last executing test programs:

3m23.281371536s ago: executing program 4 (id=1259):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x7, &(0x7f0000000280)={0x0, 0x21}, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
r4 = socket$inet6(0xa, 0x3, 0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
connect$inet6(r4, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x1, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r4, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240), 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r7, &(0x7f0000000240), 0x8)

3m21.461713254s ago: executing program 4 (id=1261):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)

3m18.471647659s ago: executing program 4 (id=1264):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0xfffffff7}})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000080)='./file2\x00', 0x1fff)
r2 = openat(0xffffffffffffff9c, 0x0, 0x187842, 0x147)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r2, 0xc0406618, &(0x7f00000000c0)={@id={0x2, 0x0, @a}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00'})
r5 = socket(0x10, 0x3, 0x0)
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000002500)='./file2\x00', 0x200000, &(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0x1, 0x495, &(0x7f000001c000)="$eJzs29trHGUYx/HfM8luNttqt22aVil0VVCpWHPo0XjRQwwVekjTRqSoEJtNXJoT2VTaIlq88dYbb0REQUGqaEHEG6+0d/4BCoKgF16I4F54AEGQmX1nZ7LZtkn3kGz7/UC7k3eemXkP+8777s67AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0uGnD/X02mrnAgAANNOJ0yM9fYz/AADcVc7w+R8AAOBuYvL0g0yDI0U7HvxdkjqWn7lwcXRwqPphnRYc2RbE+/9SvX39u/fs3bc/fL358fV2n06ePnMoe2R2em4+VyjkxrOjM/lzs+O5ZZ+h1uMr7QwqIDt9/sL4xEQh27erf9Hui5lfO9Z1Zwb2dR/0wtjRwaGh07GY9sRtX32JG83wk/K0TabfH/7MTkjyVHtd3OK902idQSF2BoUYHRwKCjKVH5tZ8HcOhxXhubI6ybCOmtAWNemS/HxZsj6f2RLydFCm7l+KdlJSW1gPjwVfDN/4wPa6XP62+fl8QdKDaoE2W8M65OknmaY3pDS8+s2KJmuXp4sy/TlQtFPB/cDvT/5t89iz2WdmJmZjscPmelSrjw/NtMbvTSl5OhHc8Ys2stqZQdP5k6W3ZdryySvBvELBvHTDwL4nT/XHZxhbb3EeP3aXmz8uZ0xOuNhhGzbz6l8uAAAAAAAAAFKHefpepuLX2SgxY/Jij4xTKj0Yyq5OFgE0inl6R6ZTI8Xga/j4upS22PqeslZ/9tfY/HemjszOXZrPT768UHV/OnXopcLC/Ni56rvV6d9n2+Ipt1rHUqOEeUrK9PxfH1v5uqX7v1sKEOXmo6eiNTOpyusH75t7S+uZwmdIB85ujW9XzfIKno/61zTztCDT4U3b3FqVtJbUmUpxX8j0x/vbXZyX9DMfnjZTOuNEfirX48d+I9MH/4WxwbIorXOxm6PYXj/WZHrr+OLY9S62K4rt82OHZLr+YvXYLVFsvx/7hkxzv2XD2LQfu8PFdkexu87NTo1Xq0pgpfz+/7NM73VlLewb7aX339L+/2o0FlypPNEN+nyt/T8TS7vi+vVZv///vS3oy0H/96r3/zdl+vTL7S6u1PeSbv/G4P+o/z8n0+R3i2PTLnZTFNu77IptEX77b5fp6JZr5bpx7e9aIGq1ePvfX/nuaFD7b4ylZdx1O+pTdEgqXLp8fmxqKjfPRq0brkavrJX8rJGNHWsjG2yscGOVb0xoCn/8/9yfRX31Y3m+48Z/9zElmln981o0/g9UnqhB4/+mWNqAm40k2qXUwvRcYquUKly6/Hh+emwyN5mb2d2zt2fP7gO9B/YnkuHkLtqqua7uRH77fyvTv+uulj/vLp7/VZ//pytP1KD23xxLSy+ar9RcdLj2vyrTA9evlb+XuNn8P/z+59GHSq/l/tmg9u+KpWXcde+pT9EBAAAAAAAAAAAAAAAAoKUlzNOHMh19ot3C35otZ/3fkh+gNWj9V3csbbxJv1eouVIBoAV48vSuTI+oaK/7Ceul4/FX3NH+DwAA///WsSBT")
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000000080)=""/43, 0x2b)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x14, 0x5a, 0x1}, 0x14}}, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2c00)
syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8082, &(0x7f00000010c0)={[{@rootdir={'rootdir', 0x3d, 0x7f}}, {@iocharset={'iocharset', 0x3d, 'cp869'}}, {@adinicb}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@umask={'umask', 0x3d, 0x3}}, {@nostrict}, {@uid_forget}, {@umask}]}, 0x1, 0xc4a, &(0x7f0000000300)="$eJzs3VFsXeddAPD/d3Id2ykQb91CCyvcARpp1pQ0yeqsQeWGuoZJaWrN8d4m+ca+CVd1bMt2WFoG83jhgYdJCPGwJ0tQIQ0xVQwh3jBQpO2lD6hPPFmgVhPiwUKT+jQuOud+175O0jap7cRpf7/25n/uOf/vnO/7zuk5qeXvfAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARPz2ixdOPZMedC0AgPvp0uRXT532/AeAT5TL/v8fAAAAAAAAAAAAAAAOuhRFPBopFi9tpunqe9fQxfb8jZtTY+N3LjacqpKHqvzyM/TM6TNnv/Ts6Lle/ODye+3xeHny8oX6CwvXF5day8ut2frUfHtmYbZ113vYbflbnag6oH79lRuzV68u108/fWbH5psj7w4+cmzk/OiTJ5/o5U6NjY9P9uXUBj7y0W/zfiM8DkcRJyPFU9//cWpGRBG774sPuXb223DViBNVI6bGxquGzLWb8yvlxoleRxQR9b5CjV4f3YdzsSuNiNWy+mWFT5TNm1xsLjWvzLXqE82llfZKe2F+InVrW7anHkWcSxFrEbExePvuBqKIWqT47tHNdCUiDvX64YvVwOD3r0exj228C2U96wMRa8VDcM4OsMEo4qVI8ZM3i5gp+yx/4gsRL5XxHyJeL+PzEam8MM5GvFNdR8MPuObshVoU8afl+T+/mWar+0HvvnLxa/WvzF9d6Mvt3Vce+ufD/XTA701DUUSzuuNvpo/+lx0AAAAAAAAAAAAAAAAA9tpwFPF4pHjx33+/Glcc1bj0o+dHf2fkZ/vHjD/2Ifspc5+OiNXi7sbkHs5DiCfSREp3NZbYHIX7YSiK+MM8/u/bD7oyAAAAAAAAAAAAAAAAAAAAn2hFvB0pnnvreFqL/jnF2/PX6pebV+a6s8L25v7tzZne6XQ69dSNjRync1zNcS3H9Rw3cowil8+xkeN0jqs5ruW4nuNGjnEol8+xkeN0jqs5ruW4nuNGjlHL5XNs5Did42qOazmu57iRYxyQuXsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5Oiijip5HiO9/YTJEiohExHd24PtjLAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAepMFUxA8iRf13G1vrahGRqn+7jpd/nI3G4TJ+OhqjZXw+GhdybFax1vj2A6g/uzOQivhRpBgcemPrhOfzP9D9tnUZxOvf3P72C7VuPNTbOPLu4CPHjp4fHf+lx95vOd2pAicutudv3KxPjY2PT/atruWjf7pv3Ug+brE3TScill997ZXm3FxrycInY6HWXajFnu55OGJvd7h3C7XuQr5fxQOvz3L5oL19U+PBV2znQlT3/jves/nYKJ//70SK33jrP3oP/N7z/2e637ae8PHeH20//5+7dUf79Px/tG/dc/lvIwO1iKGV64sDxyKGll997WT7evNa61pr/uypU18eHf3ymVMDhyOGrrbnWn1Lu+4qAAAAAAAAAAAAAAAAgPsrFfFbkaL5o81Uj4ib1XitkfOjT5584lAcqsZb7Ri39fLk5Qv1FxauLy61lpdbs/Wp+fbMwmzrbg83VA33mhob35fGfKjhfa7/8NALC4uvLrWv/d7KHbcfGbpwZXllqTlz580xHEVEo3/NiarCU2PjVaXn2s35qujEHg3MHEhF/GekmDlbT5/P6/L4vzK8PdCX2z/+f7VvfbW8T+P/PnXLcVIq4r1I8et/9lh8vqrnkbitz3LeX0WKE+c+l/PicJnXq0P3vQLdkYHvdbr+7qc7c3ttf3Q795l7692Drzz/RyPFD/7ke/Ered3O9z9sj//sP/9Hbt3RPp3/z/StO7LjfQW7bjr5/J+MFM8/+kb8al73Qe//KKLT6Xwr4nhO3no/x96e/62L7rN9qSPRPe6v7VnrAQAAAAAAAAAAHl4DqYi/jhRPjNfSs3nd3fz+3+ytO9qn3//7+b51s/dpvqJddyoAAAAAHBADqYi3I8W1lTe2xlD3jf/eOf7zN7fnXh9Lt2ytfs73c9V7A/by53/9RvJxp3ffbAAAAAAAAAAAAAAAAAAAADhQUiri2Tyf+vSHzKe+Hile/O+ncl46Vub15oEfqf4curQwf/LC3NzCTHOleWWuVZ9cbM60yrKfiRSbf/m5XLao5lfvzTffneN9qNOea50qc5cixfjf9HK7c7H35ibvzgfenYu9zP1UpPivv92Z25vH+rPbuafL3L+IFF//xzvnHtvOPVPmfi9S/PDr9V7ukTK3937U7jtJh2ox13p6ZmHutlehAgAAAAAAAAAAAAAAAAAAwL0aSEX8caT4n+trsZqH/ef5/3sz8Nd6ua9/s2++/1vcrOb5H6nm/3+/5Y8y///InrUUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHimKeC1SLF7aTOuD5feuoYvt+Rs3p8bG+5M7W0vDqSp5qMovP0PPnD5z9kvPjp7rxTuV3z+Px8uTly/UX1i4vrjUWl5uzdan5tszC7Otu97Dbstvd13XiaoD6tdfuTF79epy/fTTZ3Zsvjny7uAjx0bOjz558ole7tTY+PhkX05t4B6Ofk+V23Y4ivjzSPHU93+c/nkwoojd98Udr537Z7hqxImqEVNj41VD5trN+ZVy40SvI4qIel+hRq+P7sO52JVGxGpZ/bLCJ8rmTS42l5pX5lr1iebSSnulvTA/kbq1LdtTjyLOpVhdi4iNwa29/F9vYSCKeCVSfPfoZvqXwYhDvX744qXJr546fcvB/2l7sbgPbf0AZT3rAxFrxUNwzg6wwSji7yPFT948Hv86GFGL7ie+EPFSf+LzEam8MM5GvDP4wKrLHqtFEf9bnv/zm+nNwfJ+0LuvXPxa/SvzVxf6cnv3lYP0fOjc+7U4vAeHvXsH/N40FEX8sLrjb6Z/8981AAAAAAAAAAAAAAAAwAFSxC9GiufeOp6q8cFbY4rb89fql5tX5rrD+npj/+oRf1DGTqfTqadubOQ4neNqjms5/nLO38jfo8jlc2zkOJ3jao5rOa7nuJFjHMrlc2zkOJ3jao5rOa7nuJFj1KrQ6XS+1S1fy+VzXM1xrRZRlOXz940c44CM3QMAAAAAAAAAAAAAAAAAAD5eiuqfFN/5xmaq5lJtRExHN66bD/Rj7/8DAAD//y8yBuM=")
symlink(&(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000200)='./control\x00')

3m16.532451698s ago: executing program 4 (id=1268):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000008000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d40)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3m16.264495462s ago: executing program 4 (id=1272):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0102000000000000000001a800000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000016540000000c0a010309000000000000000100000008000440000000000900010073797a30000000002c00038024000080200001801a0001"], 0xd8}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001ac0)=ANY=[], 0x20}}, 0x20000852)
recvmmsg(r1, &(0x7f0000001880)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000000500)=""/216, 0xd8}, {&(0x7f00000003c0)=""/131, 0x83}], 0x3, &(0x7f0000000600)=""/24, 0x18}}, {{&(0x7f0000000640)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f00000006c0)=""/178, 0xb2}, {&(0x7f0000000780)=""/7, 0x7}], 0x2, &(0x7f00000018c0)=""/46, 0x2e}, 0x400}], 0x2, 0x40012100, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x24cb40, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
syz_io_uring_setup(0x4df4, &(0x7f0000000000)={0x0, 0x874f, 0x8, 0x9, 0x338}, &(0x7f0000000100), 0x0)

3m7.751332772s ago: executing program 4 (id=1281):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x7, &(0x7f0000000280)={0x0, 0x21}, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
r4 = socket$inet6(0xa, 0x3, 0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
connect$inet6(r4, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x1, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r4, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240), 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r7, &(0x7f0000000240), 0x8)

2m50.446608164s ago: executing program 32 (id=1281):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x7, &(0x7f0000000280)={0x0, 0x21}, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
r4 = socket$inet6(0xa, 0x3, 0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
connect$inet6(r4, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x1, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r4, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240), 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r7, &(0x7f0000000240), 0x8)

1m31.885094076s ago: executing program 5 (id=1300):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$can_bcm(0x1d, 0x2, 0x2)
dup(r4)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
recvmmsg(r0, 0x0, 0x0, 0x120, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000000840)={&(0x7f00000007c0)={'cbcmac-aes-neon\x00'}})

59.30322802s ago: executing program 3 (id=1475):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0102000000000000000001a800000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000016540000000c0a010309000000000000000100000008000440000000000900010073797a30000000002c00038024000080200001801a0001"], 0xd8}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001ac0)=ANY=[], 0x20}}, 0x20000852)
recvmmsg(r1, &(0x7f0000001880)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000000500)=""/216, 0xd8}, {&(0x7f00000003c0)=""/131, 0x83}], 0x3, &(0x7f0000000600)=""/24, 0x18}}, {{&(0x7f0000000640)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f00000006c0)=""/178, 0xb2}, {&(0x7f0000000780)=""/7, 0x7}], 0x2, &(0x7f00000018c0)=""/46, 0x2e}, 0x400}], 0x2, 0x40012100, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x24cb40, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
syz_io_uring_setup(0x4df4, &(0x7f0000000000)={0x0, 0x874f, 0x8, 0x9, 0x338}, &(0x7f0000000100), 0x0)

55.845546933s ago: executing program 3 (id=1481):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06689d47eb5b9687a1d1d5c620"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)

51.094067195s ago: executing program 3 (id=1487):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat2(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', &(0x7f0000000300)={0x22a441, 0x1, 0x30}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r5, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000022c0)="f14889c2ad234ad6f0a71da72859c7c1e176134eff431253493482c723f8633d838bf127adff9f48a8854702b889321dfefd5644a03e0e41fb1cd1e442ac39d59aa0370071b34de016c447989af4c7d374e269dcbc1ce5f7083363d5bb2641018094b1721358f7a6c82f35dd9ed03c7be3fc46e5ef7b1fde49376ecde0494076cbe41c8292de99cc323303fda797e0704d3143999a0f53c8c056f2d7c2614c1bd977cc3e42e07548870d6bf096bf0369ee6a3f85cb27ec069f135e88005eb6147c3c08e1c787c9b5f9579653b876d44f3eb55573068fd1355b6fb755d1a72cb8eddfb7928f40f81e88e41bd2b3477299f540275d5107cd0dcb493a6f84ddbb9b43a60169c9ce7abb46e2d65a662a4e48cfafe180fbad39ee09548985149d100a6df90948f173ee8d7884fe5a916395d9631d7c55a09db75724229f3f492aca7c60e7c0984e5e05d555248874628cf294c6e1ad720e6f60662754e716d8e7f27b1321776768a8e4fd3abbeb3a23252a5e08b1f6b6e407cc69b8ed030f713f698db531f40f6082fce8f82eb6b90d7dcb33bd3cbcbc797d5597c444173c4455da38ffd93a45d756d158003c61c9d6e7e45a127a457172ccbbe9f2eadd4beb591f59ee37e3f23e858241463bb1d55b7ca1e19b84d1b077c7d6c3f942899a63dca8d63034da73146cc0e29ad541aff15049154a2c6ebe5b25b62833f09424bdabc08ffff5fff9cd35db4b3a9136ff557d88f68b8dc840e5edd3a9bf554986d3f706a1b962036d8f08e3d4cb9697c012f7be5bc00e77c89e796ee7d43a8c6ac172f262bc69517cc0978570280c2992c597ffa2ba8efc8b243b03b7f16942bf1e071de3dd4fa45a965946500d44fb10709fa8d4f1267077aa7afc2d32bc830e328762ade9f9d9a3b6835074eeffefbb98a45d688a0b76944e6fc4f805c912f966465266d4f43d2e70c65d6c5b0bddb1310c294e1b69b6f761bc4eda8b64121def17e864efc4ed59ca6973831827c77c1b27d50256341dd36e5e64cb78b509911e9cf36cc5b807648f119309f6fd403031434cf60873ce7582673581388cad04103e6b228d176ab09ed16d3d359fe02be3c014aefa3e7bca21ba3b7a5f981a375d0b920533936f8fc8afa3cc0156a902fca84745560fd50afd613d3f4482ec69683eb0ab3b78a106089797f6cbf00d40b2330be8a3e3c7a2838da551ba637cad6f81324348bcf7c65a9ef74999c8c4a8e96c50ec92becf9f08cf474fa597c910ad80a916cdfa6e61ea980875b130171472c760c6cb664f79406ddb74968e3f38e66320bd504ba4c4f25345191c8d3e758559db194781674c9dd02d84c04322b59924873c7092d01e9f45b98895769f35421a76f016e57ad16196d22b701b3639bc85b58b344a447e566b465cf92f6e160eeacfb0a8827480e1e4a9584e0e3984860c7b4cd042b8a5cb54c035be9a5683ebf4997e9dd289dc7d59bb5f2712eacb84031a02e6de31ba4fa3fb82b6106e76b4feed2d890544e7579f729c0f8af00cdea57f77793182e976be43d7158632deb9b154fbd8aa37fd2cbebfcae76014cbeb72c30bdda2dd95d75ed9dfe3f162d22af877bed110fddcb42e48b69fe34f97a0f00d094e962c5fa7eba412e63d57db086bdc6a2445c20dda5880dcaf3d9ad886652a1d2f1ce20f11c6de0481bf2005d0e605db4b4cd7c900f60a36825f4d5c7da23cb868ec", 0x4c2}], 0x1}, 0x20000044)
syz_open_dev$tty20(0xc, 0x4, 0x1)

36.582655775s ago: executing program 3 (id=1507):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2d8, &(0x7f0000000f40)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzucnadxnEaaOKm/X6kRs75zvecLrbvsZRGAE6te/Wfn2/+tn9GKqkk6Y4USKpKZUnndL76YnNnY6fVbOQdqORa2D+jdkvTVWdts5nV1LZzLbzQvitrNl2G4Yii6O6vooNA4dzZnyGQJv156PZXRxzXsOxKF4uOYdTSE2z2tKeXmiswHADAMeDv/4G/Tcy6IqMgkJb9bf9E3f/3ig7gaN1qdRVFuQ1S93+3uouMnd8zbtd+vudSOLs/iLPEwwRTOfB+Qu1PVscC0/TLKl0swdT6Rlkra2/VCPRONS9VbdG9Ntof3VifaJcyctMcvY9W0f3p9mjcivKgOKT1jVZz0m5kxL8wWI//z3w1381DE+qTGsn6rxwZO01upsIDMxVUbPzXex9xxrWyteTT/lqtFnRUOes6ueB78PqMspqdkaSPGT8g2E0iyIvT9T2vzscK7dGt9mm1kNUqTN71aLWYtIqvn7avlbVnrdxHKcMRD9F8NA/Mkv7oi+qp9X9g41tW6szMu9QbV9N/MtrjmciuWXY1w647x/7pcimJwJsceGyQBnxa9kFPdFtz269ePy21Ws0tu/E4Y+P57JbxJZX3Umad4W+UlFNHu/slkfUmig575GiYwV870gPa60dSYk+frMr2LEtKglFP02nZqH9T3gdyfDaiSOqxa2jXKRwj2yaedF8wVXBAGDW77jLt/M+t5P2qzqVI9iXMWafnJ5nqOOJqksF1LgXn3ev0QBncTO8MLtXjjR45o8u5Ll+VrqQKjXJ7DH2cJ4Sp64ce8fwfAAAAAAAAAAAAAAAAAABg3Bzd1wnq/muf3buKHiMAAAAAAAAAAAAAAAAAAAAAAOPun37/N+t/xLvf/w35/V9gjPwNAAD//weMdbA=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
getdents(r5, &(0x7f0000001fc0)=""/176, 0xb0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
r6 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0)
lseek(r7, 0xfffffffffffffff5, 0x1)
getdents(r0, 0xfffffffffffffffd, 0xbb)

35.016286919s ago: executing program 3 (id=1513):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x7, &(0x7f0000000280)={0x0, 0x21}, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
r4 = socket$inet6(0xa, 0x3, 0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r5, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
connect$inet6(r4, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x1, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r4, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240), 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r7, &(0x7f0000000240), 0x8)

25.871371908s ago: executing program 3 (id=1528):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x4)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2d8, &(0x7f0000000f40)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzucnadxnEaaOKm/X6kRs75zvecLrbvsZRGAE6te/Wfn2/+tn9GKqkk6Y4USKpKZUnndL76YnNnY6fVbOQdqORa2D+jdkvTVWdts5nV1LZzLbzQvitrNl2G4Yii6O6vooNA4dzZnyGQJv156PZXRxzXsOxKF4uOYdTSE2z2tKeXmiswHADAMeDv/4G/Tcy6IqMgkJb9bf9E3f/3ig7gaN1qdRVFuQ1S93+3uouMnd8zbtd+vudSOLs/iLPEwwRTOfB+Qu1PVscC0/TLKl0swdT6Rlkra2/VCPRONS9VbdG9Ntof3VifaJcyctMcvY9W0f3p9mjcivKgOKT1jVZz0m5kxL8wWI//z3w1381DE+qTGsn6rxwZO01upsIDMxVUbPzXex9xxrWyteTT/lqtFnRUOes6ueB78PqMspqdkaSPGT8g2E0iyIvT9T2vzscK7dGt9mm1kNUqTN71aLWYtIqvn7avlbVnrdxHKcMRD9F8NA/Mkv7oi+qp9X9g41tW6szMu9QbV9N/MtrjmciuWXY1w647x/7pcimJwJsceGyQBnxa9kFPdFtz269ePy21Ws0tu/E4Y+P57JbxJZX3Umad4W+UlFNHu/slkfUmig575GiYwV870gPa60dSYk+frMr2LEtKglFP02nZqH9T3gdyfDaiSOqxa2jXKRwj2yaedF8wVXBAGDW77jLt/M+t5P2qzqVI9iXMWafnJ5nqOOJqksF1LgXn3ev0QBncTO8MLtXjjR45o8u5Ll+VrqQKjXJ7DH2cJ4Sp64ce8fwfAAAAAAAAAAAAAAAAAABg3Bzd1wnq/muf3buKHiMAAAAAAAAAAAAAAAAAAAAAAOPun37/N+t/xLvf/w35/V9gjPwNAAD//weMdbA=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
getdents(r0, &(0x7f0000000000)=""/52, 0x34)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0)
lseek(r5, 0xfffffffffffffff5, 0x1)
getdents(r0, 0xfffffffffffffffd, 0xbb)

18.333166242s ago: executing program 0 (id=1539):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06689d47eb5b9687a1d1d5c620"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, 0x0, 0x0)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)

14.803781616s ago: executing program 1 (id=1540):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06689d47eb5b9687a1d1d5c620"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf689028"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)

14.204352055s ago: executing program 2 (id=1541):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000780)='./bus\x00', 0x20008c0, &(0x7f0000000200)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0xff}}, {@shortname_lower}, {@shortname_winnt}, {@uni_xlateno}, {@fat=@check_strict}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@fat=@dmask={'dmask', 0x3d, 0x8000000000000000}}, {@utf8no}, {@shortname_winnt}, {@shortname_mixed}, {@uni_xlateno}, {@shortname_mixed}, {@uni_xlate}]}, 0x80, 0x364, &(0x7f0000000400)="$eJzs3U1oHOUbAPBnO5vdtNB/cvhDUbCM3gQNbcWDnhJKCsW9qCx+HMTFpiq7UcjiYnLINl7Eo+BRT9486MFDzyIo4s2DVytIVTxoD0LB4sh+z2Z306QYa/D3OyxPnvd95n0nM+xMJtk3Ly5H/dJcXL5x43rMzxeiuHx+OW4WYjGSGLgSk0pTcgDA0XAzy+K3rGefJYVDnhIAcMi61/+XT+Yyb32xV//M1R8Ajrz+z//Hh4kp1/f5WcWvH9q0AIBDNPH8/4Gx5tL4r/qLub8KAACOqqefe/6JlUrEU2k6H7H+dqvaqsbjo/aVy/FqNGItzsRC3Iro3Sh0Xgrd1wsXK6tn0jRtx4+LUe1UtKoR6+1WtXensJJ068txNhZisV/fv9vIsiy58Gll9WzaFRFX2t3xY73Qqs7Fif74352ItTgXafx/oj7iYmX1XNrfQHV9UN+O2Bk9t+jMfykW4puX4nREXIpO7eC2prK6fTZNz2eVsfpWtdzt1zPzCQgAAAAAAAAAAAAAAAAAAAAAANyRpXRocbj+TTZav2dpaUp7d32cXn1/faCd3vpAWTmLLPv1zYer7yQxtj7Q7vV5WtViHLu7uw4AAAAAAAAAAAAAAAAAAAD/Gs3NUtQajbWN5uZWPR+0N5qbxyKik3ntq48/Px6TfW4TFPtj5JrSfmqrXsuSQecs6fc5FrnypDP4YIMfXR3OOD9EebgXU6dRnt3UaJy8/4f3R5n7ksGW/xz1SWL6Dia7ppEP1v/Xm9JBvlHD4Nxt+lzLsmxW+fYLk1VRiCge/MDtHWSd4Mvrr9zzSPPUo93MZ1nPgw8tPHPtvQ9/rtcanZGjewRLG81bWb3W/3r6yTY7SHLnTyF6QSF/JhRnlZe26rWd8aZa8u0vz9777tf7Gz3LZ96Y0ifp7c4nu5tKvaAzzV1Nx6eNNRcHPQStOzlwpz5Yrl3d/v6n/Vbl3iSmLdTx++m/8V0IAAAAAAAAAAAAAAAAAACIsY/HDzL9D/vO7VX12JOHPzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+OeM/v9/LtiZyOwn+KMdk03ltY1mROlu7yYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9xfwUAAP//oHptow==")
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000012c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x8, [@struct={0x6, 0x0, 0x0, 0x4, 0x0, 0x6}, @const={0x0, 0x0, 0x0, 0xa, 0x1}, @var={0x6, 0x0, 0x0, 0xe, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x61, 0x0, 0x5f]}}, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r4 = fsopen(&(0x7f0000000100)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
fchdir(0xffffffffffffffff)
removexattr(&(0x7f0000000000)='./file0\x00', 0x0)

14.178712085s ago: executing program 0 (id=1542):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat2(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', &(0x7f0000000300)={0x22a441, 0x1, 0x30}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000380), 0xffffffffffffffff)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r5, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x5b0}, 0x20008001)
sendmsg$inet6(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000022c0)="f14889c2ad234ad6f0a71da72859c7c1e176134eff431253493482c723f8633d838bf127adff9f48a8854702b889321dfefd5644a03e0e41fb1cd1e442ac39d59aa0370071b34de016c447989af4c7d374e269dcbc1ce5f7083363d5bb2641018094b1721358f7a6c82f35dd9ed03c7be3fc46e5ef7b1fde49376ecde0494076cbe41c8292de99cc323303fda797e0704d3143999a0f53c8c056f2d7c2614c1bd977cc3e42e07548870d6bf096bf0369ee6a3f85cb27ec069f135e88005eb6147c3c08e1c787c9b5f9579653b876d44f3eb55573068fd1355b6fb755d1a72cb8eddfb7928f40f81e88e41bd2b3477299f540275d5107cd0dcb493a6f84ddbb9b43a60169c9ce7abb46e2d65a662a4e48cfafe180fbad39ee09548985149d100a6df90948f173ee8d7884fe5a916395d9631d7c55a09db75724229f3f492aca7c60e7c0984e5e05d555248874628cf294c6e1ad720e6f60662754e716d8e7f27b1321776768a8e4fd3abbeb3a23252a5e08b1f6b6e407cc69b8ed030f713f698db531f40f6082fce8f82eb6b90d7dcb33bd3cbcbc797d5597c444173c4455da38ffd93a45d756d158003c61c9d6e7e45a127a457172ccbbe9f2eadd4beb591f59ee37e3f23e858241463bb1d55b7ca1e19b84d1b077c7d6c3f942899a63dca8d63034da73146cc0e29ad541aff15049154a2c6ebe5b25b62833f09424bdabc08ffff5fff9cd35db4b3a9136ff557d88f68b8dc840e5edd3a9bf554986d3f706a1b962036d8f08e3d4cb9697c012f7be5bc00e77c89e796ee7d43a8c6ac172f262bc69517cc0978570280c2992c597ffa2ba8efc8b243b03b7f16942bf1e071de3dd4fa45a965946500d44fb10709fa8d4f1267077aa7afc2d32bc830e328762ade9f9d9a3b6835074eeffefbb98a45d688a0b76944e6fc4f805c912f966465266d4f43d2e70c65d6c5b0bddb1310c294e1b69b6f761bc4eda8b64121def17e864efc4ed59ca6973831827c77c1b27d50256341dd36e5e64cb78b509911e9cf36cc5b807648f119309f6fd403031434cf60873ce7582673581388cad04103e6b228d176ab09ed16d3d359fe02be3c014aefa3e7bca21ba3b7a5f981a375d0b920533936f8fc8afa3cc0156a902fca84745560fd50afd613d3f4482ec69683eb0ab3b78a106089797f6cbf00d40b2330be8a3e3c7a2838da551ba637cad6f81324348bcf7c65a9ef74999c8c4a8e96c50ec92becf9f08cf474fa597c910ad80a916cdfa6e61ea980875b130171472c760c6cb664f79406ddb74968e3f38e66320bd504ba4c4f25345191c8d3e758559db194781674c9dd02d84c04322b59924873c7092d01e9f45b98895769f35421a76f016e57ad16196d22b701b3639bc85b58b344a447e566b465cf92f6e160eeacfb0a8827480e1e4a9584e0e3984860c7b4cd042b8a5cb54c035be9a5683ebf4997e9dd289dc7d59bb5f2712eacb84031a02e6de31ba4fa3fb82b6106e76b4feed2d890544e7579f729c0f8af00cdea57f77793182e976be43d7158632deb9b154fbd8aa37fd2cbebfcae76014cbeb72c30bdda2dd95d75ed9dfe3f162d22af877bed110fddcb42e48b69fe34f97a0f00d094e962c5fa7eba412e63d57db086bdc6a2445c20dda5880dcaf3d9ad886652a1d2f1ce20f11c6de0481bf2005d0e605db4b4cd7c900f60a36825f4d5c7da23cb868ec", 0x4c2}], 0x1}, 0x20000044)
syz_open_dev$tty20(0xc, 0x4, 0x1)

10.003292368s ago: executing program 33 (id=1528):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x4)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2d8, &(0x7f0000000f40)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzucnadxnEaaOKm/X6kRs75zvecLrbvsZRGAE6te/Wfn2/+tn9GKqkk6Y4USKpKZUnndL76YnNnY6fVbOQdqORa2D+jdkvTVWdts5nV1LZzLbzQvitrNl2G4Yii6O6vooNA4dzZnyGQJv156PZXRxzXsOxKF4uOYdTSE2z2tKeXmiswHADAMeDv/4G/Tcy6IqMgkJb9bf9E3f/3ig7gaN1qdRVFuQ1S93+3uouMnd8zbtd+vudSOLs/iLPEwwRTOfB+Qu1PVscC0/TLKl0swdT6Rlkra2/VCPRONS9VbdG9Ntof3VifaJcyctMcvY9W0f3p9mjcivKgOKT1jVZz0m5kxL8wWI//z3w1381DE+qTGsn6rxwZO01upsIDMxVUbPzXex9xxrWyteTT/lqtFnRUOes6ueB78PqMspqdkaSPGT8g2E0iyIvT9T2vzscK7dGt9mm1kNUqTN71aLWYtIqvn7avlbVnrdxHKcMRD9F8NA/Mkv7oi+qp9X9g41tW6szMu9QbV9N/MtrjmciuWXY1w647x/7pcimJwJsceGyQBnxa9kFPdFtz269ePy21Ws0tu/E4Y+P57JbxJZX3Umad4W+UlFNHu/slkfUmig575GiYwV870gPa60dSYk+frMr2LEtKglFP02nZqH9T3gdyfDaiSOqxa2jXKRwj2yaedF8wVXBAGDW77jLt/M+t5P2qzqVI9iXMWafnJ5nqOOJqksF1LgXn3ev0QBncTO8MLtXjjR45o8u5Ll+VrqQKjXJ7DH2cJ4Sp64ce8fwfAAAAAAAAAAAAAAAAAABg3Bzd1wnq/muf3buKHiMAAAAAAAAAAAAAAAAAAAAAAOPun37/N+t/xLvf/w35/V9gjPwNAAD//weMdbA=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
getdents(r0, &(0x7f0000000000)=""/52, 0x34)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0)
lseek(r5, 0xfffffffffffffff5, 0x1)
getdents(r0, 0xfffffffffffffffd, 0xbb)

9.88367111s ago: executing program 0 (id=1544):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06689d47eb5b9687a1d1d5c620"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)

9.88306751s ago: executing program 1 (id=1545):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000300)=[{0x0}], 0x1)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2d8, &(0x7f0000000f40)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzucnadxnEaaOKm/X6kRs75zvecLrbvsZRGAE6te/Wfn2/+tn9GKqkk6Y4USKpKZUnndL76YnNnY6fVbOQdqORa2D+jdkvTVWdts5nV1LZzLbzQvitrNl2G4Yii6O6vooNA4dzZnyGQJv156PZXRxzXsOxKF4uOYdTSE2z2tKeXmiswHADAMeDv/4G/Tcy6IqMgkJb9bf9E3f/3ig7gaN1qdRVFuQ1S93+3uouMnd8zbtd+vudSOLs/iLPEwwRTOfB+Qu1PVscC0/TLKl0swdT6Rlkra2/VCPRONS9VbdG9Ntof3VifaJcyctMcvY9W0f3p9mjcivKgOKT1jVZz0m5kxL8wWI//z3w1381DE+qTGsn6rxwZO01upsIDMxVUbPzXex9xxrWyteTT/lqtFnRUOes6ueB78PqMspqdkaSPGT8g2E0iyIvT9T2vzscK7dGt9mm1kNUqTN71aLWYtIqvn7avlbVnrdxHKcMRD9F8NA/Mkv7oi+qp9X9g41tW6szMu9QbV9N/MtrjmciuWXY1w647x/7pcimJwJsceGyQBnxa9kFPdFtz269ePy21Ws0tu/E4Y+P57JbxJZX3Umad4W+UlFNHu/slkfUmig575GiYwV870gPa60dSYk+frMr2LEtKglFP02nZqH9T3gdyfDaiSOqxa2jXKRwj2yaedF8wVXBAGDW77jLt/M+t5P2qzqVI9iXMWafnJ5nqOOJqksF1LgXn3ev0QBncTO8MLtXjjR45o8u5Ll+VrqQKjXJ7DH2cJ4Sp64ce8fwfAAAAAAAAAAAAAAAAAABg3Bzd1wnq/muf3buKHiMAAAAAAAAAAAAAAAAAAAAAAOPun37/N+t/xLvf/w35/V9gjPwNAAD//weMdbA=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
getdents(r5, &(0x7f0000001fc0)=""/176, 0xb0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
r6 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0)
lseek(r7, 0xfffffffffffffff5, 0x1)
getdents(r0, 0xfffffffffffffffd, 0xbb)

9.88244395s ago: executing program 2 (id=1546):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000780)='./bus\x00', 0x20008c0, &(0x7f0000000200)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0xff}}, {@shortname_lower}, {@shortname_winnt}, {@uni_xlateno}, {@fat=@check_strict}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@fat=@dmask={'dmask', 0x3d, 0x8000000000000000}}, {@utf8no}, {@shortname_winnt}, {@shortname_mixed}, {@uni_xlateno}, {@shortname_mixed}, {@uni_xlate}]}, 0x80, 0x364, &(0x7f0000000400)="$eJzs3U1oHOUbAPBnO5vdtNB/cvhDUbCM3gQNbcWDnhJKCsW9qCx+HMTFpiq7UcjiYnLINl7Eo+BRT9486MFDzyIo4s2DVytIVTxoD0LB4sh+z2Z306QYa/D3OyxPnvd95n0nM+xMJtk3Ly5H/dJcXL5x43rMzxeiuHx+OW4WYjGSGLgSk0pTcgDA0XAzy+K3rGefJYVDnhIAcMi61/+XT+Yyb32xV//M1R8Ajrz+z//Hh4kp1/f5WcWvH9q0AIBDNPH8/4Gx5tL4r/qLub8KAACOqqefe/6JlUrEU2k6H7H+dqvaqsbjo/aVy/FqNGItzsRC3Iro3Sh0Xgrd1wsXK6tn0jRtx4+LUe1UtKoR6+1WtXensJJ068txNhZisV/fv9vIsiy58Gll9WzaFRFX2t3xY73Qqs7Fif74352ItTgXafx/oj7iYmX1XNrfQHV9UN+O2Bk9t+jMfykW4puX4nREXIpO7eC2prK6fTZNz2eVsfpWtdzt1zPzCQgAAAAAAAAAAAAAAAAAAAAAANyRpXRocbj+TTZav2dpaUp7d32cXn1/faCd3vpAWTmLLPv1zYer7yQxtj7Q7vV5WtViHLu7uw4AAAAAAAAAAAAAAAAAAAD/Gs3NUtQajbWN5uZWPR+0N5qbxyKik3ntq48/Px6TfW4TFPtj5JrSfmqrXsuSQecs6fc5FrnypDP4YIMfXR3OOD9EebgXU6dRnt3UaJy8/4f3R5n7ksGW/xz1SWL6Dia7ppEP1v/Xm9JBvlHD4Nxt+lzLsmxW+fYLk1VRiCge/MDtHWSd4Mvrr9zzSPPUo93MZ1nPgw8tPHPtvQ9/rtcanZGjewRLG81bWb3W/3r6yTY7SHLnTyF6QSF/JhRnlZe26rWd8aZa8u0vz9777tf7Gz3LZ96Y0ifp7c4nu5tKvaAzzV1Nx6eNNRcHPQStOzlwpz5Yrl3d/v6n/Vbl3iSmLdTx++m/8V0IAAAAAAAAAAAAAAAAAACIsY/HDzL9D/vO7VX12JOHPzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+OeM/v9/LtiZyOwn+KMdk03ltY1mROlu7yYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9xfwUAAP//oHptow==")
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000012c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x8, [@struct={0x6, 0x0, 0x0, 0x4, 0x0, 0x6}, @const={0x0, 0x0, 0x0, 0xa, 0x1}, @var={0x6, 0x0, 0x0, 0xe, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x61, 0x0, 0x5f]}}, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = fsopen(&(0x7f0000000100)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
fsmount(r5, 0x0, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
fchdir(0xffffffffffffffff)
removexattr(&(0x7f0000000000)='./file0\x00', 0x0)

8.154309856s ago: executing program 0 (id=1547):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06689d47eb5b9687a1d1d5c620"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040), 0x0)

7.90570654s ago: executing program 2 (id=1548):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000300), 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2d8, &(0x7f0000000f40)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzucnadxnEaaOKm/X6kRs75zvecLrbvsZRGAE6te/Wfn2/+tn9GKqkk6Y4USKpKZUnndL76YnNnY6fVbOQdqORa2D+jdkvTVWdts5nV1LZzLbzQvitrNl2G4Yii6O6vooNA4dzZnyGQJv156PZXRxzXsOxKF4uOYdTSE2z2tKeXmiswHADAMeDv/4G/Tcy6IqMgkJb9bf9E3f/3ig7gaN1qdRVFuQ1S93+3uouMnd8zbtd+vudSOLs/iLPEwwRTOfB+Qu1PVscC0/TLKl0swdT6Rlkra2/VCPRONS9VbdG9Ntof3VifaJcyctMcvY9W0f3p9mjcivKgOKT1jVZz0m5kxL8wWI//z3w1381DE+qTGsn6rxwZO01upsIDMxVUbPzXex9xxrWyteTT/lqtFnRUOes6ueB78PqMspqdkaSPGT8g2E0iyIvT9T2vzscK7dGt9mm1kNUqTN71aLWYtIqvn7avlbVnrdxHKcMRD9F8NA/Mkv7oi+qp9X9g41tW6szMu9QbV9N/MtrjmciuWXY1w647x/7pcimJwJsceGyQBnxa9kFPdFtz269ePy21Ws0tu/E4Y+P57JbxJZX3Umad4W+UlFNHu/slkfUmig575GiYwV870gPa60dSYk+frMr2LEtKglFP02nZqH9T3gdyfDaiSOqxa2jXKRwj2yaedF8wVXBAGDW77jLt/M+t5P2qzqVI9iXMWafnJ5nqOOJqksF1LgXn3ev0QBncTO8MLtXjjR45o8u5Ll+VrqQKjXJ7DH2cJ4Sp64ce8fwfAAAAAAAAAAAAAAAAAABg3Bzd1wnq/muf3buKHiMAAAAAAAAAAAAAAAAAAAAAAOPun37/N+t/xLvf/w35/V9gjPwNAAD//weMdbA=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
getdents(r5, &(0x7f0000001fc0)=""/176, 0xb0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
r6 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0)
lseek(r7, 0xfffffffffffffff5, 0x1)
getdents(r0, 0xfffffffffffffffd, 0xbb)

7.673976284s ago: executing program 1 (id=1549):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06689d47eb5b9687a1d1d5c620"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0, r3}, 0x18)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)

4.894026406s ago: executing program 1 (id=1550):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06689d47eb5b9687a1d1d5c620"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, 0x0, 0x0)

4.893115736s ago: executing program 0 (id=1551):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0102000000000000000001a800000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000016540000000c0a010309000000000000000100000008000440000000000900010073797a30000000002c00038024000080200001801a0001"], 0xd8}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r1, &(0x7f0000001880)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000000500)=""/216, 0xd8}, {&(0x7f00000003c0)=""/131, 0x83}], 0x3, &(0x7f0000000600)=""/24, 0x18}}, {{&(0x7f0000000640)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f00000006c0)=""/178, 0xb2}, {&(0x7f0000000780)=""/7, 0x7}], 0x2, &(0x7f00000018c0)=""/46, 0x2e}, 0x400}], 0x2, 0x40012100, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x24cb40, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
syz_io_uring_setup(0x4df4, &(0x7f0000000000)={0x0, 0x874f, 0x8, 0x9, 0x338}, &(0x7f0000000100), 0x0)

3.104826853s ago: executing program 2 (id=1552):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000780)='./bus\x00', 0x20008c0, &(0x7f0000000200)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0xff}}, {@shortname_lower}, {@shortname_winnt}, {@uni_xlateno}, {@fat=@check_strict}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@fat=@dmask={'dmask', 0x3d, 0x8000000000000000}}, {@utf8no}, {@shortname_winnt}, {@shortname_mixed}, {@uni_xlateno}, {@shortname_mixed}, {@uni_xlate}]}, 0x80, 0x364, &(0x7f0000000400)="$eJzs3U1oHOUbAPBnO5vdtNB/cvhDUbCM3gQNbcWDnhJKCsW9qCx+HMTFpiq7UcjiYnLINl7Eo+BRT9486MFDzyIo4s2DVytIVTxoD0LB4sh+z2Z306QYa/D3OyxPnvd95n0nM+xMJtk3Ly5H/dJcXL5x43rMzxeiuHx+OW4WYjGSGLgSk0pTcgDA0XAzy+K3rGefJYVDnhIAcMi61/+XT+Yyb32xV//M1R8Ajrz+z//Hh4kp1/f5WcWvH9q0AIBDNPH8/4Gx5tL4r/qLub8KAACOqqefe/6JlUrEU2k6H7H+dqvaqsbjo/aVy/FqNGItzsRC3Iro3Sh0Xgrd1wsXK6tn0jRtx4+LUe1UtKoR6+1WtXensJJ068txNhZisV/fv9vIsiy58Gll9WzaFRFX2t3xY73Qqs7Fif74352ItTgXafx/oj7iYmX1XNrfQHV9UN+O2Bk9t+jMfykW4puX4nREXIpO7eC2prK6fTZNz2eVsfpWtdzt1zPzCQgAAAAAAAAAAAAAAAAAAAAAANyRpXRocbj+TTZav2dpaUp7d32cXn1/faCd3vpAWTmLLPv1zYer7yQxtj7Q7vV5WtViHLu7uw4AAAAAAAAAAAAAAAAAAAD/Gs3NUtQajbWN5uZWPR+0N5qbxyKik3ntq48/Px6TfW4TFPtj5JrSfmqrXsuSQecs6fc5FrnypDP4YIMfXR3OOD9EebgXU6dRnt3UaJy8/4f3R5n7ksGW/xz1SWL6Dia7ppEP1v/Xm9JBvlHD4Nxt+lzLsmxW+fYLk1VRiCge/MDtHWSd4Mvrr9zzSPPUo93MZ1nPgw8tPHPtvQ9/rtcanZGjewRLG81bWb3W/3r6yTY7SHLnTyF6QSF/JhRnlZe26rWd8aZa8u0vz9777tf7Gz3LZ96Y0ifp7c4nu5tKvaAzzV1Nx6eNNRcHPQStOzlwpz5Yrl3d/v6n/Vbl3iSmLdTx++m/8V0IAAAAAAAAAAAAAAAAAACIsY/HDzL9D/vO7VX12JOHPzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+OeM/v9/LtiZyOwn+KMdk03ltY1mROlu7yYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9xfwUAAP//oHptow==")
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000012c0)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x8, [@struct={0x6, 0x0, 0x0, 0x4, 0x0, 0x6}, @const={0x0, 0x0, 0x0, 0xa, 0x1}, @var={0x6, 0x0, 0x0, 0xe, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x61, 0x0, 0x5f]}}, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = fsopen(&(0x7f0000000100)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
fsmount(r5, 0x0, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
fchdir(0xffffffffffffffff)
removexattr(&(0x7f0000000000)='./file0\x00', 0x0)

3.088839134s ago: executing program 1 (id=1553):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061112c0000000000c6000000000000009500000000000000b2cc830810b519e3e8ddb8d77b502651aab8126fafac8ea8d8bd897231715ffa806d90d10a1b518487cd2489eb4e1c89e944cd14f5699e06689d47eb5b9687a1d1d5c620"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000040)=[{0x0}], 0x1)

1.30606612s ago: executing program 1 (id=1554):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b", 0x21}], 0x1)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2d8, &(0x7f0000000f40)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzucnadxnEaaOKm/X6kRs75zvecLrbvsZRGAE6te/Wfn2/+tn9GKqkk6Y4USKpKZUnndL76YnNnY6fVbOQdqORa2D+jdkvTVWdts5nV1LZzLbzQvitrNl2G4Yii6O6vooNA4dzZnyGQJv156PZXRxzXsOxKF4uOYdTSE2z2tKeXmiswHADAMeDv/4G/Tcy6IqMgkJb9bf9E3f/3ig7gaN1qdRVFuQ1S93+3uouMnd8zbtd+vudSOLs/iLPEwwRTOfB+Qu1PVscC0/TLKl0swdT6Rlkra2/VCPRONS9VbdG9Ntof3VifaJcyctMcvY9W0f3p9mjcivKgOKT1jVZz0m5kxL8wWI//z3w1381DE+qTGsn6rxwZO01upsIDMxVUbPzXex9xxrWyteTT/lqtFnRUOes6ueB78PqMspqdkaSPGT8g2E0iyIvT9T2vzscK7dGt9mm1kNUqTN71aLWYtIqvn7avlbVnrdxHKcMRD9F8NA/Mkv7oi+qp9X9g41tW6szMu9QbV9N/MtrjmciuWXY1w647x/7pcimJwJsceGyQBnxa9kFPdFtz269ePy21Ws0tu/E4Y+P57JbxJZX3Umad4W+UlFNHu/slkfUmig575GiYwV870gPa60dSYk+frMr2LEtKglFP02nZqH9T3gdyfDaiSOqxa2jXKRwj2yaedF8wVXBAGDW77jLt/M+t5P2qzqVI9iXMWafnJ5nqOOJqksF1LgXn3ev0QBncTO8MLtXjjR45o8u5Ll+VrqQKjXJ7DH2cJ4Sp64ce8fwfAAAAAAAAAAAAAAAAAABg3Bzd1wnq/muf3buKHiMAAAAAAAAAAAAAAAAAAAAAAOPun37/N+t/xLvf/w35/V9gjPwNAAD//weMdbA=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
getdents(r5, &(0x7f0000001fc0)=""/176, 0xb0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
r6 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0)
lseek(r7, 0xfffffffffffffff5, 0x1)
getdents(r0, 0xfffffffffffffffd, 0xbb)

1.190801482s ago: executing program 2 (id=1555):
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x7}}, './file0\x00'})
getpeername$qrtr(r0, &(0x7f0000000080), &(0x7f0000000100)=0xc)
ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000780)="c1cc4a177d7103161a6bac4b8f820b0d9101b381484a108917a20a4047e2f912424cbc887f940f74b9fa34eb7e901d466de3e908588c09ed02ad82b03462d8a2")
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/anycast6\x00')
r2 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000005c0)={r3, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe10859891d875397bab22d0000b420a9c81f40f45f819e01177d3d458dac00000000000000000000003b00", "90be8b1c5512406c34000000000000000000000000000000009d9400", [0x4, 0x40000000000000]}})
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000480)={r2, 0x400, {0x2a00, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x2, 0xffffffff, 0x18, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea80000000000000000000000deff0000000000000000000000000000000800", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x1000cf]}})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000001600)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r4}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r5}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f00000002c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r6}, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r7)
sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180)=0x63)
tkill(0x0, 0x8)
sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x10}, 0x1, 0x0, 0x0, 0x400d0}, 0x24040000)
writev(0xffffffffffffffff, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000140)}], 0x2)
r9 = socket(0x1e, 0x6, 0x81)
dup3(r0, r9, 0x80000)

1.166282773s ago: executing program 0 (id=1556):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0102000000000000000001a800000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000016540000000c0a010309000000000000000100000008000440000000000900010073797a30000000002c00038024000080200001801a0001"], 0xd8}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001ac0)=ANY=[], 0x20}}, 0x20000852)
recvmmsg(0xffffffffffffffff, &(0x7f0000001880)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000000500)=""/216, 0xd8}, {&(0x7f00000003c0)=""/131, 0x83}], 0x3, &(0x7f0000000600)=""/24, 0x18}}, {{&(0x7f0000000640)=@hci, 0x80, &(0x7f00000007c0)=[{&(0x7f00000006c0)=""/178, 0xb2}, {&(0x7f0000000780)=""/7, 0x7}], 0x2, &(0x7f00000018c0)=""/46, 0x2e}, 0x400}], 0x2, 0x40012100, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x24cb40, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
syz_io_uring_setup(0x4df4, &(0x7f0000000000)={0x0, 0x874f, 0x8, 0x9, 0x338}, &(0x7f0000000100), 0x0)

0s ago: executing program 2 (id=1557):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x7, &(0x7f0000000280)={0x0, 0x21}, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
r4 = socket$inet6(0xa, 0x3, 0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r5, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
connect$inet6(r4, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x1, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r4, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240), 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r7, &(0x7f0000000240), 0x8)

kernel console output (not intermixed with test programs):

e_work+0x863/0x1000
[  492.100603][ T4187]  ? worker_detach_from_pool+0x240/0x240
[  492.106212][ T4187]  ? lockdep_hardirqs_off+0x70/0x100
[  492.111491][ T4187]  ? _raw_spin_lock_irq+0xab/0xe0
[  492.116604][ T4187]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  492.121961][ T4187]  ? wq_worker_running+0x97/0x170
[  492.126962][ T4187]  worker_thread+0xaa8/0x12a0
[  492.131634][ T4187]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  492.137507][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  492.142692][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  492.148091][ T4187]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  492.153981][ T4187]  kthread+0x436/0x520
[  492.158029][ T4187]  ? rcu_lock_release+0x20/0x20
[  492.162869][ T4187]  ? kthread_blkcg+0xd0/0xd0
[  492.167458][ T4187]  ret_from_fork+0x1f/0x30
[  492.171877][ T4187]  </TASK>
[  492.178645][ T4187] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  492.200202][ T4187] Bluetooth: hci2: failed to register connection device
[  492.249102][ T7663] loop0: detected capacity change from 0 to 512
[  492.280516][ T7652] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  492.412349][ T7663] EXT4-fs (loop0): orphan cleanup on readonly fs
[  492.561723][ T7663] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.908: bg 0: block 248: padding at end of block bitmap is not set
[  492.570821][ T7652] ntfs: volume version 3.1.
[  492.593310][ T7663] Quota error (device loop0): write_blk: dquota write failed
[  492.622904][ T7663] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  492.646587][ T7652] ntfs: (device loop3): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  492.702471][ T7663] EXT4-fs error (device loop0): ext4_acquire_dquot:6204: comm syz.0.908: Failed to acquire dquot type 1
[  492.728300][ T7652] ntfs: (device loop3): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  492.766424][ T7663] EXT4-fs (loop0): 1 truncate cleaned up
[  492.772303][ T7652] ntfs: (device loop3): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  492.795072][ T7663] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  492.827580][ T7652] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  492.875769][ T7652] ntfs: (device loop3): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  492.886329][ T7652] ntfs: (device loop3): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  493.054501][ T7686] loop2: detected capacity change from 0 to 64
[  493.349091][ T4276] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  494.261691][ T7692] loop1: detected capacity change from 0 to 64
[  494.901236][ T4276] usb 1-1: device not accepting address 12, error -71
[  495.928868][ T7705] loop3: detected capacity change from 0 to 4096
[  496.044980][ T7707] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  497.215340][ T4187] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  497.225199][ T4187] CPU: 1 PID: 4187 Comm: kworker/u5:8 Not tainted 5.15.183-syzkaller #0
[  497.233522][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  497.243655][ T4187] Workqueue: hci1 hci_rx_work
[  497.248331][ T4187] Call Trace:
[  497.251604][ T4187]  <TASK>
[  497.254524][ T4187]  dump_stack_lvl+0x168/0x230
[  497.259381][ T4187]  ? show_regs_print_info+0x20/0x20
[  497.264574][ T4187]  ? load_image+0x3b0/0x3b0
[  497.269062][ T4187]  sysfs_create_dir_ns+0x252/0x280
[  497.274166][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  497.279193][ T4187]  ? sysfs_warn_dup+0xa0/0xa0
[  497.283900][ T4187]  ? le_conn_complete_evt+0xcbc/0x1590
[  497.289438][ T4187]  ? hci_event_packet+0xe05/0x12f0
[  497.294538][ T4187]  ? process_one_work+0x863/0x1000
[  497.299632][ T4187]  ? do_raw_spin_unlock+0x11d/0x230
[  497.304892][ T4187]  kobject_add_internal+0x662/0xd00
[  497.310086][ T4187]  kobject_add+0x152/0x210
[  497.314490][ T4187]  ? kobject_init+0x1d0/0x1d0
[  497.319161][ T4187]  ? klist_children_get+0x50/0x50
[  497.324163][ T4187]  ? get_device_parent+0x121/0x3f0
[  497.329250][ T4187]  device_add+0x483/0xfb0
[  497.333564][ T4187]  hci_conn_add_sysfs+0xd1/0x1e0
[  497.338481][ T4187]  le_conn_complete_evt+0xcbc/0x1590
[  497.343745][ T4187]  ? cs_le_create_conn+0x5e0/0x5e0
[  497.348838][ T4187]  ? __mutex_trylock_common+0x14f/0x250
[  497.354362][ T4187]  hci_le_meta_evt+0x289/0x3b80
[  497.359205][ T4187]  ? hci_event_packet+0x36d/0x12f0
[  497.364330][ T4187]  ? hci_event_packet+0x2e2/0x12f0
[  497.369422][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  497.374436][ T4187]  ? hci_remote_host_features_evt+0x280/0x280
[  497.380480][ T4187]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  497.386089][ T4187]  ? mark_lock+0x94/0x320
[  497.390456][ T4187]  ? mutex_unlock+0x10/0x10
[  497.394948][ T4187]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  497.400945][ T4187]  ? lock_chain_count+0x20/0x20
[  497.405797][ T4187]  ? __rwlock_init+0x140/0x140
[  497.410539][ T4187]  hci_event_packet+0xe05/0x12f0
[  497.415457][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  497.420647][ T4187]  ? rcu_lock_release+0x20/0x20
[  497.425477][ T4187]  ? hci_send_to_monitor+0x9c/0x4a0
[  497.430658][ T4187]  hci_rx_work+0x255/0xa10
[  497.435082][ T4187]  process_one_work+0x863/0x1000
[  497.440028][ T4187]  ? worker_detach_from_pool+0x240/0x240
[  497.445653][ T4187]  ? lockdep_hardirqs_off+0x70/0x100
[  497.450936][ T4187]  ? _raw_spin_lock_irq+0xab/0xe0
[  497.455966][ T4187]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  497.461323][ T4187]  ? wq_worker_running+0x97/0x170
[  497.466331][ T4187]  worker_thread+0xaa8/0x12a0
[  497.470997][ T4187]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  497.476880][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  497.482061][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  497.487248][ T4187]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  497.493121][ T4187]  kthread+0x436/0x520
[  497.497175][ T4187]  ? rcu_lock_release+0x20/0x20
[  497.501998][ T4187]  ? kthread_blkcg+0xd0/0xd0
[  497.506576][ T4187]  ret_from_fork+0x1f/0x30
[  497.510999][ T4187]  </TASK>
[  497.539164][ T4187] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  497.554015][ T4187] Bluetooth: hci1: failed to register connection device
[  497.623042][ T7716] fuse: Bad value for 'fd'
[  498.262947][ T7722] loop4: detected capacity change from 0 to 4096
[  498.348848][   T21] Bluetooth: hci2: command 0x0406 tx timeout
[  498.353503][ T7722] ntfs: (device loop4): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  498.374416][ T7730] loop3: detected capacity change from 0 to 512
[  498.397196][ T7722] ntfs: (device loop4): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  498.412233][ T7730] EXT4-fs (loop3): orphan cleanup on readonly fs
[  498.761416][ T7730] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.929: bg 0: block 248: padding at end of block bitmap is not set
[  499.285486][ T7730] Quota error (device loop3): write_blk: dquota write failed
[  499.297109][ T7722] ntfs: volume version 3.1.
[  499.346103][ T7722] ntfs: (device loop4): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  499.355749][ T7730] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  499.429653][ T7730] EXT4-fs error (device loop3): ext4_acquire_dquot:6204: comm syz.3.929: Failed to acquire dquot type 1
[  499.441166][ T7722] ntfs: (device loop4): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  499.465839][ T7722] ntfs: (device loop4): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  499.480396][ T7734] loop2: detected capacity change from 0 to 128
[  499.491933][ T7730] EXT4-fs (loop3): 1 truncate cleaned up
[  499.509093][ T7722] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  499.519155][ T7730] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  499.537458][ T7734] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  499.559965][ T7734] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  499.583678][ T7722] ntfs: (device loop4): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  499.629073][ T7722] ntfs: (device loop4): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  499.894002][ T7740] loop2: detected capacity change from 0 to 128
[  500.082355][ T7740] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  500.094205][ T7740] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  500.138900][   T21] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  500.590176][   T21] usb 4-1: unable to get BOS descriptor or descriptor too short
[  500.679606][   T21] usb 4-1: not running at top speed; connect to a high speed hub
[  500.702599][ T7746] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  501.149534][   T21] usb 4-1: config 0 has an invalid interface number: 88 but max is 0
[  501.216465][   T21] usb 4-1: config 0 has no interface number 0
[  501.230813][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  501.237237][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  501.256203][ T4187] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  501.266443][ T4187] CPU: 1 PID: 4187 Comm: kworker/u5:8 Not tainted 5.15.183-syzkaller #0
[  501.274802][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  501.284879][ T4187] Workqueue: hci0 hci_rx_work
[  501.289595][ T4187] Call Trace:
[  501.292895][ T4187]  <TASK>
[  501.295839][ T4187]  dump_stack_lvl+0x168/0x230
[  501.300536][ T4187]  ? show_regs_print_info+0x20/0x20
[  501.305842][ T4187]  ? load_image+0x3b0/0x3b0
[  501.310473][ T4187]  sysfs_create_dir_ns+0x252/0x280
[  501.315604][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  501.320652][ T4187]  ? sysfs_warn_dup+0xa0/0xa0
[  501.325343][ T4187]  ? le_conn_complete_evt+0xcbc/0x1590
[  501.330823][ T4187]  ? hci_event_packet+0xe05/0x12f0
[  501.335961][ T4187]  ? process_one_work+0x863/0x1000
[  501.341093][ T4187]  ? do_raw_spin_unlock+0x11d/0x230
[  501.346335][ T4187]  kobject_add_internal+0x662/0xd00
[  501.351562][ T4187]  kobject_add+0x152/0x210
[  501.356002][ T4187]  ? kobject_init+0x1d0/0x1d0
[  501.360704][ T4187]  ? klist_children_get+0x50/0x50
[  501.365747][ T4187]  ? get_device_parent+0x121/0x3f0
[  501.370878][ T4187]  device_add+0x483/0xfb0
[  501.375236][ T4187]  hci_conn_add_sysfs+0xd1/0x1e0
[  501.380210][ T4187]  le_conn_complete_evt+0xcbc/0x1590
[  501.385513][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  501.390743][ T4187]  ? cs_le_create_conn+0x5e0/0x5e0
[  501.395878][ T4187]  ? __switch_to_asm+0x34/0x60
[  501.400662][ T4187]  ? __schedule+0x11c0/0x43b0
[  501.405358][ T4187]  ? __mutex_trylock_common+0x14f/0x250
[  501.410940][ T4187]  hci_le_meta_evt+0x289/0x3b80
[  501.415815][ T4187]  ? hci_event_packet+0x36d/0x12f0
[  501.420955][ T4187]  ? hci_event_packet+0x2e2/0x12f0
[  501.426267][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  501.431313][ T4187]  ? release_firmware_map_entry+0x190/0x190
[  501.437234][ T4187]  ? hci_remote_host_features_evt+0x280/0x280
[  501.443323][ T4187]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  501.448988][ T4187]  ? mutex_unlock+0x10/0x10
[  501.453802][ T4187]  ? preempt_schedule+0xa7/0xb0
[  501.458673][ T4187]  ? schedule_preempt_disabled+0x20/0x20
[  501.464329][ T4187]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  501.469990][ T4187]  hci_event_packet+0xe05/0x12f0
[  501.475054][ T4187]  ? rcu_lock_release+0x20/0x20
[  501.479943][ T4187]  ? hci_send_to_monitor+0x9c/0x4a0
[  501.485171][ T4187]  hci_rx_work+0x255/0xa10
[  501.489625][ T4187]  process_one_work+0x863/0x1000
[  501.494597][ T4187]  ? worker_detach_from_pool+0x240/0x240
[  501.500251][ T4187]  ? lockdep_hardirqs_off+0x70/0x100
[  501.505573][ T4187]  ? _raw_spin_lock_irq+0xab/0xe0
[  501.510640][ T4187]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  501.516421][ T4187]  ? wq_worker_running+0x97/0x170
[  501.521463][ T4187]  worker_thread+0xaa8/0x12a0
[  501.526158][ T4187]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  501.532102][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  501.537328][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  501.542581][ T4187]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  501.548505][ T4187]  kthread+0x436/0x520
[  501.552591][ T4187]  ? rcu_lock_release+0x20/0x20
[  501.557466][ T4187]  ? kthread_blkcg+0xd0/0xd0
[  501.562161][ T4187]  ret_from_fork+0x1f/0x30
[  501.566610][ T4187]  </TASK>
[  501.591675][ T4187] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  501.606092][ T4187] Bluetooth: hci0: failed to register connection device
[  501.695140][   T21] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 10
[  501.978997][   T21] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  502.153882][   T21] usb 4-1: config 0 interface 88 has no altsetting 0
[  502.232678][ T7765] fuse: Bad value for 'fd'
[  502.240649][   T21] usb 4-1: string descriptor 0 read error: -71
[  502.254626][ T7764] loop4: detected capacity change from 0 to 128
[  502.278251][   T21] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  502.311083][ T7764] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  502.334997][ T7764] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  502.538206][   T21] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  502.569010][ T7771] loop0: detected capacity change from 0 to 4096
[  502.671676][ T7773] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  502.867889][   T21] usb 4-1: config 0 descriptor??
[  503.033382][ T7776] loop3: detected capacity change from 0 to 128
[  503.045200][   T21] usb 4-1: can't set config #0, error -71
[  503.073830][ T7776] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  503.086047][ T7776] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  503.274987][   T21] usb 4-1: USB disconnect, device number 5
[  503.622208][ T7784] loop4: detected capacity change from 0 to 64
[  503.708880][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  504.474427][ T7787] loop3: detected capacity change from 0 to 128
[  504.575392][ T7787] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  504.588534][ T7787] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  505.439293][ T7793] loop4: detected capacity change from 0 to 512
[  505.605406][ T7793] EXT4-fs (loop4): orphan cleanup on readonly fs
[  505.733522][ T4186] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  505.743114][ T4186] CPU: 0 PID: 4186 Comm: kworker/u5:7 Not tainted 5.15.183-syzkaller #0
[  505.751475][ T4186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  505.761540][ T4186] Workqueue: hci4 hci_rx_work
[  505.766225][ T4186] Call Trace:
[  505.769499][ T4186]  <TASK>
[  505.772429][ T4186]  dump_stack_lvl+0x168/0x230
[  505.777116][ T4186]  ? show_regs_print_info+0x20/0x20
[  505.782324][ T4186]  ? load_image+0x3b0/0x3b0
[  505.786833][ T4186]  sysfs_create_dir_ns+0x252/0x280
[  505.791946][ T4186]  ? __lock_acquire+0x7c60/0x7c60
[  505.796970][ T4186]  ? sysfs_warn_dup+0xa0/0xa0
[  505.801642][ T4186]  ? le_conn_complete_evt+0xcbc/0x1590
[  505.807101][ T4186]  ? hci_event_packet+0xe05/0x12f0
[  505.812207][ T4186]  ? process_one_work+0x863/0x1000
[  505.817324][ T4186]  ? do_raw_spin_unlock+0x11d/0x230
[  505.822520][ T4186]  kobject_add_internal+0x662/0xd00
[  505.827813][ T4186]  kobject_add+0x152/0x210
[  505.832235][ T4186]  ? kobject_init+0x1d0/0x1d0
[  505.836913][ T4186]  ? klist_children_get+0x50/0x50
[  505.841932][ T4186]  ? get_device_parent+0x121/0x3f0
[  505.847044][ T4186]  device_add+0x483/0xfb0
[  505.851382][ T4186]  hci_conn_add_sysfs+0xd1/0x1e0
[  505.856328][ T4186]  le_conn_complete_evt+0xcbc/0x1590
[  505.861979][ T4186]  ? cs_le_create_conn+0x5e0/0x5e0
[  505.867118][ T4186]  ? __mutex_trylock_common+0x14f/0x250
[  505.872687][ T4186]  hci_le_meta_evt+0x289/0x3b80
[  505.877548][ T4186]  ? hci_event_packet+0x36d/0x12f0
[  505.882655][ T4186]  ? hci_event_packet+0x2e2/0x12f0
[  505.887772][ T4186]  ? __lock_acquire+0x7c60/0x7c60
[  505.892803][ T4186]  ? hci_remote_host_features_evt+0x280/0x280
[  505.898866][ T4186]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  505.904498][ T4186]  ? mark_lock+0x94/0x320
[  505.908827][ T4186]  ? mutex_unlock+0x10/0x10
[  505.913328][ T4186]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  505.919311][ T4186]  ? lock_chain_count+0x20/0x20
[  505.924157][ T4186]  ? __rwlock_init+0x140/0x140
[  505.928918][ T4186]  hci_event_packet+0xe05/0x12f0
[  505.933852][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  505.939056][ T4186]  ? rcu_lock_release+0x20/0x20
[  505.943907][ T4186]  ? hci_send_to_monitor+0x9c/0x4a0
[  505.949104][ T4186]  hci_rx_work+0x255/0xa10
[  505.953617][ T4186]  process_one_work+0x863/0x1000
[  505.958565][ T4186]  ? worker_detach_from_pool+0x240/0x240
[  505.964189][ T4186]  ? lockdep_hardirqs_off+0x70/0x100
[  505.969475][ T4186]  ? _raw_spin_lock_irq+0xab/0xe0
[  505.974507][ T4186]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  505.979880][ T4186]  ? wq_worker_running+0x97/0x170
[  505.984904][ T4186]  worker_thread+0xaa8/0x12a0
[  505.989575][ T4186]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  505.995465][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  506.000668][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  506.005863][ T4186]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  506.011765][ T4186]  kthread+0x436/0x520
[  506.015829][ T4186]  ? rcu_lock_release+0x20/0x20
[  506.020678][ T4186]  ? kthread_blkcg+0xd0/0xd0
[  506.025264][ T4186]  ret_from_fork+0x1f/0x30
[  506.029694][ T4186]  </TASK>
[  506.034813][ T4186] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  506.048227][ T4186] Bluetooth: hci4: failed to register connection device
[  506.596423][ T7793] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.950: bg 0: block 248: padding at end of block bitmap is not set
[  506.733034][ T7793] Quota error (device loop4): write_blk: dquota write failed
[  506.765978][ T7793] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  506.831496][ T7810] loop3: detected capacity change from 0 to 128
[  506.853152][ T7793] EXT4-fs error (device loop4): ext4_acquire_dquot:6204: comm syz.4.950: Failed to acquire dquot type 1
[  506.874121][ T7810] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  506.886451][ T7810] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  506.947590][ T7793] EXT4-fs (loop4): 1 truncate cleaned up
[  506.954400][ T7793] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  507.616431][ T7814] loop1: detected capacity change from 0 to 128
[  507.691078][ T7814] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  507.701240][   T21] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  507.783829][ T7814] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  507.792975][ T4276] Bluetooth: hci0: command 0x0406 tx timeout
[  510.802631][   T21] usb 5-1: device descriptor read/all, error -71
[  511.310163][ T7845] loop4: detected capacity change from 0 to 128
[  511.805378][ T7845] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  511.833383][ T7845] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  512.136324][ T4187] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  512.158916][ T4187] CPU: 1 PID: 4187 Comm: kworker/u5:8 Not tainted 5.15.183-syzkaller #0
[  512.167296][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  512.177385][ T4187] Workqueue: hci1 hci_rx_work
[  512.182101][ T4187] Call Trace:
[  512.185402][ T4187]  <TASK>
[  512.188350][ T4187]  dump_stack_lvl+0x168/0x230
[  512.193054][ T4187]  ? show_regs_print_info+0x20/0x20
[  512.198290][ T4187]  ? load_image+0x3b0/0x3b0
[  512.202833][ T4187]  sysfs_create_dir_ns+0x252/0x280
[  512.207971][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  512.213031][ T4187]  ? sysfs_warn_dup+0xa0/0xa0
[  512.217740][ T4187]  ? le_conn_complete_evt+0xcbc/0x1590
[  512.223234][ T4187]  ? hci_event_packet+0xe05/0x12f0
[  512.228375][ T4187]  ? process_one_work+0x863/0x1000
[  512.233525][ T4187]  ? do_raw_spin_unlock+0x11d/0x230
[  512.238728][ T4187]  kobject_add_internal+0x662/0xd00
[  512.243942][ T4187]  kobject_add+0x152/0x210
[  512.248365][ T4187]  ? kobject_init+0x1d0/0x1d0
[  512.253050][ T4187]  ? klist_children_get+0x50/0x50
[  512.258082][ T4187]  ? get_device_parent+0x121/0x3f0
[  512.263191][ T4187]  device_add+0x483/0xfb0
[  512.267613][ T4187]  hci_conn_add_sysfs+0xd1/0x1e0
[  512.272555][ T4187]  le_conn_complete_evt+0xcbc/0x1590
[  512.277853][ T4187]  ? cs_le_create_conn+0x5e0/0x5e0
[  512.282967][ T4187]  ? __mutex_trylock_common+0x14f/0x250
[  512.288516][ T4187]  hci_le_meta_evt+0x289/0x3b80
[  512.293373][ T4187]  ? hci_event_packet+0x36d/0x12f0
[  512.298480][ T4187]  ? hci_event_packet+0x2e2/0x12f0
[  512.303595][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  512.308628][ T4187]  ? hci_remote_host_features_evt+0x280/0x280
[  512.314690][ T4187]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  512.320320][ T4187]  ? mark_lock+0x94/0x320
[  512.324651][ T4187]  ? mutex_unlock+0x10/0x10
[  512.329150][ T4187]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  512.335131][ T4187]  ? lock_chain_count+0x20/0x20
[  512.339986][ T4187]  ? __rwlock_init+0x140/0x140
[  512.344749][ T4187]  hci_event_packet+0xe05/0x12f0
[  512.349682][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  512.354881][ T4187]  ? rcu_lock_release+0x20/0x20
[  512.359731][ T4187]  ? hci_send_to_monitor+0x9c/0x4a0
[  512.364927][ T4187]  hci_rx_work+0x255/0xa10
[  512.369356][ T4187]  process_one_work+0x863/0x1000
[  512.374303][ T4187]  ? worker_detach_from_pool+0x240/0x240
[  512.379929][ T4187]  ? lockdep_hardirqs_off+0x70/0x100
[  512.385214][ T4187]  ? _raw_spin_lock_irq+0xab/0xe0
[  512.390242][ T4187]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  512.395623][ T4187]  ? wq_worker_running+0x97/0x170
[  512.400647][ T4187]  worker_thread+0xaa8/0x12a0
[  512.405324][ T4187]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  512.411392][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  512.416683][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  512.421967][ T4187]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  512.427877][ T4187]  kthread+0x436/0x520
[  512.431966][ T4187]  ? rcu_lock_release+0x20/0x20
[  512.436812][ T4187]  ? kthread_blkcg+0xd0/0xd0
[  512.441397][ T4187]  ret_from_fork+0x1f/0x30
[  512.445825][ T4187]  </TASK>
[  512.454333][ T4187] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  512.467727][ T4187] Bluetooth: hci1: failed to register connection device
[  515.747857][ T4266] Bluetooth: hci4: command 0x0406 tx timeout
[  515.756561][ T7865] loop3: detected capacity change from 0 to 256
[  521.239652][ T4186] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  521.249368][ T4186] CPU: 0 PID: 4186 Comm: kworker/u5:7 Not tainted 5.15.183-syzkaller #0
[  521.257740][ T4186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  521.267868][ T4186] Workqueue: hci2 hci_rx_work
[  521.271878][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  521.272596][ T4186] Call Trace:
[  521.272606][ T4186]  <TASK>
[  521.284824][ T4186]  dump_stack_lvl+0x168/0x230
[  521.289539][ T4186]  ? show_regs_print_info+0x20/0x20
[  521.294761][ T4186]  ? load_image+0x3b0/0x3b0
[  521.299342][ T4186]  sysfs_create_dir_ns+0x252/0x280
[  521.304438][ T4186]  ? __lock_acquire+0x7c60/0x7c60
[  521.309458][ T4186]  ? sysfs_warn_dup+0xa0/0xa0
[  521.314165][ T4186]  ? le_conn_complete_evt+0xcbc/0x1590
[  521.319620][ T4186]  ? hci_event_packet+0xe05/0x12f0
[  521.324813][ T4186]  ? process_one_work+0x863/0x1000
[  521.329915][ T4186]  ? do_raw_spin_unlock+0x11d/0x230
[  521.335108][ T4186]  kobject_add_internal+0x662/0xd00
[  521.340307][ T4186]  kobject_add+0x152/0x210
[  521.344724][ T4186]  ? kobject_init+0x1d0/0x1d0
[  521.349475][ T4186]  ? klist_children_get+0x50/0x50
[  521.354479][ T4186]  ? get_device_parent+0x121/0x3f0
[  521.359595][ T4186]  device_add+0x483/0xfb0
[  521.363950][ T4186]  hci_conn_add_sysfs+0xd1/0x1e0
[  521.368922][ T4186]  le_conn_complete_evt+0xcbc/0x1590
[  521.374290][ T4186]  ? cs_le_create_conn+0x5e0/0x5e0
[  521.379382][ T4186]  ? __mutex_trylock_common+0x14f/0x250
[  521.384909][ T4186]  hci_le_meta_evt+0x289/0x3b80
[  521.389743][ T4186]  ? hci_event_packet+0x36d/0x12f0
[  521.394854][ T4186]  ? hci_event_packet+0x2e2/0x12f0
[  521.399944][ T4186]  ? __lock_acquire+0x7c60/0x7c60
[  521.404963][ T4186]  ? hci_remote_host_features_evt+0x280/0x280
[  521.411011][ T4186]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  521.416627][ T4186]  ? mark_lock+0x94/0x320
[  521.420939][ T4186]  ? mutex_unlock+0x10/0x10
[  521.425428][ T4186]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  521.431388][ T4186]  ? lock_chain_count+0x20/0x20
[  521.436223][ T4186]  ? __rwlock_init+0x140/0x140
[  521.440973][ T4186]  hci_event_packet+0xe05/0x12f0
[  521.445897][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  521.451110][ T4186]  ? rcu_lock_release+0x20/0x20
[  521.456059][ T4186]  ? hci_send_to_monitor+0x9c/0x4a0
[  521.461244][ T4186]  hci_rx_work+0x255/0xa10
[  521.465668][ T4186]  process_one_work+0x863/0x1000
[  521.470596][ T4186]  ? worker_detach_from_pool+0x240/0x240
[  521.476205][ T4186]  ? lockdep_hardirqs_off+0x70/0x100
[  521.481471][ T4186]  ? _raw_spin_lock_irq+0xab/0xe0
[  521.486473][ T4186]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  521.491881][ T4186]  ? wq_worker_running+0x97/0x170
[  521.496882][ T4186]  worker_thread+0xaa8/0x12a0
[  521.501635][ T4186]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  521.507514][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  521.512703][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  521.517893][ T4186]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  521.523779][ T4186]  kthread+0x436/0x520
[  521.527834][ T4186]  ? rcu_lock_release+0x20/0x20
[  521.532675][ T4186]  ? kthread_blkcg+0xd0/0xd0
[  521.537240][ T4186]  ret_from_fork+0x1f/0x30
[  521.541641][ T4186]  </TASK>
[  521.637560][    T7] Bluetooth: hci4: command 0x0405 tx timeout
[  521.695730][ T4186] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  521.709824][ T4186] Bluetooth: hci2: failed to register connection device
[  521.857514][ T7906] loop0: detected capacity change from 0 to 64
[  522.713411][ T4187] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  522.723548][ T4187] CPU: 0 PID: 4187 Comm: kworker/u5:8 Not tainted 5.15.183-syzkaller #0
[  522.731911][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  522.741994][ T4187] Workqueue: hci2 hci_rx_work
[  522.746709][ T4187] Call Trace:
[  522.750002][ T4187]  <TASK>
[  522.752954][ T4187]  dump_stack_lvl+0x168/0x230
[  522.757662][ T4187]  ? show_regs_print_info+0x20/0x20
[  522.762968][ T4187]  ? load_image+0x3b0/0x3b0
[  522.767691][ T4187]  sysfs_create_dir_ns+0x252/0x280
[  522.772825][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  522.777886][ T4187]  ? sysfs_warn_dup+0xa0/0xa0
[  522.782579][ T4187]  ? le_conn_complete_evt+0xcbc/0x1590
[  522.788301][ T4187]  ? hci_event_packet+0xe05/0x12f0
[  522.793518][ T4187]  ? process_one_work+0x863/0x1000
[  522.798648][ T4187]  ? do_raw_spin_unlock+0x11d/0x230
[  522.803960][ T4187]  kobject_add_internal+0x662/0xd00
[  522.809189][ T4187]  kobject_add+0x152/0x210
[  522.813640][ T4187]  ? kobject_init+0x1d0/0x1d0
[  522.818343][ T4187]  ? klist_children_get+0x50/0x50
[  522.823557][ T4187]  ? get_device_parent+0x121/0x3f0
[  522.828688][ T4187]  device_add+0x483/0xfb0
[  522.833043][ T4187]  hci_conn_add_sysfs+0xd1/0x1e0
[  522.838011][ T4187]  le_conn_complete_evt+0xcbc/0x1590
[  522.843330][ T4187]  ? cs_le_create_conn+0x5e0/0x5e0
[  522.848474][ T4187]  ? __mutex_trylock_common+0x14f/0x250
[  522.854060][ T4187]  hci_le_meta_evt+0x289/0x3b80
[  522.858939][ T4187]  ? hci_event_packet+0x36d/0x12f0
[  522.864067][ T4187]  ? hci_event_packet+0x2e2/0x12f0
[  522.869238][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  522.874294][ T4187]  ? hci_remote_host_features_evt+0x280/0x280
[  522.880378][ T4187]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  522.886030][ T4187]  ? mark_lock+0x94/0x320
[  522.890374][ T4187]  ? mutex_unlock+0x10/0x10
[  522.894901][ T4187]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  522.900905][ T4187]  ? lock_chain_count+0x20/0x20
[  522.905778][ T4187]  ? __rwlock_init+0x140/0x140
[  522.910566][ T4187]  hci_event_packet+0xe05/0x12f0
[  522.915525][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  522.920747][ T4187]  ? rcu_lock_release+0x20/0x20
[  522.925626][ T4187]  ? hci_send_to_monitor+0x9c/0x4a0
[  522.930954][ T4187]  hci_rx_work+0x255/0xa10
[  522.935498][ T4187]  process_one_work+0x863/0x1000
[  522.940480][ T4187]  ? worker_detach_from_pool+0x240/0x240
[  522.946146][ T4187]  ? lockdep_hardirqs_off+0x70/0x100
[  522.951456][ T4187]  ? _raw_spin_lock_irq+0xab/0xe0
[  522.956504][ T4187]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  522.961898][ T4187]  ? wq_worker_running+0x97/0x170
[  522.967034][ T4187]  worker_thread+0xaa8/0x12a0
[  522.971726][ T4187]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  522.977638][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  522.982867][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  522.988090][ T4187]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  522.994014][ T4187]  kthread+0x436/0x520
[  522.998097][ T4187]  ? rcu_lock_release+0x20/0x20
[  523.003059][ T4187]  ? kthread_blkcg+0xd0/0xd0
[  523.007673][ T4187]  ret_from_fork+0x1f/0x30
[  523.012146][ T4187]  </TASK>
[  523.089675][ T4186] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  523.099547][ T4186] CPU: 1 PID: 4186 Comm: kworker/u5:7 Not tainted 5.15.183-syzkaller #0
[  523.107911][ T4186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  523.118000][ T4186] Workqueue: hci4 hci_rx_work
[  523.122669][ T4186] Call Trace:
[  523.126043][ T4186]  <TASK>
[  523.128969][ T4186]  dump_stack_lvl+0x168/0x230
[  523.133640][ T4186]  ? show_regs_print_info+0x20/0x20
[  523.138903][ T4186]  ? load_image+0x3b0/0x3b0
[  523.143535][ T4186]  sysfs_create_dir_ns+0x252/0x280
[  523.148637][ T4186]  ? __lock_acquire+0x7c60/0x7c60
[  523.153660][ T4186]  ? sysfs_warn_dup+0xa0/0xa0
[  523.158318][ T4186]  ? le_conn_complete_evt+0xcbc/0x1590
[  523.163769][ T4186]  ? hci_event_packet+0xe05/0x12f0
[  523.168857][ T4186]  ? process_one_work+0x863/0x1000
[  523.173957][ T4186]  ? do_raw_spin_unlock+0x11d/0x230
[  523.179133][ T4186]  kobject_add_internal+0x662/0xd00
[  523.184312][ T4186]  kobject_add+0x152/0x210
[  523.188710][ T4186]  ? kobject_init+0x1d0/0x1d0
[  523.193367][ T4186]  ? klist_children_get+0x50/0x50
[  523.198365][ T4186]  ? get_device_parent+0x121/0x3f0
[  523.203450][ T4186]  device_add+0x483/0xfb0
[  523.207759][ T4186]  hci_conn_add_sysfs+0xd1/0x1e0
[  523.212682][ T4186]  le_conn_complete_evt+0xcbc/0x1590
[  523.217956][ T4186]  ? cs_le_create_conn+0x5e0/0x5e0
[  523.223047][ T4186]  ? __mutex_trylock_common+0x14f/0x250
[  523.228591][ T4186]  hci_le_meta_evt+0x289/0x3b80
[  523.233524][ T4186]  ? hci_event_packet+0x36d/0x12f0
[  523.238703][ T4186]  ? hci_event_packet+0x2e2/0x12f0
[  523.243793][ T4186]  ? __lock_acquire+0x7c60/0x7c60
[  523.248889][ T4186]  ? hci_remote_host_features_evt+0x280/0x280
[  523.254932][ T4186]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  523.260564][ T4186]  ? mark_lock+0x94/0x320
[  523.264886][ T4186]  ? mutex_unlock+0x10/0x10
[  523.269363][ T4186]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  523.275322][ T4186]  ? lock_chain_count+0x20/0x20
[  523.280148][ T4186]  ? __rwlock_init+0x140/0x140
[  523.284888][ T4186]  hci_event_packet+0xe05/0x12f0
[  523.289809][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  523.295088][ T4186]  ? rcu_lock_release+0x20/0x20
[  523.299934][ T4186]  ? hci_send_to_monitor+0x9c/0x4a0
[  523.305116][ T4186]  hci_rx_work+0x255/0xa10
[  523.309520][ T4186]  process_one_work+0x863/0x1000
[  523.314442][ T4186]  ? worker_detach_from_pool+0x240/0x240
[  523.320049][ T4186]  ? lockdep_hardirqs_off+0x70/0x100
[  523.325312][ T4186]  ? _raw_spin_lock_irq+0xab/0xe0
[  523.330312][ T4186]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  523.335660][ T4186]  ? wq_worker_running+0x97/0x170
[  523.340672][ T4186]  worker_thread+0xaa8/0x12a0
[  523.345336][ T4186]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  523.351204][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  523.356381][ T4186]  ? lockdep_hardirqs_on+0x94/0x140
[  523.361641][ T4186]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  523.367517][ T4186]  kthread+0x436/0x520
[  523.371567][ T4186]  ? rcu_lock_release+0x20/0x20
[  523.376589][ T4186]  ? kthread_blkcg+0xd0/0xd0
[  523.381173][ T4186]  ret_from_fork+0x1f/0x30
[  523.385596][ T4186]  </TASK>
[  523.451554][ T4186] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  523.466550][ T4187] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  523.483214][ T4186] Bluetooth: hci4: failed to register connection device
[  523.500871][ T4187] Bluetooth: hci2: failed to register connection device
[  527.029193][ T7933] loop3: detected capacity change from 0 to 64
[  528.952057][ T4172] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  528.962084][ T4172] CPU: 0 PID: 4172 Comm: kworker/u5:1 Not tainted 5.15.183-syzkaller #0
[  528.970452][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  528.980538][ T4172] Workqueue: hci4 hci_rx_work
[  528.985251][ T4172] Call Trace:
[  528.988554][ T4172]  <TASK>
[  528.991505][ T4172]  dump_stack_lvl+0x168/0x230
[  528.996213][ T4172]  ? show_regs_print_info+0x20/0x20
[  529.001597][ T4172]  ? load_image+0x3b0/0x3b0
[  529.006137][ T4172]  sysfs_create_dir_ns+0x252/0x280
[  529.011470][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  529.017400][ T4172]  ? sysfs_warn_dup+0xa0/0xa0
[  529.022093][ T4172]  ? le_conn_complete_evt+0xcbc/0x1590
[  529.027537][ T4172]  ? hci_event_packet+0xe05/0x12f0
[  529.032629][ T4172]  ? process_one_work+0x863/0x1000
[  529.037721][ T4172]  ? do_raw_spin_unlock+0x11d/0x230
[  529.042988][ T4172]  kobject_add_internal+0x662/0xd00
[  529.048192][ T4172]  kobject_add+0x152/0x210
[  529.052586][ T4172]  ? kobject_init+0x1d0/0x1d0
[  529.057284][ T4172]  ? klist_children_get+0x50/0x50
[  529.062295][ T4172]  ? get_device_parent+0x121/0x3f0
[  529.067383][ T4172]  device_add+0x483/0xfb0
[  529.071811][ T4172]  hci_conn_add_sysfs+0xd1/0x1e0
[  529.076735][ T4172]  le_conn_complete_evt+0xcbc/0x1590
[  529.082216][ T4172]  ? __switch_to_asm+0x34/0x60
[  529.086960][ T4172]  ? cs_le_create_conn+0x5e0/0x5e0
[  529.092060][ T4172]  ? __mutex_trylock_common+0x14f/0x250
[  529.097588][ T4172]  hci_le_meta_evt+0x289/0x3b80
[  529.102420][ T4172]  ? hci_event_packet+0x36d/0x12f0
[  529.107504][ T4172]  ? hci_event_packet+0x2e2/0x12f0
[  529.112589][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  529.117591][ T4172]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  529.123548][ T4172]  ? lock_chain_count+0x20/0x20
[  529.128372][ T4172]  ? hci_remote_host_features_evt+0x280/0x280
[  529.134428][ T4172]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  529.140038][ T4172]  ? mutex_unlock+0x10/0x10
[  529.144514][ T4172]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  529.150151][ T4172]  hci_event_packet+0xe05/0x12f0
[  529.155098][ T4172]  ? lockdep_hardirqs_on+0x94/0x140
[  529.160279][ T4172]  ? rcu_lock_release+0x20/0x20
[  529.165108][ T4172]  ? hci_send_to_monitor+0x9c/0x4a0
[  529.170284][ T4172]  hci_rx_work+0x255/0xa10
[  529.174793][ T4172]  process_one_work+0x863/0x1000
[  529.179715][ T4172]  ? worker_detach_from_pool+0x240/0x240
[  529.185507][ T4172]  ? lockdep_hardirqs_off+0x70/0x100
[  529.190884][ T4172]  ? _raw_spin_lock_irq+0xab/0xe0
[  529.195995][ T4172]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  529.201344][ T4172]  ? wq_worker_running+0x97/0x170
[  529.206366][ T4172]  worker_thread+0xaa8/0x12a0
[  529.211030][ T4172]  kthread+0x436/0x520
[  529.215114][ T4172]  ? rcu_lock_release+0x20/0x20
[  529.219940][ T4172]  ? kthread_blkcg+0xd0/0xd0
[  529.224679][ T4172]  ret_from_fork+0x1f/0x30
[  529.229080][ T4172]  </TASK>
[  529.235757][ T4172] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  529.249147][ T4172] Bluetooth: hci4: failed to register connection device
[  529.568448][ T7964] loop0: detected capacity change from 0 to 4096
[  530.473454][ T7965] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  530.702680][   T21] Bluetooth: hci2: command 0x0406 tx timeout
[  532.083932][   T21] Bluetooth: hci4: command 0x0406 tx timeout
[  532.127060][ T4172] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  532.136877][ T4172] CPU: 1 PID: 4172 Comm: kworker/u5:1 Not tainted 5.15.183-syzkaller #0
[  532.145227][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  532.155300][ T4172] Workqueue: hci0 hci_rx_work
[  532.160013][ T4172] Call Trace:
[  532.163306][ T4172]  <TASK>
[  532.166255][ T4172]  dump_stack_lvl+0x168/0x230
[  532.170963][ T4172]  ? show_regs_print_info+0x20/0x20
[  532.176176][ T4172]  ? load_image+0x3b0/0x3b0
[  532.180714][ T4172]  sysfs_create_dir_ns+0x252/0x280
[  532.185841][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  532.190892][ T4172]  ? sysfs_warn_dup+0xa0/0xa0
[  532.195589][ T4172]  ? le_conn_complete_evt+0xcbc/0x1590
[  532.201059][ T4172]  ? hci_event_packet+0xe05/0x12f0
[  532.206189][ T4172]  ? process_one_work+0x863/0x1000
[  532.211323][ T4172]  ? do_raw_spin_unlock+0x11d/0x230
[  532.216544][ T4172]  kobject_add_internal+0x662/0xd00
[  532.221864][ T4172]  kobject_add+0x152/0x210
[  532.226305][ T4172]  ? kobject_init+0x1d0/0x1d0
[  532.231006][ T4172]  ? klist_children_get+0x50/0x50
[  532.236052][ T4172]  ? get_device_parent+0x121/0x3f0
[  532.241180][ T4172]  device_add+0x483/0xfb0
[  532.245535][ T4172]  hci_conn_add_sysfs+0xd1/0x1e0
[  532.250494][ T4172]  le_conn_complete_evt+0xcbc/0x1590
[  532.255810][ T4172]  ? cs_le_create_conn+0x5e0/0x5e0
[  532.260951][ T4172]  ? lockdep_hardirqs_on+0x94/0x140
[  532.266173][ T4172]  ? __mutex_trylock_common+0x14f/0x250
[  532.271747][ T4172]  hci_le_meta_evt+0x289/0x3b80
[  532.276622][ T4172]  ? hci_event_packet+0x36d/0x12f0
[  532.281745][ T4172]  ? hci_event_packet+0x2e2/0x12f0
[  532.286875][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  532.291932][ T4172]  ? hci_remote_host_features_evt+0x280/0x280
[  532.298031][ T4172]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  532.303678][ T4172]  ? mark_lock+0x94/0x320
[  532.308024][ T4172]  ? mutex_unlock+0x10/0x10
[  532.312549][ T4172]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  532.318550][ T4172]  ? lock_chain_count+0x20/0x20
[  532.323417][ T4172]  ? __rwlock_init+0x140/0x140
[  532.328204][ T4172]  hci_event_packet+0xe05/0x12f0
[  532.333163][ T4172]  ? lockdep_hardirqs_on+0x94/0x140
[  532.338386][ T4172]  ? rcu_lock_release+0x20/0x20
[  532.343263][ T4172]  ? hci_send_to_monitor+0x9c/0x4a0
[  532.348484][ T4172]  hci_rx_work+0x255/0xa10
[  532.352937][ T4172]  process_one_work+0x863/0x1000
[  532.357916][ T4172]  ? worker_detach_from_pool+0x240/0x240
[  532.363568][ T4172]  ? lockdep_hardirqs_off+0x70/0x100
[  532.368879][ T4172]  ? _raw_spin_lock_irq+0xab/0xe0
[  532.373927][ T4172]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  532.379320][ T4172]  ? wq_worker_running+0x97/0x170
[  532.384370][ T4172]  worker_thread+0xaa8/0x12a0
[  532.389112][ T4172]  kthread+0x436/0x520
[  532.393194][ T4172]  ? rcu_lock_release+0x20/0x20
[  532.398067][ T4172]  ? kthread_blkcg+0xd0/0xd0
[  532.402673][ T4172]  ret_from_fork+0x1f/0x30
[  532.407126][ T4172]  </TASK>
[  532.415058][ T4172] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  532.428841][ T4172] Bluetooth: hci0: failed to register connection device
[  533.624280][ T7990] loop0: detected capacity change from 0 to 64
[  535.797466][ T4276] Bluetooth: hci4: command 0x0406 tx timeout
[  539.197110][   T21] Bluetooth: hci0: command 0x0406 tx timeout
[  539.232128][ T8019] loop2: detected capacity change from 0 to 64
[  540.844590][ T8039] fuse: Bad value for 'fd'
[  544.955230][ T8059] loop4: detected capacity change from 0 to 4096
[  547.436118][ T8071] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  549.014950][ T8075] loop0: detected capacity change from 0 to 64
[  550.370722][ T8096] fuse: Bad value for 'fd'
[  550.417028][ T4172] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  550.427023][ T4172] CPU: 1 PID: 4172 Comm: kworker/u5:1 Not tainted 5.15.183-syzkaller #0
[  550.435555][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  550.445620][ T4172] Workqueue: hci0 hci_rx_work
[  550.450320][ T4172] Call Trace:
[  550.453613][ T4172]  <TASK>
[  550.456555][ T4172]  dump_stack_lvl+0x168/0x230
[  550.461254][ T4172]  ? show_regs_print_info+0x20/0x20
[  550.466551][ T4172]  ? load_image+0x3b0/0x3b0
[  550.471099][ T4172]  sysfs_create_dir_ns+0x252/0x280
[  550.476222][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  550.481264][ T4172]  ? sysfs_warn_dup+0xa0/0xa0
[  550.485966][ T4172]  kobject_add_internal+0x662/0xd00
[  550.491198][ T4172]  kobject_add+0x152/0x210
[  550.495636][ T4172]  ? kobject_init+0x1d0/0x1d0
[  550.500328][ T4172]  ? klist_children_get+0x50/0x50
[  550.505364][ T4172]  ? get_device_parent+0x121/0x3f0
[  550.510494][ T4172]  device_add+0x483/0xfb0
[  550.514853][ T4172]  hci_conn_add_sysfs+0xd1/0x1e0
[  550.519895][ T4172]  le_conn_complete_evt+0xcbc/0x1590
[  550.525224][ T4172]  ? cs_le_create_conn+0x5e0/0x5e0
[  550.530359][ T4172]  ? __mutex_trylock_common+0x14f/0x250
[  550.535931][ T4172]  hci_le_meta_evt+0x289/0x3b80
[  550.540805][ T4172]  ? hci_event_packet+0x36d/0x12f0
[  550.545930][ T4172]  ? hci_event_packet+0x2e2/0x12f0
[  550.551060][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  550.556127][ T4172]  ? hci_remote_host_features_evt+0x280/0x280
[  550.562207][ T4172]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  550.567854][ T4172]  ? mark_lock+0x94/0x320
[  550.572201][ T4172]  ? mutex_unlock+0x10/0x10
[  550.576714][ T4172]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  550.582709][ T4172]  ? lock_chain_count+0x20/0x20
[  550.587572][ T4172]  ? __rwlock_init+0x140/0x140
[  550.592358][ T4172]  hci_event_packet+0xe05/0x12f0
[  550.597312][ T4172]  ? lockdep_hardirqs_on+0x94/0x140
[  550.602531][ T4172]  ? rcu_lock_release+0x20/0x20
[  550.607400][ T4172]  ? hci_send_to_monitor+0x9c/0x4a0
[  550.612616][ T4172]  hci_rx_work+0x255/0xa10
[  550.617062][ T4172]  process_one_work+0x863/0x1000
[  550.622032][ T4172]  ? worker_detach_from_pool+0x240/0x240
[  550.627681][ T4172]  ? lockdep_hardirqs_off+0x70/0x100
[  550.632989][ T4172]  ? _raw_spin_lock_irq+0xab/0xe0
[  550.638029][ T4172]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  550.643421][ T4172]  ? wq_worker_running+0x97/0x170
[  550.648458][ T4172]  worker_thread+0xaa8/0x12a0
[  550.653182][ T4172]  kthread+0x436/0x520
[  550.657261][ T4172]  ? rcu_lock_release+0x20/0x20
[  550.662118][ T4172]  ? kthread_blkcg+0xd0/0xd0
[  550.666722][ T4172]  ret_from_fork+0x1f/0x30
[  550.671169][ T4172]  </TASK>
[  550.999497][ T4172] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  551.019679][ T4172] Bluetooth: hci0: failed to register connection device
[  551.315304][ T8101] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  553.156273][ T4276] Bluetooth: hci0: command 0x2016 tx timeout
[  553.167027][ T8112] loop4: detected capacity change from 0 to 128
[  553.187116][ T4172] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  553.197031][ T4172] CPU: 0 PID: 4172 Comm: kworker/u5:1 Not tainted 5.15.183-syzkaller #0
[  553.205393][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  553.215471][ T4172] Workqueue: hci4 hci_rx_work
[  553.220186][ T4172] Call Trace:
[  553.223471][ T4172]  <TASK>
[  553.226389][ T4172]  dump_stack_lvl+0x168/0x230
[  553.231050][ T4172]  ? show_regs_print_info+0x20/0x20
[  553.236223][ T4172]  ? load_image+0x3b0/0x3b0
[  553.240721][ T4172]  sysfs_create_dir_ns+0x252/0x280
[  553.245808][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  553.250834][ T4172]  ? sysfs_warn_dup+0xa0/0xa0
[  553.255489][ T4172]  ? le_conn_complete_evt+0xcbc/0x1590
[  553.260934][ T4172]  ? hci_event_packet+0xe05/0x12f0
[  553.266021][ T4172]  ? process_one_work+0x863/0x1000
[  553.271143][ T4172]  ? do_raw_spin_unlock+0x11d/0x230
[  553.276406][ T4172]  kobject_add_internal+0x662/0xd00
[  553.281582][ T4172]  kobject_add+0x152/0x210
[  553.286163][ T4172]  ? kobject_init+0x1d0/0x1d0
[  553.290828][ T4172]  ? klist_children_get+0x50/0x50
[  553.295916][ T4172]  ? get_device_parent+0x121/0x3f0
[  553.301014][ T4172]  device_add+0x483/0xfb0
[  553.305328][ T4172]  hci_conn_add_sysfs+0xd1/0x1e0
[  553.310244][ T4172]  le_conn_complete_evt+0xcbc/0x1590
[  553.315509][ T4172]  ? cs_le_create_conn+0x5e0/0x5e0
[  553.320658][ T4172]  ? __mutex_trylock_common+0x14f/0x250
[  553.326180][ T4172]  hci_le_meta_evt+0x289/0x3b80
[  553.331006][ T4172]  ? hci_event_packet+0x36d/0x12f0
[  553.336090][ T4172]  ? hci_event_packet+0x2e2/0x12f0
[  553.341175][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  553.346178][ T4172]  ? hci_remote_host_features_evt+0x280/0x280
[  553.352323][ T4172]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  553.357930][ T4172]  ? mark_lock+0x94/0x320
[  553.362234][ T4172]  ? mutex_unlock+0x10/0x10
[  553.366715][ T4172]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  553.372672][ T4172]  ? lock_chain_count+0x20/0x20
[  553.377499][ T4172]  ? __rwlock_init+0x140/0x140
[  553.382325][ T4172]  hci_event_packet+0xe05/0x12f0
[  553.387237][ T4172]  ? lockdep_hardirqs_on+0x94/0x140
[  553.392420][ T4172]  ? rcu_lock_release+0x20/0x20
[  553.397263][ T4172]  ? hci_send_to_monitor+0x9c/0x4a0
[  553.402439][ T4172]  hci_rx_work+0x255/0xa10
[  553.407011][ T4172]  process_one_work+0x863/0x1000
[  553.411936][ T4172]  ? worker_detach_from_pool+0x240/0x240
[  553.417643][ T4172]  ? lockdep_hardirqs_off+0x70/0x100
[  553.423102][ T4172]  ? _raw_spin_lock_irq+0xab/0xe0
[  553.428127][ T4172]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  553.433477][ T4172]  ? wq_worker_running+0x97/0x170
[  553.438503][ T4172]  worker_thread+0xaa8/0x12a0
[  553.443192][ T4172]  kthread+0x436/0x520
[  553.447240][ T4172]  ? rcu_lock_release+0x20/0x20
[  553.452070][ T4172]  ? kthread_blkcg+0xd0/0xd0
[  553.456640][ T4172]  ret_from_fork+0x1f/0x30
[  553.461126][ T4172]  </TASK>
[  553.464559][ T4172] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  553.478448][ T4172] Bluetooth: hci4: failed to register connection device
[  553.495371][ T8112] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  553.519629][ T8112] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  555.171771][ T8121] loop3: detected capacity change from 0 to 64
[  555.671686][ T8131] loop1: detected capacity change from 0 to 64
[  558.505490][ T8150] loop4: detected capacity change from 0 to 4096
[  561.979440][ T4248] Bluetooth: hci4: command 0x0406 tx timeout
[  565.675229][ T8156] loop1: detected capacity change from 0 to 128
[  565.692350][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  565.698636][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  565.753955][ T8156] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  565.766378][ T8156] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  576.956868][ T8208] loop4: detected capacity change from 0 to 128
[  577.009206][ T8208] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  577.022433][ T8208] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  578.986975][ T8236] loop4: detected capacity change from 0 to 64
[  582.005404][ T8269] loop1: detected capacity change from 0 to 2048
[  582.032523][ T8269] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  582.474343][ T8265] loop0: detected capacity change from 0 to 4096
[  583.580331][ T8275] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  588.488507][ T8308] loop0: detected capacity change from 0 to 128
[  588.633718][ T8308] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  588.655324][ T8308] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  589.861548][ T4276] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  590.517920][ T8330] loop2: detected capacity change from 0 to 4096
[  590.568929][ T4276] usb 5-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice=61.d7
[  590.634839][ T8331] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  591.204734][ T8327] loop1: detected capacity change from 0 to 4096
[  591.221641][ T4276] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.229780][ T4276] usb 5-1: Product: syz
[  591.233969][ T4276] usb 5-1: Manufacturer: syz
[  591.238591][ T4276] usb 5-1: SerialNumber: syz
[  591.269776][ T4276] usb 5-1: config 0 descriptor??
[  591.321440][ T4276] ldusb 5-1:0.0: Interrupt in endpoint not found
[  591.334370][ T8327] ntfs: (device loop1): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  592.048959][ T8327] ntfs: (device loop1): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  592.162093][ T8327] ntfs: volume version 3.1.
[  592.184596][ T8327] ntfs: (device loop1): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  592.236002][ T4248] usb 5-1: USB disconnect, device number 9
[  592.246069][ T8327] ntfs: (device loop1): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  592.499076][ T8327] ntfs: (device loop1): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  593.609060][ T8327] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  593.659779][ T8327] ntfs: (device loop1): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  593.670138][ T8327] ntfs: (device loop1): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  594.777953][ T8357] loop2: detected capacity change from 0 to 4096
[  594.840895][ T8353] loop3: detected capacity change from 0 to 256
[  595.062263][ T8358] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  597.051714][ T8379] loop0: detected capacity change from 0 to 64
[  598.204416][ T8391] loop0: detected capacity change from 0 to 128
[  598.231786][ T8391] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  598.273162][ T8391] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  598.694347][ T8394] loop4: detected capacity change from 0 to 4096
[  599.408206][ T8395] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  600.834099][ T8404] loop1: detected capacity change from 0 to 64
[  602.217256][ T8407] loop2: detected capacity change from 0 to 4096
[  602.596063][ T8418] loop4: detected capacity change from 0 to 2048
[  602.869502][ T8418] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  603.260554][ T8407] ntfs: (device loop2): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  603.292304][ T8407] ntfs: (device loop2): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  603.424073][ T8407] ntfs: volume version 3.1.
[  603.435596][ T8407] ntfs: (device loop2): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  603.451438][ T8407] ntfs: (device loop2): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  603.465079][ T8407] ntfs: (device loop2): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  603.484632][ T8407] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  603.495057][ T8407] ntfs: (device loop2): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  603.512103][ T8407] ntfs: (device loop2): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  603.782668][ T8427] loop3: detected capacity change from 0 to 64
[  604.429591][ T8432] loop0: detected capacity change from 0 to 128
[  604.478499][ T8432] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  604.997672][ T8432] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  607.063750][ T8451] loop4: detected capacity change from 0 to 512
[  607.185521][ T8451] EXT4-fs (loop4): orphan cleanup on readonly fs
[  607.212316][ T8451] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1133: bg 0: block 248: padding at end of block bitmap is not set
[  607.303532][ T8451] Quota error (device loop4): write_blk: dquota write failed
[  607.318610][ T8451] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  607.340415][ T8451] EXT4-fs error (device loop4): ext4_acquire_dquot:6204: comm syz.4.1133: Failed to acquire dquot type 1
[  607.642578][ T8451] EXT4-fs (loop4): 1 truncate cleaned up
[  607.813486][ T8451] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  608.538858][   T21] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  612.059575][ T8475] loop3: detected capacity change from 0 to 128
[  612.181868][ T8475] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  612.194728][ T8475] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  612.311861][ T8480] loop0: detected capacity change from 0 to 128
[  612.409666][ T8480] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  612.636752][ T8480] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  616.604573][ T8512] loop3: detected capacity change from 0 to 4096
[  619.167779][ T8527] loop1: detected capacity change from 0 to 128
[  619.530274][ T8512] ntfs: (device loop3): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  619.576264][ T8525] loop4: detected capacity change from 0 to 4096
[  619.588949][ T8527] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  619.614739][ T8527] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  620.130833][ T8512] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  620.186600][ T8531] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  620.246705][ T8529] loop0: detected capacity change from 0 to 128
[  620.470580][ T8529] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  620.559348][ T8512] ntfs: volume version 3.1.
[  620.567786][ T8512] ntfs: (device loop3): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  620.583538][ T8512] ntfs: (device loop3): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  620.594010][ T8512] ntfs: (device loop3): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  620.607708][ T8512] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  620.625645][ T8512] ntfs: (device loop3): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  620.630868][ T8529] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  620.635830][ T8512] ntfs: (device loop3): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  621.757252][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  622.355258][ T8547] loop2: detected capacity change from 0 to 128
[  622.485747][ T8547] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  622.501511][ T8547] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  625.354851][ T8577] loop4: detected capacity change from 0 to 128
[  625.894463][ T8577] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  625.906832][ T8577] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  626.247991][ T8581] loop0: detected capacity change from 0 to 4096
[  626.388239][ T8588] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  627.194304][ T8592] loop1: detected capacity change from 0 to 128
[  627.644943][ T8584] loop2: detected capacity change from 0 to 4096
[  627.697978][ T8592] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  627.719072][ T8592] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  627.847964][ T8584] ntfs: (device loop2): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  627.876206][ T8584] ntfs: (device loop2): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  628.174465][ T8605] fuse: Bad value for 'fd'
[  629.221275][ T8584] ntfs: volume version 3.1.
[  629.261894][ T8584] ntfs: (device loop2): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  629.301688][ T8584] ntfs: (device loop2): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  629.335051][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  629.341852][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  629.396853][ T8584] ntfs: (device loop2): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  629.450780][ T8584] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  629.622951][ T8584] ntfs: (device loop2): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  629.977350][ T8584] ntfs: (device loop2): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  630.202257][ T8616] loop0: detected capacity change from 0 to 64
[  632.135545][ T8630] loop1: detected capacity change from 0 to 4096
[  632.208495][ T8632] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  635.087360][ T8648] loop3: detected capacity change from 0 to 256
[  635.396204][ T8651] loop1: detected capacity change from 0 to 64
[  638.428665][ T8662] fuse: Bad value for 'fd'
[  638.529475][ T8660] loop3: detected capacity change from 0 to 512
[  638.859548][ T8660] EXT4-fs (loop3): orphan cleanup on readonly fs
[  639.054715][ T8660] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1190: bg 0: block 248: padding at end of block bitmap is not set
[  639.129678][ T8660] Quota error (device loop3): write_blk: dquota write failed
[  639.505719][ T8660] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  639.744119][ T8660] EXT4-fs error (device loop3): ext4_acquire_dquot:6204: comm syz.3.1190: Failed to acquire dquot type 1
[  639.830580][ T8660] EXT4-fs (loop3): 1 truncate cleaned up
[  639.880242][ T8664] loop0: detected capacity change from 0 to 4096
[  639.896523][ T8660] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  640.706924][ T4266] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  640.934652][ T8664] ntfs: (device loop0): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  640.950670][ T8664] ntfs: (device loop0): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  641.021330][ T8664] ntfs: volume version 3.1.
[  641.033942][ T8664] ntfs: (device loop0): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  641.737560][ T8664] ntfs: (device loop0): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  641.737594][ T8664] ntfs: (device loop0): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  641.737635][ T8664] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  641.737659][ T8664] ntfs: (device loop0): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  641.737674][ T8664] ntfs: (device loop0): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  641.882362][ T4266] usb 4-1: unable to get BOS descriptor or descriptor too short
[  642.029583][ T4266] usb 4-1: unable to read config index 0 descriptor/start: -71
[  642.099260][ T4266] usb 4-1: can't read configurations, error -71
[  643.647670][ T8699] loop0: detected capacity change from 0 to 4096
[  645.091578][ T8702] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  649.028925][ T8729] loop1: detected capacity change from 0 to 64
[  651.108852][ T8740] loop2: detected capacity change from 0 to 128
[  651.211525][ T8740] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  651.232776][ T8740] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  652.404725][ T8744] loop0: detected capacity change from 0 to 4096
[  655.200026][ T8765] loop2: detected capacity change from 0 to 128
[  656.360806][ T8765] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  656.376333][ T8765] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  656.489408][ T8778] loop0: detected capacity change from 0 to 512
[  656.539528][ T8778] EXT4-fs (loop0): orphan cleanup on readonly fs
[  656.558132][ T8778] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1221: bg 0: block 248: padding at end of block bitmap is not set
[  656.604370][ T8778] Quota error (device loop0): write_blk: dquota write failed
[  656.612622][ T8778] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  656.681853][ T8778] EXT4-fs error (device loop0): ext4_acquire_dquot:6204: comm syz.0.1221: Failed to acquire dquot type 1
[  656.864628][ T8783] loop1: detected capacity change from 0 to 4096
[  656.963185][ T8778] EXT4-fs (loop0): 1 truncate cleaned up
[  656.989323][ T8787] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  657.106780][ T8778] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  657.834511][ T8788] loop4: detected capacity change from 0 to 2048
[  658.021834][ T8788] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  658.284859][ T4216] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  658.929123][ T4216] usb 1-1: unable to get BOS descriptor or descriptor too short
[  658.973051][ T8805] loop4: detected capacity change from 0 to 4096
[  659.035508][ T4216] usb 1-1: not running at top speed; connect to a high speed hub
[  659.079737][ T8806] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  659.759536][ T8811] loop3: detected capacity change from 0 to 64
[  660.364262][ T8812] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  660.398873][ T4216] usb 1-1: unable to read config index 0 descriptor/all
[  660.405981][ T4216] usb 1-1: can't read configurations, error -71
[  660.599701][ T8815] loop2: detected capacity change from 0 to 4096
[  660.848931][ T4215] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  662.794505][ T8815] ntfs: (device loop2): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  662.839108][ T8815] ntfs: (device loop2): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  664.736223][ T4215] usb 2-1: device not accepting address 5, error -71
[  664.752006][ T8833] loop0: detected capacity change from 0 to 128
[  664.795704][ T8833] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  664.796232][ T8815] ntfs: volume version 3.1.
[  664.843530][ T8833] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  664.857812][ T8840] loop1: detected capacity change from 0 to 128
[  665.192523][ T8840] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  665.247290][ T8840] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  665.401348][ T8815] ntfs: (device loop2): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  665.419092][ T8815] ntfs: (device loop2): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  665.638877][ T8815] ntfs: (device loop2): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  665.652073][ T8815] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  665.666339][ T8815] ntfs: (device loop2): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  666.698263][ T8815] ntfs: (device loop2): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  666.815916][ T8852] loop3: detected capacity change from 0 to 4096
[  668.000410][ T8856] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  668.181185][ T8857] loop0: detected capacity change from 0 to 512
[  668.433573][ T8857] EXT4-fs (loop0): orphan cleanup on readonly fs
[  668.509737][ T8868] loop4: detected capacity change from 0 to 64
[  668.953916][ T8857] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1243: bg 0: block 248: padding at end of block bitmap is not set
[  669.325565][ T8857] Quota error (device loop0): write_blk: dquota write failed
[  669.431437][ T8857] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  669.452608][ T8870] loop1: detected capacity change from 0 to 4096
[  669.556908][ T8875] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  669.953050][ T8857] EXT4-fs error (device loop0): ext4_acquire_dquot:6204: comm syz.0.1243: Failed to acquire dquot type 1
[  669.997393][ T8857] EXT4-fs (loop0): 1 truncate cleaned up
[  670.287938][ T8857] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  672.130103][ T8894] loop4: detected capacity change from 0 to 2048
[  672.402341][ T8894] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  675.339074][ T4266] Bluetooth: hci4: command 0x0406 tx timeout
[  675.413066][ T8905] loop0: detected capacity change from 0 to 4096
[  678.501737][ T8937] loop4: detected capacity change from 0 to 128
[  678.555674][ T8937] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  678.565267][ T8938] loop2: detected capacity change from 0 to 512
[  678.569186][ T8937] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  680.294770][ T8938] EXT4-fs (loop2): orphan cleanup on readonly fs
[  680.347544][ T8938] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1263: bg 0: block 248: padding at end of block bitmap is not set
[  680.364144][ T8938] Quota error (device loop2): write_blk: dquota write failed
[  680.403611][ T8938] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  680.423086][ T8938] EXT4-fs error (device loop2): ext4_acquire_dquot:6204: comm syz.2.1263: Failed to acquire dquot type 1
[  680.540787][ T8938] EXT4-fs (loop2): 1 truncate cleaned up
[  680.569556][ T8938] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  683.707297][ T8975] loop0: detected capacity change from 0 to 4096
[  686.569023][ T8976] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  688.109674][ T8977] loop2: detected capacity change from 0 to 64
[  688.120653][ T8984] loop3: detected capacity change from 0 to 4096
[  688.365706][ T8986] loop1: detected capacity change from 0 to 128
[  688.945667][ T8986] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  688.982136][ T8986] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  689.014979][ T8987] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  689.853537][ T8998] loop1: detected capacity change from 0 to 128
[  690.615415][ T8998] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  690.628274][ T8998] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  690.680772][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  690.687117][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  693.485931][ T9013] loop3: detected capacity change from 0 to 512
[  694.519983][ T9013] EXT4-fs (loop3): orphan cleanup on readonly fs
[  697.085065][ T9013] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1285: bg 0: block 248: padding at end of block bitmap is not set
[  697.275100][ T9034] loop0: detected capacity change from 0 to 128
[  697.485599][ T9013] Quota error (device loop3): write_blk: dquota write failed
[  697.740696][ T9013] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  697.760985][ T9013] EXT4-fs error (device loop3): ext4_acquire_dquot:6204: comm syz.3.1285: Failed to acquire dquot type 1
[  697.823044][ T9013] EXT4-fs (loop3): 1 truncate cleaned up
[  697.836291][ T9013] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  698.026510][ T9037] loop2: detected capacity change from 0 to 4096
[  706.283257][ T9060] loop3: detected capacity change from 0 to 128
[  706.390171][ T9060] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  706.406849][ T9060] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  707.848525][ T9077] loop2: detected capacity change from 0 to 4096
[  708.003345][ T9078] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  708.316515][ T9083] loop0: detected capacity change from 0 to 2048
[  708.683288][ T9083] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  709.825972][ T9089] loop3: detected capacity change from 0 to 4096
[  712.485611][ T4269] Bluetooth: hci5: command 0x0409 tx timeout
[  712.914715][ T9110] loop2: detected capacity change from 0 to 128
[  713.067445][ T9110] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  713.095061][ T9110] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  714.501127][ T7917] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  714.511362][ T7917] CPU: 1 PID: 7917 Comm: kworker/u5:0 Not tainted 5.15.183-syzkaller #0
[  714.519735][ T7917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  714.529819][ T7917] Workqueue: hci4 hci_rx_work
[  714.534528][ T7917] Call Trace:
[  714.537826][ T7917]  <TASK>
[  714.540855][ T7917]  dump_stack_lvl+0x168/0x230
[  714.545558][ T7917]  ? show_regs_print_info+0x20/0x20
[  714.550780][ T7917]  ? load_image+0x3b0/0x3b0
[  714.555312][ T7917]  sysfs_create_dir_ns+0x252/0x280
[  714.560445][ T7917]  ? __lock_acquire+0x7c60/0x7c60
[  714.565497][ T7917]  ? sysfs_warn_dup+0xa0/0xa0
[  714.570194][ T7917]  ? le_conn_complete_evt+0xcbc/0x1590
[  714.575676][ T7917]  ? hci_event_packet+0xe05/0x12f0
[  714.580804][ T7917]  ? process_one_work+0x863/0x1000
[  714.585945][ T7917]  ? do_raw_spin_unlock+0x11d/0x230
[  714.591169][ T7917]  kobject_add_internal+0x662/0xd00
[  714.596485][ T7917]  kobject_add+0x152/0x210
[  714.600920][ T7917]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  714.606584][ T7917]  ? kobject_init+0x1d0/0x1d0
[  714.611288][ T7917]  ? device_add+0x1d5/0xfb0
[  714.615813][ T7917]  ? get_device_parent+0x121/0x3f0
[  714.620947][ T7917]  device_add+0x483/0xfb0
[  714.625312][ T7917]  hci_conn_add_sysfs+0xd1/0x1e0
[  714.630296][ T7917]  le_conn_complete_evt+0xcbc/0x1590
[  714.635707][ T7917]  ? cs_le_create_conn+0x5e0/0x5e0
[  714.640849][ T7917]  ? mark_lock+0x94/0x320
[  714.645208][ T7917]  hci_le_meta_evt+0x289/0x3b80
[  714.650090][ T7917]  ? mark_lock+0x94/0x320
[  714.654450][ T7917]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  714.660459][ T7917]  ? lock_chain_count+0x20/0x20
[  714.665605][ T7917]  ? hci_remote_host_features_evt+0x280/0x280
[  714.671695][ T7917]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  714.677438][ T7917]  ? lockdep_hardirqs_on+0x94/0x140
[  714.682657][ T7917]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  714.688321][ T7917]  hci_event_packet+0xe05/0x12f0
[  714.693276][ T7917]  ? lockdep_hardirqs_on+0x94/0x140
[  714.698504][ T7917]  ? rcu_lock_release+0x20/0x20
[  714.703373][ T7917]  ? lock_acquire+0x1f2/0x3f0
[  714.708085][ T7917]  ? hci_send_to_monitor+0x9c/0x4a0
[  714.713309][ T7917]  hci_rx_work+0x255/0xa10
[  714.717767][ T7917]  process_one_work+0x863/0x1000
[  714.722751][ T7917]  ? worker_detach_from_pool+0x240/0x240
[  714.728397][ T7917]  ? lockdep_hardirqs_off+0x70/0x100
[  714.733706][ T7917]  ? _raw_spin_lock_irq+0xab/0xe0
[  714.738760][ T7917]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  714.744157][ T7917]  ? wq_worker_running+0x97/0x170
[  714.749204][ T7917]  worker_thread+0xaa8/0x12a0
[  714.753930][ T7917]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  714.759846][ T7917]  ? lockdep_hardirqs_on+0x94/0x140
[  714.765090][ T7917]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  714.771460][ T7917]  kthread+0x436/0x520
[  714.775542][ T7917]  ? rcu_lock_release+0x20/0x20
[  714.780423][ T7917]  ? kthread_blkcg+0xd0/0xd0
[  714.785038][ T7917]  ret_from_fork+0x1f/0x30
[  714.789489][ T7917]  </TASK>
[  714.790607][ T4276] Bluetooth: hci5: command 0x041b tx timeout
[  714.808208][ T7917] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  714.822696][ T7917] Bluetooth: hci4: failed to register connection device
[  715.046879][ T9123] loop0: detected capacity change from 0 to 2048
[  715.375657][ T9123] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  716.607429][ T9145] loop1: detected capacity change from 0 to 64
[  719.283256][  T154] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.461258][ T9094] chnl_net:caif_netlink_parms(): no params data found
[  719.678180][   T21] Bluetooth: hci5: command 0x040f tx timeout
[  721.349861][ T4276] Bluetooth: hci4: command 0x0406 tx timeout
[  721.695488][  T154] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  721.708886][   T21] Bluetooth: hci5: command 0x0419 tx timeout
[  721.737247][ T9164] loop3: detected capacity change from 0 to 512
[  722.007519][ T9171] loop2: detected capacity change from 0 to 2048
[  722.687641][ T9164] EXT4-fs (loop3): orphan cleanup on readonly fs
[  722.696224][ T9171] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  722.703654][  T154] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.763116][ T9164] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1328: bg 0: block 248: padding at end of block bitmap is not set
[  722.813790][ T9164] Quota error (device loop3): write_blk: dquota write failed
[  722.887945][ T9164] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  722.950299][ T9164] EXT4-fs error (device loop3): ext4_acquire_dquot:6204: comm syz.3.1328: Failed to acquire dquot type 1
[  722.995006][  T154] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.087771][ T9182] loop0: detected capacity change from 0 to 128
[  723.113123][ T9182] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  723.135748][ T9182] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  723.457468][ T9164] EXT4-fs (loop3): 1 truncate cleaned up
[  723.644164][ T9094] bridge0: port 1(bridge_slave_0) entered blocking state
[  723.678901][ T9164] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  723.699265][ T9094] bridge0: port 1(bridge_slave_0) entered disabled state
[  723.721684][ T9094] device bridge_slave_0 entered promiscuous mode
[  723.799389][ T4269] Bluetooth: hci5: command 0x0405 tx timeout
[  723.819867][ T9094] bridge0: port 2(bridge_slave_1) entered blocking state
[  723.840335][ T9094] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.868407][ T9094] device bridge_slave_1 entered promiscuous mode
[  724.658923][ T4269] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  725.860547][ T9094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  725.868996][ T4269] usb 4-1: device descriptor read/all, error -71
[  725.939322][ T9094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  726.148179][ T9202] loop2: detected capacity change from 0 to 64
[  728.093997][ T9206] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  728.246564][ T9094] team0: Port device team_slave_0 added
[  728.299402][ T9094] team0: Port device team_slave_1 added
[  730.298530][ T9215] loop2: detected capacity change from 0 to 128
[  730.384531][ T9094] batman_adv: batadv0: Adding interface: batadv_slave_0
[  730.396997][ T9094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  730.428322][ T9215] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  730.438985][ T4269] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  730.451087][ T9215] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  730.634616][ T9094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  731.199091][ T9230] loop2: detected capacity change from 0 to 128
[  731.227288][ T9230] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  731.249710][ T9230] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  731.936024][ T9094] batman_adv: batadv0: Adding interface: batadv_slave_1
[  731.976971][ T9094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  731.988800][ T4269] usb 4-1: device descriptor read/all, error -71
[  732.634692][ T4269] usb usb4-port1: attempt power cycle
[  732.641480][ T9094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  732.702549][ T9244] loop3: detected capacity change from 0 to 256
[  733.978035][ T9094] device hsr_slave_0 entered promiscuous mode
[  734.019504][ T9094] device hsr_slave_1 entered promiscuous mode
[  734.032288][ T9094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  734.062217][ T9094] Cannot create hsr debugfs directory
[  736.587663][ T9094] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  736.828976][ T9273] loop3: detected capacity change from 0 to 4096
[  736.842063][ T9094] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  736.933448][ T9276] loop0: detected capacity change from 0 to 64
[  737.894400][ T9094] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  737.920637][ T9094] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  739.233541][ T9277] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  742.610216][ T9094] 8021q: adding VLAN 0 to HW filter on device bond0
[  742.932803][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  742.943959][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  743.077140][ T9094] 8021q: adding VLAN 0 to HW filter on device team0
[  743.104601][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  743.124273][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  743.174451][ T9328] loop0: detected capacity change from 0 to 256
[  743.239241][ T6586] bridge0: port 1(bridge_slave_0) entered blocking state
[  743.246428][ T6586] bridge0: port 1(bridge_slave_0) entered forwarding state
[  744.201909][ T9336] loop1: detected capacity change from 0 to 64
[  744.364133][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  744.511011][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  745.163254][ T6586] bridge0: port 2(bridge_slave_1) entered blocking state
[  745.170564][ T6586] bridge0: port 2(bridge_slave_1) entered forwarding state
[  745.355197][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  747.767677][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  748.019140][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  748.071753][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  748.471571][ T9354] loop2: detected capacity change from 0 to 128
[  748.477259][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  748.502276][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  748.506263][ T9347] loop0: detected capacity change from 0 to 2048
[  748.512588][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  748.579803][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  748.605627][ T9347] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  748.611339][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  748.657625][ T9354] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  748.674237][ T9354] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  748.750930][ T6586] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  748.912864][ T5630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  749.198303][ T5630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  749.854656][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  751.138451][  T154] device hsr_slave_0 left promiscuous mode
[  751.269157][  T154] device hsr_slave_1 left promiscuous mode
[  751.393489][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  752.110734][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  752.117081][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  752.177588][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[  752.289773][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  752.344613][ T9382] loop3: detected capacity change from 0 to 512
[  752.361388][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  752.453973][ T9384] loop2: detected capacity change from 0 to 4096
[  752.645978][  T154] device veth1_macvtap left promiscuous mode
[  752.668147][  T154] device veth0_macvtap left promiscuous mode
[  752.676198][ T9382] EXT4-fs (loop3): orphan cleanup on readonly fs
[  753.098257][ T9382] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1373: bg 0: block 248: padding at end of block bitmap is not set
[  753.156899][  T154] device veth1_vlan left promiscuous mode
[  753.516751][  T154] device veth0_vlan left promiscuous mode
[  753.525833][ T9382] Quota error (device loop3): write_blk: dquota write failed
[  753.554028][ T9384] ntfs: (device loop2): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  753.554141][ T9382] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  753.587118][ T9384] ntfs: (device loop2): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  753.596406][ T9382] EXT4-fs error (device loop3): ext4_acquire_dquot:6204: comm syz.3.1373: Failed to acquire dquot type 1
[  753.630259][ T9382] EXT4-fs (loop3): 1 truncate cleaned up
[  753.640068][ T9382] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  753.812962][ T9384] ntfs: volume version 3.1.
[  753.855983][ T9384] ntfs: (device loop2): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  753.899714][ T9384] ntfs: (device loop2): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  753.938716][ T9384] ntfs: (device loop2): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  753.971362][ T9384] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  754.016570][ T9384] ntfs: (device loop2): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  754.048562][ T9384] ntfs: (device loop2): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  754.078891][   T21] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  754.479179][   T21] usb 4-1: unable to get BOS descriptor or descriptor too short
[  754.569006][   T21] usb 4-1: not running at top speed; connect to a high speed hub
[  754.649540][   T21] usb 4-1: config 0 has an invalid interface number: 88 but max is 0
[  754.657672][   T21] usb 4-1: config 0 has no interface number 0
[  754.688864][   T21] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 10
[  754.722517][   T21] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  754.768832][   T21] usb 4-1: config 0 interface 88 has no altsetting 0
[  754.949048][   T21] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  754.974981][   T21] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  755.028755][   T21] usb 4-1: Product: syz
[  755.032966][   T21] usb 4-1: Manufacturer: syz
[  755.123654][   T21] usb 4-1: SerialNumber: syz
[  755.171558][   T21] usb 4-1: config 0 descriptor??
[  755.239323][ T9402] loop0: detected capacity change from 0 to 128
[  755.300807][ T9402] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  755.317409][  T154] team0 (unregistering): Port device team_slave_1 removed
[  755.349190][ T9402] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  755.673981][ T9405] loop2: detected capacity change from 0 to 128
[  755.740924][  T154] team0 (unregistering): Port device team_slave_0 removed
[  755.756014][ T9405] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  755.781548][ T9405] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  755.907361][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  756.056099][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  756.682798][  T154] bond0 (unregistering): Released all slaves
[  757.610382][ T4172] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  757.620707][ T4172] CPU: 0 PID: 4172 Comm: kworker/u5:1 Not tainted 5.15.183-syzkaller #0
[  757.629093][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  757.639171][ T4172] Workqueue: hci3 hci_rx_work
[  757.643876][ T4172] Call Trace:
[  757.647286][ T4172]  <TASK>
[  757.650259][ T4172]  dump_stack_lvl+0x168/0x230
[  757.654966][ T4172]  ? show_regs_print_info+0x20/0x20
[  757.660194][ T4172]  ? load_image+0x3b0/0x3b0
[  757.664823][ T4172]  sysfs_create_dir_ns+0x252/0x280
[  757.669954][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  757.675001][ T4172]  ? sysfs_warn_dup+0xa0/0xa0
[  757.679692][ T4172]  ? le_conn_complete_evt+0xcbc/0x1590
[  757.685169][ T4172]  ? hci_event_packet+0xe05/0x12f0
[  757.690304][ T4172]  ? process_one_work+0x863/0x1000
[  757.695444][ T4172]  ? do_raw_spin_unlock+0x11d/0x230
[  757.700677][ T4172]  kobject_add_internal+0x662/0xd00
[  757.706008][ T4172]  kobject_add+0x152/0x210
[  757.710459][ T4172]  ? kobject_init+0x1d0/0x1d0
[  757.715340][ T4172]  ? klist_children_get+0x50/0x50
[  757.720386][ T4172]  ? get_device_parent+0x121/0x3f0
[  757.725519][ T4172]  device_add+0x483/0xfb0
[  757.729866][ T4172]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  757.735527][ T4172]  hci_conn_add_sysfs+0xd1/0x1e0
[  757.740664][ T4172]  le_conn_complete_evt+0xcbc/0x1590
[  757.745983][ T4172]  ? cs_le_create_conn+0x5e0/0x5e0
[  757.751115][ T4172]  ? __schedule+0x11c0/0x43b0
[  757.755813][ T4172]  ? __mutex_trylock_common+0x14f/0x250
[  757.761387][ T4172]  hci_le_meta_evt+0x289/0x3b80
[  757.766255][ T4172]  ? hci_event_packet+0x36d/0x12f0
[  757.771386][ T4172]  ? hci_event_packet+0x2e2/0x12f0
[  757.776512][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  757.781562][ T4172]  ? release_firmware_map_entry+0x190/0x190
[  757.787477][ T4172]  ? hci_remote_host_features_evt+0x280/0x280
[  757.793564][ T4172]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  757.799214][ T4172]  ? mark_lock+0x94/0x320
[  757.803565][ T4172]  ? mutex_unlock+0x10/0x10
[  757.808084][ T4172]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  757.814086][ T4172]  ? lock_chain_count+0x20/0x20
[  757.818956][ T4172]  ? __rwlock_init+0x140/0x140
[  757.823746][ T4172]  hci_event_packet+0xe05/0x12f0
[  757.828705][ T4172]  ? lockdep_hardirqs_on+0x94/0x140
[  757.833928][ T4172]  ? rcu_lock_release+0x20/0x20
[  757.838791][ T4172]  ? lock_acquire+0x1f2/0x3f0
[  757.843495][ T4172]  ? hci_send_to_monitor+0x9c/0x4a0
[  757.848719][ T4172]  hci_rx_work+0x255/0xa10
[  757.853174][ T4172]  process_one_work+0x863/0x1000
[  757.858154][ T4172]  ? worker_detach_from_pool+0x240/0x240
[  757.863902][ T4172]  ? lockdep_hardirqs_off+0x70/0x100
[  757.869225][ T4172]  ? _raw_spin_lock_irq+0xab/0xe0
[  757.874356][ T4172]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  757.879842][ T4172]  ? wq_worker_running+0x97/0x170
[  757.884887][ T4172]  worker_thread+0xaa8/0x12a0
[  757.889614][ T4172]  kthread+0x436/0x520
[  757.893699][ T4172]  ? rcu_lock_release+0x20/0x20
[  757.898566][ T4172]  ? kthread_blkcg+0xd0/0xd0
[  757.903177][ T4172]  ret_from_fork+0x1f/0x30
[  757.907635][ T4172]  </TASK>
[  757.937412][ T4172] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  757.957097][ T4172] Bluetooth: hci3: failed to register connection device
[  758.219100][   T21] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.88/input/input5
[  758.346064][ T5630] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  758.392680][ T5630] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  758.510133][   T21] usb 4-1: USB disconnect, device number 11
[  759.275047][ T9094] 8021q: adding VLAN 0 to HW filter on device batadv0
[  761.015673][ T9455] loop3: detected capacity change from 0 to 64
[  761.902740][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  761.919519][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  762.028201][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  762.121096][ T9462] loop0: detected capacity change from 0 to 64
[  762.334694][ T9463] loop3: detected capacity change from 0 to 4096
[  763.472501][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  763.836486][ T9464] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  763.986466][ T9094] device veth0_vlan entered promiscuous mode
[  764.101326][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  764.109126][ T2360] Bluetooth: hci3: command 0x0406 tx timeout
[  764.185779][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  764.340894][ T9094] device veth1_vlan entered promiscuous mode
[  764.464009][ T9470] loop0: detected capacity change from 0 to 128
[  764.521033][ T9470] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  764.541731][ T9470] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  764.808872][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  764.866409][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  764.956802][ T9094] device veth0_macvtap entered promiscuous mode
[  765.180781][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  766.070734][ T9094] device veth1_macvtap entered promiscuous mode
[  766.510433][ T9094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  766.573976][ T9094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  766.586138][ T9094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  766.775395][ T9094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  766.794025][ T9094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  766.913371][ T9094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  766.927225][ T9094] batman_adv: batadv0: Interface activated: batadv_slave_0
[  766.937043][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  769.280493][ T1397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  769.613878][ T9498] loop3: detected capacity change from 0 to 4096
[  771.241169][ T9510] loop1: detected capacity change from 0 to 4096
[  772.607822][ T9498] NILFS (loop3): error -4 creating segctord thread
[  773.043258][ T9527] loop0: detected capacity change from 0 to 128
[  773.184730][ T9527] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  773.491927][ T9527] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  774.343122][ T9540] loop3: detected capacity change from 0 to 64
[  775.393528][ T9548] loop0: detected capacity change from 0 to 64
[  777.970425][ T4172] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  777.980218][ T4172] CPU: 1 PID: 4172 Comm: kworker/u5:1 Not tainted 5.15.183-syzkaller #0
[  777.988576][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  777.998648][ T4172] Workqueue: hci3 hci_rx_work
[  778.003357][ T4172] Call Trace:
[  778.006651][ T4172]  <TASK>
[  778.009606][ T4172]  dump_stack_lvl+0x168/0x230
[  778.014312][ T4172]  ? show_regs_print_info+0x20/0x20
[  778.019531][ T4172]  ? load_image+0x3b0/0x3b0
[  778.024076][ T4172]  sysfs_create_dir_ns+0x252/0x280
[  778.029208][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  778.034344][ T4172]  ? sysfs_warn_dup+0xa0/0xa0
[  778.039048][ T4172]  ? le_conn_complete_evt+0xcbc/0x1590
[  778.044535][ T4172]  ? hci_event_packet+0xe05/0x12f0
[  778.049664][ T4172]  ? process_one_work+0x863/0x1000
[  778.054799][ T4172]  ? do_raw_spin_unlock+0x11d/0x230
[  778.060033][ T4172]  kobject_add_internal+0x662/0xd00
[  778.065477][ T4172]  kobject_add+0x152/0x210
[  778.069928][ T4172]  ? kobject_init+0x1d0/0x1d0
[  778.074654][ T4172]  ? klist_children_get+0x50/0x50
[  778.079693][ T4172]  ? get_device_parent+0x121/0x3f0
[  778.084850][ T4172]  device_add+0x483/0xfb0
[  778.089217][ T4172]  hci_conn_add_sysfs+0xd1/0x1e0
[  778.094183][ T4172]  le_conn_complete_evt+0xcbc/0x1590
[  778.099492][ T4172]  ? release_firmware_map_entry+0x190/0x190
[  778.105416][ T4172]  ? cs_le_create_conn+0x5e0/0x5e0
[  778.110643][ T4172]  ? preempt_schedule_common+0xa5/0xd0
[  778.116123][ T4172]  ? preempt_schedule+0xa7/0xb0
[  778.120999][ T4172]  ? schedule_preempt_disabled+0x20/0x20
[  778.126746][ T4172]  ? __mutex_trylock_common+0x14f/0x250
[  778.132324][ T4172]  hci_le_meta_evt+0x289/0x3b80
[  778.137202][ T4172]  ? hci_event_packet+0x36d/0x12f0
[  778.142332][ T4172]  ? __lock_acquire+0x7c60/0x7c60
[  778.147470][ T4172]  ? hci_remote_host_features_evt+0x280/0x280
[  778.153554][ T4172]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  778.159204][ T4172]  ? mark_lock+0x94/0x320
[  778.163560][ T4172]  ? mutex_unlock+0x10/0x10
[  778.168086][ T4172]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  778.174109][ T4172]  ? lock_chain_count+0x20/0x20
[  778.178978][ T4172]  ? __rwlock_init+0x140/0x140
[  778.183767][ T4172]  hci_event_packet+0xe05/0x12f0
[  778.188719][ T4172]  ? lockdep_hardirqs_on+0x94/0x140
[  778.193967][ T4172]  ? rcu_lock_release+0x20/0x20
[  778.198845][ T4172]  ? hci_send_to_monitor+0x9c/0x4a0
[  778.204070][ T4172]  hci_rx_work+0x255/0xa10
[  778.208523][ T4172]  process_one_work+0x863/0x1000
[  778.213495][ T4172]  ? worker_detach_from_pool+0x240/0x240
[  778.219149][ T4172]  ? lockdep_hardirqs_off+0x70/0x100
[  778.224459][ T4172]  ? _raw_spin_lock_irq+0xab/0xe0
[  778.229504][ T4172]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  778.234899][ T4172]  ? wq_worker_running+0x97/0x170
[  778.239947][ T4172]  worker_thread+0xaa8/0x12a0
[  778.244673][ T4172]  kthread+0x436/0x520
[  778.248760][ T4172]  ? rcu_lock_release+0x20/0x20
[  778.253627][ T4172]  ? kthread_blkcg+0xd0/0xd0
[  778.258238][ T4172]  ret_from_fork+0x1f/0x30
[  778.262694][ T4172]  </TASK>
[  778.293129][ T4172] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  778.307735][ T4172] Bluetooth: hci3: failed to register connection device
[  778.413188][ T9566] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  779.008947][ T4215] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  779.509703][ T9577] loop3: detected capacity change from 0 to 4096
[  779.601560][ T9578] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  779.659062][ T4215] usb 3-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice=61.d7
[  779.685515][ T4215] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  779.739126][ T4215] usb 3-1: Product: syz
[  779.766459][ T4215] usb 3-1: Manufacturer: syz
[  779.805046][ T4215] usb 3-1: SerialNumber: syz
[  779.839922][ T4215] usb 3-1: config 0 descriptor??
[  779.886635][ T4215] ldusb 3-1:0.0: Interrupt in endpoint not found
[  781.752080][ T4269] usb 3-1: USB disconnect, device number 8
[  781.889959][ T9611] loop2: detected capacity change from 0 to 256
[  786.340914][ T4266] Bluetooth: hci3: command 0x0406 tx timeout
[  790.674027][ T9656] loop3: detected capacity change from 0 to 256
[  791.660314][ T9663] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  792.468113][   T21] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  794.108352][ T9683] loop0: detected capacity change from 0 to 256
[  794.164935][ T9684] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  794.788091][ T4187] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  794.812863][ T4187] CPU: 1 PID: 4187 Comm: kworker/u5:8 Not tainted 5.15.183-syzkaller #0
[  794.821264][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  794.831463][ T4187] Workqueue: hci4 hci_rx_work
[  794.836184][ T4187] Call Trace:
[  794.839570][ T4187]  <TASK>
[  794.842534][ T4187]  dump_stack_lvl+0x168/0x230
[  794.847250][ T4187]  ? show_regs_print_info+0x20/0x20
[  794.852479][ T4187]  ? load_image+0x3b0/0x3b0
[  794.857014][ T4187]  sysfs_create_dir_ns+0x252/0x280
[  794.862143][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  794.867187][ T4187]  ? sysfs_warn_dup+0xa0/0xa0
[  794.871886][ T4187]  ? le_conn_complete_evt+0xcbc/0x1590
[  794.877369][ T4187]  ? hci_event_packet+0xe05/0x12f0
[  794.882494][ T4187]  ? process_one_work+0x863/0x1000
[  794.887713][ T4187]  ? do_raw_spin_unlock+0x11d/0x230
[  794.893021][ T4187]  kobject_add_internal+0x662/0xd00
[  794.898248][ T4187]  kobject_add+0x152/0x210
[  794.902687][ T4187]  ? kobject_init+0x1d0/0x1d0
[  794.907388][ T4187]  ? klist_children_get+0x50/0x50
[  794.912865][ T4187]  ? get_device_parent+0x121/0x3f0
[  794.918005][ T4187]  device_add+0x483/0xfb0
[  794.922363][ T4187]  hci_conn_add_sysfs+0xd1/0x1e0
[  794.927329][ T4187]  le_conn_complete_evt+0xcbc/0x1590
[  794.932651][ T4187]  ? cs_le_create_conn+0x5e0/0x5e0
[  794.937794][ T4187]  ? __mutex_trylock_common+0x14f/0x250
[  794.943364][ T4187]  hci_le_meta_evt+0x289/0x3b80
[  794.948241][ T4187]  ? hci_event_packet+0x36d/0x12f0
[  794.953383][ T4187]  ? hci_event_packet+0x2e2/0x12f0
[  794.958513][ T4187]  ? __lock_acquire+0x7c60/0x7c60
[  794.963569][ T4187]  ? hci_remote_host_features_evt+0x280/0x280
[  794.969657][ T4187]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  794.975306][ T4187]  ? mark_lock+0x94/0x320
[  794.979654][ T4187]  ? mutex_unlock+0x10/0x10
[  794.984174][ T4187]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  794.990180][ T4187]  ? lock_chain_count+0x20/0x20
[  794.995047][ T4187]  ? __rwlock_init+0x140/0x140
[  794.999829][ T4187]  hci_event_packet+0xe05/0x12f0
[  795.004796][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  795.010031][ T4187]  ? rcu_lock_release+0x20/0x20
[  795.014915][ T4187]  ? hci_send_to_monitor+0x9c/0x4a0
[  795.020140][ T4187]  hci_rx_work+0x255/0xa10
[  795.024598][ T4187]  process_one_work+0x863/0x1000
[  795.029574][ T4187]  ? worker_detach_from_pool+0x240/0x240
[  795.035219][ T4187]  ? lockdep_hardirqs_off+0x70/0x100
[  795.040524][ T4187]  ? _raw_spin_lock_irq+0xab/0xe0
[  795.045570][ T4187]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  795.050960][ T4187]  ? wq_worker_running+0x97/0x170
[  795.056004][ T4187]  worker_thread+0xaa8/0x12a0
[  795.060701][ T4187]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  795.066611][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  795.071832][ T4187]  ? lockdep_hardirqs_on+0x94/0x140
[  795.077057][ T4187]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  795.082978][ T4187]  kthread+0x436/0x520
[  795.087059][ T4187]  ? rcu_lock_release+0x20/0x20
[  795.091925][ T4187]  ? kthread_blkcg+0xd0/0xd0
[  795.096536][ T4187]  ret_from_fork+0x1f/0x30
[  795.100987][ T4187]  </TASK>
[  795.119568][ T4187] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  795.132924][ T4187] Bluetooth: hci4: failed to register connection device
[  795.298872][   T21] usb 3-1: unable to read config index 0 descriptor/start: -71
[  795.306803][   T21] usb 3-1: can't read configurations, error -71
[  795.439491][ T9680] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  797.125202][ T4248] Bluetooth: hci0: command 0x0409 tx timeout
[  797.280313][ T9673] chnl_net:caif_netlink_parms(): no params data found
[  799.230225][   T21] Bluetooth: hci0: command 0x041b tx timeout
[  799.261917][ T9732] loop1: detected capacity change from 0 to 256
[  799.327856][ T9731] loop3: detected capacity change from 0 to 4096
[  799.468440][ T9673] bridge0: port 1(bridge_slave_0) entered blocking state
[  799.476206][ T9673] bridge0: port 1(bridge_slave_0) entered disabled state
[  799.488397][ T9673] device bridge_slave_0 entered promiscuous mode
[  799.505555][ T9673] bridge0: port 2(bridge_slave_1) entered blocking state
[  799.878290][ T9673] bridge0: port 2(bridge_slave_1) entered disabled state
[  801.034019][ T9731] ntfs: (device loop3): parse_options(): NLS character set maccentHuro not found. Using previous one cp857.
[  801.047932][ T9673] device bridge_slave_1 entered promiscuous mode
[  801.075028][ T9731] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  801.132360][ T9747] loop2: detected capacity change from 0 to 256
[  801.170550][ T9731] ntfs: volume version 3.1.
[  801.359372][ T2360] Bluetooth: hci4: command 0x0406 tx timeout
[  801.690717][ T9731] ntfs: (device loop3): ntfs_index_lookup(): Corrupt index.  Aborting lookup.
[  801.704462][ T2857] Bluetooth: hci0: command 0x040f tx timeout
[  801.711292][ T9731] ntfs: (device loop3): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed.
[  801.734379][ T9731] ntfs: (device loop3): load_system_files(): Failed to mark quotas out of date.  Mounting read-only.  Run chkdsk.
[  801.807835][ T9731] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  801.873459][ T9731] ntfs: (device loop3): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  801.921273][ T9731] ntfs: (device loop3): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  802.002788][ T9673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  803.626481][ T7917] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  803.636496][ T7917] CPU: 1 PID: 7917 Comm: kworker/u5:0 Not tainted 5.15.183-syzkaller #0
[  803.644857][ T7917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  803.655019][ T7917] Workqueue: hci4 hci_rx_work
[  803.659722][ T7917] Call Trace:
[  803.663021][ T7917]  <TASK>
[  803.665964][ T7917]  dump_stack_lvl+0x168/0x230
[  803.670667][ T7917]  ? show_regs_print_info+0x20/0x20
[  803.675882][ T7917]  ? load_image+0x3b0/0x3b0
[  803.680420][ T7917]  sysfs_create_dir_ns+0x252/0x280
[  803.685638][ T7917]  ? __lock_acquire+0x7c60/0x7c60
[  803.690737][ T7917]  ? sysfs_warn_dup+0xa0/0xa0
[  803.695438][ T7917]  ? preempt_schedule_irq+0xd0/0x150
[  803.701016][ T7917]  ? mark_lock+0x94/0x320
[  803.705363][ T7917]  ? do_raw_spin_unlock+0x11d/0x230
[  803.710582][ T7917]  kobject_add_internal+0x662/0xd00
[  803.715822][ T7917]  kobject_add+0x152/0x210
[  803.720262][ T7917]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  803.725920][ T7917]  ? kobject_init+0x1d0/0x1d0
[  803.730635][ T7917]  ? get_device_parent+0x20/0x3f0
[  803.735695][ T7917]  ? get_device_parent+0x3e/0x3f0
[  803.740759][ T7917]  ? get_device_parent+0x121/0x3f0
[  803.745901][ T7917]  device_add+0x483/0xfb0
[  803.750263][ T7917]  hci_conn_add_sysfs+0xd1/0x1e0
[  803.755225][ T7917]  le_conn_complete_evt+0xcbc/0x1590
[  803.760534][ T7917]  ? lockdep_hardirqs_on+0x94/0x140
[  803.765761][ T7917]  ? cs_le_create_conn+0x5e0/0x5e0
[  803.770894][ T7917]  ? __switch_to_asm+0x34/0x60
[  803.775678][ T7917]  ? __schedule+0x11c0/0x43b0
[  803.780372][ T7917]  ? __mutex_trylock_common+0x14f/0x250
[  803.785944][ T7917]  hci_le_meta_evt+0x289/0x3b80
[  803.790823][ T7917]  ? hci_event_packet+0x36d/0x12f0
[  803.795958][ T7917]  ? hci_event_packet+0x2e2/0x12f0
[  803.801094][ T7917]  ? __lock_acquire+0x7c60/0x7c60
[  803.806144][ T7917]  ? release_firmware_map_entry+0x190/0x190
[  803.812063][ T7917]  ? hci_remote_host_features_evt+0x280/0x280
[  803.818151][ T7917]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  803.823807][ T7917]  ? mutex_unlock+0x10/0x10
[  803.828325][ T7917]  ? preempt_schedule+0xa7/0xb0
[  803.833199][ T7917]  ? schedule_preempt_disabled+0x20/0x20
[  803.838850][ T7917]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  803.844788][ T7917]  hci_event_packet+0xe05/0x12f0
[  803.849784][ T7917]  ? rcu_lock_release+0x20/0x20
[  803.854680][ T7917]  ? hci_send_to_monitor+0x9c/0x4a0
[  803.859910][ T7917]  hci_rx_work+0x255/0xa10
[  803.864360][ T7917]  process_one_work+0x863/0x1000
[  803.869333][ T7917]  ? worker_detach_from_pool+0x240/0x240
[  803.874979][ T7917]  ? lockdep_hardirqs_off+0x70/0x100
[  803.880285][ T7917]  ? _raw_spin_lock_irq+0xab/0xe0
[  803.885332][ T7917]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  803.890723][ T7917]  ? wq_worker_running+0x97/0x170
[  803.895767][ T7917]  worker_thread+0xaa8/0x12a0
[  803.900465][ T7917]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  803.906379][ T7917]  ? lockdep_hardirqs_on+0x94/0x140
[  803.911617][ T7917]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  803.917552][ T7917]  kthread+0x436/0x520
[  803.921641][ T7917]  ? rcu_lock_release+0x20/0x20
[  803.926519][ T7917]  ? kthread_blkcg+0xd0/0xd0
[  803.931130][ T7917]  ret_from_fork+0x1f/0x30
[  803.935582][ T7917]  </TASK>
[  803.956485][ T7917] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  803.971192][ T7917] Bluetooth: hci4: failed to register connection device
[  803.988007][ T4248] Bluetooth: hci0: command 0x0419 tx timeout
[  804.052255][ T9673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  805.607966][ T9673] team0: Port device team_slave_0 added
[  805.660548][ T9673] team0: Port device team_slave_1 added
[  805.723029][ T9776] loop1: detected capacity change from 0 to 512
[  805.772449][ T9673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  805.796963][ T9673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  806.521829][ T4248] Bluetooth: hci0: command 0x0405 tx timeout
[  807.840198][ T9776] EXT4-fs (loop1): orphan cleanup on readonly fs
[  807.857242][ T9673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  807.973657][ T9788] loop3: detected capacity change from 0 to 256
[  807.993169][ T9673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  808.004058][ T9793] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  808.019352][ T9673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  808.081689][ T9776] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1454: bg 0: block 248: padding at end of block bitmap is not set
[  808.156319][ T9789] loop0: detected capacity change from 0 to 128
[  808.163102][ T9673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  808.199631][ T9776] Quota error (device loop1): write_blk: dquota write failed
[  808.207129][ T9776] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  808.233034][ T9789] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  808.271672][ T9789] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  809.146856][ T9776] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.1454: Failed to acquire dquot type 1
[  809.192537][ T9776] EXT4-fs (loop1): 1 truncate cleaned up
[  809.212288][ T9776] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  809.292720][ T4276] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  809.346168][ T9673] device hsr_slave_0 entered promiscuous mode
[  809.366317][ T9673] device hsr_slave_1 entered promiscuous mode
[  810.550792][ T4266] Bluetooth: hci4: command 0x0406 tx timeout
[  811.958965][ T4276] usb 3-1: device descriptor read/all, error -71
[  813.551833][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  813.560028][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  813.637263][ T9823] loop2: detected capacity change from 0 to 4096
[  815.112271][  T154] device hsr_slave_0 left promiscuous mode
[  815.157854][  T154] device hsr_slave_1 left promiscuous mode
[  815.179107][ T9823] NILFS (loop2): error -4 creating segctord thread
[  815.191666][ T9847] loop0: detected capacity change from 0 to 256
[  815.346640][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  815.356363][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[  815.364710][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  815.373104][  T154] device bridge_slave_1 left promiscuous mode
[  815.381724][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[  815.396605][  T154] device bridge_slave_0 left promiscuous mode
[  815.410383][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[  817.151593][  T154] device veth1_macvtap left promiscuous mode
[  817.157997][  T154] device veth0_macvtap left promiscuous mode
[  817.165011][  T154] device veth1_vlan left promiscuous mode
[  817.170898][  T154] device veth0_vlan left promiscuous mode
[  817.393447][ T9861] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  817.969059][ T9680] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  818.767489][ T9877] loop0: detected capacity change from 0 to 128
[  818.830195][ T9877] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  818.848567][ T9877] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  819.039209][ T9680] usb 2-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice=61.d7
[  819.051147][ T9680] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  819.069595][ T9680] usb 2-1: Product: syz
[  819.076116][ T9680] usb 2-1: Manufacturer: syz
[  819.083632][ T9680] usb 2-1: SerialNumber: syz
[  819.158163][ T9680] usb 2-1: config 0 descriptor??
[  819.208036][ T9680] ldusb 2-1:0.0: Interrupt in endpoint not found
[  819.490940][ T9879] loop0: detected capacity change from 0 to 64
[  819.628938][  T154] team0 (unregistering): Port device team_slave_1 removed
[  819.688379][  T154] team0 (unregistering): Port device team_slave_0 removed
[  819.724199][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  819.818746][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  820.929734][ T4266] usb 2-1: USB disconnect, device number 7
[  820.995008][  T154] bond0 (unregistering): Released all slaves
[  821.219536][ T9886] loop0: detected capacity change from 0 to 64
[  821.221647][ T9889] loop1: detected capacity change from 0 to 64
[  825.575428][ T9673] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  825.593655][ T9673] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  825.608453][ T9673] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  825.691181][ T9673] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  827.746957][ T9929] loop1: detected capacity change from 0 to 256
[  828.848595][ T9673] 8021q: adding VLAN 0 to HW filter on device bond0
[  829.200240][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  829.700770][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  830.288158][ T9673] 8021q: adding VLAN 0 to HW filter on device team0
[  830.489725][ T9673] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  830.509324][ T9673] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  830.541850][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  830.563323][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  830.640245][ T9953] loop2: detected capacity change from 0 to 64
[  831.450828][ T4333] bridge0: port 1(bridge_slave_0) entered blocking state
[  831.457947][ T4333] bridge0: port 1(bridge_slave_0) entered forwarding state
[  831.498366][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  831.499830][ T9956] loop1: detected capacity change from 0 to 256
[  831.519743][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  831.563501][ T4333] bridge0: port 2(bridge_slave_1) entered blocking state
[  831.570687][ T4333] bridge0: port 2(bridge_slave_1) entered forwarding state
[  831.689140][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  831.954790][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  832.094980][ T9965] loop2: detected capacity change from 0 to 64
[  833.342502][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  833.352817][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  833.906781][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  833.935683][ T9969] loop1: detected capacity change from 0 to 512
[  833.969823][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  833.979296][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  834.886746][ T9969] EXT4-fs (loop1): orphan cleanup on readonly fs
[  834.907918][ T9969] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1497: bg 0: block 248: padding at end of block bitmap is not set
[  834.933283][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  835.018585][ T9969] Quota error (device loop1): write_blk: dquota write failed
[  835.077175][ T9969] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  835.094602][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  835.129897][ T9976] loop0: detected capacity change from 0 to 256
[  835.147964][ T9969] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.1497: Failed to acquire dquot type 1
[  835.166284][ T9969] EXT4-fs (loop1): 1 truncate cleaned up
[  835.173539][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  835.187194][ T9969] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  835.219517][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  835.231249][ T9977] loop2: detected capacity change from 0 to 64
[  835.289696][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  835.300928][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  836.590126][ T2360] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  838.505926][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  838.516951][T10012] loop2: detected capacity change from 0 to 256
[  838.943154][ T4333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  840.050997][ T9673] 8021q: adding VLAN 0 to HW filter on device batadv0
[  840.621565][T10029] loop3: detected capacity change from 0 to 64
[  841.756598][T10050] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  842.096168][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  842.100871][T10058] loop1: detected capacity change from 0 to 256
[  842.110984][ T9680] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  842.133381][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  842.202274][ T9673] device veth0_vlan entered promiscuous mode
[  842.216403][ T9673] device veth1_vlan entered promiscuous mode
[  842.247793][ T9673] device veth0_macvtap entered promiscuous mode
[  842.260500][ T9673] device veth1_macvtap entered promiscuous mode
[  842.279982][ T9673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  842.327477][ T9673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  842.361936][ T9673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  843.321063][ T9673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  843.341141][ T9673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  843.382350][ T9673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  843.401366][ T9680] usb 3-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice=61.d7
[  843.418655][ T9680] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  843.439530][ T9680] usb 3-1: Product: syz
[  843.443738][ T9680] usb 3-1: Manufacturer: syz
[  843.506602][ T9673] batman_adv: batadv0: Interface activated: batadv_slave_0
[  843.524200][ T9680] usb 3-1: SerialNumber: syz
[  843.543907][ T9680] usb 3-1: config 0 descriptor??
[  843.550512][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  843.630462][ T9680] ldusb 3-1:0.0: Interrupt in endpoint not found
[  843.683485][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  843.735223][T10065] loop1: detected capacity change from 0 to 4096
[  843.751531][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  843.810644][T10067] loop0: detected capacity change from 0 to 64
[  843.957177][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  844.528696][T10068] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  844.566100][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  844.638075][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  844.690874][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  844.704946][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  844.756738][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  844.870707][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  845.827584][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  845.851943][ T9680] usb 3-1: USB disconnect, device number 13
[  845.950216][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  846.110837][ T9673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.139536][ T9673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.153716][ T9673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.164576][ T9673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.175064][ T9673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.246700][ T9673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.287418][ T9673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.384375][ T9673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.433175][ T9673] batman_adv: batadv0: Interface activated: batadv_slave_1
[  846.445332][ T9673] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  846.454199][ T9673] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  846.467018][ T9673] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  846.476426][ T9673] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  846.522948][T10088] loop2: detected capacity change from 0 to 4096
[  846.538793][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  846.547567][ T8205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  846.560563][T10097] loop1: detected capacity change from 0 to 256
[  846.626784][T10100] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  847.307233][ T8205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.371131][ T8205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  847.452484][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  847.563290][ T5630] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.617859][ T5630] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  847.659021][T10109] loop2: detected capacity change from 0 to 64
[  848.205978][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  852.000130][T10134] loop2: detected capacity change from 0 to 64
[  852.693043][T10139] loop3: detected capacity change from 0 to 64
[  854.289133][T10147] loop0: detected capacity change from 0 to 64
[  855.780985][ T4333] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.802771][ T2360] Bluetooth: hci5: command 0x0409 tx timeout
[  855.981275][ T4333] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  856.008276][T10165] loop2: detected capacity change from 0 to 256
[  856.109696][T10167] loop0: detected capacity change from 0 to 4096
[  856.612095][ T4333] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.182386][T10170] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  857.230976][ T4333] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  858.330550][ T2360] Bluetooth: hci5: command 0x041b tx timeout
[  858.429117][T10182] loop1: detected capacity change from 0 to 256
[  858.798198][T10131] chnl_net:caif_netlink_parms(): no params data found
[  862.327585][ T4266] Bluetooth: hci5: command 0x040f tx timeout
[  862.637406][T10207] loop2: detected capacity change from 0 to 256
[  866.709407][ T4276] Bluetooth: hci5: command 0x0419 tx timeout
[  867.222498][T10226] loop2: detected capacity change from 0 to 256
[  871.873174][ T9680] Bluetooth: hci0: command 0x0409 tx timeout
[  871.991298][T10249] loop2: detected capacity change from 0 to 64
[  872.179769][T10131] bridge0: port 1(bridge_slave_0) entered blocking state
[  872.186986][T10131] bridge0: port 1(bridge_slave_0) entered disabled state
[  872.326689][T10131] device bridge_slave_0 entered promiscuous mode
[  872.345301][T10131] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.375308][T10131] bridge0: port 2(bridge_slave_1) entered disabled state
[  873.673817][T10131] device bridge_slave_1 entered promiscuous mode
[  873.958927][T10260] loop2: detected capacity change from 0 to 256
[  873.969940][   T21] Bluetooth: hci0: command 0x041b tx timeout
[  875.350755][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  875.357100][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  875.999684][T10285] loop1: detected capacity change from 0 to 64
[  876.028689][   T21] Bluetooth: hci0: command 0x040f tx timeout
[  876.839594][ T4169] ==================================================================
[  876.847870][ T4169] BUG: KASAN: slab-out-of-bounds in __list_del_entry_valid+0x80/0x120
[  876.856025][ T4169] Read of size 8 at addr ffff888078184518 by task syz-executor/4169
[  876.864044][ T4169] 
[  876.866411][ T4169] CPU: 1 PID: 4169 Comm: syz-executor Not tainted 5.15.183-syzkaller #0
[  876.874813][ T4169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  876.884942][ T4169] Call Trace:
[  876.888208][ T4169]  <TASK>
[  876.891121][ T4169]  dump_stack_lvl+0x168/0x230
[  876.895780][ T4169]  ? show_regs_print_info+0x20/0x20
[  876.900968][ T4169]  ? _printk+0xcc/0x110
[  876.905153][ T4169]  ? __list_del_entry_valid+0x80/0x120
[  876.910834][ T4169]  ? load_image+0x3b0/0x3b0
[  876.915372][ T4169]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[  876.920779][ T4169]  print_address_description+0x60/0x2d0
[  876.926362][ T4169]  ? __list_del_entry_valid+0x80/0x120
[  876.931803][ T4169]  kasan_report+0xdf/0x130
[  876.936202][ T4169]  ? __list_del_entry_valid+0x80/0x120
[  876.941648][ T4169]  __list_del_entry_valid+0x80/0x120
[  876.946923][ T4169]  bt_accept_unlink+0x35/0x230
[  876.951682][ T4169]  l2cap_sock_teardown_cb+0x1af/0x380
[  876.957035][ T4169]  l2cap_chan_del+0xab/0x620
[  876.961610][ T4169]  l2cap_conn_del+0x3c1/0x6a0
[  876.966287][ T4169]  ? l2cap_connect_cfm+0x10d0/0x10d0
[  876.971645][ T4169]  hci_conn_hash_flush+0x107/0x220
[  876.976740][ T4169]  hci_dev_do_close+0x991/0x1030
[  876.981687][ T4169]  ? blocking_notifier_chain_unregister+0x115/0x210
[  876.988272][ T4169]  hci_unregister_dev+0x2d7/0x580
[  876.993277][ T4169]  vhci_release+0x73/0xc0
[  876.997585][ T4169]  ? vhci_open+0x290/0x290
[  877.001978][ T4169]  __fput+0x234/0x930
[  877.005944][ T4169]  task_work_run+0x125/0x1a0
[  877.010522][ T4169]  do_exit+0x616/0x20a0
[  877.014669][ T4169]  ? put_task_struct+0x80/0x80
[  877.019418][ T4169]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  877.025392][ T4169]  ? lock_chain_count+0x20/0x20
[  877.030246][ T4169]  ? _raw_spin_lock_irq+0xab/0xe0
[  877.035283][ T4169]  do_group_exit+0x12e/0x300
[  877.039942][ T4169]  ? lockdep_hardirqs_on+0x94/0x140
[  877.045122][ T4169]  get_signal+0x6ca/0x12c0
[  877.049530][ T4169]  arch_do_signal_or_restart+0xc1/0x1300
[  877.055169][ T4169]  ? kernel_waitid+0x370/0x370
[  877.059936][ T4169]  ? get_sigframe_size+0x10/0x10
[  877.064868][ T4169]  ? __x64_sys_wait4+0x181/0x1e0
[  877.069809][ T4169]  ? exit_to_user_mode_loop+0x3b/0x130
[  877.075315][ T4169]  exit_to_user_mode_loop+0x9e/0x130
[  877.080791][ T4169]  exit_to_user_mode_prepare+0xb1/0x140
[  877.086874][ T4169]  syscall_exit_to_user_mode+0x16/0x40
[  877.092575][ T4169]  do_syscall_64+0x58/0xa0
[  877.097168][ T4169]  ? clear_bhb_loop+0x15/0x70
[  877.101842][ T4169]  ? clear_bhb_loop+0x15/0x70
[  877.106509][ T4169]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  877.112383][ T4169] RIP: 0033:0x7fe6a4196bd7
[  877.116781][ T4169] Code: Unable to access opcode bytes at RIP 0x7fe6a4196bad.
[  877.124144][ T4169] RSP: 002b:00007fff33d5ff60 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
[  877.132545][ T4169] RAX: fffffffffffffe00 RBX: 000000000000041d RCX: 00007fe6a4196bd7
[  877.140509][ T4169] RDX: 0000000040000000 RSI: 00007fff33d5ffcc RDI: 00000000ffffffff
[  877.148466][ T4169] RBP: 00007fff33d5ffcc R08: 0000000000000000 R09: 0000000000000000
[  877.156626][ T4169] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000012e
[  877.164937][ T4169] R13: 0000555559266590 R14: 00000000000d099e R15: 00007fff33d60020
[  877.173002][ T4169]  </TASK>
[  877.176000][ T4169] 
[  877.178317][ T4169] Allocated by task 10131:
[  877.182719][ T4169]  __kasan_kmalloc+0xb5/0xf0
[  877.187303][ T4169]  __register_sysctl_table+0xe0/0x1230
[  877.192881][ T4169]  __devinet_sysctl_register+0x2c1/0x380
[  877.198522][ T4169]  devinet_sysctl_register+0x17c/0x1f0
[  877.203969][ T4169]  inetdev_init+0x28c/0x4d0
[  877.208647][ T4169]  inetdev_event+0x280/0x1360
[  877.213347][ T4169]  raw_notifier_call_chain+0xcb/0x160
[  877.218717][ T4169]  register_netdevice+0x1275/0x16b0
[  877.223921][ T4169]  br_dev_newlink+0x23/0x100
[  877.228492][ T4169]  rtnl_newlink+0x114c/0x17d0
[  877.233143][ T4169]  rtnetlink_rcv_msg+0x9b9/0xe60
[  877.238055][ T4169]  netlink_rcv_skb+0x1e0/0x430
[  877.242790][ T4169]  netlink_unicast+0x77c/0x920
[  877.247635][ T4169]  netlink_sendmsg+0x8ab/0xbc0
[  877.252375][ T4169]  __sys_sendto+0x423/0x580
[  877.256948][ T4169]  __x64_sys_sendto+0xda/0xf0
[  877.261601][ T4169]  do_syscall_64+0x4c/0xa0
[  877.265993][ T4169]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  877.271863][ T4169] 
[  877.274167][ T4169] Last potentially related work creation:
[  877.279865][ T4169]  kasan_save_stack+0x35/0x60
[  877.284525][ T4169]  kasan_record_aux_stack+0xb8/0x100
[  877.289891][ T4169]  call_rcu+0x179/0x920
[  877.294025][ T4169]  netlink_release+0x134f/0x1790
[  877.299296][ T4169]  sock_close+0xd5/0x240
[  877.303522][ T4169]  __fput+0x234/0x930
[  877.307483][ T4169]  task_work_run+0x125/0x1a0
[  877.312134][ T4169]  exit_to_user_mode_loop+0x10f/0x130
[  877.317572][ T4169]  exit_to_user_mode_prepare+0xb1/0x140
[  877.323100][ T4169]  syscall_exit_to_user_mode+0x16/0x40
[  877.328543][ T4169]  do_syscall_64+0x58/0xa0
[  877.332949][ T4169]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  877.338826][ T4169] 
[  877.341129][ T4169] Second to last potentially related work creation:
[  877.347689][ T4169]  kasan_save_stack+0x35/0x60
[  877.352344][ T4169]  kasan_record_aux_stack+0xb8/0x100
[  877.357666][ T4169]  kvfree_call_rcu+0x10a/0x7c0
[  877.362422][ T4169]  drop_sysctl_table+0x2fa/0x430
[  877.367349][ T4169]  unregister_sysctl_table+0x87/0x130
[  877.372705][ T4169]  inetdev_event+0xce5/0x1360
[  877.377373][ T4169]  raw_notifier_call_chain+0xcb/0x160
[  877.382722][ T4169]  dev_change_name+0x671/0xbd0
[  877.387470][ T4169]  do_setlink+0x99d/0x3980
[  877.391887][ T4169]  rtnl_newlink+0x1419/0x17d0
[  877.396567][ T4169]  rtnetlink_rcv_msg+0x9b9/0xe60
[  877.401503][ T4169]  netlink_rcv_skb+0x1e0/0x430
[  877.406250][ T4169]  netlink_unicast+0x77c/0x920
[  877.410994][ T4169]  netlink_sendmsg+0x8ab/0xbc0
[  877.415751][ T4169]  __sys_sendto+0x423/0x580
[  877.420236][ T4169]  __x64_sys_sendto+0xda/0xf0
[  877.424989][ T4169]  do_syscall_64+0x4c/0xa0
[  877.429417][ T4169]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  877.435312][ T4169] 
[  877.437643][ T4169] The buggy address belongs to the object at ffff888078184000
[  877.437643][ T4169]  which belongs to the cache kmalloc-2k of size 2048
[  877.451681][ T4169] The buggy address is located 1304 bytes inside of
[  877.451681][ T4169]  2048-byte region [ffff888078184000, ffff888078184800)
[  877.465337][ T4169] The buggy address belongs to the page:
[  877.471172][ T4169] page:ffffea0001e06000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78180
[  877.481508][ T4169] head:ffffea0001e06000 order:3 compound_mapcount:0 compound_pincount:0
[  877.492257][ T4169] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  877.500253][ T4169] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888016842000
[  877.508821][ T4169] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000
[  877.517377][ T4169] page dumped because: kasan: bad access detected
[  877.523766][ T4169] page_owner tracks the page as allocated
[  877.529455][ T4169] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4168, ts 54389388909, free_ts 54360609639
[  877.548621][ T4169]  get_page_from_freelist+0x1b77/0x1c60
[  877.554267][ T4169]  __alloc_pages+0x1e1/0x470
[  877.559028][ T4169]  new_slab+0xc0/0x4b0
[  877.563079][ T4169]  ___slab_alloc+0x81e/0xdf0
[  877.567758][ T4169]  __kmalloc_node+0x200/0x3b0
[  877.572411][ T4169]  qdisc_alloc+0x8d/0xb10
[  877.576807][ T4169]  qdisc_create_dflt+0x5f/0x430
[  877.581824][ T4169]  dev_activate+0x331/0x12b0
[  877.586483][ T4169]  __dev_open+0x32c/0x420
[  877.590829][ T4169]  __dev_change_flags+0x20a/0x6a0
[  877.595859][ T4169]  dev_change_flags+0x82/0x1a0
[  877.600700][ T4169]  do_setlink+0xc01/0x3980
[  877.605101][ T4169]  rtnl_newlink+0x1419/0x17d0
[  877.609778][ T4169]  rtnetlink_rcv_msg+0x9b9/0xe60
[  877.614700][ T4169]  netlink_rcv_skb+0x1e0/0x430
[  877.619442][ T4169]  netlink_unicast+0x77c/0x920
[  877.624182][ T4169] page last free stack trace:
[  877.628828][ T4169]  free_unref_page_prepare+0x637/0x6c0
[  877.634276][ T4169]  free_unref_page+0x94/0x280
[  877.638934][ T4169]  __unfreeze_partials+0x1a5/0x200
[  877.644033][ T4169]  put_cpu_partial+0x12d/0x190
[  877.648798][ T4169]  qlist_free_all+0x35/0x90
[  877.653304][ T4169]  kasan_quarantine_reduce+0x150/0x160
[  877.658755][ T4169]  __kasan_slab_alloc+0x2f/0xd0
[  877.663623][ T4169]  slab_post_alloc_hook+0x4c/0x380
[  877.668708][ T4169]  kmem_cache_alloc_trace+0x103/0x2a0
[  877.674055][ T4169]  devlink_health_reporter_create+0x1c5/0x4c0
[  877.680100][ T4169]  nsim_dev_health_init+0x3e/0x2c0
[  877.685202][ T4169]  nsim_dev_probe+0x6bc/0x9c0
[  877.689851][ T4169]  really_probe+0x284/0xc80
[  877.694336][ T4169]  __driver_probe_device+0x18c/0x330
[  877.699716][ T4169]  driver_probe_device+0x4f/0x420
[  877.704966][ T4169]  __device_attach_driver+0x2b0/0x500
[  877.710352][ T4169] 
[  877.712660][ T4169] Memory state around the buggy address:
[  877.718266][ T4169]  ffff888078184400: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[  877.726307][ T4169]  ffff888078184480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  877.734343][ T4169] >ffff888078184500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  877.742390][ T4169]                             ^
[  877.747213][ T4169]  ffff888078184580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  877.755250][ T4169]  ffff888078184600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  877.763286][ T4169] ==================================================================
[  877.771319][ T4169] Disabling lock debugging due to kernel taint
[  877.794287][T10131] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  877.920530][ T4169] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  877.928025][ T4169] CPU: 1 PID: 4169 Comm: syz-executor Tainted: G    B             5.15.183-syzkaller #0
[  877.937846][ T4169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  877.948017][ T4169] Call Trace:
[  877.951492][ T4169]  <TASK>
[  877.954447][ T4169]  dump_stack_lvl+0x168/0x230
[  877.959252][ T4169]  ? show_regs_print_info+0x20/0x20
[  877.964488][ T4169]  ? load_image+0x3b0/0x3b0
[  877.968968][ T4169]  panic+0x2c9/0x7f0
[  877.972840][ T4169]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  877.979069][ T4169]  ? bpf_jit_dump+0xd0/0xd0
[  877.983674][ T4169]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[  877.989629][ T4169]  ? _raw_spin_unlock+0x40/0x40
[  877.994542][ T4169]  ? __list_del_entry_valid+0x80/0x120
[  877.999996][ T4169]  check_panic_on_warn+0x80/0xa0
[  878.005463][ T4169]  ? __list_del_entry_valid+0x80/0x120
[  878.010905][ T4169]  end_report+0x6d/0xf0
[  878.015126][ T4169]  kasan_report+0x102/0x130
[  878.019629][ T4169]  ? __list_del_entry_valid+0x80/0x120
[  878.025073][ T4169]  __list_del_entry_valid+0x80/0x120
[  878.030532][ T4169]  bt_accept_unlink+0x35/0x230
[  878.035380][ T4169]  l2cap_sock_teardown_cb+0x1af/0x380
[  878.040815][ T4169]  l2cap_chan_del+0xab/0x620
[  878.045411][ T4169]  l2cap_conn_del+0x3c1/0x6a0
[  878.050099][ T4169]  ? l2cap_connect_cfm+0x10d0/0x10d0
[  878.055724][ T4169]  hci_conn_hash_flush+0x107/0x220
[  878.060830][ T4169]  hci_dev_do_close+0x991/0x1030
[  878.065788][ T4169]  ? blocking_notifier_chain_unregister+0x115/0x210
[  878.072395][ T4169]  hci_unregister_dev+0x2d7/0x580
[  878.077416][ T4169]  vhci_release+0x73/0xc0
[  878.081823][ T4169]  ? vhci_open+0x290/0x290
[  878.086222][ T4169]  __fput+0x234/0x930
[  878.090263][ T4169]  task_work_run+0x125/0x1a0
[  878.094919][ T4169]  do_exit+0x616/0x20a0
[  878.099054][ T4169]  ? put_task_struct+0x80/0x80
[  878.103801][ T4169]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  878.109776][ T4169]  ? lock_chain_count+0x20/0x20
[  878.114604][ T4169]  ? _raw_spin_lock_irq+0xab/0xe0
[  878.119648][ T4169]  do_group_exit+0x12e/0x300
[  878.124215][ T4169]  ? lockdep_hardirqs_on+0x94/0x140
[  878.129415][ T4169]  get_signal+0x6ca/0x12c0
[  878.133883][ T4169]  arch_do_signal_or_restart+0xc1/0x1300
[  878.139602][ T4169]  ? kernel_waitid+0x370/0x370
[  878.144349][ T4169]  ? get_sigframe_size+0x10/0x10
[  878.149305][ T4169]  ? __x64_sys_wait4+0x181/0x1e0
[  878.154222][ T4169]  ? exit_to_user_mode_loop+0x3b/0x130
[  878.159755][ T4169]  exit_to_user_mode_loop+0x9e/0x130
[  878.165018][ T4169]  exit_to_user_mode_prepare+0xb1/0x140
[  878.170582][ T4169]  syscall_exit_to_user_mode+0x16/0x40
[  878.176025][ T4169]  do_syscall_64+0x58/0xa0
[  878.180429][ T4169]  ? clear_bhb_loop+0x15/0x70
[  878.185179][ T4169]  ? clear_bhb_loop+0x15/0x70
[  878.189858][ T4169]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  878.195741][ T4169] RIP: 0033:0x7fe6a4196bd7
[  878.200150][ T4169] Code: Unable to access opcode bytes at RIP 0x7fe6a4196bad.
[  878.207505][ T4169] RSP: 002b:00007fff33d5ff60 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
[  878.215894][ T4169] RAX: fffffffffffffe00 RBX: 000000000000041d RCX: 00007fe6a4196bd7
[  878.223843][ T4169] RDX: 0000000040000000 RSI: 00007fff33d5ffcc RDI: 00000000ffffffff
[  878.231794][ T4169] RBP: 00007fff33d5ffcc R08: 0000000000000000 R09: 0000000000000000
[  878.239743][ T4169] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000012e
[  878.247689][ T4169] R13: 0000555559266590 R14: 00000000000d099e R15: 00007fff33d60020
[  878.255654][ T4169]  </TASK>
[  878.258763][ T4169] Kernel Offset: disabled
[  878.263078][ T4169] Rebooting in 86400 seconds..