth:syzkaller0>
[  751.575687][T13529] Bluetooth: hci4: command 0x0c1a tx timeout
[  751.586994][T15181] tipc: Disabling bearer <eth:syzkaller0>
[  751.750643][T15190] loop2: detected capacity change from 0 to 16
[  751.843877][T15190] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  752.281471][T15200] syzkaller0: entered promiscuous mode
[  752.287228][T15200] syzkaller0: entered allmulticast mode
[  754.257663][T15227] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  754.282113][T15227] syzkaller0: entered promiscuous mode
[  754.297981][T15227] syzkaller0: entered allmulticast mode
[  754.370428][T15226] tipc: Resetting bearer <eth:syzkaller0>
[  754.467761][T15226] tipc: Disabling bearer <eth:syzkaller0>
[  754.494543][T15232] loop3: detected capacity change from 0 to 128
[  756.125502][T15248] loop3: detected capacity change from 0 to 2048
[  756.136649][T15248] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  756.185732][T15248] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  756.193798][T15248] UDF-fs: Scanning with blocksize 512 failed
[  756.220139][T15248] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  756.264624][T15240] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  756.281238][T15240] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  756.322192][T15240] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  756.348133][T15240] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  756.562409][    T0] NOHZ tick-stop error: local softirq work is pending, handler #342!!!
[  757.691291][T15274] loop2: detected capacity change from 0 to 256
[  757.733231][T15274] exfat: Deprecated parameter 'utf8'
[  757.762887][T15274] exfat: Deprecated parameter 'utf8'
[  757.821495][T15274] exfat: Deprecated parameter 'utf8'
[  757.925244][T15274] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xc70f51ff, utbl_chksum : 0xe619d30d)
[  758.051877][T13529] Bluetooth: hci4: command 0x0c1a tx timeout
[  758.291900][T13529] Bluetooth: hci2: command 0x0c1a tx timeout
[  758.371950][T13529] Bluetooth: hci1: command 0x0c1a tx timeout
[  758.371959][T15159] Bluetooth: hci0: command 0x0c1a tx timeout
[  758.441374][T15285] loop2: detected capacity change from 0 to 128
[  759.121820][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[  759.531873][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  759.882309][T15286] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  759.899432][T15286] syzkaller0: entered promiscuous mode
[  759.908045][T15286] syzkaller0: entered allmulticast mode
[  760.139085][T15283] tipc: Resetting bearer <eth:syzkaller0>
[  760.173865][T15291] loop3: detected capacity change from 0 to 2048
[  760.210886][T15291] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  760.305324][T15291] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  760.814899][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 420 seconds
[  760.822326][T15291] UDF-fs: Scanning with blocksize 512 failed
[  760.837435][T15291] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  760.859693][T15283] tipc: Disabling bearer <eth:syzkaller0>
[  760.942248][   T28] audit: type=1800 audit(1777490803.887:6): pid=15291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2755" name="file1" dev="loop3" ino=838 res=0 errno=0
[  761.063249][T15295] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  761.115974][T15295] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  761.156356][T15295] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  761.189699][T15295] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  761.438643][T15303] syzkaller0: entered promiscuous mode
[  761.468988][T15303] syzkaller0: entered allmulticast mode
[  762.667372][T15319] loop3: detected capacity change from 0 to 128
[  763.092378][T13529] Bluetooth: hci4: command 0x0c1a tx timeout
[  763.171867][T13529] Bluetooth: hci0: command 0x0c1a tx timeout
[  763.178283][T15159] Bluetooth: hci2: command 0x0c1a tx timeout
[  763.252029][T15159] Bluetooth: hci1: command 0x0c1a tx timeout
[  763.597383][T15325] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  763.607402][T15325] syzkaller0: entered promiscuous mode
[  763.616169][T15325] syzkaller0: entered allmulticast mode
[  763.685631][T15323] loop0: detected capacity change from 0 to 2048
[  763.903072][T15322] tipc: Resetting bearer <eth:syzkaller0>
[  764.099154][T15323] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  764.244455][T15323] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  764.252811][T15323] UDF-fs: Scanning with blocksize 512 failed
[  764.271185][T15323] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  764.294463][T15322] tipc: Disabling bearer <eth:syzkaller0>
[  764.362467][   T28] audit: type=1800 audit(1777490807.307:7): pid=15323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2765" name="file1" dev="loop0" ino=838 res=0 errno=0
[  765.706004][T15363] loop1: detected capacity change from 0 to 128
[  766.836293][T15368] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2778'.
[  766.975667][T15372] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  766.990764][T15371] loop1: detected capacity change from 0 to 2048
[  767.018533][T15372] syzkaller0: entered promiscuous mode
[  767.051329][T15372] syzkaller0: entered allmulticast mode
[  767.067791][T15371] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  767.155821][T15371] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  767.165007][T15372] tipc: Resetting bearer <eth:syzkaller0>
[  767.230167][T15371] UDF-fs: Scanning with blocksize 512 failed
[  767.240422][T15370] tipc: Resetting bearer <eth:syzkaller0>
[  767.286458][T15371] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  767.396790][T15370] tipc: Disabling bearer <eth:syzkaller0>
[  767.440600][   T28] audit: type=1800 audit(1777490810.377:8): pid=15371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2779" name="file1" dev="loop1" ino=838 res=0 errno=0
[  768.062297][T15366] loop3: detected capacity change from 0 to 131072
[  768.073598][T15366] F2FS-fs (loop3): Test dummy encryption mode enabled
[  768.082368][T15366] F2FS-fs (loop3): invalid crc value
[  768.110576][T15366] F2FS-fs (loop3): Found nat_bits in checkpoint
[  768.189287][T15366] F2FS-fs (loop3): Start checkpoint disabled!
[  768.240976][T15366] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  768.532537][T15395] syzkaller0: entered promiscuous mode
[  768.550263][T15395] syzkaller0: entered allmulticast mode
[  768.840404][T15403] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2792'.
[  769.350080][T15407] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  769.518869][T15410] syzkaller0: entered promiscuous mode
[  769.757879][T15410] syzkaller0: entered allmulticast mode
[  769.850898][T15414] tipc: Resetting bearer <eth:syzkaller0>
[  769.950161][T15406] tipc: Resetting bearer <eth:syzkaller0>
[  770.176155][T15406] tipc: Disabling bearer <eth:syzkaller0>
[  771.964660][T15431] loop0: detected capacity change from 0 to 512
[  771.968185][T15425] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  771.997979][T15425] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  772.028210][T15425] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  772.065353][T15425] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  772.087867][T15431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  772.127284][T15431] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  772.201837][T15431] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.2801: corrupted xattr block 33: invalid ea_ino
[  772.226736][T15431] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.2801: corrupted xattr block 33: invalid ea_ino
[  772.261625][T15431] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  772.424040][T14696] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  773.296791][T15464] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  773.334144][T15464] syzkaller0: entered promiscuous mode
[  773.360267][T15464] syzkaller0: entered allmulticast mode
[  773.396753][T15464] tipc: Resetting bearer <eth:syzkaller0>
[  773.415386][T15462] tipc: Resetting bearer <eth:syzkaller0>
[  773.485171][T15462] tipc: Disabling bearer <eth:syzkaller0>
[  773.728766][T15473] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  773.848799][T15159] Bluetooth: hci4: command 0x0c1a tx timeout
[  773.870776][T15481] loop3: detected capacity change from 0 to 128
[  774.072808][T15159] Bluetooth: hci0: command 0x0c1a tx timeout
[  774.080786][T13529] Bluetooth: hci2: command 0x0c1a tx timeout
[  774.143392][T15159] Bluetooth: hci1: command 0x0c1a tx timeout
[  774.843374][    T9] tipc: Node number set to 2255467952
[  774.874219][T15470] tipc: Disabling bearer <eth:syzkaller0>
[  775.022129][T15494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2817'.
[  775.630039][T15510] loop0: detected capacity change from 0 to 16
[  775.637540][T15510] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  776.219023][T15519] loop1: detected capacity change from 0 to 128
[  776.285542][T15521] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  776.355615][   T28] audit: type=1800 audit(1777490819.297:9): pid=15519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2825" name="file2" dev="loop1" ino=1049012 res=0 errno=0
[  776.612254][T15525] loop3: detected capacity change from 0 to 128
[  778.525363][T15521] syzkaller0: entered promiscuous mode
[  778.530934][T15521] syzkaller0: entered allmulticast mode
[  778.542327][T15521] tipc: Resetting bearer <eth:syzkaller0>
[  778.554968][    T9] tipc: Node number set to 2111309072
[  778.909199][ T9575] tipc: Resetting bearer <eth:syzkaller0>
[  778.929388][T15520] tipc: Resetting bearer <eth:syzkaller0>
[  778.961792][    T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  779.165254][    T9] usb 4-1: Using ep0 maxpacket: 16
[  779.186200][    T9] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  779.221702][    T9] usb 4-1: config 1 interface 0 has no altsetting 0
[  779.257354][    T9] usb 4-1: string descriptor 0 read error: -22
[  779.271857][    T9] usb 4-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.40
[  779.300307][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  779.985284][    T9] dragonrise 0003:0079:0011.0001: unknown global tag 0xc
[  779.998814][    T9] dragonrise 0003:0079:0011.0001: item 0 2 1 12 parsing failed
[  780.065344][    T9] dragonrise 0003:0079:0011.0001: parse failed
[  780.075849][    T9] dragonrise: probe of 0003:0079:0011.0001 failed with error -22
[  780.098979][    T9] usb 4-1: USB disconnect, device number 7
[  780.789629][T15549] loop3: detected capacity change from 0 to 8
[  783.245153][T15520] tipc: Disabling bearer <eth:syzkaller0>
[  783.801853][T15573] loop1: detected capacity change from 0 to 128
[  785.136334][T15579] loop1: detected capacity change from 0 to 16
[  785.190939][T15579] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  788.856286][T15584] loop2: detected capacity change from 0 to 1024
[  788.944753][T15587] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  788.974944][T15587] syzkaller0: entered promiscuous mode
[  788.985419][T15587] syzkaller0: entered allmulticast mode
[  789.008812][T15589] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  789.123817][T15589] syzkaller0: entered promiscuous mode
[  789.132897][T15589] syzkaller0: entered allmulticast mode
[  789.148985][T15589] tipc: Resetting bearer <eth:syzkaller0>
[  789.186624][T15587] tipc: Resetting bearer <eth:syzkaller0>
[  789.232582][T15586] tipc: Resetting bearer <eth:syzkaller0>
[  789.280332][T15586] tipc: Disabling bearer <eth:syzkaller0>
[  789.302095][T15588] tipc: Resetting bearer <eth:syzkaller0>
[  790.193789][ T9569] hfsplus: b-tree write err: -5, ino 25
[  790.206114][ T9569] hfsplus: b-tree write err: -5, ino 4
[  790.232120][ T9569] hfsplus: b-tree write err: -5, ino 2
[  790.823355][T15611] loop2: detected capacity change from 0 to 128
[  791.738923][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 450 seconds
[  792.696652][T15616] loop1: detected capacity change from 0 to 32768
[  792.868527][T15616] JBD2: Ignoring recovery information on journal
[  792.959009][T15616] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  793.420170][T14266] ocfs2: Unmounting device (7,1) on (node local)
[  795.855515][T15588] tipc: Disabling bearer <eth:syzkaller0>
[  801.253810][T15644] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  801.591060][T15678] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  801.609259][T15679] syzkaller0: entered promiscuous mode
[  801.626473][T15679] syzkaller0: entered allmulticast mode
[  801.689321][T15678] syzkaller0: entered promiscuous mode
[  801.696627][T15678] syzkaller0: entered allmulticast mode
[  801.722315][T15678] tipc: Resetting bearer <eth:syzkaller0>
[  801.852779][T15675] tipc: Resetting bearer <eth:syzkaller0>
[  802.112992][  T968] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  802.345109][  T968] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  802.383217][  T968] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  802.399917][  T968] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  802.409430][  T968] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  802.417702][  T968] usb 3-1: Product: syz
[  802.422395][  T968] usb 3-1: Manufacturer: syz
[  802.427112][  T968] usb 3-1: SerialNumber: syz
[  802.659658][T15686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  802.690112][T15686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  802.713570][  T968] cdc_ether: probe of 3-1:1.0 failed with error -22
[  802.734377][  T968] usb 3-1: USB disconnect, device number 7
[  803.331811][  T968] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  803.534239][  T968] usb 3-1: Using ep0 maxpacket: 8
[  803.541688][  T968] usb 3-1: config index 0 descriptor too short (expected 301, got 72)
[  803.550004][  T968] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  803.560416][  T968] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  803.571817][  T968] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  803.581697][  T968] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  803.592329][  T968] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  803.603767][  T968] usb 3-1: config 16 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  803.618094][  T968] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  803.627550][  T968] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  803.856137][  T968] usb 3-1: usb_control_msg returned -32
[  803.863695][  T968] usbtmc 3-1:16.0: can't read capabilities
[  803.877864][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.897577][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.904163][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.910490][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.921668][    C1] usbtmc 3-1:16.0: invalid notification: 11
[  803.927875][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.951705][    C1] usbtmc 3-1:16.0: invalid notification: 2
[  803.957859][    C1] usbtmc 3-1:16.0: invalid notification: 5
[  803.964004][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.970176][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.982416][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.988868][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  803.995003][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.001479][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.007686][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.013884][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.020437][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.026560][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.033062][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.039182][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.045809][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.056908][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.064408][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.070659][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.091678][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.099070][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.105199][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.111281][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.117444][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.123561][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.129616][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.135834][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.142175][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.148239][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.154400][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.160553][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.166740][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.172850][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.179775][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.185914][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.192068][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.198190][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.204402][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.210444][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.216632][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.222756][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.228766][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.234836][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.241227][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.247262][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.253404][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.259431][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.265586][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.271700][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.277724][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.286474][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.292771][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.299202][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.307319][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.318594][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.326345][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.332498][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.338750][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.344861][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.351026][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.357155][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.363284][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.369354][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.375607][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.381715][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.400082][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.408095][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.414551][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.420658][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.426796][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.433015][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.439414][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.445694][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.452065][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.458295][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.464426][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.470613][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.476770][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.488216][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.497512][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.504093][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.510379][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.516482][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.522754][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.533881][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.541040][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.547253][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.553338][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.559466][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.565558][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.571691][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.577908][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.584116][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.591067][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.597168][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.603306][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.609478][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.615703][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.622009][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.628269][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.634478][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.640562][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.648365][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.654660][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.660874][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.667105][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.673177][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.679243][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.686703][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.694049][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.700287][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.706494][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.714663][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.720812][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.726961][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.733577][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.745421][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.751535][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.757647][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.763732][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.769981][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.776180][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.782508][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.789077][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.795917][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.802169][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.808279][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.814552][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.820657][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.826762][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.832865][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.838935][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.845211][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.851443][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.857713][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.863865][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.870065][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.876251][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.883639][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.889706][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.896706][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.902806][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.908900][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.915105][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.921200][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.927337][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.933575][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.939674][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.945896][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.952027][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.958130][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.964470][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.970896][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.977354][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.983625][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.989989][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  804.996148][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.003211][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.009305][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.015486][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.021635][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.027733][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.033843][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.039958][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.046054][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.052157][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.058338][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.064537][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.070698][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.076762][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.082885][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.088928][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.095069][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.102163][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.108226][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.114350][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.120511][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.126612][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.132824][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.140909][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.147247][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.153309][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.159377][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.165468][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.174682][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.180872][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.186982][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.193239][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.199351][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.206979][    C1] usbtmc 3-1:16.0: invalid notification: 0
[  805.277897][    T9] usb 3-1: USB disconnect, device number 8
[  805.926373][T15675] tipc: Disabling bearer <eth:syzkaller0>
[  805.935236][T15692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2866'.
[  805.991809][T15698] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  806.001932][T15699] syzkaller0: entered promiscuous mode
[  806.007556][T15699] syzkaller0: entered allmulticast mode
[  806.082084][T15706] tipc: Resetting bearer <eth:syzkaller0>
[  806.143408][T15712] loop1: detected capacity change from 0 to 2048
[  806.152347][T15695] tipc: Resetting bearer <eth:syzkaller0>
[  806.220368][T15712] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  806.241195][T15695] tipc: Disabling bearer <eth:syzkaller0>
[  806.261888][T15712] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  806.290609][T15712] UDF-fs: Scanning with blocksize 512 failed
[  806.811315][T15712] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  807.388344][   T28] audit: type=1800 audit(1777490850.317:10): pid=15712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2868" name="ion=00000000000000000000,noadinicb,nostrict,uid=00000000000000000000,shortad,uid=ignore,shortad,utf8," dev="loop1" ino=851 res=0 errno=0
[  807.585973][T15724] syzkaller0: entered promiscuous mode
[  807.605837][T15724] syzkaller0: entered allmulticast mode
[  808.234681][T15731] loop0: detected capacity change from 0 to 128
[  808.280590][T15731] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  808.316155][T15731] ext4 filesystem being mounted at /46/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  808.328474][T15730] loop1: detected capacity change from 0 to 4096
[  808.443056][T14696] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  808.483446][T15730] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  808.523404][T15730] ntfs3: loop1: Failed to load $Extend (-22).
[  808.531905][T15730] ntfs3: loop1: Failed to initialize $Extend.
[  808.685506][   T28] audit: type=1800 audit(1777490851.617:11): pid=15730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2875" name="file1" dev="loop1" ino=30 res=0 errno=0
[  808.706070][    C1] vkms_vblank_simulate: vblank timer overrun
[  808.783899][T15738] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  809.019210][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  809.027192][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  810.932091][T15159] Bluetooth: hci2: command 0x0c1a tx timeout
[  811.145376][T15743] syzkaller0: entered promiscuous mode
[  811.229339][T15743] syzkaller0: entered allmulticast mode
[  811.328103][T15743] tipc: Resetting bearer <eth:syzkaller0>
[  811.819664][T14266] ntfs3: loop1: ino=9, ntfs_sync_fs failed, -22.
[  812.695312][T14683] tipc: Resetting bearer <eth:syzkaller0>
[  812.738058][T15737] tipc: Resetting bearer <eth:syzkaller0>
[  815.534539][T15737] tipc: Disabling bearer <eth:syzkaller0>
[  815.585066][T15758] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  817.781774][T15805] syzkaller0: entered promiscuous mode
[  817.801763][T15805] syzkaller0: entered allmulticast mode
[  819.971773][T13529] Bluetooth: hci4: command 0x0c1a tx timeout
[  820.987786][ T5137] udevd[5137]: worker [7447] /devices/virtual/block/nbd1 timeout; kill it
[  821.000761][ T5137] udevd[5137]: seq 13152 '/devices/virtual/block/nbd1' killed
[  821.882991][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 480 seconds
[  822.671310][T15828] loop1: detected capacity change from 0 to 32768
[  822.727126][T15828] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.2894 (15828)
[  822.767050][T15828] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  822.796283][T15828] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  822.818123][T15828] BTRFS info (device loop1): metadata ratio 0
[  822.836442][T15828] BTRFS info (device loop1): using free space tree
[  822.995610][T15828] BTRFS info (device loop1): enabling ssd optimizations
[  823.020972][T15828] BTRFS info (device loop1): auto enabling async discard
[  823.161589][   T28] audit: type=1800 audit(1777490866.097:12): pid=15828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2894" name="bus" dev="loop1" ino=263 res=0 errno=0
[  823.675564][T14266] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  826.394569][T15815] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  826.436936][T15816] syzkaller0: entered promiscuous mode
[  826.443709][T15816] syzkaller0: entered allmulticast mode
[  826.450046][T15816] tipc: Resetting bearer <eth:syzkaller0>
[  826.458006][T15809] tipc: Resetting bearer <eth:syzkaller0>
[  829.193186][T15809] tipc: Disabling bearer <eth:syzkaller0>
[  832.622410][T15159] Bluetooth: hci1: command 0x0c1a tx timeout
[  832.833950][T15877] syzkaller0: entered promiscuous mode
[  832.839571][T15877] syzkaller0: entered allmulticast mode
[  832.953002][T15893] can: request_module (can-proto-4) failed.
[  833.033082][T15901] loop0: detected capacity change from 0 to 128
[  833.361747][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  833.771823][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  838.089119][T15911] loop3: detected capacity change from 0 to 32768
[  840.590943][T15912] syz_tun: entered allmulticast mode
[  840.656535][T15920] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  840.822762][T15926] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  840.831014][T15926] team0: Device macvlan2 is up. Set it down before adding it as a team port
[  841.071046][T15159] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  841.081494][T15159] CPU: 1 PID: 15159 Comm: kworker/u5:3 Not tainted syzkaller #0
[  841.089360][T15159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  841.099461][T15159] Workqueue: hci4 hci_rx_work
[  841.104171][T15159] Call Trace:
[  841.107558][T15159]  <TASK>
[  841.110496][T15159]  dump_stack_lvl+0x18c/0x250
[  841.115187][T15159]  ? show_regs_print_info+0x20/0x20
[  841.120481][T15159]  ? load_image+0x420/0x420
[  841.125032][T15159]  sysfs_create_dir_ns+0x26e/0x2a0
[  841.130196][T15159]  ? sysfs_warn_dup+0xa0/0xa0
[  841.134932][T15159]  ? do_raw_spin_unlock+0x121/0x230
[  841.140300][T15159]  kobject_add_internal+0x61c/0xcc0
[  841.145648][T15159]  kobject_add+0x164/0x240
[  841.150101][T15159]  ? kobject_init+0x1e0/0x1e0
[  841.154898][T15159]  ? _raw_spin_unlock+0x3a/0x40
[  841.159799][T15159]  ? get_device_parent+0x366/0x390
[  841.165072][T15159]  device_add+0x408/0xc20
[  841.169511][T15159]  hci_conn_add_sysfs+0xd5/0x1e0
[  841.174480][T15159]  le_conn_complete_evt+0xf5d/0x1540
[  841.179796][T15159]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  841.186232][T15159]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  841.191977][T15159]  ? skb_pull_data+0xfb/0x200
[  841.196682][T15159]  hci_le_conn_complete_evt+0x187/0x440
[  841.202349][T15159]  ? hci_remote_host_features_evt+0x150/0x150
[  841.208540][T15159]  hci_event_packet+0x7ba/0x1270
[  841.213521][T15159]  ? bis_list+0x290/0x290
[  841.217900][T15159]  ? kcov_remote_start+0x2b/0x7e0
[  841.222981][T15159]  ? hci_send_to_monitor+0xd7/0x4f0
[  841.228295][T15159]  hci_rx_work+0x43a/0xd60
[  841.232752][T15159]  ? process_scheduled_works+0x96f/0x15d0
[  841.238507][T15159]  process_scheduled_works+0xa5d/0x15d0
[  841.244105][T15159]  ? worker_attach_to_pool+0x380/0x380
[  841.249705][T15159]  ? assign_work+0x3d2/0x5d0
[  841.254332][T15159]  worker_thread+0xa55/0xfc0
[  841.259074][T15159]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  841.265158][T15159]  ? _raw_spin_unlock+0x40/0x40
[  841.270022][T15159]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  841.275938][T15159]  kthread+0x2fa/0x390
[  841.280121][T15159]  ? pr_cont_work+0x560/0x560
[  841.284906][T15159]  ? kthread_blkcg+0xd0/0xd0
[  841.289589][T15159]  ret_from_fork+0x48/0x80
[  841.294032][T15159]  ? kthread_blkcg+0xd0/0xd0
[  841.298641][T15159]  ret_from_fork_asm+0x11/0x20
[  841.303446][T15159]  </TASK>
[  841.365944][T15159] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  841.385877][T15159] Bluetooth: hci4: failed to register connection device
[  843.411833][T15159] Bluetooth: hci4: command 0x0c1a tx timeout
[  843.802021][T15934] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  843.855755][T15941] syzkaller0: entered promiscuous mode
[  843.894760][T15941] syzkaller0: entered allmulticast mode
[  844.074897][T15948] loop0: detected capacity change from 0 to 1024
[  844.092128][T15941] tipc: Resetting bearer <eth:syzkaller0>
[  844.102952][T15948] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  844.159857][T15948] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  844.174827][T15941] tipc: Disabling bearer <eth:syzkaller0>
[  844.267222][T15956] loop3: detected capacity change from 0 to 128
[  845.116169][   T28] audit: type=1800 audit(1777490888.037:13): pid=15948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2921" name="file1" dev="loop0" ino=15 res=0 errno=0
[  845.224847][T14696] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  846.815632][T15969] syzkaller0: entered promiscuous mode
[  846.847066][T15969] syzkaller0: entered allmulticast mode
[  847.222164][T15975] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  847.357898][T15975] syzkaller0: entered promiscuous mode
[  847.383715][T15975] syzkaller0: entered allmulticast mode
[  847.399282][T15975] tipc: Resetting bearer <eth:syzkaller0>
[  847.418267][T15973] tipc: Resetting bearer <eth:syzkaller0>
[  847.487538][T15159] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[  847.515781][T15159] CPU: 0 PID: 15159 Comm: kworker/u5:3 Not tainted syzkaller #0
[  847.523468][T15159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  847.533570][T15159] Workqueue: hci1 hci_rx_work
[  847.538453][T15159] Call Trace:
[  847.541775][T15159]  <TASK>
[  847.544714][T15159]  dump_stack_lvl+0x18c/0x250
[  847.549416][T15159]  ? show_regs_print_info+0x20/0x20
[  847.554808][T15159]  ? load_image+0x420/0x420
[  847.559328][T15159]  sysfs_create_dir_ns+0x26e/0x2a0
[  847.564456][T15159]  ? sysfs_warn_dup+0xa0/0xa0
[  847.569316][T15159]  ? do_raw_spin_unlock+0x121/0x230
[  847.574704][T15159]  kobject_add_internal+0x61c/0xcc0
[  847.579920][T15159]  kobject_add+0x164/0x240
[  847.584348][T15159]  ? __rwlock_init+0x150/0x150
[  847.589178][T15159]  ? kobject_init+0x1e0/0x1e0
[  847.593865][T15159]  ? _raw_spin_unlock+0x28/0x40
[  847.598936][T15159]  ? get_device_parent+0x366/0x390
[  847.604083][T15159]  device_add+0x408/0xc20
[  847.608464][T15159]  hci_conn_add_sysfs+0xd5/0x1e0
[  847.613438][T15159]  le_conn_complete_evt+0xf5d/0x1540
[  847.618855][T15159]  ? hci_event_packet+0x4cb/0x1270
[  847.624086][T15159]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  847.630366][T15159]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  847.636034][T15159]  ? skb_pull_data+0xfb/0x200
[  847.640836][T15159]  hci_le_conn_complete_evt+0x187/0x440
[  847.646410][T15159]  ? hci_remote_host_features_evt+0x150/0x150
[  847.652502][T15159]  hci_event_packet+0x7ba/0x1270
[  847.657558][T15159]  ? bis_list+0x290/0x290
[  847.662008][T15159]  ? lockdep_hardirqs_on+0x98/0x150
[  847.667250][T15159]  ? hci_send_to_monitor+0xd7/0x4f0
[  847.672470][T15159]  hci_rx_work+0x43a/0xd60
[  847.677017][T15159]  ? process_scheduled_works+0x96f/0x15d0
[  847.682757][T15159]  process_scheduled_works+0xa5d/0x15d0
[  847.688437][T15159]  ? worker_attach_to_pool+0x380/0x380
[  847.693931][T15159]  ? assign_work+0x3d2/0x5d0
[  847.698552][T15159]  worker_thread+0xa55/0xfc0
[  847.703209][T15159]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  847.709124][T15159]  ? _raw_spin_unlock+0x40/0x40
[  847.714000][T15159]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  847.719930][T15159]  kthread+0x2fa/0x390
[  847.724019][T15159]  ? pr_cont_work+0x560/0x560
[  847.728722][T15159]  ? kthread_blkcg+0xd0/0xd0
[  847.733334][T15159]  ret_from_fork+0x48/0x80
[  847.738224][T15159]  ? kthread_blkcg+0xd0/0xd0
[  847.743356][T15159]  ret_from_fork_asm+0x11/0x20
[  847.748347][T15159]  </TASK>
[  849.735974][T15159] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  849.751718][T15159] Bluetooth: hci1: failed to register connection device
[  851.817991][T15159] Bluetooth: hci1: command 0x0c1a tx timeout
[  852.542308][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 510 seconds
[  852.830494][T15973] tipc: Disabling bearer <eth:syzkaller0>
[  852.839237][T15987] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2924'.
[  853.638944][T13615] IPVS: starting estimator thread 0...
[  855.102780][T16015] IPVS: using max 15 ests per chain, 36000 per kthread
[  856.107716][T16033] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2934'.
[  856.128338][T16033] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2934'.
[  856.243653][T15159] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0'
[  856.275472][T15159] CPU: 0 PID: 15159 Comm: kworker/u5:3 Not tainted syzkaller #0
[  856.283369][T15159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  856.293556][T15159] Workqueue: hci2 hci_rx_work
[  856.298391][T15159] Call Trace:
[  856.301723][T15159]  <TASK>
[  856.304692][T15159]  dump_stack_lvl+0x18c/0x250
[  856.309431][T15159]  ? show_regs_print_info+0x20/0x20
[  856.314683][T15159]  ? load_image+0x420/0x420
[  856.319254][T15159]  sysfs_create_dir_ns+0x26e/0x2a0
[  856.324502][T15159]  ? sysfs_warn_dup+0xa0/0xa0
[  856.329241][T15159]  ? do_raw_spin_unlock+0x121/0x230
[  856.334595][T15159]  kobject_add_internal+0x61c/0xcc0
[  856.339933][T15159]  kobject_add+0x164/0x240
[  856.344414][T15159]  ? __rwlock_init+0x150/0x150
[  856.349237][T15159]  ? kobject_init+0x1e0/0x1e0
[  856.353969][T15159]  ? _raw_spin_unlock+0x28/0x40
[  856.358970][T15159]  ? get_device_parent+0x366/0x390
[  856.364145][T15159]  device_add+0x408/0xc20
[  856.368632][T15159]  hci_conn_add_sysfs+0xd5/0x1e0
[  856.373799][T15159]  le_conn_complete_evt+0xf5d/0x1540
[  856.379317][T15159]  ? hci_event_packet+0x4cb/0x1270
[  856.384513][T15159]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  856.390814][T15159]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  856.396508][T15159]  ? skb_pull_data+0xfb/0x200
[  856.401254][T15159]  hci_le_conn_complete_evt+0x187/0x440
[  856.406947][T15159]  ? hci_remote_host_features_evt+0x150/0x150
[  856.413091][T15159]  hci_event_packet+0x7ba/0x1270
[  856.418111][T15159]  ? bis_list+0x290/0x290
[  856.422763][T15159]  ? lockdep_hardirqs_on+0x98/0x150
[  856.428023][T15159]  ? hci_send_to_monitor+0xd7/0x4f0
[  856.433286][T15159]  hci_rx_work+0x43a/0xd60
[  856.437798][T15159]  ? process_scheduled_works+0x96f/0x15d0
[  856.443814][T15159]  process_scheduled_works+0xa5d/0x15d0
[  856.449560][T15159]  ? worker_attach_to_pool+0x380/0x380
[  856.455179][T15159]  ? assign_work+0x3d2/0x5d0
[  856.459833][T15159]  worker_thread+0xa55/0xfc0
[  856.464580][T15159]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  856.470532][T15159]  ? _raw_spin_unlock+0x40/0x40
[  856.475608][T15159]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  856.481585][T15159]  kthread+0x2fa/0x390
[  856.485794][T15159]  ? pr_cont_work+0x560/0x560
[  856.490694][T15159]  ? kthread_blkcg+0xd0/0xd0
[  856.495345][T15159]  ret_from_fork+0x48/0x80
[  856.499817][T15159]  ? kthread_blkcg+0xd0/0xd0
[  856.504463][T15159]  ret_from_fork_asm+0x11/0x20
[  856.509314][T15159]  </TASK>
[  856.521771][T15159] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  856.536230][T15159] Bluetooth: hci2: failed to register connection device
[  858.622542][T15159] Bluetooth: hci2: command 0x0c1a tx timeout
[  860.075953][T16047] syzkaller0: entered promiscuous mode
[  860.096419][T16047] syzkaller0: entered allmulticast mode
[  862.454762][T16077] trusted_key: encrypted_key: master key parameter 'defaul' is invalid
[  862.527592][T16077] loop0: detected capacity change from 0 to 4096
[  865.390709][T16083] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2946'.
[  865.400020][T16083] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2946'.
[  865.499577][T16056] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  865.525708][T16056] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  865.553606][T16056] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  865.565617][T16056] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  865.582279][T16056] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  865.594938][T16056] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  865.609347][T16056] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  865.620272][T16056] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  865.628796][T16056] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  867.552657][T16056] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  867.581844][T15159] Bluetooth: hci2: command 0x0c1a tx timeout
[  867.587926][T15159] Bluetooth: hci4: command 0x0c1a tx timeout
[  867.651734][T13529] Bluetooth: hci0: command 0x0c1a tx timeout
[  867.657863][T15159] Bluetooth: hci1: command 0x0c1a tx timeout
[  869.073589][T16099] loop2: detected capacity change from 0 to 128
[  869.752426][T15159] Bluetooth: hci4: command 0x0c1a tx timeout
[  869.758622][T15159] Bluetooth: hci2: command 0x0c1a tx timeout
[  869.764888][T13529] Bluetooth: hci1: command 0x0c1a tx timeout
[  870.465915][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  870.473512][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  870.477236][T16118] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2955'.
[  870.489958][T16118] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2955'.
[  870.523861][T16116] syzkaller0: entered promiscuous mode
[  870.534666][T16120] loop3: detected capacity change from 0 to 16
[  870.564112][T16116] syzkaller0: entered allmulticast mode
[  870.588514][T16120] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  871.208976][T16112] loop1: detected capacity change from 0 to 32768
[  871.811806][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  871.818250][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  871.824653][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  873.891839][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  875.333363][T16146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2966'.
[  875.342850][T16146] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2966'.
[  875.713620][T16152] syzkaller0: entered promiscuous mode
[  875.719543][T16152] syzkaller0: entered allmulticast mode
[  875.904727][T16160] loop3: detected capacity change from 0 to 1024
[  876.109325][T16165] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2975'.
[  876.129039][T16165] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2975'.
[  876.392859][T16175] loop2: detected capacity change from 0 to 16
[  876.417986][T16174] loop0: detected capacity change from 0 to 4096
[  876.481969][T16175] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  877.011676][T13529] Bluetooth: hci0: command 0x0c1a tx timeout
[  877.123904][T16179] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  877.582062][   T51] Bluetooth: hci1: Opcode 0x206a failed: -110
[  877.590141][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  877.914949][   T28] audit: type=1800 audit(1777490920.857:14): pid=16181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2976" name="file1" dev="loop0" ino=15 res=0 errno=0
[  878.119312][T13529] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  878.129175][T13529] CPU: 0 PID: 13529 Comm: kworker/u5:2 Not tainted syzkaller #0
[  878.136865][T13529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  878.147064][T13529] Workqueue: hci4 hci_rx_work
[  878.151810][T13529] Call Trace:
[  878.155214][T13529]  <TASK>
[  878.158180][T13529]  dump_stack_lvl+0x18c/0x250
[  878.162919][T13529]  ? show_regs_print_info+0x20/0x20
[  878.168170][T13529]  ? load_image+0x420/0x420
[  878.172923][T13529]  sysfs_create_dir_ns+0x26e/0x2a0
[  878.178087][T13529]  ? sysfs_warn_dup+0xa0/0xa0
[  878.182817][T13529]  ? do_raw_spin_unlock+0x121/0x230
[  878.188080][T13529]  kobject_add_internal+0x61c/0xcc0
[  878.193337][T13529]  kobject_add+0x164/0x240
[  878.197800][T13529]  ? __rwlock_init+0x150/0x150
[  878.202650][T13529]  ? kobject_init+0x1e0/0x1e0
[  878.207633][T13529]  ? _raw_spin_unlock+0x28/0x40
[  878.212627][T13529]  ? get_device_parent+0x366/0x390
[  878.217810][T13529]  device_add+0x408/0xc20
[  878.222207][T13529]  hci_conn_add_sysfs+0xd5/0x1e0
[  878.227279][T13529]  le_conn_complete_evt+0xf5d/0x1540
[  878.232609][T13529]  ? hci_event_packet+0x4cb/0x1270
[  878.237782][T13529]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  878.244076][T13529]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  878.249792][T13529]  ? skb_pull_data+0xfb/0x200
[  878.254524][T13529]  hci_le_conn_complete_evt+0x187/0x440
[  878.260120][T13529]  ? hci_remote_host_features_evt+0x150/0x150
[  878.266329][T13529]  hci_event_packet+0x7ba/0x1270
[  878.271503][T13529]  ? bis_list+0x290/0x290
[  878.275898][T13529]  ? lockdep_hardirqs_on+0x98/0x150
[  878.281148][T13529]  ? hci_send_to_monitor+0xd7/0x4f0
[  878.286394][T13529]  hci_rx_work+0x43a/0xd60
[  878.290896][T13529]  ? process_scheduled_works+0x96f/0x15d0
[  878.296660][T13529]  process_scheduled_works+0xa5d/0x15d0
[  878.302287][T13529]  ? worker_attach_to_pool+0x380/0x380
[  878.307808][T13529]  ? assign_work+0x3d2/0x5d0
[  878.312545][T13529]  worker_thread+0xa55/0xfc0
[  878.317272][T13529]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  878.323402][T13529]  ? _raw_spin_unlock+0x40/0x40
[  878.328407][T13529]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  878.334463][T13529]  kthread+0x2fa/0x390
[  878.338574][T13529]  ? pr_cont_work+0x560/0x560
[  878.343554][T13529]  ? kthread_blkcg+0xd0/0xd0
[  878.348360][T13529]  ret_from_fork+0x48/0x80
[  878.352820][T13529]  ? kthread_blkcg+0xd0/0xd0
[  878.357452][T13529]  ret_from_fork_asm+0x11/0x20
[  878.362281][T13529]  </TASK>
[  878.381824][T13529] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  878.396700][T13529] Bluetooth: hci4: failed to register connection device
[  880.453261][T13529] Bluetooth: hci4: command 0x0c1a tx timeout
[  882.304794][T16202] syzkaller0: entered promiscuous mode
[  882.338080][T16202] syzkaller0: entered allmulticast mode
[  882.356128][T16204] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2986'.
[  882.374824][T16204] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2986'.
[  882.674305][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 540 seconds
[  882.690494][T16210] Process accounting resumed
[  885.011632][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  887.926080][T16247] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2997'.
[  888.129986][T16254] syzkaller0: entered promiscuous mode
[  888.135813][T16254] syzkaller0: entered allmulticast mode
[  888.147688][T16255] loop2: detected capacity change from 0 to 128
[  888.526328][T16252] Process accounting resumed
[  888.763406][   T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[  888.773489][   T51] CPU: 1 PID: 51 Comm: kworker/u5:0 Not tainted syzkaller #0
[  888.780978][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  888.791167][   T51] Workqueue: hci1 hci_rx_work
[  888.795874][   T51] Call Trace:
[  888.799174][   T51]  <TASK>
[  888.802117][   T51]  dump_stack_lvl+0x18c/0x250
[  888.806847][   T51]  ? show_regs_print_info+0x20/0x20
[  888.812077][   T51]  ? load_image+0x420/0x420
[  888.816662][   T51]  sysfs_create_dir_ns+0x26e/0x2a0
[  888.821790][   T51]  ? sysfs_warn_dup+0xa0/0xa0
[  888.826494][   T51]  ? do_raw_spin_unlock+0x121/0x230
[  888.831737][   T51]  kobject_add_internal+0x61c/0xcc0
[  888.837015][   T51]  kobject_add+0x164/0x240
[  888.841491][   T51]  ? __rwlock_init+0x150/0x150
[  888.846296][   T51]  ? kobject_init+0x1e0/0x1e0
[  888.851073][   T51]  ? _raw_spin_unlock+0x28/0x40
[  888.855941][   T51]  ? get_device_parent+0x366/0x390
[  888.861108][   T51]  device_add+0x408/0xc20
[  888.865473][   T51]  hci_conn_add_sysfs+0xd5/0x1e0
[  888.870464][   T51]  le_conn_complete_evt+0xf5d/0x1540
[  888.875764][   T51]  ? hci_event_packet+0x4cb/0x1270
[  888.880968][   T51]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  888.887451][   T51]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  888.893208][   T51]  ? skb_pull_data+0xfb/0x200
[  888.897899][   T51]  hci_le_conn_complete_evt+0x187/0x440
[  888.903456][   T51]  ? hci_remote_host_features_evt+0x150/0x150
[  888.909533][   T51]  hci_event_packet+0x7ba/0x1270
[  888.914510][   T51]  ? bis_list+0x290/0x290
[  888.918863][   T51]  ? lockdep_hardirqs_on+0x98/0x150
[  888.924069][   T51]  ? hci_send_to_monitor+0xd7/0x4f0
[  888.929379][   T51]  hci_rx_work+0x43a/0xd60
[  888.933815][   T51]  ? process_scheduled_works+0x96f/0x15d0
[  888.939717][   T51]  process_scheduled_works+0xa5d/0x15d0
[  888.945302][   T51]  ? worker_attach_to_pool+0x380/0x380
[  888.950790][   T51]  ? assign_work+0x3d2/0x5d0
[  888.955404][   T51]  worker_thread+0xa55/0xfc0
[  888.960025][   T51]  kthread+0x2fa/0x390
[  888.964116][   T51]  ? pr_cont_work+0x560/0x560
[  888.968830][   T51]  ? kthread_blkcg+0xd0/0xd0
[  888.973434][   T51]  ret_from_fork+0x48/0x80
[  888.977859][   T51]  ? kthread_blkcg+0xd0/0xd0
[  888.982458][   T51]  ret_from_fork_asm+0x11/0x20
[  888.987330][   T51]  </TASK>
[  889.144623][   T51] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  889.164815][   T51] Bluetooth: hci1: failed to register connection device
[  891.362370][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  891.774900][T16268] syzkaller0: entered promiscuous mode
[  891.901751][T16268] syzkaller0: entered allmulticast mode
[  892.297562][T16281] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3008'.
[  892.316409][T16280] Process accounting resumed
[  892.522034][T16284] syzkaller0: entered promiscuous mode
[  892.535820][T16291] loop2: detected capacity change from 0 to 128
[  892.568142][T16284] syzkaller0: entered allmulticast mode
[  892.902060][T16288] loop3: detected capacity change from 0 to 4096
[  892.922236][T16288] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  893.134781][   T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  893.145181][   T51] CPU: 0 PID: 51 Comm: kworker/u5:0 Not tainted syzkaller #0
[  893.152605][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  893.162812][   T51] Workqueue: hci0 hci_rx_work
[  893.167556][   T51] Call Trace:
[  893.170890][   T51]  <TASK>
[  893.173880][   T51]  dump_stack_lvl+0x18c/0x250
[  893.178667][   T51]  ? show_regs_print_info+0x20/0x20
[  893.183914][   T51]  ? load_image+0x420/0x420
[  893.188595][   T51]  sysfs_create_dir_ns+0x26e/0x2a0
[  893.193746][   T51]  ? sysfs_warn_dup+0xa0/0xa0
[  893.198441][   T51]  ? do_raw_spin_unlock+0x121/0x230
[  893.203680][   T51]  kobject_add_internal+0x61c/0xcc0
[  893.208951][   T51]  kobject_add+0x164/0x240
[  893.213822][   T51]  ? __rwlock_init+0x150/0x150
[  893.218606][   T51]  ? kobject_init+0x1e0/0x1e0
[  893.223297][   T51]  ? _raw_spin_unlock+0x28/0x40
[  893.228183][   T51]  ? get_device_parent+0x366/0x390
[  893.233423][   T51]  device_add+0x408/0xc20
[  893.237766][   T51]  hci_conn_add_sysfs+0xd5/0x1e0
[  893.242896][   T51]  le_conn_complete_evt+0xf5d/0x1540
[  893.248356][   T51]  ? hci_event_packet+0x4cb/0x1270
[  893.253568][   T51]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  893.259819][   T51]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  893.265565][   T51]  ? skb_pull_data+0xfb/0x200
[  893.270301][   T51]  hci_le_conn_complete_evt+0x187/0x440
[  893.275884][   T51]  ? hci_remote_host_features_evt+0x150/0x150
[  893.282151][   T51]  hci_event_packet+0x7ba/0x1270
[  893.287201][   T51]  ? bis_list+0x290/0x290
[  893.291600][   T51]  ? lockdep_hardirqs_on+0x98/0x150
[  893.296822][   T51]  ? hci_send_to_monitor+0xd7/0x4f0
[  893.302074][   T51]  hci_rx_work+0x43a/0xd60
[  893.306522][   T51]  ? process_scheduled_works+0x96f/0x15d0
[  893.312254][   T51]  process_scheduled_works+0xa5d/0x15d0
[  893.318118][   T51]  ? worker_attach_to_pool+0x380/0x380
[  893.323676][   T51]  ? assign_work+0x3d2/0x5d0
[  893.328283][   T51]  worker_thread+0xa55/0xfc0
[  893.332902][   T51]  kthread+0x2fa/0x390
[  893.336980][   T51]  ? pr_cont_work+0x560/0x560
[  893.341759][   T51]  ? kthread_blkcg+0xd0/0xd0
[  893.346349][   T51]  ret_from_fork+0x48/0x80
[  893.350770][   T51]  ? kthread_blkcg+0xd0/0xd0
[  893.355395][   T51]  ret_from_fork_asm+0x11/0x20
[  893.360374][   T51]  </TASK>
[  893.433508][   T51] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  893.451154][   T51] Bluetooth: hci0: failed to register connection device
[  893.827048][T16305] syzkaller0: entered promiscuous mode
[  893.832760][T16305] syzkaller0: entered allmulticast mode
[  893.993991][T16310] loop0: detected capacity change from 0 to 1024
[  895.013815][ T9575] hfsplus: b-tree write err: -5, ino 25
[  895.069885][ T9575] hfsplus: b-tree write err: -5, ino 4
[  895.098521][ T9575] hfsplus: b-tree write err: -5, ino 2
[  895.284704][T16303] loop3: detected capacity change from 0 to 32768
[  895.296789][T16303] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.3016 (16303)
[  895.374803][T16318] loop1: detected capacity change from 0 to 128
[  895.492037][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  895.557945][T16318] veth1_macvtap: left promiscuous mode
[  895.564033][T16318] macsec0: entered promiscuous mode
[  895.999935][T16320] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3021'.
[  896.058906][T16303] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  896.117047][T16303] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  896.129468][T16303] BTRFS info (device loop3): metadata ratio 0
[  896.150562][T16303] BTRFS info (device loop3): using free space tree
[  896.592220][T16303] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  896.691380][T16340] loop1: detected capacity change from 0 to 128
[  896.929994][T16303] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  897.277688][T16303] BTRFS error (device loop3): open_ctree failed: -12
[  897.517419][T16346] loop2: detected capacity change from 0 to 256
[  897.532804][T16347] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  897.545294][T16347] syzkaller0: entered promiscuous mode
[  897.551014][T16347] syzkaller0: entered allmulticast mode
[  897.682802][T16346] FAT-fs (loop2): Directory bread(block 64) failed
[  897.717858][T16354] syz_tun: entered allmulticast mode
[  897.739596][T16346] FAT-fs (loop2): Directory bread(block 65) failed
[  897.772101][T16346] FAT-fs (loop2): Directory bread(block 66) failed
[  897.778722][T16346] FAT-fs (loop2): Directory bread(block 67) failed
[  897.798669][T16346] FAT-fs (loop2): Directory bread(block 68) failed
[  897.841872][T16346] FAT-fs (loop2): Directory bread(block 69) failed
[  897.848596][T16346] FAT-fs (loop2): Directory bread(block 70) failed
[  897.866915][T16346] FAT-fs (loop2): Directory bread(block 71) failed
[  897.880595][T16350] syz_tun: left allmulticast mode
[  897.908197][T16346] FAT-fs (loop2): Directory bread(block 72) failed
[  897.921629][T16346] FAT-fs (loop2): Directory bread(block 73) failed
[  898.142305][T16356] loop0: detected capacity change from 0 to 1024
[  900.516475][T16368] netlink: 'syz.2.3033': attribute type 15 has an invalid length.
[  900.560981][T16368] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3033'.
[  900.647482][ T9573] hfsplus: b-tree write err: -5, ino 25
[  900.682069][ T9573] hfsplus: b-tree write err: -5, ino 4
[  900.687892][ T9573] hfsplus: b-tree write err: -5, ino 2
[  900.735730][T16372] syzkaller0: entered promiscuous mode
[  900.751580][T16372] syzkaller0: entered allmulticast mode
[  901.133851][   T28] audit: type=1326 audit(1777490943.987:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  901.796902][   T28] audit: type=1326 audit(1777490943.997:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  901.824110][   T28] audit: type=1326 audit(1777490943.997:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  901.849064][   T28] audit: type=1326 audit(1777490943.997:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  901.941041][   T28] audit: type=1326 audit(1777490943.997:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  901.998061][   T28] audit: type=1326 audit(1777490943.997:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  902.104710][   T28] audit: type=1326 audit(1777490943.997:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  902.211700][   T28] audit: type=1326 audit(1777490943.997:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  902.309628][   T28] audit: type=1326 audit(1777490943.997:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16369 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbd41f9cdd9 code=0x7ffc0000
[  902.393771][T16387] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  902.419491][T16387] syzkaller0: entered promiscuous mode
[  902.431625][T16387] syzkaller0: entered allmulticast mode
[  902.470589][   T51] Bluetooth: hci0: unexpected event for opcode 0x000c
[  902.485235][T16390] syz.1.3041 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  902.499010][T16376] loop2: detected capacity change from 0 to 32768
[  902.512757][T16376] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.3037 (16376)
[  902.538798][T16376] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  902.549608][T16376] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  902.559710][T16376] BTRFS info (device loop2): metadata ratio 0
[  902.586527][T16376] BTRFS info (device loop2): using free space tree
[  902.611074][T16393] loop0: detected capacity change from 0 to 256
[  902.681284][T16398] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3041'.
[  902.816990][T16393] exfat: Deprecated parameter 'utf8'
[  903.034074][T16393] exfat: Deprecated parameter 'utf8'
[  903.131473][T16393] exfat: Deprecated parameter 'utf8'
[  903.263163][T16393] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xc70f51ff, utbl_chksum : 0xe619d30d)
[  903.288048][T16376] BTRFS info (device loop2): enabling ssd optimizations
[  903.329178][T16376] BTRFS info (device loop2): auto enabling async discard
[  903.545763][T14000] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  903.608527][T16416] netlink: 'syz.3.3045': attribute type 15 has an invalid length.
[  903.637065][T16416] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3045'.
[  904.036035][T16423] syzkaller0: entered promiscuous mode
[  904.051600][T16423] syzkaller0: entered allmulticast mode
[  904.344653][T16431] syz_tun: entered allmulticast mode
[  904.359864][T16429] syz_tun: left allmulticast mode
[  904.538851][T16435] loop0: detected capacity change from 0 to 256
[  904.565230][T16435] exfat: Deprecated parameter 'utf8'
[  904.582424][T16435] exfat: Deprecated parameter 'utf8'
[  904.588153][T16435] exfat: Deprecated parameter 'utf8'
[  904.621222][T16436] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  904.635810][T16436] syzkaller0: entered promiscuous mode
[  904.641463][T16436] syzkaller0: entered allmulticast mode
[  904.721645][T16435] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xc70f51ff, utbl_chksum : 0xe619d30d)
[  905.605801][T16444] netlink: 'syz.1.3056': attribute type 15 has an invalid length.
[  905.624938][T16444] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3056'.
[  905.786237][T16449] loop0: detected capacity change from 0 to 8
[  906.660379][T16439] loop3: detected capacity change from 0 to 32768
[  906.677529][T16439] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.3054 (16439)
[  906.717696][T16439] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  906.757836][T16439] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  906.804816][T16439] BTRFS info (device loop3): metadata ratio 0
[  906.833973][T16439] BTRFS info (device loop3): using free space tree
[  906.870851][T16459] syzkaller0: entered promiscuous mode
[  906.878431][T16459] syzkaller0: entered allmulticast mode
[  906.952396][T16439] BTRFS info (device loop3): enabling ssd optimizations
[  906.959531][T16439] BTRFS info (device loop3): auto enabling async discard
[  907.079646][T13527] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  907.304151][T16479] syz_tun: entered allmulticast mode
[  907.327550][T16482] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  907.392400][T16472] syz_tun: left allmulticast mode
[  907.591973][T16484] syzkaller0: entered promiscuous mode
[  907.597721][T16484] syzkaller0: entered allmulticast mode
[  908.277034][T16495] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3067'.
[  908.767790][T16506] loop0: detected capacity change from 0 to 8
[  909.631401][T16512] syzkaller0: entered promiscuous mode
[  909.637173][T16512] syzkaller0: entered allmulticast mode
[  911.122008][T16517] syz_tun: entered allmulticast mode
[  911.132051][T16517] syz_tun: left allmulticast mode
[  911.137862][T16520] syz_tun: entered allmulticast mode
[  911.331338][T16530] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3078'.
[  911.345873][T16514] loop1: detected capacity change from 0 to 32768
[  911.379265][T16533] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  911.391429][T16514] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.3073 (16514)
[  911.406665][T16533] syzkaller0: entered promiscuous mode
[  911.415485][T16533] syzkaller0: entered allmulticast mode
[  911.468973][T16514] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  911.516650][T16514] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  911.561826][T16514] BTRFS info (device loop1): metadata ratio 0
[  911.571837][T16514] BTRFS info (device loop1): using free space tree
[  911.733069][T16553] loop3: detected capacity change from 0 to 8
[  911.965182][T16514] BTRFS info (device loop1): enabling ssd optimizations
[  912.053789][T16514] BTRFS info (device loop1): auto enabling async discard
[  912.611317][T14266] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  912.696786][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 570 seconds
[  913.670134][T16576] syzkaller0: entered promiscuous mode
[  913.701725][T16576] syzkaller0: entered allmulticast mode
[  914.116702][T16584] kvm: pic: non byte read
[  914.125853][T16584] kvm: pic: non byte read
[  914.130806][T16584] kvm: pic: non byte read
[  914.139147][T16584] kvm: pic: non byte read
[  914.148845][T16584] kvm: pic: non byte read
[  914.153517][T16584] kvm: pic: non byte read
[  914.169680][T16584] kvm: pic: non byte read
[  914.178916][T16584] kvm: pic: non byte read
[  914.190125][T16584] kvm: pic: non byte read
[  914.213916][T16584] kvm: pic: non byte read
[  914.471093][T16588] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  914.507026][T16588] syzkaller0: entered promiscuous mode
[  914.522258][T16588] syzkaller0: entered allmulticast mode
[  914.556995][T16590] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3093'.
[  914.595032][T16590] QAT: Device 127 not found
[  916.482242][T16596] loop3: detected capacity change from 0 to 8
[  916.735508][T16594] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  918.681865][T16611] syzkaller0: entered promiscuous mode
[  918.695864][T16611] syzkaller0: entered allmulticast mode
[  918.902067][T16615] netlink: 'syz.3.3102': attribute type 1 has an invalid length.
[  919.040437][T16616] bond1: (slave bridge1): making interface the new active one
[  919.095775][T16616] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  919.130147][T16619] macvlan4: entered promiscuous mode
[  919.136023][T16619] macvlan4: entered allmulticast mode
[  919.142667][T16619] bond1: entered promiscuous mode
[  919.147933][T16619] bridge1: entered promiscuous mode
[  919.155597][T16619] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  919.164166][T16619] bond1: (slave macvlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  919.217605][T16619] bond1: left promiscuous mode
[  919.250443][T16629] loop0: detected capacity change from 0 to 8
[  919.289778][T16619] bridge1: left promiscuous mode
[  919.961417][T16624] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  919.979185][T16628] syzkaller0: entered promiscuous mode
[  919.998004][T16628] syzkaller0: entered allmulticast mode
[  920.823747][T16643] syz_tun: entered allmulticast mode
[  921.163669][T16651] syzkaller0: entered promiscuous mode
[  921.178845][T16651] syzkaller0: entered allmulticast mode
[  921.208531][T16654] loop1: detected capacity change from 0 to 1024
[  922.236324][ T9577] hfsplus: b-tree write err: -5, ino 25
[  922.271907][ T9577] hfsplus: b-tree write err: -5, ino 4
[  922.277514][ T9577] hfsplus: b-tree write err: -5, ino 2
[  923.467621][T16662] trusted_key: encrypted_key: master key parameter 'defaul' is invalid
[  923.587957][T16665] loop1: detected capacity change from 0 to 8
[  925.218762][T16662] loop2: detected capacity change from 0 to 4096
[  925.225753][T16667] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  925.235835][T16667] syzkaller0: entered promiscuous mode
[  925.241747][T16667] syzkaller0: entered allmulticast mode
[  927.090241][ T5756] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  927.099690][T16684] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3123'.
[  927.265012][ T5756] usb 4-1: device descriptor read/64, error -71
[  927.281262][T16694] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3126'.
[  928.775882][T16697] loop1: detected capacity change from 0 to 8
[  928.966310][ T5756] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  929.065933][T16699] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  929.098560][T16699] syzkaller0: entered promiscuous mode
[  929.123326][T16699] syzkaller0: entered allmulticast mode
[  929.162300][ T5756] usb 4-1: device descriptor read/64, error -71
[  929.350709][ T5756] usb usb4-port1: attempt power cycle
[  929.351716][T16704] trusted_key: encrypted_key: master key parameter 'defaul' is invalid
[  929.896721][T16708] trusted_key: encrypted_key: master key parameter 'defaul' is invalid
[  929.936918][T16705] loop1: detected capacity change from 0 to 4096
[  930.857233][T16708] loop3: detected capacity change from 0 to 4096
[  931.382042][T16721] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3135'.
[  931.906097][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  931.912936][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  932.260982][T16734] loop0: detected capacity change from 0 to 8
[  933.634793][T16743] futex_wake_op: syz.0.3141 tries to shift op by 144; fix this program
[  934.611596][ T5756] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  934.826863][ T5756] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  934.861054][ T5756] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  934.891782][ T5756] usb 4-1: config 1 interface 0 has no altsetting 1
[  934.929566][ T5756] usb 4-1: New USB device found, idVendor=08b7, idProduct=8000, bcdDevice= 0.00
[  934.951015][ T5756] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  934.975703][ T5756] usb 4-1: SerialNumber: syz
[  935.175112][T16755] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3145'.
[  935.225229][T16756] loop0: detected capacity change from 0 to 16
[  935.257469][T16756] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  935.377585][T16737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  935.465245][T16737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  935.561783][ T5756] usb 4-1: 0:2 : does not exist
[  935.671739][ T5756] usb 4-1: USB disconnect, device number 11
[  936.089568][ T9956] udevd[9956]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  936.947603][T16768] loop0: detected capacity change from 0 to 8
[  938.595253][T16773] loop1: detected capacity change from 0 to 128
[  939.321571][T16787] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3154'.
[  940.140419][T16795] trusted_key: encrypted_key: master key parameter 'defaul' is invalid
[  940.348721][T16800] loop2: detected capacity change from 0 to 8
[  942.567187][T16795] loop0: detected capacity change from 0 to 4096
[  942.810733][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 600 seconds
[  942.879304][T16804] bridge0: port 3(erspan0) entered blocking state
[  942.964491][T16804] bridge0: port 3(erspan0) entered disabled state
[  943.012487][T16804] erspan0: entered allmulticast mode
[  943.053977][T16804] erspan0: entered promiscuous mode
[  943.072717][T16804] bridge0: port 3(erspan0) entered blocking state
[  943.079584][T16804] bridge0: port 3(erspan0) entered forwarding state
[  943.171419][T16807] erspan0: left allmulticast mode
[  943.198255][T16807] erspan0: left promiscuous mode
[  943.215546][T16807] bridge0: port 3(erspan0) entered disabled state
[  943.817063][T16820] loop2: detected capacity change from 0 to 128
[  946.120474][T16824] loop3: detected capacity change from 0 to 131072
[  946.157122][T16827] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3167'.
[  946.197839][T16824] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  946.208609][T16824] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  946.267274][T16824] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  946.312779][  T968] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  946.320061][  T968] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  946.503921][  T968] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 183ms
[  946.542707][T16832] loop1: detected capacity change from 0 to 256
[  946.553951][  T968] gfs2: fsid=syz:syz.0: jid=0: Done
[  946.572126][   T23] gfs2: fsid=syz:syz.0: jid=1: Trying to acquire journal glock...
[  946.598600][   T23] gfs2: fsid=syz:syz.0: jid=1: Looking at journal...
[  946.658735][   T23] gfs2: fsid=syz:syz.0: journal 1 mapped with 1 extents in 0ms
[  946.749903][T16832] FAT-fs (loop1): Directory bread(block 64) failed
[  946.757944][T16832] FAT-fs (loop1): Directory bread(block 65) failed
[  946.794920][T16832] FAT-fs (loop1): Directory bread(block 66) failed
[  946.818921][T16832] FAT-fs (loop1): Directory bread(block 67) failed
[  946.862367][T16832] FAT-fs (loop1): Directory bread(block 68) failed
[  946.901208][T16832] FAT-fs (loop1): Directory bread(block 69) failed
[  946.933274][T16832] FAT-fs (loop1): Directory bread(block 70) failed
[  946.940066][T16832] FAT-fs (loop1): Directory bread(block 71) failed
[  946.972000][T16832] FAT-fs (loop1): Directory bread(block 72) failed
[  946.991659][T16832] FAT-fs (loop1): Directory bread(block 73) failed
[  947.046821][   T23] gfs2: fsid=syz:syz.0: jid=1: Journal head lookup took 448ms
[  947.144161][   T23] gfs2: fsid=syz:syz.0: jid=1: Done
[  947.149777][T16824] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  947.164914][T16824] gfs2: fsid=syz:syz.0: can't create logd thread: -4
[  947.648992][T16838] loop1: detected capacity change from 0 to 256
[  947.677234][T16838] exfat: Deprecated parameter 'utf8'
[  947.696405][T16838] exfat: Deprecated parameter 'utf8'
[  947.720372][T16838] exfat: Deprecated parameter 'utf8'
[  947.762355][T16838] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xc70f51ff, utbl_chksum : 0xe619d30d)
[  947.995530][T16841] trusted_key: encrypted_key: master key parameter 'defaul' is invalid
[  948.185248][T16841] loop2: detected capacity change from 0 to 4096
[  948.715868][T16851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3174'.
[  948.789413][T16851] 8021q: adding VLAN 0 to HW filter on device bond1
[  948.838443][T16853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3174'.
[  948.891970][T16853] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3174'.
[  950.538117][T16866] loop3: detected capacity change from 0 to 8
[  953.023545][T16872] loop0: detected capacity change from 0 to 128
[  955.411025][T16896] loop2: detected capacity change from 0 to 512
[  955.447276][T16894] loop1: detected capacity change from 0 to 1024
[  955.470191][T16896] EXT4-fs (loop2): orphan cleanup on readonly fs
[  955.674144][T16896] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  956.380842][T16904] loop3: detected capacity change from 0 to 8
[  956.485221][T14898] hfsplus: b-tree write err: -5, ino 25
[  956.533924][T16896] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  956.578806][T14898] hfsplus: b-tree write err: -5, ino 4
[  956.694599][T16896] EXT4-fs error (device loop2): ext4_acquire_dquot:6953: comm syz.2.3188: Failed to acquire dquot type 1
[  956.723471][T16896] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  956.734180][T16896] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  956.744857][T16896] EXT4-fs error (device loop2): ext4_acquire_dquot:6953: comm syz.2.3188: Failed to acquire dquot type 1
[  956.776261][T14898] hfsplus: b-tree write err: -5, ino 2
[  956.826011][T16896] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.3188: bg 0: block 248: padding at end of block bitmap is not set
[  956.997529][T16896] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6655: Corrupt filesystem
[  957.082809][T16896] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  957.095796][T16896] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  957.107400][T16896] EXT4-fs error (device loop2): ext4_acquire_dquot:6953: comm syz.2.3188: Failed to acquire dquot type 1
[  957.164508][T16896] EXT4-fs (loop2): 1 orphan inode deleted
[  957.186509][T16896] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  957.259908][T16914] loop1: detected capacity change from 0 to 128
[  957.735118][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  957.861175][T16920] loop0: detected capacity change from 0 to 256
[  957.939462][T16920] FAT-fs (loop0): Directory bread(block 64) failed
[  957.967353][T16920] FAT-fs (loop0): Directory bread(block 65) failed
[  958.009506][T16920] FAT-fs (loop0): Directory bread(block 66) failed
[  958.017268][T16920] FAT-fs (loop0): Directory bread(block 67) failed
[  958.028172][T16920] FAT-fs (loop0): Directory bread(block 68) failed
[  958.037606][T16920] FAT-fs (loop0): Directory bread(block 69) failed
[  958.081217][T16922] loop3: detected capacity change from 0 to 16
[  958.239602][T16920] FAT-fs (loop0): Directory bread(block 70) failed
[  958.427455][T16920] FAT-fs (loop0): Directory bread(block 71) failed
[  958.479257][T16922] overlayfs: conflicting options: metacopy=on,redirect_dir=follow
[  958.767556][T16920] FAT-fs (loop0): Directory bread(block 72) failed
[  958.813009][T16920] FAT-fs (loop0): Directory bread(block 73) failed
[  960.589071][T16932] loop1: detected capacity change from 0 to 8
[  960.708384][T16938] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3202'.
[  961.186603][T16942] trusted_key: encrypted_key: master key parameter 'defaul' is invalid
[  961.274086][T16942] loop3: detected capacity change from 0 to 4096
[  961.423858][T16950] loop1: detected capacity change from 0 to 128
[  961.998879][T16957] loop0: detected capacity change from 0 to 512
[  962.009380][T16957] EXT4-fs: Ignoring removed orlov option
[  962.096562][T16957] EXT4-fs (loop0): Test dummy encryption mode enabled
[  962.171749][T16957] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  962.271658][T16957] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  962.350211][T16957] EXT4-fs (loop0): 1 truncate cleaned up
[  962.383022][T16957] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  963.088554][T16969] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3213'.
[  963.774622][T14696] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  964.402244][T17010] loop0: detected capacity change from 0 to 8
[  965.253239][T13529] Bluetooth: hci1: command 0x0c1a tx timeout
[  966.460286][T17025] loop1: detected capacity change from 0 to 128
[  966.548243][T17028] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3224'.
[  969.089128][T17048] loop0: detected capacity change from 0 to 8
[  970.030200][T17054] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3233'.
[  970.555406][T17065] loop3: detected capacity change from 0 to 128
[  972.125217][T17071] loop0: detected capacity change from 0 to 1024
[  973.181639][ T5881] block nbd1: Possible stuck request ffff8880220d0000: control (read@0,4096B). Runtime 630 seconds
[  973.198291][ T1141] hfsplus: b-tree write err: -5, ino 25
[  973.209501][ T1141] hfsplus: b-tree write err: -5, ino 4
[  973.216629][ T1141] hfsplus: b-tree write err: -5, ino 2
[  974.619384][T17086] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3242'.
[  974.868062][T17084] loop2: detected capacity change from 0 to 2048
[  974.925794][T17084] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  975.002747][T17084] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  976.630200][T17114] loop0: detected capacity change from 0 to 1024
[  978.297401][ T9577] hfsplus: b-tree write err: -5, ino 25
[  978.423621][ T9577] hfsplus: b-tree write err: -5, ino 4
[  978.613281][ T9577] hfsplus: b-tree write err: -5, ino 2
[  979.252322][   T29] INFO: task udevd:7447 blocked for more than 143 seconds.
[  979.259905][   T29]       Not tainted syzkaller #0
[  979.266622][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  979.291825][   T29] task:udevd           state:D stack:23944 pid:7447  ppid:5137   flags:0x00004006
[  979.302277][   T29] Call Trace:
[  979.305892][   T29]  <TASK>
[  979.309849][   T29]  __schedule+0x1553/0x45a0
[  979.315566][   T29]  ? asan.module_dtor+0x20/0x20
[  979.320696][   T29]  ? mark_lock+0x94/0x320
[  979.326447][   T29]  ? lock_chain_count+0x20/0x20
[  979.331608][   T29]  ? _raw_spin_lock_irq+0xbb/0xf0
[  979.337289][   T29]  ? _raw_spin_lock_irqsave+0x100/0x100
[  979.343867][   T29]  schedule+0xbd/0x170
[  979.348598][   T29]  io_schedule+0x80/0xd0
[  979.353365][   T29]  folio_wait_bit_common+0x714/0xfa0
[  979.359464][   T29]  ? folio_wait_bit+0x30/0x30
[  979.364638][   T29]  ? _compound_head+0x120/0x120
[  979.370256][   T29]  ? filemap_add_folio+0x192/0x3c0
[  979.376972][   T29]  ? __filemap_get_folio+0x704/0xbb0
[  979.385283][   T29]  ? blkdev_writepage+0x30/0x30
[  979.391088][   T29]  do_read_cache_folio+0x1c0/0x7d0
[  979.396907][   T29]  ? blkdev_writepage+0x30/0x30
[  979.402443][   T29]  read_part_sector+0xd2/0x340
[  979.408908][   T29]  adfspart_check_POWERTEC+0x93/0xed0
[  979.691659][   T29]  ? adfspart_check_ADFS+0x620/0x620
[  979.710510][   T29]  ? put_partition+0x370/0x370
[  979.766443][   T29]  ? alloc_pages+0x4dc/0x740
[  979.781518][   T29]  bdev_disk_changed+0x740/0x1420
[  979.786642][   T29]  ? bdev_resize_partition+0xf0/0xf0
[  979.792323][   T29]  ? iput+0x343/0x920
[  979.797198][   T29]  blkdev_get_whole+0x30d/0x390
[  979.807508][   T29]  blkdev_get_by_dev+0x279/0x600
[  979.813536][   T29]  blkdev_open+0x152/0x360
[  979.818020][   T29]  ? blkdev_mmap+0x1b0/0x1b0
[  979.822852][   T29]  do_dentry_open+0x8c6/0x1500
[  979.827803][   T29]  path_openat+0x27f1/0x3230
[  979.832721][   T29]  ? do_sys_openat2+0xda/0x1d0
[  979.837539][   T29]  ? verify_lock_unused+0x140/0x140
[  979.842880][   T29]  ? do_filp_open+0x430/0x430
[  979.847616][   T29]  ? __virt_addr_valid+0x18c/0x540
[  979.852993][   T29]  do_filp_open+0x1f5/0x430
[  979.857639][   T29]  ? vfs_tmpfile+0x490/0x490
[  979.862456][   T29]  ? _raw_spin_unlock+0x28/0x40
[  979.867460][   T29]  ? alloc_fd+0x58f/0x630
[  979.872192][   T29]  do_sys_openat2+0x134/0x1d0
[  979.876926][   T29]  ? do_sys_open+0xe0/0xe0
[  979.881389][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  979.887470][   T29]  ? lock_chain_count+0x20/0x20
[  979.892920][   T29]  __x64_sys_openat+0x139/0x160
[  979.898990][   T29]  do_syscall_64+0x55/0xa0
[  979.903512][   T29]  ? clear_bhb_loop+0x40/0x90
[  979.908250][   T29]  ? clear_bhb_loop+0x40/0x90
[  979.913087][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  979.919111][   T29] RIP: 0033:0x7f3a83ca7407
[  979.923643][   T29] RSP: 002b:00007ffe81958900 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  979.932183][   T29] RAX: ffffffffffffffda RBX: 00007f3a84385880 RCX: 00007f3a83ca7407
[  979.940191][   T29] RDX: 00000000000a0800 RSI: 000055c60eae9a50 RDI: ffffffffffffff9c
[  979.948522][   T29] RBP: 000055c60ead0910 R08: 0000000000000000 R09: 0000000000000000
[  979.956566][   T29] R10: 0000000000000000 R11: 0000000000000202 R12: 000055c60eae8e00
[  979.964636][   T29] R13: 000055c60eae8410 R14: 0000000000000000 R15: 000055c60eae8e00
[  979.972785][   T29]  </TASK>
[  979.985698][   T29] 
[  979.985698][   T29] Showing all locks held in the system:
[  980.001637][   T29] 1 lock held by khungtaskd/29:
[  980.006612][   T29]  #0: ffffffff8d1320e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  980.019518][   T29] 2 locks held by getty/5527:
[  980.025850][   T29]  #0: ffff88802d8ae0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  980.040209][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[  980.050569][   T29] 2 locks held by kworker/0:4/5812:
[  980.055916][   T29]  #0: ffff888017c72538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  980.067063][   T29]  #1: ffffc9000499fd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  980.079356][   T29] 1 lock held by udevd/7447:
[  980.084280][   T29]  #0: ffff888021fbb4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600
[  980.094536][   T29] 5 locks held by kworker/u4:22/9583:
[  980.099996][   T29] 2 locks held by syz.2.3251/17124:
[  980.108326][   T29]  #0: ffffffff8e3c2b08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  980.117850][   T29]  #1: ffffffff8d137ab8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3da/0x880
[  980.128970][   T29] 1 lock held by syz.1.3253/17129:
[  980.135481][   T29]  #0: ffffffff8e3c2b08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  980.161801][   T29] 
[  980.166938][   T29] =============================================
[  980.166938][   T29] 
[  980.189476][   T29] NMI backtrace for cpu 0
[  980.193890][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  980.201142][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  980.211340][   T29] Call Trace:
[  980.214653][   T29]  <TASK>
[  980.217611][   T29]  dump_stack_lvl+0x18c/0x250
[  980.222351][   T29]  ? show_regs_print_info+0x20/0x20
[  980.227583][   T29]  ? load_image+0x420/0x420
[  980.232210][   T29]  nmi_cpu_backtrace+0x3a6/0x3e0
[  980.237165][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  980.243341][   T29]  ? _printk+0xde/0x130
[  980.247535][   T29]  ? load_image+0x420/0x420
[  980.252149][   T29]  ? load_image+0x420/0x420
[  980.256675][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  980.262878][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  980.268962][   T29]  watchdog+0xf3d/0xf80
[  980.273462][   T29]  ? watchdog+0x1e1/0xf80
[  980.277852][   T29]  kthread+0x2fa/0x390
[  980.281965][   T29]  ? hungtask_pm_notify+0x90/0x90
[  980.287038][   T29]  ? kthread_blkcg+0xd0/0xd0
[  980.291652][   T29]  ret_from_fork+0x48/0x80
[  980.296088][   T29]  ? kthread_blkcg+0xd0/0xd0
[  980.300791][   T29]  ret_from_fork_asm+0x11/0x20
[  980.305615][   T29]  </TASK>
[  980.308731][    C0] vkms_vblank_simulate: vblank timer overrun
[  980.316214][   T29] Sending NMI from CPU 0 to CPUs 1:
[  980.321903][    C1] NMI backtrace for cpu 1
[  980.321915][    C1] CPU: 1 PID: 9583 Comm: kworker/u4:22 Not tainted syzkaller #0
[  980.321931][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  980.321940][    C1] Workqueue: bat_events batadv_nc_worker
[  980.321962][    C1] RIP: 0010:__lock_acquire+0x18c1/0x7d40
[  980.321983][    C1] Code: a5 76 be 02 89 c3 e8 2e a1 ff ff 49 b8 00 00 00 00 00 fc ff df 85 db 4c 8b 7c 24 10 4c 8b a4 24 e0 00 00 00 0f 85 e9 06 00 00 <48> c7 c0 ac 4e 8b 8e 48 c1 e8 03 42 0f b6 04 00 84 c0 0f 85 c9 54
[  980.321996][    C1] RSP: 0018:ffffc90005127700 EFLAGS: 00000046
[  980.322008][    C1] RAX: 03da8420229a181e RBX: ffffffff91257240 RCX: ffffffff81684200
[  980.322019][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff911c65d8
[  980.322037][    C1] RBP: ffffc90005127948 R08: dffffc0000000000 R09: 1ffffffff2238cbb
[  980.322047][    C1] R10: dffffc0000000000 R11: fffffbfff2238cbc R12: 03da8420229a181e
[  980.322057][    C1] R13: ffff888031b45a00 R14: ffffffff91257258 R15: ffff888031b46550
[  980.322068][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  980.322080][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  980.322090][    C1] CR2: 00007f14de5ea2f8 CR3: 000000007d9d2000 CR4: 00000000003506e0
[  980.322106][    C1] Call Trace:
[  980.322111][    C1]  <TASK>
[  980.322125][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  980.322144][    C1]  ? verify_lock_unused+0x140/0x140
[  980.322160][    C1]  ? mark_lock+0x94/0x320
[  980.322176][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  980.322191][    C1]  ? trace_irq_disable+0x37/0xe0
[  980.322211][    C1]  ? lock_chain_count+0x20/0x20
[  980.322225][    C1]  ? rcu_preempt_deferred_qs_irqrestore+0x88e/0xce0
[  980.322248][    C1]  ? mark_lock+0x94/0x320
[  980.322264][    C1]  lock_acquire+0x19e/0x420
[  980.322279][    C1]  ? batadv_nc_purge_paths+0xe7/0x3a0
[  980.322294][    C1]  ? lock_chain_count+0x20/0x20
[  980.322310][    C1]  ? read_lock_is_recursive+0x20/0x20
[  980.322326][    C1]  ? __local_bh_disable_ip+0x115/0x1a0
[  980.322340][    C1]  ? __bpf_trace_tasklet+0x160/0x160
[  980.322354][    C1]  ? __local_bh_enable_ip+0x13a/0x1c0
[  980.322367][    C1]  ? _local_bh_enable+0xa0/0xa0
[  980.322383][    C1]  ? batadv_nc_purge_paths+0xe7/0x3a0
[  980.322396][    C1]  _raw_spin_lock_bh+0x36/0x50
[  980.322413][    C1]  ? batadv_nc_purge_paths+0xe7/0x3a0
[  980.322426][    C1]  ? batadv_nc_purge_paths+0x3a0/0x3a0
[  980.322440][    C1]  batadv_nc_purge_paths+0xe7/0x3a0
[  980.322459][    C1]  batadv_nc_worker+0x328/0x610
[  980.322474][    C1]  ? process_scheduled_works+0x96f/0x15d0
[  980.322491][    C1]  process_scheduled_works+0xa5d/0x15d0
[  980.322518][    C1]  ? worker_attach_to_pool+0x380/0x380
[  980.322536][    C1]  ? assign_work+0x3d2/0x5d0
[  980.322554][    C1]  worker_thread+0xa55/0xfc0
[  980.322571][    C1]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  980.322587][    C1]  ? _raw_spin_unlock+0x40/0x40
[  980.322602][    C1]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  980.322625][    C1]  kthread+0x2fa/0x390
[  980.322638][    C1]  ? pr_cont_work+0x560/0x560
[  980.322654][    C1]  ? kthread_blkcg+0xd0/0xd0
[  980.322668][    C1]  ret_from_fork+0x48/0x80
[  980.322684][    C1]  ? kthread_blkcg+0xd0/0xd0
[  980.322698][    C1]  ret_from_fork_asm+0x11/0x20
[  980.322721][    C1]  </TASK>
[  980.360430][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  980.360445][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  980.360463][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  980.360473][   T29] Call Trace:
[  980.360479][   T29]  <TASK>
[  980.360486][   T29]  dump_stack_lvl+0x18c/0x250
[  980.360520][   T29]  ? show_regs_print_info+0x20/0x20
[  980.360545][   T29]  ? load_image+0x420/0x420
[  980.360577][   T29]  panic+0x2dc/0x730
[  980.360598][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  980.360627][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  980.360647][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[  980.360671][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  980.360694][   T29]  watchdog+0xf7c/0xf80
[  980.360717][   T29]  ? watchdog+0x1e1/0xf80
[  980.360744][   T29]  kthread+0x2fa/0x390
[  980.360759][   T29]  ? hungtask_pm_notify+0x90/0x90
[  980.360781][   T29]  ? kthread_blkcg+0xd0/0xd0
[  980.360799][   T29]  ret_from_fork+0x48/0x80
[  980.360819][   T29]  ? kthread_blkcg+0xd0/0xd0
[  980.360835][   T29]  ret_from_fork_asm+0x11/0x20
[  980.360869][   T29]  </TASK>
[  980.365130][   T29] Kernel Offset: disabled
[  980.763803][   T29] Rebooting in 86400 seconds..