last executing test programs:

58.602831338s ago: executing program 1 (id=520):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x10008, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@errors_remount}], [{@fowner_eq}, {@obj_user={'obj_user', 0x3d, '.'}}, {@dont_appraise}, {@fsname={'fsname', 0x3d, '}\"'}}, {@smackfsroot={'smackfsroot', 0x3d, '%oauto_da_alloa'}}, {@euid_eq}, {@uid_gt}, {@fowner_eq}]}, 0x2, 0x546, &(0x7f00000005c0)="$eJzs3cFvI1cZAPBvvPHGm2abFHoABHQphQWt1km8bVT1wvYCQlUlRMWJwzYkbhTFXkexVzRhD9kj90qsxAn4D7hxQOqJAzduIHHopRyQFlgBDRIHoxlPEiexE9NEdjb+/aSJZ96bne89e9+8mZd4XgBj60ZE7ETE1Yh4NyJm8vQkX+JuZ0n3++Tpw+Xdpw+Xk2i33/l7kuWnadH1b1LP5ccsRcT3vxPxo+R43ObW9vpSrVbdzLfnWvWNuebW9u21Qp5SWVxYnH/9zmuVc6vrS/VfP/n22ls/+O1vvvTxH3a++ZO0WNM/vZ7lddfjQPHMMZP8ONNdaRMR8daZj3xxTOT/f3j2pK3tMxHxctb+Z+JK9mkCAJdZuz0T7ZnubQDgskvv/6cjKZTzsYDpKBTK5c4Y3osxVag1mq1bM40H91ciG8OajWLhvbVadT4fK5yNYpJuL2TrB9uVQ9sfVO9ExAsR8cHktSy/vNyorYzywgcAxthzR/r/f012+v9uZ/8tGABw4ZRGXQAAYOi6+v/ZUZYDABge9/8AMH7+j/7ftwMB4JJw/w8A40f/DwDjp8fzOQ97NJxyAABD8b23306X9m7n+dd7VwK3V6rN9XL9wXJ5ubG5UV5tNFZr1fJyu33a8WqNxsbCq/ubza3te/XGg/ute2v1pdXqvapnCQDA6L3w0od/Sjv9nTeuZUt0zeWgr4bLrTDqAgAjc2XUBQBGxvd5YHwNcI9vGAAuub5/ApQPECT9dnhs8ld4Vt38vPF/GFdnGf83dgDPtk83/v+tcy8HMHz6cBhf7XZizn8AGDPG+IHTHgGy/4iwrcnDGY8HOPjdT1koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuOCmsyUplLO5wHfSn4VyOeJ6RMxGMXlvrVadj4jnI+KPk8XJdHth1IUGAM6o8Nckn//r5swr00dzryb/ySb8uhoRP/75Oz97f6nV2lxI0/+xn956nKZfa21Wro6iAgBAt715Nz86SMr670r+2nUj/8nTh8t7yzCL+OTNiChdy+Lv5ksnZyImstdSFCNi6p9Jvt2RXq9cOYf4O48i4nN79S/F+10RprMxkM7Mp0fjp7Gvn3v87vf/aPzCofoWsrz0tZi9F5+NI4UDTvXhm53zZN720iaet79C3Mhee7f/UnaGOrv0/Jc2191j57/C/vnvyrH4Sdbmb+xvn1ySJ6/+7rvHEtsznbxHEV+Y6BU/2Y+f9D7/Fl8ZsI4fffHLL/fLa/8i4mbP+u/NSF3PTrNzrfrGXHNr+/ZafWm1ulq9X6ksLizOv37ntcpcNkbd+fn7XjH+9sat5/vFT+s/1Sd+6eT6x9cGrP8v//vuD79yQvxvfLX35//iCfHTPvHrA8Zfmrpb6peXxl/pU/9TPv+4NWD8j/+yvTLgrgDAEDS3tteXarXq5ikr6bXmaftYGXwlvbe/AMXIVmIn4rwOmA1KRETPfdIr6jOH2Psd04jfun/3zEpGVp5fnfcBR3lWAobhoNH33+fPwywQAAAAAAAAAAAAAABwTHNre32y97e1zm1l1HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg8vpfAAAA//+VhcPj")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000))
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r1, 0xffffffffffffffff, 0x0)

58.512040171s ago: executing program 1 (id=521):
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(0xffffffffffffffff, 0xc1004111, &(0x7f00000096c0)={0xe, [0x10000, 0x8, 0xd], [{0x8000, 0x0, 0x1, 0x1, 0x1, 0x1}, {0x8000, 0x8001, 0x0, 0x0, 0x1, 0x1}, {0x6, 0x2, 0x0, 0x1, 0x0, 0x1}, {0x2, 0x0, 0x1, 0x1}, {0x0, 0x80000000, 0x1, 0x1, 0x1}, {0x4, 0x8, 0x1, 0x1, 0x0, 0x1}, {0xf8, 0x16b40000, 0x1, 0x1, 0x1}, {0x8000, 0x0, 0x0, 0x1}, {0x29, 0x0, 0x0, 0x1}, {0x8001, 0x6, 0x0, 0x1, 0x1}, {0xf, 0xa15, 0x1, 0x0, 0x0, 0x1}, {0x80, 0x1, 0x1, 0x1, 0x1}], 0x200})
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010101, 0x4e22, 0x3, 'lblcr\x00', 0x1, 0x80005, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
sendmsg$sock(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f00000000c0)='./file0\x00', 0x3210052, &(0x7f0000000000)={[{@errors_continue}, {@order_relaxed}, {@nodiscard}, {@order_strict}, {@norecovery}, {@nodiscard}, {@nobarrier}, {@nodiscard}], [], 0x2c}, 0x43, 0xede, &(0x7f0000002a40)="$eJzs3U9sHNX9APA3a6/txCZeE35g4EdIoRXhnx2SSE1vQaAeEZfeQSGBCENRQw9E/Ak9ICohioQ4VRyouFAqpUhFAlWqop7anlr11hPqhUpVKgX10kiJqzjvrXdfPN31xJ717n4+0nffvnmz8/2ON5iZ8ezbAIytxtrjkSOLRQgffPn+4689U3x+ddnd7TX2rz0WsdcKITQ7+kW2va/igssXXz2+UVuEQ2uPqR+euNB+7WwI4WzYH86HVvh0eeWbTz587MBnb83c+u6Z51/fpt1vy/cDAABG0bk/rfzt/n/88aGFS+f2HQvT7eXp+LwV+7PxuP9gPFBOx8uN0N0vOqLTVLbeRIxGtt5Ett5klmeyJF8z206zZL2pHvkmOpZttJ8AAAAwjNJ5bSsUjaWufqOxtHTtvP+qr+aniqUXT62cPD2gQgEAAIDK/v3G2k23QgghhBBCCCGEGOFYnR/0FQgAAABg3OTzhV3n7NbO1NXeWqu//BcebWz8etgCdf/7H+r8nz842PzboFf+j9/0GwcAgOpG9Wgy7Vc6jk7zGOTzCE5kr9vs8X8j287kJussm1dwWOYbLKsz/7nuVGX1b/Z9HJSy+vP5MHeqsvrzeTp3qrL6p2uuo6qy+mdqrqOqsvp31VxHVWX17665jqrK6p+tuY6qyuqfq7mOqsrqv6nmOqoqq39PzXVUVVb/sNxWW1Z/q+Y6qiqrf6HmOqoqq//mmuuoqqz+vTXXUVVZ/bfUXMeg3BXb9HPYl413nj/n53TDco4HAAAA4+4/5v8TQgghhBhsXFodfA1C1BoTO6AGIcYv3hj0BQgAAABg4NLnAtKn3lejND7RY3yyx3izx/hUj/HpHuMAAABACL99++Tt7xXrn/O/0fnw0rxRaf6lzc5jlM9HuNn8Nzrv2Y3mH5Z5ywAAABgvxffPX3ng8Y9eXrh0bt+xjrPfK/F8N80DOhmvDXwR++m+gLmsX6Rz6GPdeRol6+XXB24q296TN7ijAAAAMMbS+XsrFI2ljvPuVmg0lpbWz8cXQ7M4eWrlxMHYT9/P8of55vTV5Y/UXDcAAADQv/Xz/dkNz//T9/guhqli6cVTKydPX+vPtZc3G53XBebXlxed1wVa2fJDJcsPx376/s7n5netLV86/sOVZ7Z65wEAAGBMnH7lzPNPr6yc+JEnnnjiSfvJoH8zAQAAW+3rr99v/vjw3O+uff5/ff679Pn//bHfinP7/TmukO4TSJ8DuO7z+k9155kvW++l7vVa2XoTMaazumc6thM65htMr1soy9fq3s5USb7ZLN9cli+fp2AyWz/l25Mtz+cnTOvNZ8vzeRgnsxxFlv+eAAAAAOWWX37hpeXTr5x5+NQLTz974tkTLx4+dPR7R48efOS7jyyv3de/3Hl3PwAAADCM1m/6HXQlAAAAAAAAAAAAAAAAAAAAML7q+DqxQe8jAAAAjLt/vRFCOCuEKIlrX4E5+DqEEGLYY+8OqEGI0Y+JHVCDEGLHxupq/k3zAAAAANvr8sVXj3e21zlbbGm+9tZa15orMW9q5x7+68LVSKtdeLT7esnuLa2GcVf3v3/5hyv/x29ubf6Z9KTv33+N7g0cq5b3vuVfLnbmv2Oyz/z5/j9ZLf+BLP99ob/8qx9l+Z+qlv/+LP/uPvNft/8vVcv/QMy/GPsH7u03f/f7Px3btB+7+sz/YLb/z4R+82f73+ozYeahmB8AxlFj0AVsk3SUkI6jZ2M/7W883Az53Q+bPf5vZNuZvOHKu7ebjoNui/10vDSX5U02W/9str2bKtaZG5a7Ssrq36r3cbuV1d+suY6qyuqfqrmOqsrqn665jqrK6p+puY6qyurvOg99buf+11BW/7BcVy6rf7bmOqoqq3+u5jqqKqt/s/8fH5Sy+vfUXEdVZfXP11xHVWX1V7ysVruy+hdqrqOqsvpvrrmOqsrq31tzHVWV1X9LzXUMyp2xLTsfTuef83Es9VtZf3qDn+WoXlsAAACAYfNP8/8JIYQQQgghhBAjH6urg74CwSBt76eZAdip/P4fb97/8eb9H2/ef/6XdA9/kfWTiR7jkz3Gmz3Gp7Lx/N/rdI/xvdl2V6M0fkuP8f/rMb6nx/htPcYXNxjf1TF+e4/X39Fj/M4e4wAAAIyHW2Pr/BAAAABG12u/+uKd39z31MWFS+f2HQtT1807fzD2p+Pf1t+O/Xze+6QZ/+b/k9j/RWx/H9u/Z+u7/wQAAAC2X/qeGH//BwAAgNGVvqfU+T8AAACMroXYOv8HAACA0XVzbJ3/AwAAwAgrZjZeHNt0XeCe2PY7rx8AsPP9f2zviu2+2N4d22/FNh0H3Bvbb9dUHwCwdX7+g58efa9Yn+//cDZ+OS5P7XXOXrtSUDS6Z/LfFdvdsf1On/Xk3wfQb/5kT595tiv//A3mBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGR2Pt8ciRxSKED758//GfTb3zl6vL7m6vsX/tsYi9Vgih2X5dGl3v/zquePniq8c72yuxLcKhUISivTw8caGdaTaEcDbsD+dDK3y6vPLNJx8+duCzt2ZufffM869v44+ga/8AAABgFP03AAD//wcJIDw=")

57.418451242s ago: executing program 1 (id=532):
syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f0000000180)=0x1)
setresgid(0xee00, 0xee01, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x7f, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x38, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x3, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x0, 0x200, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x5, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x2, 0x7, 0x6, 0x6, 0x5, 0x3, 0x87, 0x22e2, 0x502, 0xffffffff, 0x7, 0x1ff, 0x6, 0x10001, 0x9e, 0x1, 0x5, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x2, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x1], [0x8, 0x7, 0x3, 0xfffffffc, 0x8000, 0x2, 0x8, 0x1ff, 0xfffffffe, 0x10, 0x5e, 0x4, 0x8, 0x8, 0x5, 0x8, 0xfb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a4, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x80000000, 0x652d, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x810, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
ppoll(&(0x7f00000000c0)=[{r3, 0x60}], 0x1, 0x0, 0x0, 0x0)

54.271943901s ago: executing program 1 (id=557):
socket$inet_tcp(0x2, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()

52.792660157s ago: executing program 1 (id=565):
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x1141, &(0x7f0000002380)="$eJzs2L1qFFEYBuD3zG5MNgojsR8sU0gILLb+FArb2ioWhlR2SaUEzI3Y2dh5IZLKPqSyUIu0IozszK7LBjGgMYU+TzPf+Zlv5pTvCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEwNk88luVElG/O5KklJmuZocpKkSfL6dpLr7wdZK3m0O9l/sDd+uD/bWqU8Tsq0THl7p+8x3hi3MysvXj7PWrLXLTy7WtLk+DR5emGHWP1RDX6xq+pOm2TUjydV9/sAAADwz2v/WJ0yb/Z1tNR7kcU/Ju+uLX+3vqjvAwAAAOf56xcMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdo60W9uTsrqiQlaZqjyUmSJkl95r2V/rF+aT8KAAAA/LaSKk/Ohvs+/nfXAL1pdSsf6rKapfncrbKdN3VG3WiYpTdmRv3Kt7b9ySIAAAD8h9ouYOdmyuEiJpcr5XCexzczXMx3O4fZ2urHW7MA/uV+Pq0na9vLvUf30r5KDnaOTw92SjsYXNqpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDv7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqgAAAP//21bjfQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000000)='./file0\x00')

52.314751116s ago: executing program 1 (id=569):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, 0x0)
read$midi(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x80383, 0x0)
ioctl$SNDCTL_SEQ_RESET(r3, 0x5100)

46.618089187s ago: executing program 4 (id=606):
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x1141, &(0x7f0000002380)="$eJzs2L1qFFEYBuD3zG5MNgojsR8sU0gILLb+FArb2ioWhlR2SaUEzI3Y2dh5IZLKPqSyUIu0IozszK7LBjGgMYU+TzPf+Zlv5pTvCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEwNk88luVElG/O5KklJmuZocpKkSfL6dpLr7wdZK3m0O9l/sDd+uD/bWqU8Tsq0THl7p+8x3hi3MysvXj7PWrLXLTy7WtLk+DR5emGHWP1RDX6xq+pOm2TUjydV9/sAAADwz2v/WJ0yb/Z1tNR7kcU/Ju+uLX+3vqjvAwAAAOf56xcMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdo60W9uTsrqiQlaZqjyUmSJkl95r2V/rF+aT8KAAAA/LaSKk/Ohvs+/nfXAL1pdSsf6rKapfncrbKdN3VG3WiYpTdmRv3Kt7b9ySIAAAD8h9ouYOdmyuEiJpcr5XCexzczXMx3O4fZ2urHW7MA/uV+Pq0na9vLvUf30r5KDnaOTw92SjsYXNqpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDv7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqgAAAP//21bjfQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
socket$kcm(0x2, 0x922000000001, 0x106)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, &(0x7f0000004a40))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

45.721080495s ago: executing program 4 (id=609):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000ffff2abd"], 0x3c}, 0x1, 0x0, 0x0, 0x8841}, 0x280048c6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a300000000093c46970e4ac8ca10000000098000000060a010400000000000000000100000008000b400000000070000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c000100626974776973650028000280"], 0x10c}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)

45.53501751s ago: executing program 4 (id=612):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
write$apparmor_exec(r3, &(0x7f0000000600)={'stack ', '#(%#{//(@\\)//&@},[\'%%&\\#*\x00'}, 0x20)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x1a, 0x0, &(0x7f0000000080)=0x2)

44.613052744s ago: executing program 4 (id=616):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x10b701)
ioctl$USBDEVFS_CLAIM_PORT(r3, 0x80045518, &(0x7f0000000040)=0x1)

43.696693228s ago: executing program 4 (id=622):
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x1141, &(0x7f0000002380)="$eJzs2L1qFFEYBuD3zG5MNgojsR8sU0gILLb+FArb2ioWhlR2SaUEzI3Y2dh5IZLKPqSyUIu0IozszK7LBjGgMYU+TzPf+Zlv5pTvCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEwNk88luVElG/O5KklJmuZocpKkSfL6dpLr7wdZK3m0O9l/sDd+uD/bWqU8Tsq0THl7p+8x3hi3MysvXj7PWrLXLTy7WtLk+DR5emGHWP1RDX6xq+pOm2TUjydV9/sAAADwz2v/WJ0yb/Z1tNR7kcU/Ju+uLX+3vqjvAwAAAOf56xcMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdo60W9uTsrqiQlaZqjyUmSJkl95r2V/rF+aT8KAAAA/LaSKk/Ohvs+/nfXAL1pdSsf6rKapfncrbKdN3VG3WiYpTdmRv3Kt7b9ySIAAAD8h9ouYOdmyuEiJpcr5XCexzczXMx3O4fZ2urHW7MA/uV+Pq0na9vLvUf30r5KDnaOTw92SjsYXNqpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDv7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqgAAAP//21bjfQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
socket$kcm(0x2, 0x922000000001, 0x106)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, &(0x7f0000004a40))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

42.821567931s ago: executing program 4 (id=628):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000000480), 0x82, 0x553, &(0x7f0000001880)="$eJzs3cFvI1cZAPBvvHGTTbNNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRscN4pir6PYK5qQQ/bIvRIrcQL+A24ckHriwI0bSBwqpHJAWiACbZA4GM14NnETOzGbxM4mv5809rw3s/O9t86bN/Mszwvg0roeEdsR8VxEvBcR03l+ki9xp7Ok+z3e2ars7mxVkmi33/1Hkm1P86Lr36Sez485ERHf/07Ej5LDcZsbm6uLtVp1PU/Ptuprs82NzVsrhTynvDC/MPfG7dfLp1bXl+u/fvTtlbd/8NvffOmTP2x/8ydpsaZ+ei3b1l2PfcXs9S8niJnkx5nqyhuLiLdPcMzzZiz/++HZk7a2z0TEK1n7n44r2acJAFxk7fZ0tKe70wDARZfe/09FUijlYwFTUSiUSp0xvJdislBrNFs3pxv37y1FNoY1E8XC+yu16lw+VjgTxSRNz2fr++nyp9IfVm9HxIsR8eH41Wx7qdKoLY3ywgcALrHnD/T//x7v9P/diqMqHABwZsYmBttv/KwLAgAMT1f/PzPKcgAAw5P1/8n2qIsBAAzRgOP/kf/WEwC4AP6P/h8AuCD0/wBw+Rzb/z8YTjkAgKH43jvvpEt7t/P86ydP6r61VG2ulur3K6VKY32ttNxoLNeqpUq7fdzxao3G2vxre8nmxubdeuP+vdbdlfricvVu1bMEAGD0Xnz5oz+lnf72m1ezJbrmctBXw8VWGHUBgJG5MuoCACPj9zxweQ1wj28YAC64HlP0duQDBEm/HR6a/BWeVTc+b/wfLquTjP8bO4Bn29ON/3/r1MsBDJ8+HC6vdjsx5z8AXDLG+IHs6/0jvsfv+4iQhwMc/M7TlQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOu6lsSQqlbC7w7fS1UCpFXIuImSgm76/UqnMR8UJE/HG8OJ6m50ddaADghAp/S/L5v25Mvzp1cOtzyX/GI58a7Mc/f/dnHyy2Wuvzaf4/9/JbD9P8q631co8JxPpOHAYAnIkn825+vJ+V9d/l/L3rRv7xzlbl8U7af29VhlnER2+l1whXs/i7+dLZMhZj2ftEFCNi8l9Jnu5Ir1eunEL87QcR8bkn9Z+ID7oiTGVjIJ0LmIPx09jXTj1+Z+kdv/Cp+haybel7Mfu/+GwcKBxwrI/e6pwn87aXNvG8/RXievbeu/1PZGeok0vPf2lz3T10/ivsnf+uHIqfZG3++l766JI8eu133z2U2Z7ubHsQ8YWxXvGTvfhJ7/Nv8dUB6/jxF7/8Sr9t7V9E3OhZ/yTfo56dZmdb9bXZ5sbmrZX64nJ1uXqvXF6YX5h74/br5dlsjLrz+vteMf7+5s0X+sVP6z/ZJ/7E0fWPrw1Y/1/+970ffuWI+N/4au/P/6Uj4qd94tcHjL84eafvXXgaf6lP/Y/5/OPmgPE/+evm0oC7AgBD0NzYXF2s1arrx6yk15rH7WNl8JX03v4cFCNbie2I0zpgNigRET33Sa+oz0eVz2olGVn0X532AUd9ZgLO2n6j77/Pn4dZIAAAAAAAAAAAAAAA4JDmxubqeO9fa53ayqjrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX1vwAAAP//867FDA==")
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x45)
r0 = syz_io_uring_setup(0xbd9, &(0x7f0000000640)={0x0, 0xe826, 0x800, 0x1, 0x3c3}, &(0x7f0000000dc0)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

41.5055852s ago: executing program 0 (id=633):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r1 = getpid()
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000140)={0x3, 0x8, 0x1, 0x0, 0x7f})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0xbc3d, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
unshare(0xe060400)
unshare(0x2c060000)
rt_sigqueueinfo(0x0, 0x21, 0x0)
pread64(r2, &(0x7f0000000380)=""/140, 0x8c, 0x200000000000000)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, r1, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105518, &(0x7f0000000c40)={{0x1, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x1688, 0x3, 0x0, 0x0, 0xdf3, 0x0, 0x0, 0xffbffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x4, 0x80000, 0xf, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x4, 0x7, 0x0, 0x7, 0x7ff, 0xfffffffe, 0x0, 0x40, 0x0, 0x0, 0x100000001, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x4, 0x0, 0x0, 0x40, 0xfffffffffffffffc, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffa, 0x0, 0x401, 0x0, 0x8000000000000000, 0x5, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x1, 0xfffffffd, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffb, 0x0, 0xfffffffffffffffc, 0x80000000000000, 0xfffffffc, 0x1, 0x8, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0x0, 0xde4, 0x7, 0x0, 0x100000000]})
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r6, &(0x7f0000000a80)=[{&(0x7f0000000240)=""/204, 0xcc}], 0x1, 0x9, 0x0)
fcntl$getown(r4, 0x9)
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x4000)

40.285005026s ago: executing program 0 (id=638):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000ffff2abd"], 0x3c}, 0x1, 0x0, 0x0, 0x8841}, 0x280048c6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a300000000093c46970e4ac8ca10000000098000000060a010400000000000000000100000008000b400000000070000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c000100626974776973650028000280"], 0x10c}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)

40.236728527s ago: executing program 0 (id=639):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
write$apparmor_exec(r3, &(0x7f0000000600)={'stack ', '#(%#{//(@\\)//&@},[\'%%&\\#*\x00'}, 0x20)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x1a, 0x0, &(0x7f0000000080)=0x2)

39.004699102s ago: executing program 0 (id=646):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x4, 0x1000}, 0x4)
pselect6(0x32, &(0x7f0000000100)={0x0, 0x0, 0xffff, 0x2, 0x0, 0x0, 0x0, 0x400}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x10000000000, 0x1000000002, 0x0, 0x0, 0x6}, 0x0, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200"/15], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r3 = fcntl$dupfd(r0, 0x406, r0)
sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000007f40)=ANY=[], 0x76b0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004001)

38.024438604s ago: executing program 0 (id=651):
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x1141, &(0x7f0000002380)="$eJzs2L1qFFEYBuD3zG5MNgojsR8sU0gILLb+FArb2ioWhlR2SaUEzI3Y2dh5IZLKPqSyUIu0IozszK7LBjGgMYU+TzPf+Zlv5pTvCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEwNk88luVElG/O5KklJmuZocpKkSfL6dpLr7wdZK3m0O9l/sDd+uD/bWqU8Tsq0THl7p+8x3hi3MysvXj7PWrLXLTy7WtLk+DR5emGHWP1RDX6xq+pOm2TUjydV9/sAAADwz2v/WJ0yb/Z1tNR7kcU/Ju+uLX+3vqjvAwAAAOf56xcMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdo60W9uTsrqiQlaZqjyUmSJkl95r2V/rF+aT8KAAAA/LaSKk/Ohvs+/nfXAL1pdSsf6rKapfncrbKdN3VG3WiYpTdmRv3Kt7b9ySIAAAD8h9ouYOdmyuEiJpcr5XCexzczXMx3O4fZ2urHW7MA/uV+Pq0na9vLvUf30r5KDnaOTw92SjsYXNqpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDv7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqgAAAP//21bjfQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
socket$kcm(0x2, 0x922000000001, 0x106)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, &(0x7f0000004a40))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

37.257834998s ago: executing program 32 (id=569):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, 0x0)
read$midi(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x80383, 0x0)
ioctl$SNDCTL_SEQ_RESET(r3, 0x5100)

37.101181488s ago: executing program 0 (id=656):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
write$apparmor_exec(r3, &(0x7f0000000600)={'stack ', '#(%#{//(@\\)//&@},[\'%%&\\#*\x00'}, 0x20)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x1a, 0x0, &(0x7f0000000080)=0x2)

27.675027925s ago: executing program 33 (id=628):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000000480), 0x82, 0x553, &(0x7f0000001880)="$eJzs3cFvI1cZAPBvvHGTTbNNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRscN4pir6PYK5qQQ/bIvRIrcQL+A24ckHriwI0bSBwqpHJAWiACbZA4GM14NnETOzGbxM4mv5809rw3s/O9t86bN/Mszwvg0roeEdsR8VxEvBcR03l+ki9xp7Ok+z3e2ars7mxVkmi33/1Hkm1P86Lr36Sez485ERHf/07Ej5LDcZsbm6uLtVp1PU/Ptuprs82NzVsrhTynvDC/MPfG7dfLp1bXl+u/fvTtlbd/8NvffOmTP2x/8ydpsaZ+ei3b1l2PfcXs9S8niJnkx5nqyhuLiLdPcMzzZiz/++HZk7a2z0TEK1n7n44r2acJAFxk7fZ0tKe70wDARZfe/09FUijlYwFTUSiUSp0xvJdislBrNFs3pxv37y1FNoY1E8XC+yu16lw+VjgTxSRNz2fr++nyp9IfVm9HxIsR8eH41Wx7qdKoLY3ywgcALrHnD/T//x7v9P/diqMqHABwZsYmBttv/KwLAgAMT1f/PzPKcgAAw5P1/8n2qIsBAAzRgOP/kf/WEwC4AP6P/h8AuCD0/wBw+Rzb/z8YTjkAgKH43jvvpEt7t/P86ydP6r61VG2ulur3K6VKY32ttNxoLNeqpUq7fdzxao3G2vxre8nmxubdeuP+vdbdlfricvVu1bMEAGD0Xnz5oz+lnf72m1ezJbrmctBXw8VWGHUBgJG5MuoCACPj9zxweQ1wj28YAC64HlP0duQDBEm/HR6a/BWeVTc+b/wfLquTjP8bO4Bn29ON/3/r1MsBDJ8+HC6vdjsx5z8AXDLG+IHs6/0jvsfv+4iQhwMc/M7TlQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOu6lsSQqlbC7w7fS1UCpFXIuImSgm76/UqnMR8UJE/HG8OJ6m50ddaADghAp/S/L5v25Mvzp1cOtzyX/GI58a7Mc/f/dnHyy2Wuvzaf4/9/JbD9P8q631co8JxPpOHAYAnIkn825+vJ+V9d/l/L3rRv7xzlbl8U7af29VhlnER2+l1whXs/i7+dLZMhZj2ftEFCNi8l9Jnu5Ir1eunEL87QcR8bkn9Z+ID7oiTGVjIJ0LmIPx09jXTj1+Z+kdv/Cp+haybel7Mfu/+GwcKBxwrI/e6pwn87aXNvG8/RXievbeu/1PZGeok0vPf2lz3T10/ivsnf+uHIqfZG3++l766JI8eu133z2U2Z7ubHsQ8YWxXvGTvfhJ7/Nv8dUB6/jxF7/8Sr9t7V9E3OhZ/yTfo56dZmdb9bXZ5sbmrZX64nJ1uXqvXF6YX5h74/br5dlsjLrz+vteMf7+5s0X+sVP6z/ZJ/7E0fWPrw1Y/1/+970ffuWI+N/4au/P/6Uj4qd94tcHjL84eafvXXgaf6lP/Y/5/OPmgPE/+evm0oC7AgBD0NzYXF2s1arrx6yk15rH7WNl8JX03v4cFCNbie2I0zpgNigRET33Sa+oz0eVz2olGVn0X532AUd9ZgLO2n6j77/Pn4dZIAAAAAAAAAAAAAAA4JDmxubqeO9fa53ayqjrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX1vwAAAP//867FDA==")
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x45)
r0 = syz_io_uring_setup(0xbd9, &(0x7f0000000640)={0x0, 0xe826, 0x800, 0x1, 0x3c3}, &(0x7f0000000dc0)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

21.691587897s ago: executing program 34 (id=656):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
write$apparmor_exec(r3, &(0x7f0000000600)={'stack ', '#(%#{//(@\\)//&@},[\'%%&\\#*\x00'}, 0x20)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x1a, 0x0, &(0x7f0000000080)=0x2)

9.168174666s ago: executing program 6 (id=740):
syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f0000000180)=0x1)
setresgid(0xee00, 0xee01, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x7f, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x38, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x3, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x0, 0x200, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x5, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x2, 0x7, 0x6, 0x6, 0x5, 0x3, 0x87, 0x22e2, 0x502, 0xffffffff, 0x7, 0x1ff, 0x6, 0x10001, 0x9e, 0x1, 0x5, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x2, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x1], [0x8, 0x7, 0x3, 0xfffffffc, 0x8000, 0x2, 0x8, 0x1ff, 0xfffffffe, 0x10, 0x5e, 0x4, 0x8, 0x8, 0x5, 0x8, 0xfb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a4, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x80000000, 0x652d, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r2, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
ppoll(&(0x7f00000000c0)=[{r2, 0x60}], 0x1, 0x0, 0x0, 0x0)

7.11935445s ago: executing program 6 (id=744):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r1 = getpid()
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000140)={0x3, 0x8, 0x1, 0x0, 0x7f})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0xbc3d, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
memfd_create(0x0, 0x3)
unshare(0x2c060000)
rt_sigqueueinfo(0x0, 0x21, 0x0)
pread64(r2, &(0x7f0000000380)=""/140, 0x8c, 0x200000000000000)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, r1, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105518, &(0x7f0000000c40)={{0x1, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x1688, 0x3, 0x0, 0x0, 0xdf3, 0x0, 0x0, 0xffbffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x4, 0x80000, 0xf, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x4, 0x7, 0x0, 0x7, 0x7ff, 0xfffffffe, 0x0, 0x40, 0x0, 0x0, 0x100000001, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x4, 0x0, 0x0, 0x40, 0xfffffffffffffffc, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffa, 0x0, 0x401, 0x0, 0x8000000000000000, 0x5, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x1, 0xfffffffd, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffb, 0x0, 0xfffffffffffffffc, 0x80000000000000, 0xfffffffc, 0x1, 0x8, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0x0, 0xde4, 0x7, 0x0, 0x100000000]})
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r6, &(0x7f0000000a80)=[{&(0x7f0000000240)=""/204, 0xcc}], 0x1, 0x9, 0x0)
fcntl$getown(r4, 0x9)
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x4000)

5.69628264s ago: executing program 6 (id=751):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, 0x0)
write$vhost_msg(r0, &(0x7f0000000540)={0x1, {&(0x7f0000000200)=""/80, 0xfffffff1, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f00000039c0)={0x2, 0x0, {&(0x7f0000000680)=""/184, 0xfffffefd, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000001540)={0x2, 0x0, {&(0x7f0000000d40)=""/201, 0xc9, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000280)={0x2, 0x0, {&(0x7f0000000840)=""/225, 0xe1, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000380)={0x2, 0x0, {&(0x7f0000000740)=""/199, 0xc7, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000480)=""/187, 0xbb, 0x0, 0x2, 0x3}}, 0x48)

4.298005434s ago: executing program 6 (id=757):
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x1141, &(0x7f0000002380)="$eJzs2L1qFFEYBuD3zG5MNgojsR8sU0gILLb+FArb2ioWhlR2SaUEzI3Y2dh5IZLKPqSyUIu0IozszK7LBjGgMYU+TzPf+Zlv5pTvCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEwNk88luVElG/O5KklJmuZocpKkSfL6dpLr7wdZK3m0O9l/sDd+uD/bWqU8Tsq0THl7p+8x3hi3MysvXj7PWrLXLTy7WtLk+DR5emGHWP1RDX6xq+pOm2TUjydV9/sAAADwz2v/WJ0yb/Z1tNR7kcU/Ju+uLX+3vqjvAwAAAOf56xcMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdo60W9uTsrqiQlaZqjyUmSJkl95r2V/rF+aT8KAAAA/LaSKk/Ohvs+/nfXAL1pdSsf6rKapfncrbKdN3VG3WiYpTdmRv3Kt7b9ySIAAAD8h9ouYOdmyuEiJpcr5XCexzczXMx3O4fZ2urHW7MA/uV+Pq0na9vLvUf30r5KDnaOTw92SjsYXNqpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDv7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqgAAAP//21bjfQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000000)='./file0\x00')

4.257817207s ago: executing program 2 (id=759):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x80782, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
write(r0, &(0x7f0000000100)='^', 0x1)
write(r0, &(0x7f0000000400)="224df6e3aa1367ce197ae58cbef1e37891a6d533aebbaba3bd3d95760fb9bef8fee32642e76ad270231234d07aa3e0713c6f3887174e17fe9a5dae6d3e8a6be74aa7e7deb1c76d580c5e4efbc0747e19f04bbbb9935cd4026882c6c0b694f35d9e9594d4419f6c972376c9ec5e019d6fa926ac014fb9200d2d4feffcba54ec050808be88810c14929e944c53405af51ebb453df30e7ed48acca7aa16114b56e6db89171c6d41999c419dc921b5657c171074e9afae6987affbf9", 0xba)

4.165649232s ago: executing program 7 (id=761):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240326565a708000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c000280080001400000000114"], 0xd0}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x11ea, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

4.101712521s ago: executing program 7 (id=762):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
shutdown(r0, 0x1)

3.954772796s ago: executing program 5 (id=763):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x2, 0x10}, 0xc)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e24, @empty}}, 0x8003, 0xbffc, 0xe652, 0x5, 0x134, 0x48, 0xff}, 0x9c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c)

3.937890804s ago: executing program 6 (id=764):
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x1141, &(0x7f0000002380)="$eJzs2L1qFFEYBuD3zG5MNgojsR8sU0gILLb+FArb2ioWhlR2SaUEzI3Y2dh5IZLKPqSyUIu0IozszK7LBjGgMYU+TzPf+Zlv5pTvCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEwNk88luVElG/O5KklJmuZocpKkSfL6dpLr7wdZK3m0O9l/sDd+uD/bWqU8Tsq0THl7p+8x3hi3MysvXj7PWrLXLTy7WtLk+DR5emGHWP1RDX6xq+pOm2TUjydV9/sAAADwz2v/WJ0yb/Z1tNR7kcU/Ju+uLX+3vqjvAwAAAOf56xcMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdo60W9uTsrqiQlaZqjyUmSJkl95r2V/rF+aT8KAAAA/LaSKk/Ohvs+/nfXAL1pdSsf6rKapfncrbKdN3VG3WiYpTdmRv3Kt7b9ySIAAAD8h9ouYOdmyuEiJpcr5XCexzczXMx3O4fZ2urHW7MA/uV+Pq0na9vLvUf30r5KDnaOTw92SjsYXNqpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDv7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqgAAAP//21bjfQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
socket$kcm(0x2, 0x922000000001, 0x106)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, &(0x7f0000004a40))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

3.91477744s ago: executing program 5 (id=765):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x10008, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@errors_remount}], [{@fowner_eq}, {@obj_user={'obj_user', 0x3d, '.'}}, {@dont_appraise}, {@fsname={'fsname', 0x3d, '}\"'}}, {@smackfsroot={'smackfsroot', 0x3d, '%oauto_da_alloa'}}, {@euid_eq}, {@uid_gt}, {@fowner_eq}]}, 0x2, 0x546, &(0x7f00000005c0)="$eJzs3cFvI1cZAPBvvPHGm2abFHoABHQphQWt1km8bVT1wvYCQlUlRMWJwzYkbhTFXkexVzRhD9kj90qsxAn4D7hxQOqJAzduIHHopRyQFlgBDRIHoxlPEiexE9NEdjb+/aSJZ96bne89e9+8mZd4XgBj60ZE7ETE1Yh4NyJm8vQkX+JuZ0n3++Tpw+Xdpw+Xk2i33/l7kuWnadH1b1LP5ccsRcT3vxPxo+R43ObW9vpSrVbdzLfnWvWNuebW9u21Qp5SWVxYnH/9zmuVc6vrS/VfP/n22ls/+O1vvvTxH3a++ZO0WNM/vZ7lddfjQPHMMZP8ONNdaRMR8daZj3xxTOT/f3j2pK3tMxHxctb+Z+JK9mkCAJdZuz0T7ZnubQDgskvv/6cjKZTzsYDpKBTK5c4Y3osxVag1mq1bM40H91ciG8OajWLhvbVadT4fK5yNYpJuL2TrB9uVQ9sfVO9ExAsR8cHktSy/vNyorYzywgcAxthzR/r/f012+v9uZ/8tGABw4ZRGXQAAYOi6+v/ZUZYDABge9/8AMH7+j/7ftwMB4JJw/w8A40f/DwDjp8fzOQ97NJxyAABD8b23306X9m7n+dd7VwK3V6rN9XL9wXJ5ubG5UV5tNFZr1fJyu33a8WqNxsbCq/ubza3te/XGg/ute2v1pdXqvapnCQDA6L3w0od/Sjv9nTeuZUt0zeWgr4bLrTDqAgAjc2XUBQBGxvd5YHwNcI9vGAAuub5/ApQPECT9dnhs8ld4Vt38vPF/GFdnGf83dgDPtk83/v+tcy8HMHz6cBhf7XZizn8AGDPG+IHTHgGy/4iwrcnDGY8HOPjdT1koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuOCmsyUplLO5wHfSn4VyOeJ6RMxGMXlvrVadj4jnI+KPk8XJdHth1IUGAM6o8Nckn//r5swr00dzryb/ySb8uhoRP/75Oz97f6nV2lxI0/+xn956nKZfa21Wro6iAgBAt715Nz86SMr670r+2nUj/8nTh8t7yzCL+OTNiChdy+Lv5ksnZyImstdSFCNi6p9Jvt2RXq9cOYf4O48i4nN79S/F+10RprMxkM7Mp0fjp7Gvn3v87vf/aPzCofoWsrz0tZi9F5+NI4UDTvXhm53zZN720iaet79C3Mhee7f/UnaGOrv0/Jc2191j57/C/vnvyrH4Sdbmb+xvn1ySJ6/+7rvHEtsznbxHEV+Y6BU/2Y+f9D7/Fl8ZsI4fffHLL/fLa/8i4mbP+u/NSF3PTrNzrfrGXHNr+/ZafWm1ulq9X6ksLizOv37ntcpcNkbd+fn7XjH+9sat5/vFT+s/1Sd+6eT6x9cGrP8v//vuD79yQvxvfLX35//iCfHTPvHrA8Zfmrpb6peXxl/pU/9TPv+4NWD8j/+yvTLgrgDAEDS3tteXarXq5ikr6bXmaftYGXwlvbe/AMXIVmIn4rwOmA1KRETPfdIr6jOH2Psd04jfun/3zEpGVp5fnfcBR3lWAobhoNH33+fPwywQAAAAAAAAAAAAAABwTHNre32y97e1zm1l1HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg8vpfAAAA//+VhcPj")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000))
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r3, 0xffffffffffffffff, 0x0)

3.835740557s ago: executing program 3 (id=766):
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61123400000000006113500000000000bf200000000000001500000008ffffffbd03010000000000dd200000000000006916320000000000bf67000000000000a406000007ff07006706000002000000070600000ee60000bf050000000000002e650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a2aadfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c74"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000180)=ANY=[@ANYBLOB="e0000002ac1414aa01"], 0x18)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r1, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

3.646557105s ago: executing program 3 (id=767):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000ffff2abd"], 0x3c}, 0x1, 0x0, 0x0, 0x8841}, 0x280048c6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a300000000093c46970e4ac8ca10000000098000000060a010400000000000000000100000008000b400000000070000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c000100626974776973650028000280"], 0x10c}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f73"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)

3.525495174s ago: executing program 3 (id=768):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r1 = getpid()
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000140)={0x3, 0x8, 0x1, 0x0, 0x7f})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0xbc3d, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, 0x0, 0x0)
unshare(0xe060400)
memfd_create(0x0, 0x3)
unshare(0x2c060000)
rt_sigqueueinfo(0x0, 0x21, 0x0)
pread64(r2, &(0x7f0000000380)=""/140, 0x8c, 0x200000000000000)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, r1, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105518, &(0x7f0000000c40)={{0x1, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x1688, 0x3, 0x0, 0x0, 0xdf3, 0x0, 0x0, 0xffbffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x4, 0x80000, 0xf, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x4, 0x7, 0x0, 0x7, 0x7ff, 0xfffffffe, 0x0, 0x40, 0x0, 0x0, 0x100000001, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x4, 0x0, 0x0, 0x40, 0xfffffffffffffffc, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffa, 0x0, 0x401, 0x0, 0x8000000000000000, 0x5, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x1, 0xfffffffd, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffb, 0x0, 0xfffffffffffffffc, 0x80000000000000, 0xfffffffc, 0x1, 0x8, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0x0, 0xde4, 0x7, 0x0, 0x100000000]})
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r6, &(0x7f0000000a80)=[{&(0x7f0000000240)=""/204, 0xcc}], 0x1, 0x9, 0x0)
fcntl$getown(r4, 0x9)
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x4000)

3.162542013s ago: executing program 7 (id=769):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
r0 = socket(0x8, 0x3, 0x3)
r1 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r1, &(0x7f0000000140)={0x18, 0x2, {0xffff, @loopback}}, 0x1e)
connect$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r2, 0x40047438, &(0x7f0000000040)=0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000340)=0x14)
getuid()
setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000000)=0x3)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
ioctl$PPPIOCUNBRIDGECHAN(r2, 0x7434)

3.073561168s ago: executing program 7 (id=770):
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(0xffffffffffffffff, 0xc1004111, &(0x7f00000096c0)={0xe, [0x10000, 0x8, 0xd], [{0x8000, 0x0, 0x1, 0x1, 0x1, 0x1}, {0x8000, 0x8001, 0x0, 0x0, 0x1, 0x1}, {0x6, 0x2, 0x0, 0x1, 0x0, 0x1}, {0x2, 0x0, 0x1, 0x1}, {0x0, 0x80000000, 0x1, 0x1, 0x1}, {0x4, 0x8, 0x1, 0x1, 0x0, 0x1}, {0xf8, 0x16b40000, 0x1, 0x1, 0x1}, {0x8000, 0x0, 0x0, 0x1}, {0x29, 0x0, 0x0, 0x1}, {0x8001, 0x6, 0x0, 0x1, 0x1}, {0xf, 0xa15, 0x1, 0x0, 0x0, 0x1}, {0x80, 0x1, 0x1, 0x1, 0x1}], 0x200})
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010101, 0x4e22, 0x3, 'lblcr\x00', 0x1, 0x80005, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
sendmsg$sock(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f00000000c0)='./file0\x00', 0x3210052, &(0x7f0000000000)={[{@errors_continue}, {@order_relaxed}, {@nodiscard}, {@order_strict}, {@norecovery}, {@nodiscard}, {@nobarrier}, {@nodiscard}], [], 0x2c}, 0x43, 0xede, &(0x7f0000002a40)="$eJzs3U9sHNX9APA3a6/txCZeE35g4EdIoRXhnx2SSE1vQaAeEZfeQSGBCENRQw9E/Ak9ICohioQ4VRyouFAqpUhFAlWqop7anlr11hPqhUpVKgX10kiJqzjvrXdfPN31xJ717n4+0nffvnmz8/2ON5iZ8ezbAIytxtrjkSOLRQgffPn+4689U3x+ddnd7TX2rz0WsdcKITQ7+kW2va/igssXXz2+UVuEQ2uPqR+euNB+7WwI4WzYH86HVvh0eeWbTz587MBnb83c+u6Z51/fpt1vy/cDAABG0bk/rfzt/n/88aGFS+f2HQvT7eXp+LwV+7PxuP9gPFBOx8uN0N0vOqLTVLbeRIxGtt5Ett5klmeyJF8z206zZL2pHvkmOpZttJ8AAAAwjNJ5bSsUjaWufqOxtHTtvP+qr+aniqUXT62cPD2gQgEAAIDK/v3G2k23QgghhBBCCCGEGOFYnR/0FQgAAABg3OTzhV3n7NbO1NXeWqu//BcebWz8etgCdf/7H+r8nz842PzboFf+j9/0GwcAgOpG9Wgy7Vc6jk7zGOTzCE5kr9vs8X8j287kJussm1dwWOYbLKsz/7nuVGX1b/Z9HJSy+vP5MHeqsvrzeTp3qrL6p2uuo6qy+mdqrqOqsvp31VxHVWX17665jqrK6p+tuY6qyuqfq7mOqsrqv6nmOqoqq39PzXVUVVb/sNxWW1Z/q+Y6qiqrf6HmOqoqq//mmuuoqqz+vTXXUVVZ/bfUXMeg3BXb9HPYl413nj/n53TDco4HAAAA4+4/5v8TQgghhBhsXFodfA1C1BoTO6AGIcYv3hj0BQgAAABg4NLnAtKn3lejND7RY3yyx3izx/hUj/HpHuMAAABACL99++Tt7xXrn/O/0fnw0rxRaf6lzc5jlM9HuNn8Nzrv2Y3mH5Z5ywAAABgvxffPX3ng8Y9eXrh0bt+xjrPfK/F8N80DOhmvDXwR++m+gLmsX6Rz6GPdeRol6+XXB24q296TN7ijAAAAMMbS+XsrFI2ljvPuVmg0lpbWz8cXQ7M4eWrlxMHYT9/P8of55vTV5Y/UXDcAAADQv/Xz/dkNz//T9/guhqli6cVTKydPX+vPtZc3G53XBebXlxed1wVa2fJDJcsPx376/s7n5netLV86/sOVZ7Z65wEAAGBMnH7lzPNPr6yc+JEnnnjiSfvJoH8zAQAAW+3rr99v/vjw3O+uff5/ff679Pn//bHfinP7/TmukO4TSJ8DuO7z+k9155kvW++l7vVa2XoTMaazumc6thM65htMr1soy9fq3s5USb7ZLN9cli+fp2AyWz/l25Mtz+cnTOvNZ8vzeRgnsxxFlv+eAAAAAOWWX37hpeXTr5x5+NQLTz974tkTLx4+dPR7R48efOS7jyyv3de/3Hl3PwAAADCM1m/6HXQlAAAAAAAAAAAAAAAAAAAAML7q+DqxQe8jAAAAjLt/vRFCOCuEKIlrX4E5+DqEEGLYY+8OqEGI0Y+JHVCDEGLHxupq/k3zAAAAANvr8sVXj3e21zlbbGm+9tZa15orMW9q5x7+68LVSKtdeLT7esnuLa2GcVf3v3/5hyv/x29ubf6Z9KTv33+N7g0cq5b3vuVfLnbmv2Oyz/z5/j9ZLf+BLP99ob/8qx9l+Z+qlv/+LP/uPvNft/8vVcv/QMy/GPsH7u03f/f7Px3btB+7+sz/YLb/z4R+82f73+ozYeahmB8AxlFj0AVsk3SUkI6jZ2M/7W883Az53Q+bPf5vZNuZvOHKu7ebjoNui/10vDSX5U02W/9str2bKtaZG5a7Ssrq36r3cbuV1d+suY6qyuqfqrmOqsrqn665jqrK6p+puY6qyurvOg99buf+11BW/7BcVy6rf7bmOqoqq3+u5jqqKqt/s/8fH5Sy+vfUXEdVZfXP11xHVWX1V7ysVruy+hdqrqOqsvpvrrmOqsrq31tzHVWV1X9LzXUMyp2xLTsfTuef83Es9VtZf3qDn+WoXlsAAACAYfNP8/8JIYQQQgghhBAjH6urg74CwSBt76eZAdip/P4fb97/8eb9H2/ef/6XdA9/kfWTiR7jkz3Gmz3Gp7Lx/N/rdI/xvdl2V6M0fkuP8f/rMb6nx/htPcYXNxjf1TF+e4/X39Fj/M4e4wAAAIyHW2Pr/BAAAABG12u/+uKd39z31MWFS+f2HQtT1807fzD2p+Pf1t+O/Xze+6QZ/+b/k9j/RWx/H9u/Z+u7/wQAAAC2X/qeGH//BwAAgNGVvqfU+T8AAACMroXYOv8HAACA0XVzbJ3/AwAAwAgrZjZeHNt0XeCe2PY7rx8AsPP9f2zviu2+2N4d22/FNh0H3Bvbb9dUHwCwdX7+g58efa9Yn+//cDZ+OS5P7XXOXrtSUDS6Z/LfFdvdsf1On/Xk3wfQb/5kT595tiv//A3mBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGR2Pt8ciRxSKED758//GfTb3zl6vL7m6vsX/tsYi9Vgih2X5dGl3v/zquePniq8c72yuxLcKhUISivTw8caGdaTaEcDbsD+dDK3y6vPLNJx8+duCzt2ZufffM869v44+ga/8AAABgFP03AAD//wcJIDw=")

2.988960714s ago: executing program 6 (id=771):
openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x109880)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioprio_set$uid(0x3, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x400, &(0x7f00000001c0)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30]}}}}]})
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0x7, &(0x7f00000002c0)={0x3, 0x8000, 0xfffffffb, 0x6}, 0x10)

2.72719626s ago: executing program 2 (id=772):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x4, 0x1000}, 0x4)
pselect6(0x32, &(0x7f0000000100)={0x0, 0x0, 0xffff, 0x2, 0x0, 0x0, 0x0, 0x400}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x10000000000, 0x1000000002, 0x0, 0x0, 0x6}, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r2 = fcntl$dupfd(r0, 0x406, r0)
sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000007f40)=ANY=[], 0x76b0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004001)

2.584567685s ago: executing program 2 (id=773):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x1a, 0x0, &(0x7f0000000080)=0x2)

2.544259969s ago: executing program 5 (id=774):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240326565a708000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c000280080001400000000114"], 0xd0}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x11ea, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

2.479986498s ago: executing program 5 (id=775):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0x6, 0x0, 0x0)

2.064961218s ago: executing program 7 (id=776):
syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f0000000180)=0x1)
setresgid(0xee00, 0xee01, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r2, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
ppoll(&(0x7f00000000c0)=[{r2, 0x60}], 0x1, 0x0, 0x0, 0x0)

1.703453197s ago: executing program 2 (id=777):
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61123400000000006113500000000000bf200000000000001500000008ffffffbd03010000000000dd200000000000006916320000000000bf67000000000000a406000007ff07006706000002000000070600000ee60000bf050000000000002e650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a2aadfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c74"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000180)=ANY=[@ANYBLOB="e0000002ac1414aa010000"], 0x18)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r1, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

1.416511609s ago: executing program 3 (id=778):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000ffff2abd"], 0x3c}, 0x1, 0x0, 0x0, 0x8841}, 0x280048c6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a300000000093c46970e4ac8ca10000000098000000060a010400000000000000000100000008000b400000000070000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c000100626974776973650028000280"], 0x10c}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f73"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)

1.394489475s ago: executing program 2 (id=779):
socket$inet_tcp(0x2, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()

1.342408896s ago: executing program 3 (id=780):
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
connect$x25(r3, &(0x7f0000000a80), 0x12)
keyctl$update(0x2, 0x0, &(0x7f0000000140)="c4", 0x1)
exit(0x2616)

1.01038586s ago: executing program 7 (id=781):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x10b701)
ioctl$USBDEVFS_CLAIM_PORT(r2, 0x80045518, &(0x7f0000000040)=0x1)

885.630889ms ago: executing program 5 (id=782):
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x1141, &(0x7f0000002380)="$eJzs2L1qFFEYBuD3zG5MNgojsR8sU0gILLb+FArb2ioWhlR2SaUEzI3Y2dh5IZLKPqSyUIu0IozszK7LBjGgMYU+TzPf+Zlv5pTvCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEwNk88luVElG/O5KklJmuZocpKkSfL6dpLr7wdZK3m0O9l/sDd+uD/bWqU8Tsq0THl7p+8x3hi3MysvXj7PWrLXLTy7WtLk+DR5emGHWP1RDX6xq+pOm2TUjydV9/sAAADwz2v/WJ0yb/Z1tNR7kcU/Ju+uLX+3vqjvAwAAAOf56xcMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdo60W9uTsrqiQlaZqjyUmSJkl95r2V/rF+aT8KAAAA/LaSKk/Ohvs+/nfXAL1pdSsf6rKapfncrbKdN3VG3WiYpTdmRv3Kt7b9ySIAAAD8h9ouYOdmyuEiJpcr5XCexzczXMx3O4fZ2urHW7MA/uV+Pq0na9vLvUf30r5KDnaOTw92SjsYXNqpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDv7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqgAAAP//21bjfQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
socket$kcm(0x2, 0x922000000001, 0x106)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, &(0x7f0000004a40))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

217.134806ms ago: executing program 3 (id=783):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x4, 0x1000}, 0x4)
pselect6(0x32, &(0x7f0000000100)={0x0, 0x0, 0xffff, 0x2, 0x0, 0x0, 0x0, 0x400}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x10000000000, 0x1000000002, 0x0, 0x0, 0x6}, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r2 = fcntl$dupfd(r0, 0x406, r0)
sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000007f40)=ANY=[], 0x76b0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004001)

216.049926ms ago: executing program 2 (id=784):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x10008, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@errors_remount}], [{@fowner_eq}, {@obj_user={'obj_user', 0x3d, '.'}}, {@dont_appraise}, {@fsname={'fsname', 0x3d, '}\"'}}, {@smackfsroot={'smackfsroot', 0x3d, '%oauto_da_alloa'}}, {@euid_eq}, {@uid_gt}, {@fowner_eq}]}, 0x2, 0x546, &(0x7f00000005c0)="$eJzs3cFvI1cZAPBvvPHGm2abFHoABHQphQWt1km8bVT1wvYCQlUlRMWJwzYkbhTFXkexVzRhD9kj90qsxAn4D7hxQOqJAzduIHHopRyQFlgBDRIHoxlPEiexE9NEdjb+/aSJZ96bne89e9+8mZd4XgBj60ZE7ETE1Yh4NyJm8vQkX+JuZ0n3++Tpw+Xdpw+Xk2i33/l7kuWnadH1b1LP5ccsRcT3vxPxo+R43ObW9vpSrVbdzLfnWvWNuebW9u21Qp5SWVxYnH/9zmuVc6vrS/VfP/n22ls/+O1vvvTxH3a++ZO0WNM/vZ7lddfjQPHMMZP8ONNdaRMR8daZj3xxTOT/f3j2pK3tMxHxctb+Z+JK9mkCAJdZuz0T7ZnubQDgskvv/6cjKZTzsYDpKBTK5c4Y3osxVag1mq1bM40H91ciG8OajWLhvbVadT4fK5yNYpJuL2TrB9uVQ9sfVO9ExAsR8cHktSy/vNyorYzywgcAxthzR/r/f012+v9uZ/8tGABw4ZRGXQAAYOi6+v/ZUZYDABge9/8AMH7+j/7ftwMB4JJw/w8A40f/DwDjp8fzOQ97NJxyAABD8b23306X9m7n+dd7VwK3V6rN9XL9wXJ5ubG5UV5tNFZr1fJyu33a8WqNxsbCq/ubza3te/XGg/ute2v1pdXqvapnCQDA6L3w0od/Sjv9nTeuZUt0zeWgr4bLrTDqAgAjc2XUBQBGxvd5YHwNcI9vGAAuub5/ApQPECT9dnhs8ld4Vt38vPF/GFdnGf83dgDPtk83/v+tcy8HMHz6cBhf7XZizn8AGDPG+IHTHgGy/4iwrcnDGY8HOPjdT1koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuOCmsyUplLO5wHfSn4VyOeJ6RMxGMXlvrVadj4jnI+KPk8XJdHth1IUGAM6o8Nckn//r5swr00dzryb/ySb8uhoRP/75Oz97f6nV2lxI0/+xn956nKZfa21Wro6iAgBAt715Nz86SMr670r+2nUj/8nTh8t7yzCL+OTNiChdy+Lv5ksnZyImstdSFCNi6p9Jvt2RXq9cOYf4O48i4nN79S/F+10RprMxkM7Mp0fjp7Gvn3v87vf/aPzCofoWsrz0tZi9F5+NI4UDTvXhm53zZN720iaet79C3Mhee7f/UnaGOrv0/Jc2191j57/C/vnvyrH4Sdbmb+xvn1ySJ6/+7rvHEtsznbxHEV+Y6BU/2Y+f9D7/Fl8ZsI4fffHLL/fLa/8i4mbP+u/NSF3PTrNzrfrGXHNr+/ZafWm1ulq9X6ksLizOv37ntcpcNkbd+fn7XjH+9sat5/vFT+s/1Sd+6eT6x9cGrP8v//vuD79yQvxvfLX35//iCfHTPvHrA8Zfmrpb6peXxl/pU/9TPv+4NWD8j/+yvTLgrgDAEDS3tteXarXq5ikr6bXmaftYGXwlvbe/AMXIVmIn4rwOmA1KRETPfdIr6jOH2Psd04jfun/3zEpGVp5fnfcBR3lWAobhoNH33+fPwywQAAAAAAAAAAAAAABwTHNre32y97e1zm1l1HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg8vpfAAAA//+VhcPj")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000))
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

0s ago: executing program 5 (id=785):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240326565a708000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c000280080001400000000114000000"], 0xd0}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x11ea, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

interval = 5 seconds, CP frequency < 30 seconds
[   34.748059][ T1766] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   34.750216][ T1766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   34.752004][ T1766] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   34.783883][ T4328] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.788053][ T4328] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.789940][ T4328] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.791413][ T4328] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.806192][  T152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   34.811198][  T152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   34.822146][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   34.887985][ T4380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   34.895421][ T4380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   34.897408][ T4380] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   34.899008][ T4380] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   34.902895][ T4380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   34.904878][ T4380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   34.908012][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   34.910313][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   34.911783][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   35.368260][ T4333] Bluetooth: hci3: command 0x041b tx timeout
[   35.369550][ T4329] Bluetooth: hci4: command 0x041b tx timeout
[   35.370673][ T4324] Bluetooth: hci1: command 0x041b tx timeout
[   35.371451][   T47] Bluetooth: hci0: command 0x041b tx timeout
[   35.371775][ T4338] Bluetooth: hci2: command 0x041b tx timeout
[   36.143288][ T4446] netlink: 'syz.1.11': attribute type 12 has an invalid length.
[   36.144783][ T4446] netlink: 'syz.1.11': attribute type 29 has an invalid length.
[   36.146125][ T4446] netlink: 148 bytes leftover after parsing attributes in process `syz.1.11'.
[   36.148224][ T4446] netlink: 'syz.1.11': attribute type 1 has an invalid length.
[   36.150862][ T4446] netlink: 'syz.1.11': attribute type 2 has an invalid length.
[   36.152209][ T4446] netlink: 7 bytes leftover after parsing attributes in process `syz.1.11'.
[   36.194548][ T4452] loop1: detected capacity change from 0 to 512
[   36.197663][ T4452] ext4: Unknown parameter 'fowner'
[   36.325950][ T4456] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16'.
[   36.335332][ T4458] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17'.
[   36.367457][ T4461] netlink: 44 bytes leftover after parsing attributes in process `syz.4.18'.
[   37.147094][ T4324] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[   37.148531][ T4324] CPU: 0 PID: 4324 Comm: kworker/u5:1 Not tainted syzkaller #0
[   37.149714][ T4324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[   37.151251][ T4324] Workqueue: hci2 hci_rx_work
[   37.152052][ T4324] Call trace:
[   37.152550][ T4324]  dump_backtrace+0x1c0/0x1ec
[   37.153247][ T4324]  show_stack+0x2c/0x3c
[   37.153880][ T4324]  __dump_stack+0x30/0x40
[   37.154580][ T4324]  dump_stack_lvl+0xf4/0x15c
[   37.155292][ T4324]  dump_stack+0x1c/0x5c
[   37.155955][ T4324]  sysfs_create_dir_ns+0x244/0x264
[   37.156727][ T4324]  kobject_add_internal+0x598/0xb08
[   37.157576][ T4324]  kobject_add+0x140/0x20c
[   37.158316][ T4324]  device_add+0x3f0/0xf90
[   37.159049][ T4324]  hci_conn_add_sysfs+0xbc/0x1c8
[   37.159887][ T4324]  le_conn_complete_evt+0xcc8/0x1244
[   37.160689][ T4324]  hci_le_conn_complete_evt+0x114/0x3f4
[   37.161508][ T4324]  hci_le_meta_evt+0x2c0/0x4a0
[   37.162202][ T4324]  hci_event_packet+0x6b8/0xf18
[   37.162926][ T4324]  hci_rx_work+0x324/0xa80
[   37.163597][ T4324]  process_one_work+0x7f8/0x13a4
[   37.164341][ T4324]  worker_thread+0x8c4/0xfec
[   37.165029][ T4324]  kthread+0x250/0x2d8
[   37.165666][ T4324]  ret_from_fork+0x10/0x20
[   37.166975][ T4324] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   37.169014][ T4324] Bluetooth: hci2: failed to register connection device
[   37.255368][ T4466] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.256990][ T4466] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.446759][ T4324] Bluetooth: hci4: command 0x040f tx timeout
[   37.447911][ T4324] Bluetooth: hci3: command 0x040f tx timeout
[   37.448822][ T4324] Bluetooth: hci2: command 0x040f tx timeout
[   37.449842][ T4324] Bluetooth: hci1: command 0x040f tx timeout
[   37.450870][ T4324] Bluetooth: hci0: command 0x040f tx timeout
[   37.525319][ T4484] loop1: detected capacity change from 0 to 4096
[   37.552752][ T4485] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   37.858638][ T4466] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   37.874971][ T4466] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   38.164555][ T4466] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   38.166168][ T4466] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   38.167931][ T4466] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   38.169431][ T4466] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   38.409500][ T4492] netlink: 'syz.1.24': attribute type 12 has an invalid length.
[   38.411171][ T4492] netlink: 'syz.1.24': attribute type 29 has an invalid length.
[   38.412861][ T4492] netlink: 148 bytes leftover after parsing attributes in process `syz.1.24'.
[   38.421038][ T4492] netlink: 59 bytes leftover after parsing attributes in process `syz.1.24'.
[   38.541836][ T4502] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28'.
[   38.570851][ T4504] netlink: 4 bytes leftover after parsing attributes in process `syz.2.29'.
[   38.572556][ T4506] netlink: 44 bytes leftover after parsing attributes in process `syz.3.30'.
[   38.629340][ T4510] loop1: detected capacity change from 0 to 512
[   38.632032][ T4510] ext4: Unknown parameter 'fowner'
[   38.785611][ T4518] loop3: detected capacity change from 0 to 4096
[   38.803665][ T4519] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   39.082187][ T4523] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.083620][ T4523] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.647218][ T4338] Bluetooth: hci0: command 0x0419 tx timeout
[   39.648613][ T4338] Bluetooth: hci1: command 0x0419 tx timeout
[   39.649998][ T4338] Bluetooth: hci2: command 0x0419 tx timeout
[   39.651357][ T4338] Bluetooth: hci3: command 0x0419 tx timeout
[   39.652675][ T4338] Bluetooth: hci4: command 0x0419 tx timeout
[   39.934796][ T4523] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   39.965087][ T4523] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   40.174502][   T27] audit: type=1400 audit(40.150:3): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4536 comm="syz.0.37"
[   40.514789][ T4523] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   40.516347][ T4523] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   40.517948][ T4523] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   40.519306][ T4523] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   40.769668][ T4539] netlink: 'syz.1.38': attribute type 12 has an invalid length.
[   40.776123][ T4539] netlink: 'syz.1.38': attribute type 29 has an invalid length.
[   40.900113][ T4559] loop4: detected capacity change from 0 to 4096
[   40.911400][ T4564] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   41.001826][ T4568] loop2: detected capacity change from 0 to 512
[   41.007805][ T4568] ext4: Unknown parameter 'fowner'
[   41.042850][ T4315] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   41.449262][ T4578] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.451073][ T4578] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.879275][   T27] audit: type=1400 audit(41.860:4): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4582 comm="syz.3.52"
[   42.110497][ T4578] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.129142][ T4578] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.803548][ T4578] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.805011][ T4578] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.806353][ T4578] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.808040][ T4578] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.030480][ T4586] __nla_validate_parse: 5 callbacks suppressed
[   43.030499][ T4586] netlink: 44 bytes leftover after parsing attributes in process `syz.3.54'.
[   43.032908][ T4588] netlink: 'syz.0.53': attribute type 12 has an invalid length.
[   43.034276][ T4588] netlink: 'syz.0.53': attribute type 29 has an invalid length.
[   43.037419][ T4588] netlink: 148 bytes leftover after parsing attributes in process `syz.0.53'.
[   43.039890][ T4588] netlink: 59 bytes leftover after parsing attributes in process `syz.0.53'.
[   43.051080][ T4590] netlink: 8 bytes leftover after parsing attributes in process `syz.2.55'.
[   43.121961][ T4603] loop2: detected capacity change from 0 to 4096
[   43.140962][ T4605] netlink: 4 bytes leftover after parsing attributes in process `syz.4.61'.
[   43.193151][ T4608] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   43.373825][ T4619] loop4: detected capacity change from 0 to 512
[   43.380649][ T4619] ext4: Unknown parameter 'fowner'
[   44.093550][ T4627] netlink: 44 bytes leftover after parsing attributes in process `syz.1.67'.
[   44.128704][ T4632] netlink: 'syz.1.69': attribute type 12 has an invalid length.
[   44.130006][ T4632] netlink: 'syz.1.69': attribute type 29 has an invalid length.
[   44.131552][ T4632] netlink: 148 bytes leftover after parsing attributes in process `syz.1.69'.
[   44.132999][ T4632] netlink: 59 bytes leftover after parsing attributes in process `syz.1.69'.
[   44.181287][ T4634] netlink: 8 bytes leftover after parsing attributes in process `syz.2.70'.
[   44.674756][   T27] audit: type=1400 audit(44.620:5): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4642 comm="syz.1.74"
[   44.915615][ T4648] netlink: 4 bytes leftover after parsing attributes in process `syz.2.76'.
[   45.041913][ T4654] loop1: detected capacity change from 0 to 4096
[   45.070476][ T4655] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   45.446758][ T4664] loop2: detected capacity change from 0 to 512
[   45.450950][ T4664] ext4: Unknown parameter 'fowner'
[   45.688979][ T4671] netlink: 'syz.0.82': attribute type 12 has an invalid length.
[   45.691569][ T4671] netlink: 'syz.0.82': attribute type 29 has an invalid length.
[   46.368663][   T27] audit: type=1400 audit(46.330:6): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4689 comm="syz.1.89"
[   46.608271][ T4699] netlink: 'syz.1.93': attribute type 12 has an invalid length.
[   46.609669][ T4699] netlink: 'syz.1.93': attribute type 29 has an invalid length.
[   47.114054][ T4718] loop0: detected capacity change from 0 to 4096
[   47.130541][ T4721] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   47.672786][ T4728] loop1: detected capacity change from 0 to 512
[   47.727111][ T4728] ext4: Unknown parameter 'fowner'
[   47.734025][   T27] audit: type=1400 audit(47.710:7): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4725 comm="syz.4.103"
[   47.781302][ T4313] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   47.825733][ T4738] netlink: 'syz.4.106': attribute type 12 has an invalid length.
[   47.834648][ T4738] netlink: 'syz.4.106': attribute type 29 has an invalid length.
[   48.162194][ T4756] __nla_validate_parse: 11 callbacks suppressed
[   48.162206][ T4756] netlink: 44 bytes leftover after parsing attributes in process `syz.3.112'.
[   48.851426][ T4769] netlink: 4 bytes leftover after parsing attributes in process `syz.4.117'.
[   48.924028][ T4776] netlink: 'syz.4.118': attribute type 12 has an invalid length.
[   48.925423][ T4776] netlink: 'syz.4.118': attribute type 29 has an invalid length.
[   48.927128][ T4776] netlink: 148 bytes leftover after parsing attributes in process `syz.4.118'.
[   48.928747][ T4776] netlink: 59 bytes leftover after parsing attributes in process `syz.4.118'.
[   49.182513][ T4787] loop4: detected capacity change from 0 to 4096
[   49.202292][ T4788] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   49.282257][   T27] audit: type=1400 audit(49.260:8): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4789 comm="syz.0.123"
[   49.290011][ T4792] loop3: detected capacity change from 0 to 512
[   49.292599][ T4792] ext4: Unknown parameter 'fowner'
[   49.367175][ T4313] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   49.854032][ T4802] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.855518][ T4802] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.451066][ T4802] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   50.470952][ T4802] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   50.803110][ T4802] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   50.804559][ T4802] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   50.806099][ T4802] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   50.809977][ T4802] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.038455][ T4812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.128'.
[   51.046948][ T4816] netlink: 'syz.2.130': attribute type 12 has an invalid length.
[   51.048167][ T4816] netlink: 'syz.2.130': attribute type 29 has an invalid length.
[   51.049295][ T4816] netlink: 148 bytes leftover after parsing attributes in process `syz.2.130'.
[   51.050857][ T4816] netlink: 59 bytes leftover after parsing attributes in process `syz.2.130'.
[   51.158366][   T27] audit: type=1400 audit(51.140:9): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4834 comm="syz.2.137"
[   51.369633][ T4849] loop1: detected capacity change from 0 to 512
[   51.371375][ T4849] ext4: Unknown parameter 'fowner'
[   51.440726][ T4313] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   51.487737][ T4854] loop3: detected capacity change from 0 to 4096
[   51.502877][ T4855] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   52.234995][ T4869] netlink: 'syz.4.147': attribute type 12 has an invalid length.
[   52.236282][ T4869] netlink: 'syz.4.147': attribute type 29 has an invalid length.
[   52.240682][ T4869] netlink: 148 bytes leftover after parsing attributes in process `syz.4.147'.
[   52.253774][ T4869] netlink: 59 bytes leftover after parsing attributes in process `syz.4.147'.
[   52.259819][ T4870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.146'.
[   52.652996][   T27] audit: type=1400 audit(52.630:10): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4875 comm="syz.0.149"
[   53.001007][ T4898] netlink: 'syz.0.158': attribute type 12 has an invalid length.
[   53.002293][ T4898] netlink: 'syz.0.158': attribute type 29 has an invalid length.
[   53.331452][   T27] audit: type=1400 audit(53.290:11): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4905 comm="syz.2.161"
[   53.345192][ T4910] __nla_validate_parse: 2 callbacks suppressed
[   53.345205][ T4910] netlink: 4 bytes leftover after parsing attributes in process `syz.0.159'.
[   53.365329][ T4917] loop2: detected capacity change from 0 to 512
[   53.384749][ T4917] ext4: Unknown parameter 'fowner'
[   53.430196][ T4920] loop1: detected capacity change from 0 to 4096
[   53.516568][ T4311] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   53.593839][ T4926] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   53.725936][ T4936] netlink: 'syz.4.170': attribute type 12 has an invalid length.
[   53.732567][ T4936] netlink: 'syz.4.170': attribute type 29 has an invalid length.
[   53.734989][ T4936] netlink: 148 bytes leftover after parsing attributes in process `syz.4.170'.
[   53.739853][ T4936] netlink: 59 bytes leftover after parsing attributes in process `syz.4.170'.
[   54.412100][   T27] audit: type=1400 audit(54.390:12): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=4949 comm="syz.0.174"
[   54.549578][ T4956] netlink: 4 bytes leftover after parsing attributes in process `syz.3.176'.
[   55.064776][ T4977] netlink: 'syz.3.183': attribute type 12 has an invalid length.
[   55.066078][ T4977] netlink: 'syz.3.183': attribute type 29 has an invalid length.
[   55.074622][ T4977] netlink: 148 bytes leftover after parsing attributes in process `syz.3.183'.
[   55.089187][ T4977] netlink: 59 bytes leftover after parsing attributes in process `syz.3.183'.
[   55.247057][ T4985] netlink: 72 bytes leftover after parsing attributes in process `syz.1.187'.
[   55.327927][ T4988] loop3: detected capacity change from 0 to 4096
[   55.353315][ T4992] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   55.396050][ T4994] netlink: 4 bytes leftover after parsing attributes in process `syz.1.189'.
[   55.564852][ T4997] loop2: detected capacity change from 0 to 512
[   55.579043][ T4997] ext4: Unknown parameter 'fowner'
[   55.994736][ T5011] netlink: 'syz.0.196': attribute type 12 has an invalid length.
[   56.002933][ T5011] netlink: 'syz.0.196': attribute type 29 has an invalid length.
[   56.004432][ T5011] netlink: 148 bytes leftover after parsing attributes in process `syz.0.196'.
[   56.016699][ T5011] netlink: 59 bytes leftover after parsing attributes in process `syz.0.196'.
[   56.793128][   T27] audit: type=1400 audit(56.770:13): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=5040 comm="syz.3.205"
[   57.105551][ T5051] netlink: 'syz.0.208': attribute type 12 has an invalid length.
[   57.109756][ T5051] netlink: 'syz.0.208': attribute type 29 has an invalid length.
[   57.517128][ T5072] loop0: detected capacity change from 0 to 4096
[   57.570021][ T5075] loop1: detected capacity change from 0 to 512
[   57.571495][ T5075] ext4: Unknown parameter 'fowner'
[   57.625614][ T5076] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   57.785351][ T5083] netlink: 'syz.4.219': attribute type 12 has an invalid length.
[   57.789414][ T5083] netlink: 'syz.4.219': attribute type 29 has an invalid length.
[   58.595822][ T5120] netlink: 'syz.0.230': attribute type 12 has an invalid length.
[   58.597203][ T5120] netlink: 'syz.0.230': attribute type 29 has an invalid length.
[   58.598473][ T5120] __nla_validate_parse: 10 callbacks suppressed
[   58.598487][ T5120] netlink: 148 bytes leftover after parsing attributes in process `syz.0.230'.
[   58.604461][ T5120] netlink: 59 bytes leftover after parsing attributes in process `syz.0.230'.
[   59.032537][   T27] audit: type=1400 audit(59.010:14): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=5129 comm="syz.0.233"
[   59.106886][ T5142] netlink: 72 bytes leftover after parsing attributes in process `syz.4.237'.
[   59.178773][ T5148] netlink: 4 bytes leftover after parsing attributes in process `syz.2.238'.
[   59.316889][ T5154] loop4: detected capacity change from 0 to 4096
[   59.368819][ T5155] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   59.447133][ T5157] netlink: 148 bytes leftover after parsing attributes in process `syz.2.241'.
[   59.466747][ T5157] netlink: 59 bytes leftover after parsing attributes in process `syz.2.241'.
[   59.772060][ T5165] loop2: detected capacity change from 0 to 512
[   59.781193][ T5165] ext4: Unknown parameter 'fowner'
[   60.155637][ T5182] netlink: 72 bytes leftover after parsing attributes in process `syz.4.249'.
[   60.275088][ T5187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.250'.
[   60.343692][ T5191] validate_nla: 2 callbacks suppressed
[   60.343706][ T5191] netlink: 'syz.4.252': attribute type 12 has an invalid length.
[   60.345733][ T5191] netlink: 'syz.4.252': attribute type 29 has an invalid length.
[   60.350768][ T5191] netlink: 148 bytes leftover after parsing attributes in process `syz.4.252'.
[   60.354386][ T5191] netlink: 59 bytes leftover after parsing attributes in process `syz.4.252'.
[   61.066102][   T27] audit: type=1400 audit(61.040:15): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=5208 comm="syz.3.257"
[   61.145521][ T5218] loop2: detected capacity change from 0 to 4096
[   61.180332][ T5219] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   61.890160][ T5231] netlink: 'syz.0.264': attribute type 12 has an invalid length.
[   61.891626][ T5231] netlink: 'syz.0.264': attribute type 29 has an invalid length.
[   62.068014][ T5246] loop1: detected capacity change from 0 to 512
[   62.071425][ T5246] ext4: Unknown parameter 'fowner'
[   63.279104][ T5273] netlink: 'syz.2.276': attribute type 12 has an invalid length.
[   63.284664][ T5273] netlink: 'syz.2.276': attribute type 29 has an invalid length.
[   63.380270][ T5275] loop3: detected capacity change from 0 to 4096
[   63.386357][ T5276] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   63.612633][   T27] audit: type=1400 audit(63.590:16): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=5280 comm="syz.1.278"
[   63.836430][ T5294] Zero length message leads to an empty skb
[   64.346766][ T5304] __nla_validate_parse: 8 callbacks suppressed
[   64.346779][ T5304] netlink: 72 bytes leftover after parsing attributes in process `syz.3.284'.
[   64.487930][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[   64.489099][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[   64.751728][ T5314] netlink: 'syz.2.287': attribute type 12 has an invalid length.
[   64.753049][ T5314] netlink: 'syz.2.287': attribute type 29 has an invalid length.
[   64.758658][ T5314] netlink: 148 bytes leftover after parsing attributes in process `syz.2.287'.
[   64.760095][ T5314] netlink: 59 bytes leftover after parsing attributes in process `syz.2.287'.
[   65.058032][ T5322] netlink: 4 bytes leftover after parsing attributes in process `syz.0.289'.
[   65.641171][ T5342] netlink: 72 bytes leftover after parsing attributes in process `syz.1.295'.
[   65.847639][ T5344] loop3: detected capacity change from 0 to 4096
[   65.880777][   T27] audit: type=1400 audit(65.860:17): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=5343 comm="syz.1.296"
[   65.887369][ T5347] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   66.208096][ T5352] netlink: 'syz.2.298': attribute type 12 has an invalid length.
[   66.210595][ T5352] netlink: 'syz.2.298': attribute type 29 has an invalid length.
[   66.216325][ T5352] netlink: 148 bytes leftover after parsing attributes in process `syz.2.298'.
[   66.221420][ T5352] netlink: 59 bytes leftover after parsing attributes in process `syz.2.298'.
[   66.745478][ T5367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.302'.
[   66.950571][ T5379] netlink: 72 bytes leftover after parsing attributes in process `syz.0.306'.
[   67.673792][ T5391] netlink: 'syz.4.309': attribute type 12 has an invalid length.
[   67.675131][ T5391] netlink: 'syz.4.309': attribute type 29 has an invalid length.
[   67.676314][ T5391] netlink: 148 bytes leftover after parsing attributes in process `syz.4.309'.
[   68.136512][ T5401] loop1: detected capacity change from 0 to 4096
[   68.254723][   T27] audit: type=1400 audit(68.230:18): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=5397 comm="syz.0.311"
[   68.284539][ T5406] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.054055][ T5429] netlink: 'syz.0.320': attribute type 12 has an invalid length.
[   69.061297][ T5429] netlink: 'syz.0.320': attribute type 29 has an invalid length.
[   69.065001][ T5429] netlink: 'syz.0.320': attribute type 1 has an invalid length.
[   69.617819][    T7] cfg80211: failed to load regulatory.db
[   69.971856][ T5449] __nla_validate_parse: 5 callbacks suppressed
[   69.971866][ T5449] netlink: 4 bytes leftover after parsing attributes in process `syz.2.325'.
[   70.409552][ T5469] netlink: 'syz.1.331': attribute type 12 has an invalid length.
[   70.410786][ T5469] netlink: 'syz.1.331': attribute type 29 has an invalid length.
[   70.411931][ T5469] netlink: 148 bytes leftover after parsing attributes in process `syz.1.331'.
[   70.413247][ T5469] netlink: 'syz.1.331': attribute type 1 has an invalid length.
[   70.414323][ T5469] netlink: 31 bytes leftover after parsing attributes in process `syz.1.331'.
[   70.517157][   T27] audit: type=1400 audit(70.450:19): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=5463 comm="syz.2.330"
[   70.719423][ T5476] loop1: detected capacity change from 0 to 4096
[   70.811008][ T5477] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   71.672536][ T5502] netlink: 4 bytes leftover after parsing attributes in process `syz.4.340'.
[   71.831813][ T5507] netlink: 'syz.4.342': attribute type 12 has an invalid length.
[   71.833307][ T5507] netlink: 'syz.4.342': attribute type 29 has an invalid length.
[   71.834487][ T5507] netlink: 148 bytes leftover after parsing attributes in process `syz.4.342'.
[   71.835967][ T5507] netlink: 'syz.4.342': attribute type 1 has an invalid length.
[   71.837802][ T5507] netlink: 31 bytes leftover after parsing attributes in process `syz.4.342'.
[   73.541478][   T27] audit: type=1326 audit(73.520:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.349" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb5d77ee8 code=0x0
[   73.608926][ T5544] loop2: detected capacity change from 0 to 512
[   73.627367][ T5532] loop1: detected capacity change from 0 to 128
[   73.635426][ T5532] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   73.637991][ T5532] hpfs: filesystem error: improperly stopped
[   73.638943][ T5532] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   73.640210][ T5532] hpfs: You really don't want any checks? You are crazy...
[   73.645833][ T5532] hpfs: hpfs_map_sector(): read error
[   73.647389][ T5532] hpfs: code page support is disabled
[   73.648553][ T5532] hpfs: hpfs_map_4sectors(): unaligned read
[   73.649552][ T5532] hpfs: hpfs_map_4sectors(): unaligned read
[   73.650524][ T5532] hpfs: filesystem error: unable to find root dir
[   73.675406][ T5544] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   73.941197][ T4323] EXT4-fs (loop2): unmounting filesystem.
[   74.147709][ T5563] trusted_key: encrypted_key: key user:syz not found
[   74.549778][ T5567] loop3: detected capacity change from 0 to 512
[   74.571092][ T5567] ext4: Unknown parameter 'fowner'
[   74.836012][ T5565] loop2: detected capacity change from 0 to 32768
[   74.848663][ T5565] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.355 (5565)
[   74.862351][ T5574] netlink: 4 bytes leftover after parsing attributes in process `syz.4.358'.
[   74.881027][ T5565] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   74.889688][ T5565] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm
[   74.891634][ T5565] BTRFS info (device loop2): setting nodatasum
[   74.892630][ T5565] BTRFS info (device loop2): force zlib compression, level 3
[   74.896310][ T5578] netlink: 'syz.0.360': attribute type 12 has an invalid length.
[   74.898911][ T5565] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[   74.901811][ T5578] netlink: 'syz.0.360': attribute type 29 has an invalid length.
[   74.901888][ T5565] BTRFS info (device loop2): use lzo compression, level 0
[   74.903027][ T5578] netlink: 148 bytes leftover after parsing attributes in process `syz.0.360'.
[   74.905649][ T5578] netlink: 'syz.0.360': attribute type 1 has an invalid length.
[   74.907756][ T5578] netlink: 31 bytes leftover after parsing attributes in process `syz.0.360'.
[   74.909563][ T5565] BTRFS info (device loop2): turning on flush-on-commit
[   74.912089][ T5565] BTRFS info (device loop2): enabling auto defrag
[   74.914621][ T5565] BTRFS info (device loop2): max_inline at 4096
[   74.929009][ T5565] BTRFS info (device loop2): using free space tree
[   74.989097][ T5565] BTRFS info (device loop2): enabling ssd optimizations
[   75.268954][ T5608] loop0: detected capacity change from 0 to 4096
[   75.441344][ T5609] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   75.534495][ T4323] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   75.582135][ T4313] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 10 /dev/loop2 scanned by udevd (4313)
[   76.955570][ T5639] netlink: 4 bytes leftover after parsing attributes in process `syz.2.371'.
[   77.066144][ T5647] netlink: 'syz.0.372': attribute type 12 has an invalid length.
[   77.070821][ T5647] netlink: 'syz.0.372': attribute type 29 has an invalid length.
[   77.072020][ T5647] netlink: 148 bytes leftover after parsing attributes in process `syz.0.372'.
[   77.073463][ T5647] netlink: 'syz.0.372': attribute type 1 has an invalid length.
[   77.074702][ T5647] netlink: 31 bytes leftover after parsing attributes in process `syz.0.372'.
[   77.291903][ T5653] loop3: detected capacity change from 0 to 4096
[   77.481939][ T5654] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   77.538313][ T5646] loop4: detected capacity change from 0 to 128
[   77.558085][ T5646] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   77.560005][ T5646] hpfs: filesystem error: improperly stopped
[   77.561070][ T5646] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   77.562381][ T5646] hpfs: You really don't want any checks? You are crazy...
[   77.563706][ T5646] hpfs: hpfs_map_sector(): read error
[   77.564627][ T5646] hpfs: code page support is disabled
[   77.580307][ T5646] hpfs: hpfs_map_4sectors(): unaligned read
[   77.581244][ T5646] hpfs: hpfs_map_4sectors(): unaligned read
[   77.582185][ T5646] hpfs: filesystem error: unable to find root dir
[   77.706018][ T5666] loop4: detected capacity change from 0 to 512
[   77.708448][ T5666] ext4: Unknown parameter 'fowner'
[   78.035235][ T4313] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   79.160006][ T5690] netlink: 4 bytes leftover after parsing attributes in process `syz.3.384'.
[   79.275594][ T5694] netlink: 'syz.3.385': attribute type 12 has an invalid length.
[   79.276909][ T5694] netlink: 'syz.3.385': attribute type 29 has an invalid length.
[   79.277969][ T5694] netlink: 148 bytes leftover after parsing attributes in process `syz.3.385'.
[   79.279186][ T5694] netlink: 'syz.3.385': attribute type 1 has an invalid length.
[   79.280226][ T5694] netlink: 31 bytes leftover after parsing attributes in process `syz.3.385'.
[   79.436776][ T4324] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[   79.438382][ T4324] CPU: 0 PID: 4324 Comm: kworker/u5:1 Not tainted syzkaller #0
[   79.439542][ T4324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[   79.441082][ T4324] Workqueue: hci4 hci_rx_work
[   79.441759][ T4324] Call trace:
[   79.442211][ T4324]  dump_backtrace+0x1c0/0x1ec
[   79.442918][ T4324]  show_stack+0x2c/0x3c
[   79.443557][ T4324]  __dump_stack+0x30/0x40
[   79.444233][ T4324]  dump_stack_lvl+0xf4/0x15c
[   79.444909][ T4324]  dump_stack+0x1c/0x5c
[   79.445538][ T4324]  sysfs_create_dir_ns+0x244/0x264
[   79.446281][ T4324]  kobject_add_internal+0x598/0xb08
[   79.447075][ T4324]  kobject_add+0x140/0x20c
[   79.447824][ T4324]  device_add+0x3f0/0xf90
[   79.448580][ T4324]  hci_conn_add_sysfs+0xbc/0x1c8
[   79.449338][ T4324]  le_conn_complete_evt+0xcc8/0x1244
[   79.450243][ T4324]  hci_le_conn_complete_evt+0x114/0x3f4
[   79.451127][ T4324]  hci_le_meta_evt+0x2c0/0x4a0
[   79.451952][ T4324]  hci_event_packet+0x6b8/0xf18
[   79.452716][ T4324]  hci_rx_work+0x324/0xa80
[   79.453440][ T4324]  process_one_work+0x7f8/0x13a4
[   79.454222][ T4324]  worker_thread+0x8c4/0xfec
[   79.454992][ T4324]  kthread+0x250/0x2d8
[   79.455637][ T4324]  ret_from_fork+0x10/0x20
[   79.464071][ T4324] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   79.466074][ T4324] Bluetooth: hci4: failed to register connection device
[   79.716103][ T5708] loop2: detected capacity change from 0 to 4096
[   79.961261][ T5709] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   80.460040][ T5725] netlink: 4 bytes leftover after parsing attributes in process `syz.0.395'.
[   80.513775][ T5730] netlink: 'syz.1.398': attribute type 12 has an invalid length.
[   80.516372][ T5730] netlink: 'syz.1.398': attribute type 29 has an invalid length.
[   80.520426][ T5730] netlink: 148 bytes leftover after parsing attributes in process `syz.1.398'.
[   80.522497][ T5730] netlink: 'syz.1.398': attribute type 1 has an invalid length.
[   80.523908][ T5730] netlink: 7 bytes leftover after parsing attributes in process `syz.1.398'.
[   80.624653][ T5735] loop1: detected capacity change from 0 to 512
[   80.626196][ T5735] ext4: Unknown parameter 'fowner'
[   80.720148][ T4313] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   81.689539][ T5760] loop2: detected capacity change from 0 to 4096
[   81.896930][ T5762] netlink: 4 bytes leftover after parsing attributes in process `syz.0.409'.
[   81.902842][ T5761] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   81.975141][ T5764] netlink: 'syz.4.410': attribute type 12 has an invalid length.
[   81.978076][ T5764] netlink: 148 bytes leftover after parsing attributes in process `syz.4.410'.
[   81.981637][ T5764] netlink: 7 bytes leftover after parsing attributes in process `syz.4.410'.
[   82.564726][ T5791] netlink: 4 bytes leftover after parsing attributes in process `syz.2.421'.
[   82.625260][ T5795] validate_nla: 2 callbacks suppressed
[   82.625273][ T5795] netlink: 'syz.2.422': attribute type 12 has an invalid length.
[   82.630343][ T5795] netlink: 'syz.2.422': attribute type 29 has an invalid length.
[   82.631835][ T5795] netlink: 148 bytes leftover after parsing attributes in process `syz.2.422'.
[   82.633397][ T5795] netlink: 'syz.2.422': attribute type 1 has an invalid length.
[   82.634666][ T5795] netlink: 7 bytes leftover after parsing attributes in process `syz.2.422'.
[   82.680246][ T5799] loop2: detected capacity change from 0 to 256
[   82.751827][ T5801] loop2: detected capacity change from 0 to 512
[   82.753215][ T5801] ext4: Unknown parameter 'fowner'
[   83.235538][ T5811] loop4: detected capacity change from 0 to 4096
[   83.423635][ T5812] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   83.439508][ T4324] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[   83.441022][ T4324] CPU: 0 PID: 4324 Comm: kworker/u5:1 Not tainted syzkaller #0
[   83.442172][ T4324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[   83.443698][ T4324] Workqueue: hci0 hci_rx_work
[   83.444470][ T4324] Call trace:
[   83.445007][ T4324]  dump_backtrace+0x1c0/0x1ec
[   83.445774][ T4324]  show_stack+0x2c/0x3c
[   83.446397][ T4324]  __dump_stack+0x30/0x40
[   83.447076][ T4324]  dump_stack_lvl+0xf4/0x15c
[   83.447838][ T4324]  dump_stack+0x1c/0x5c
[   83.448532][ T4324]  sysfs_create_dir_ns+0x244/0x264
[   83.449318][ T4324]  kobject_add_internal+0x598/0xb08
[   83.450149][ T4324]  kobject_add+0x140/0x20c
[   83.450866][ T4324]  device_add+0x3f0/0xf90
[   83.451565][ T4324]  hci_conn_add_sysfs+0xbc/0x1c8
[   83.452322][ T4324]  le_conn_complete_evt+0xcc8/0x1244
[   83.453127][ T4324]  hci_le_conn_complete_evt+0x114/0x3f4
[   83.453985][ T4324]  hci_le_meta_evt+0x2c0/0x4a0
[   83.454700][ T4324]  hci_event_packet+0x6b8/0xf18
[   83.455389][ T4324]  hci_rx_work+0x324/0xa80
[   83.456058][ T4324]  process_one_work+0x7f8/0x13a4
[   83.456809][ T4324]  worker_thread+0x8c4/0xfec
[   83.457557][ T4324]  kthread+0x250/0x2d8
[   83.458202][ T4324]  ret_from_fork+0x10/0x20
[   83.469494][ T4324] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   83.471456][ T4324] Bluetooth: hci0: failed to register connection device
[   83.694918][ T5824] netlink: 'syz.3.433': attribute type 12 has an invalid length.
[   83.696409][ T5824] netlink: 'syz.3.433': attribute type 29 has an invalid length.
[   83.706338][ T5824] netlink: 148 bytes leftover after parsing attributes in process `syz.3.433'.
[   83.714148][ T5824] netlink: 'syz.3.433': attribute type 1 has an invalid length.
[   83.719023][ T5824] netlink: 7 bytes leftover after parsing attributes in process `syz.3.433'.
[   83.791417][ T5823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.432'.
[   85.023297][ T5854] loop0: detected capacity change from 0 to 512
[   85.132779][ T5854] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   85.214268][ T4321] EXT4-fs (loop0): unmounting filesystem.
[   85.239755][ T5865] netlink: 'syz.3.444': attribute type 12 has an invalid length.
[   85.242016][ T5865] netlink: 'syz.3.444': attribute type 29 has an invalid length.
[   85.243445][ T5865] netlink: 148 bytes leftover after parsing attributes in process `syz.3.444'.
[   85.245048][ T5865] netlink: 'syz.3.444': attribute type 1 has an invalid length.
[   85.246321][ T5865] netlink: 7 bytes leftover after parsing attributes in process `syz.3.444'.
[   85.249313][ T5867] mqueue: Unknown parameter '-{&^+�p-*^+\!ã-}{*b$:/}'
[   85.396948][ T5869] loop2: detected capacity change from 0 to 4096
[   85.614615][ T5870] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   85.715080][ T5881] loop3: detected capacity change from 0 to 512
[   85.728052][ T5881] ext4: Unknown parameter 'fowner'
[   85.828674][ T5888] loop4: detected capacity change from 0 to 128
[   85.833438][ T5888] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   86.351302][ T5905] netlink: 'syz.0.457': attribute type 12 has an invalid length.
[   86.378707][ T5907] loop2: detected capacity change from 0 to 512
[   86.424150][ T5907] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   86.449017][ T4323] EXT4-fs (loop2): unmounting filesystem.
[   87.144623][ T5941] loop4: detected capacity change from 0 to 4096
[   87.511461][ T5942] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   87.518344][ T4324] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   87.520474][ T4324] CPU: 0 PID: 4324 Comm: kworker/u5:1 Not tainted syzkaller #0
[   87.521585][ T4324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[   87.523192][ T4324] Workqueue: hci1 hci_rx_work
[   87.523960][ T4324] Call trace:
[   87.524494][ T4324]  dump_backtrace+0x1c0/0x1ec
[   87.525260][ T4324]  show_stack+0x2c/0x3c
[   87.525930][ T4324]  __dump_stack+0x30/0x40
[   87.526640][ T4324]  dump_stack_lvl+0xf4/0x15c
[   87.527413][ T4324]  dump_stack+0x1c/0x5c
[   87.528107][ T4324]  sysfs_create_dir_ns+0x244/0x264
[   87.528959][ T4324]  kobject_add_internal+0x598/0xb08
[   87.529830][ T4324]  kobject_add+0x140/0x20c
[   87.530533][ T4324]  device_add+0x3f0/0xf90
[   87.531226][ T4324]  hci_conn_add_sysfs+0xbc/0x1c8
[   87.532034][ T4324]  le_conn_complete_evt+0xcc8/0x1244
[   87.532903][ T4324]  hci_le_conn_complete_evt+0x114/0x3f4
[   87.533824][ T4324]  hci_le_meta_evt+0x2c0/0x4a0
[   87.534610][ T4324]  hci_event_packet+0x6b8/0xf18
[   87.535392][ T4324]  hci_rx_work+0x324/0xa80
[   87.536070][ T4324]  process_one_work+0x7f8/0x13a4
[   87.536925][ T4324]  worker_thread+0x8c4/0xfec
[   87.537674][ T4324]  kthread+0x250/0x2d8
[   87.538375][ T4324]  ret_from_fork+0x10/0x20
[   87.539397][ T4324] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   87.541668][ T4324] Bluetooth: hci1: failed to register connection device
[   87.585969][ T5947] loop1: detected capacity change from 0 to 512
[   87.612447][ T5947] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   87.671258][ T4322] EXT4-fs (loop1): unmounting filesystem.
[   87.766817][ T5960] __nla_validate_parse: 4 callbacks suppressed
[   87.766827][ T5960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.474'.
[   88.636552][ T5979] loop3: detected capacity change from 0 to 512
[   88.642419][ T5979] ext4: Unknown parameter 'fowner'
[   89.151080][ T5992] loop1: detected capacity change from 0 to 4096
[   89.239412][ T5993] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   89.519078][ T6001] loop4: detected capacity change from 0 to 2048
[   89.533183][ T6001] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   89.852954][ T6006] netlink: 4 bytes leftover after parsing attributes in process `syz.1.489'.
[   91.094485][ T6022] Driver unsupported XDP return value 0 on prog  (id 36) dev N/A, expect packet loss!
[   92.114432][ T6042] netlink: 4 bytes leftover after parsing attributes in process `syz.4.500'.
[   92.139385][ T6044] loop3: detected capacity change from 0 to 4096
[   92.216303][ T6051] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   92.296709][ T4324] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[   92.780118][ T6057] loop1: detected capacity change from 0 to 512
[   92.787032][ T6057] ext4: Unknown parameter 'fowner'
[   92.818363][ T4313] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   93.102033][ T6068] loop1: detected capacity change from 0 to 512
[   93.103460][ T6068] ext4: Unknown parameter 'fowner'
[   93.120781][ T6066] netlink: 12 bytes leftover after parsing attributes in process `syz.4.506'.
[   93.137137][ T4315] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   93.645240][ T6075] loop3: detected capacity change from 0 to 4096
[   93.738484][ T6080] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   94.235222][ T6092] netlink: 4 bytes leftover after parsing attributes in process `syz.4.512'.
[   94.685537][ T6104] netlink: 28 bytes leftover after parsing attributes in process `syz.1.517'.
[   94.753516][ T6110] loop1: detected capacity change from 0 to 512
[   94.761118][ T6110] ext4: Unknown parameter 'fowner'
[   95.008537][ T6115] loop1: detected capacity change from 0 to 4096
[   95.064188][ T6116] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.357138][ T6124] Soft offlining pfn 0x210ff2 at process virtual address 0x203ed000
[   95.388706][ T6124] Memory failure: 0x210ff2: unhandlable page.
[   95.662929][ T6133] netlink: 4 bytes leftover after parsing attributes in process `syz.0.525'.
[   95.790356][ T6139] netlink: 12 bytes leftover after parsing attributes in process `syz.0.528'.
[   96.089958][ T6148] loop0: detected capacity change from 0 to 512
[   96.092436][ T6148] ext4: Unknown parameter 'fowner'
[   96.164098][ T4313] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   96.178576][ T4338] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   96.326923][ T6150] loop2: detected capacity change from 0 to 8192
[   96.350335][ T6150] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   96.352427][ T6150] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[   96.353802][ T6150] REISERFS (device loop2): using ordered data mode
[   96.354765][ T6150] reiserfs: using flush barriers
[   96.378805][ T6150] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   96.381349][ T6150] REISERFS (device loop2): checking transaction log (loop2)
[   96.412367][ T6150] REISERFS (device loop2): Using rupasov hash to sort names
[   96.413717][ T6150] REISERFS (device loop2): using 3.5.x disk format
[   96.415387][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.452066][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.453770][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.455432][ T6150] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[   96.481313][ T6150] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[   96.501007][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.503236][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.504914][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.545061][ T6155] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.548301][ T6155] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.556178][ T6155] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.567489][ T6157] netlink: 28 bytes leftover after parsing attributes in process `syz.3.534'.
[   96.569700][ T6155] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[   96.579987][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.582013][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.583846][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.627900][ T6150] overlayfs: upper fs needs to support d_type.
[   96.628970][ T6150] overlayfs: upper fs does not support tmpfile.
[   96.630431][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.632453][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.634865][ T6150] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[   96.674724][ T6150] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   96.683322][ T6150] overlayfs: failed to set xattr on upper
[   96.688220][ T6150] overlayfs: ...falling back to index=off,metacopy=off.
[   96.689504][ T6150] overlayfs: conflicting lowerdir path
[   97.021806][ T6168] netlink: 4 bytes leftover after parsing attributes in process `syz.2.538'.
[   97.040383][ T6174] netlink: 32 bytes leftover after parsing attributes in process `syz.4.539'.
[   97.197442][ T6187] loop0: detected capacity change from 0 to 4096
[   97.353666][ T6189] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   98.122827][ T6198] loop0: detected capacity change from 0 to 128
[   98.140967][ T6198] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   98.149277][ T6198] hpfs: filesystem error: improperly stopped
[   98.152664][ T6198] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   98.156144][ T6198] hpfs: You really don't want any checks? You are crazy...
[   98.159721][ T6198] hpfs: hpfs_map_sector(): read error
[   98.161722][ T6198] hpfs: code page support is disabled
[   98.163823][ T6198] hpfs: hpfs_map_4sectors(): unaligned read
[   98.165950][ T6198] hpfs: hpfs_map_4sectors(): unaligned read
[   98.168158][ T6198] hpfs: filesystem error: unable to find root dir
[   98.440451][ T6209] loop3: detected capacity change from 0 to 512
[   98.442234][ T6209] ext4: Unknown parameter 'fowner'
[   98.478081][ T4315] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   98.513076][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.552'.
[   98.635536][ T6222] netlink: 32 bytes leftover after parsing attributes in process `syz.0.554'.
[   99.059251][ T6231] loop3: detected capacity change from 0 to 4096
[   99.138221][ T6232] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.158674][ T6255] Soft offlining pfn 0x210ff2 at process virtual address 0x203ed000
[  100.189859][ T6255] Memory failure: 0x210ff2: unhandlable page.
[  100.599715][ T6262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.563'.
[  100.643416][ T6266] loop0: detected capacity change from 0 to 512
[  100.644899][ T6266] ext4: Unknown parameter 'fowner'
[  100.681165][ T6264] loop1: detected capacity change from 0 to 8192
[  100.687301][ T6264] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  100.689714][ T6264] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  100.691306][ T6264] REISERFS (device loop1): using ordered data mode
[  100.693203][ T6264] reiserfs: using flush barriers
[  100.695635][ T6264] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  100.704814][ T6264] REISERFS (device loop1): checking transaction log (loop1)
[  100.709212][ T6264] REISERFS (device loop1): Using rupasov hash to sort names
[  100.713049][ T6264] REISERFS (device loop1): using 3.5.x disk format
[  100.715362][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.721327][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.725187][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.731566][ T4324] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  100.732357][ T6264] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  100.733154][ T4324] CPU: 1 PID: 4324 Comm: kworker/u5:1 Not tainted syzkaller #0
[  100.736571][ T4324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  100.738189][ T4324] Workqueue: hci3 hci_rx_work
[  100.738936][ T4324] Call trace:
[  100.739398][ T4324]  dump_backtrace+0x1c0/0x1ec
[  100.739762][ T6264] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  100.740104][ T4324]  show_stack+0x2c/0x3c
[  100.742121][ T4324]  __dump_stack+0x30/0x40
[  100.742785][ T4324]  dump_stack_lvl+0xf4/0x15c
[  100.743506][ T4324]  dump_stack+0x1c/0x5c
[  100.744131][ T4324]  sysfs_create_dir_ns+0x244/0x264
[  100.744893][ T4324]  kobject_add_internal+0x598/0xb08
[  100.745661][ T4324]  kobject_add+0x140/0x20c
[  100.746339][ T4324]  device_add+0x3f0/0xf90
[  100.746972][ T4324]  hci_conn_add_sysfs+0xbc/0x1c8
[  100.747698][ T4324]  le_conn_complete_evt+0xcc8/0x1244
[  100.748457][ T4324]  hci_le_conn_complete_evt+0x114/0x3f4
[  100.749317][ T4324]  hci_le_meta_evt+0x2c0/0x4a0
[  100.750084][ T4324]  hci_event_packet+0x6b8/0xf18
[  100.750891][ T4324]  hci_rx_work+0x324/0xa80
[  100.751595][ T4324]  process_one_work+0x7f8/0x13a4
[  100.751961][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.752411][ T4324]  worker_thread+0x8c4/0xfec
[  100.754930][ T4324]  kthread+0x250/0x2d8
[  100.755475][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.755542][ T4324]  ret_from_fork+0x10/0x20
[  100.762719][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.769665][ T4324] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  100.772458][ T4324] Bluetooth: hci3: failed to register connection device
[  100.776096][ T4313] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  100.796180][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.809331][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.811386][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.829557][ T6264] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  100.845677][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.856251][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  100.880883][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  101.015752][ T6264] overlayfs: upper fs needs to support d_type.
[  101.016884][ T6264] overlayfs: upper fs does not support tmpfile.
[  101.018017][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  101.019830][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  101.021797][ T6264] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  101.023581][ T6264] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  101.024692][ T6264] overlayfs: failed to set xattr on upper
[  101.025632][ T6264] overlayfs: ...falling back to index=off,metacopy=off.
[  101.062141][ T4322] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  101.064189][ T4322] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  101.151008][ T4322] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  101.275479][ T6281] loop2: detected capacity change from 0 to 4096
[  101.374441][ T6283] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  101.884258][ T6291] loop4: detected capacity change from 0 to 2048
[  101.897434][ T6291] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  102.332125][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.577'.
[  102.897649][ T6310] loop4: detected capacity change from 0 to 128
[  102.904953][ T6310] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  102.909657][ T6310] hpfs: filesystem error: improperly stopped
[  102.911487][ T6310] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  102.912789][ T6310] hpfs: You really don't want any checks? You are crazy...
[  102.914187][ T6310] hpfs: hpfs_map_sector(): read error
[  102.915151][ T6310] hpfs: code page support is disabled
[  102.916041][ T6310] hpfs: hpfs_map_4sectors(): unaligned read
[  102.925770][ T6310] hpfs: hpfs_map_4sectors(): unaligned read
[  102.928071][ T6310] hpfs: filesystem error: unable to find root dir
[  103.166512][   T27] audit: type=1400 audit(103.134:21): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=6313 comm="syz.4.582"
[  103.435897][ T6325] loop3: detected capacity change from 0 to 512
[  103.438461][ T6325] ext4: Unknown parameter 'fowner'
[  104.000433][ T6331] loop4: detected capacity change from 0 to 4096
[  104.020598][ T6332] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  104.173808][ T6339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.588'.
[  104.440953][ T6349] loop0: detected capacity change from 0 to 128
[  104.454712][ T6349] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  104.456651][ T6349] hpfs: filesystem error: improperly stopped
[  104.457737][ T6349] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  104.459127][ T6349] hpfs: You really don't want any checks? You are crazy...
[  104.461771][ T6349] hpfs: hpfs_map_sector(): read error
[  104.462578][ T6349] hpfs: code page support is disabled
[  104.471798][ T6349] hpfs: hpfs_map_4sectors(): unaligned read
[  104.473019][ T6349] hpfs: hpfs_map_4sectors(): unaligned read
[  104.473913][ T6349] hpfs: filesystem error: unable to find root dir
[  105.661853][   T27] audit: type=1400 audit(105.634:22): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=6360 comm="syz.2.596"
[  106.048277][ T6376] netlink: 4 bytes leftover after parsing attributes in process `syz.0.600'.
[  106.284915][ T6380] loop0: detected capacity change from 0 to 512
[  106.286379][ T6380] ext4: Unknown parameter 'fowner'
[  106.374552][ T6382] loop2: detected capacity change from 0 to 512
[  106.423672][ T6382] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  106.491183][ T4323] EXT4-fs (loop2): unmounting filesystem.
[  106.523595][ T6390] loop2: detected capacity change from 0 to 128
[  106.531808][ T6390] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  106.533730][ T6390] hpfs: filesystem error: improperly stopped
[  106.534675][ T6390] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  106.535804][ T6390] hpfs: You really don't want any checks? You are crazy...
[  106.549574][ T6390] hpfs: hpfs_map_sector(): read error
[  106.553223][ T6390] hpfs: code page support is disabled
[  106.556745][ T6390] hpfs: hpfs_map_4sectors(): unaligned read
[  106.559983][ T6390] hpfs: hpfs_map_4sectors(): unaligned read
[  106.563072][ T6390] hpfs: filesystem error: unable to find root dir
[  106.612454][ T6392] loop3: detected capacity change from 0 to 4096
[  106.630788][ T6393] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  106.836347][ T6397] loop4: detected capacity change from 0 to 8192
[  106.860095][ T6397] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  106.862126][ T6397] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  106.863659][ T6397] REISERFS (device loop4): using ordered data mode
[  106.866530][ T6397] reiserfs: using flush barriers
[  106.868112][ T6397] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  106.870717][ T6397] REISERFS (device loop4): checking transaction log (loop4)
[  106.874186][ T6397] REISERFS (device loop4): Using rupasov hash to sort names
[  106.880035][ T6397] REISERFS (device loop4): using 3.5.x disk format
[  106.891286][ T6397] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.899267][ T6397] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.915697][ T6397] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.929818][ T6397] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  106.943639][ T6397] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  106.970647][ T6397] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.979271][ T6397] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  107.047955][ T6397] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  107.136564][ T4338] Bluetooth: hci3: command 0x0406 tx timeout
[  107.577232][ T6408] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  107.579000][ T6408] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  107.580741][ T6408] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  107.582448][ T6408] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  107.926940][ T6421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.611'.
[  108.021438][ T6424] loop2: detected capacity change from 0 to 512
[  108.088070][ T6424] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  108.153723][   T27] audit: type=1400 audit(108.124:23): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=6416 comm="syz.4.612"
[  108.204982][ T4323] EXT4-fs (loop2): unmounting filesystem.
[  109.088955][ T6446] loop0: detected capacity change from 0 to 128
[  109.113332][ T6446] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  109.125658][ T6446] hpfs: filesystem error: improperly stopped
[  109.127781][ T6446] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  109.139318][ T6446] hpfs: You really don't want any checks? You are crazy...
[  109.140699][ T6446] hpfs: hpfs_map_sector(): read error
[  109.143600][ T6448] loop3: detected capacity change from 0 to 512
[  109.148508][ T6446] hpfs: code page support is disabled
[  109.149618][ T6446] hpfs: hpfs_map_4sectors(): unaligned read
[  109.155342][ T6448] ext4: Unknown parameter 'fowner'
[  109.159384][ T6446] hpfs: hpfs_map_4sectors(): unaligned read
[  109.162615][ T6446] hpfs: filesystem error: unable to find root dir
[  109.224766][ T4313] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  109.770036][ T6455] loop4: detected capacity change from 0 to 8192
[  109.794338][ T6455] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  109.798021][ T6455] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  109.800936][ T6455] REISERFS (device loop4): using ordered data mode
[  109.802589][ T6455] reiserfs: using flush barriers
[  109.804190][ T6455] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  109.811695][ T6455] REISERFS (device loop4): checking transaction log (loop4)
[  109.815198][ T6455] REISERFS (device loop4): Using rupasov hash to sort names
[  109.817527][ T6455] REISERFS (device loop4): using 3.5.x disk format
[  109.821036][ T6455] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  109.824103][ T6455] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  109.825984][ T6455] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  109.835032][ T6455] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  109.841028][ T6455] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  109.848570][ T6455] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  109.853886][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.623'.
[  109.860081][ T6455] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  109.864330][ T6455] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.344007][ T6465] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.345833][ T6465] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.347642][ T6465] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.349426][ T6465] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  110.356723][ T6462] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.358457][ T6462] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.360195][ T6462] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.362167][ T6462] overlayfs: upper fs needs to support d_type.
[  110.363221][ T6462] overlayfs: upper fs does not support tmpfile.
[  110.364318][ T6462] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.366095][ T6462] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.368215][ T6462] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.370010][ T6462] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  110.371179][ T6462] overlayfs: failed to set xattr on upper
[  110.372131][ T6462] overlayfs: ...falling back to index=off,metacopy=off.
[  110.512411][ T6473] loop0: detected capacity change from 0 to 4096
[  110.532952][ T6474] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  110.557550][ T4328] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.559711][ T4328] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  110.582644][   T27] audit: type=1400 audit(110.554:24): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=6468 comm="syz.2.626"
[  110.595376][ T4328] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  111.731629][ T6484] loop0: detected capacity change from 0 to 128
[  111.753027][ T6484] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  111.755246][ T6484] hpfs: filesystem error: improperly stopped
[  111.756239][ T6484] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  111.763109][ T6484] hpfs: You really don't want any checks? You are crazy...
[  111.772777][ T6484] hpfs: hpfs_map_sector(): read error
[  111.773680][ T6484] hpfs: code page support is disabled
[  111.774555][ T6484] hpfs: hpfs_map_4sectors(): unaligned read
[  111.775465][ T6484] hpfs: hpfs_map_4sectors(): unaligned read
[  111.776250][ T6484] hpfs: filesystem error: unable to find root dir
[  112.007096][ T6496] netlink: 4 bytes leftover after parsing attributes in process `syz.2.634'.
[  113.011698][ T6507] loop2: detected capacity change from 0 to 512
[  113.025754][ T6507] ext4: Unknown parameter 'fowner'
[  113.335608][   T27] audit: type=1400 audit(113.304:25): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=6510 comm="syz.0.639"
[  113.852590][ T6519] loop3: detected capacity change from 0 to 4096
[  113.894466][ T6522] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  114.128590][ T6526] loop3: detected capacity change from 0 to 128
[  114.157160][ T6526] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  114.159110][ T6526] hpfs: filesystem error: improperly stopped
[  114.160029][ T6526] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  114.161358][ T6526] hpfs: You really don't want any checks? You are crazy...
[  114.162692][ T6526] hpfs: hpfs_map_sector(): read error
[  114.163503][ T6526] hpfs: code page support is disabled
[  114.176639][ T6526] hpfs: hpfs_map_4sectors(): unaligned read
[  114.177640][ T6526] hpfs: hpfs_map_4sectors(): unaligned read
[  114.178499][ T6526] hpfs: filesystem error: unable to find root dir
[  114.398087][ T6533] netlink: 4 bytes leftover after parsing attributes in process `syz.2.645'.
[  115.318190][ T6549] loop3: detected capacity change from 0 to 512
[  115.331805][ T6549] ext4: Unknown parameter 'fowner'
[  115.431983][ T6551] loop0: detected capacity change from 0 to 8192
[  115.460629][ T6551] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  115.462853][ T6551] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  115.464360][ T6551] REISERFS (device loop0): using ordered data mode
[  115.465405][ T6551] reiserfs: using flush barriers
[  115.477019][ T6551] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  115.479651][ T6551] REISERFS (device loop0): checking transaction log (loop0)
[  115.502738][ T6551] REISERFS (device loop0): Using rupasov hash to sort names
[  115.503925][ T6551] REISERFS (device loop0): using 3.5.x disk format
[  115.505051][ T6551] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.521968][ T6551] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.526166][ T6551] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.532068][ T6551] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  115.534462][ T6551] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  115.560284][ T6551] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.562143][ T6551] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.586827][ T6551] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.817865][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.819639][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.821511][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.823220][ T6555] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  115.916499][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.918373][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.920366][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.922500][ T6555] overlayfs: upper fs needs to support d_type.
[  115.923517][ T6555] overlayfs: upper fs does not support tmpfile.
[  115.924594][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.926628][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.928488][ T6555] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  115.930455][ T6555] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  115.931586][ T6555] overlayfs: failed to set xattr on upper
[  115.932540][ T6555] overlayfs: ...falling back to index=off,metacopy=off.
[  116.076118][ T6557] loop3: detected capacity change from 0 to 4096
[  116.104504][ T6558] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  116.286677][ T4338] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  116.288607][ T4338] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  116.290596][ T4338] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  116.291985][ T4338] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  116.293886][ T4338] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  116.295251][ T4338] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  116.297418][ T4321] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  116.299423][ T4321] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  116.329399][ T4321] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  117.107676][ T6565] chnl_net:caif_netlink_parms(): no params data found
[  117.283187][ T4338] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  117.350089][ T6565] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.352504][ T6565] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.361789][ T6565] device bridge_slave_0 entered promiscuous mode
[  117.366743][ T6565] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.369181][ T6565] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.370753][ T6565] device bridge_slave_1 entered promiscuous mode
[  117.383384][ T6565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.389111][ T6565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.401902][ T6565] team0: Port device team_slave_0 added
[  117.407158][ T6565] team0: Port device team_slave_1 added
[  117.418610][ T6565] batman_adv: batadv0: Adding interface: batadv_slave_0
[  117.420907][ T6565] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.429581][ T6565] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  117.440278][ T6565] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.441471][ T6565] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.445578][ T6565] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  117.677853][ T6565] device hsr_slave_0 entered promiscuous mode
[  117.706750][ T6565] device hsr_slave_1 entered promiscuous mode
[  117.736528][ T6565] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  117.737750][ T6565] Cannot create hsr debugfs directory
[  118.055542][ T6565] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  118.150981][ T6565] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  118.407286][ T4324] Bluetooth: hci5: command 0x0409 tx timeout
[  118.538438][ T6565] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  118.577966][ T6565] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  118.754015][ T6565] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.760189][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  118.761641][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  118.766299][ T6565] 8021q: adding VLAN 0 to HW filter on device team0
[  118.774641][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  118.777025][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  118.778523][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.779680][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.784434][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  118.881255][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  118.883060][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  118.884520][ T6271] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.885724][ T6271] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.893365][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  118.895860][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  118.899993][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  118.901895][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  118.903757][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  119.012712][ T6565] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  119.016819][ T6565] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  119.019288][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  119.021054][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  119.022791][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  119.024317][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  119.031167][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  119.032846][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  119.038332][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  119.569329][ T6565] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.571111][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  119.574694][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  120.263283][ T6655] loop2: detected capacity change from 0 to 2048
[  120.281380][ T6655] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  120.486749][ T4338] Bluetooth: hci5: command 0x041b tx timeout
[  120.594433][ T6126] device hsr_slave_0 left promiscuous mode
[  120.626616][ T6126] device hsr_slave_1 left promiscuous mode
[  120.717277][ T6126] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.721952][ T6126] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.723441][ T6126] device bridge_slave_1 left promiscuous mode
[  120.725226][ T6126] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.778197][ T6126] device bridge_slave_0 left promiscuous mode
[  120.781435][ T6126] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.500536][ T6673] netlink: 12 bytes leftover after parsing attributes in process `syz.3.670'.
[  122.546948][ T6673] netlink: 12 bytes leftover after parsing attributes in process `syz.3.670'.
[  122.566698][ T4338] Bluetooth: hci5: command 0x040f tx timeout
[  122.655975][ T6673] netlink: 12 bytes leftover after parsing attributes in process `syz.3.670'.
[  122.771720][ T6679] loop3: detected capacity change from 0 to 8192
[  122.790309][ T6679] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  122.799338][ T6679] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  122.805003][ T6679] REISERFS (device loop3): using ordered data mode
[  122.812354][ T6679] reiserfs: using flush barriers
[  122.817999][ T6679] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  122.830117][ T6679] REISERFS (device loop3): checking transaction log (loop3)
[  122.836825][ T6679] REISERFS (device loop3): Using rupasov hash to sort names
[  122.842600][ T6679] REISERFS (device loop3): using 3.5.x disk format
[  122.846002][ T6679] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  122.855634][ T6679] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  122.874099][ T6679] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  122.884210][ T6679] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  122.895859][ T6679] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  122.900627][ T6679] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  122.902325][ T6679] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  122.904077][ T6679] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  122.931293][ T6679] overlayfs: failed to resolve './bus': -2
[  123.173545][ T6685] loop3: detected capacity change from 0 to 512
[  123.188083][ T6685] ext4: Unknown parameter 'fowner'
[  123.359301][ T6126] team0 (unregistering): Port device team_slave_1 removed
[  123.497430][ T6126] team0 (unregistering): Port device team_slave_0 removed
[  123.646991][ T6126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  123.867536][ T6126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.646509][ T4324] Bluetooth: hci5: command 0x0419 tx timeout
[  125.357967][ T6126] bond0 (unregistering): Released all slaves
[  125.654399][ T6565] device veth0_vlan entered promiscuous mode
[  125.656539][ T6671] netlink: 12 bytes leftover after parsing attributes in process `syz.2.669'.
[  125.662428][ T6692] netlink: 4 bytes leftover after parsing attributes in process `syz.3.674'.
[  125.664038][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  125.665609][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  125.667396][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  125.668873][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  125.702850][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  125.709172][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  125.737439][ T6565] device veth1_vlan entered promiscuous mode
[  125.759338][ T6699] loop2: detected capacity change from 0 to 4096
[  125.790068][ T6701] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  125.812278][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  125.818171][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  125.895826][ T6565] device veth0_macvtap entered promiscuous mode
[  125.908636][ T6565] device veth1_macvtap entered promiscuous mode
[  125.917657][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.919310][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.921792][ T6565] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.922961][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  125.924671][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  125.926089][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  125.928571][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  125.929696][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[  125.936783][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  126.213102][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.231894][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.280269][ T6565] batman_adv: batadv0: Interface activated: batadv_slave_1
[  126.282117][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  126.283905][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  126.293997][ T6565] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.304977][ T6565] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.307157][ T4324] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  126.309175][ T6565] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.310630][ T6565] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.312852][ T4324] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  126.326003][ T4324] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  126.350197][ T4324] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  126.351854][ T4324] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  126.353362][ T4324] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  126.727026][ T6271] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.729340][ T6271] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.739651][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  126.761103][ T6271] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.762641][ T6271] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.775491][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  127.354184][ T6741] loop5: detected capacity change from 0 to 512
[  127.397019][ T6741] ext4: Unknown parameter 'fowner'
[  127.412893][ T6745] netlink: 4 bytes leftover after parsing attributes in process `syz.2.684'.
[  127.670365][ T4324] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  127.797936][ T6712] chnl_net:caif_netlink_parms(): no params data found
[  127.923574][ T6712] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.933943][ T6712] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.941475][ T6712] device bridge_slave_0 entered promiscuous mode
[  127.970934][ T6712] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.978982][ T6712] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.984052][ T6712] device bridge_slave_1 entered promiscuous mode
[  128.068125][ T6774] loop3: detected capacity change from 0 to 4096
[  128.235299][ T6775] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  128.363922][ T6712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.372835][ T6712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.431859][ T6712] team0: Port device team_slave_0 added
[  128.451075][ T6712] team0: Port device team_slave_1 added
[  128.494337][ T6712] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.499370][ T6712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.517073][ T6712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.535358][ T6712] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.541302][ T6712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.554527][ T6712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.566565][ T4338] Bluetooth: hci0: command 0x0409 tx timeout
[  128.630139][ T6712] device hsr_slave_0 entered promiscuous mode
[  128.650866][ T6712] device hsr_slave_1 entered promiscuous mode
[  128.688929][ T6712] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  128.690147][ T6712] Cannot create hsr debugfs directory
[  129.529094][ T6712] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  129.548773][ T6712] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  129.617798][ T6712] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  129.688743][ T6712] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  129.830506][ T6712] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.944634][ T6712] 8021q: adding VLAN 0 to HW filter on device team0
[  129.947794][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  129.949367][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  129.952105][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  129.953793][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  129.955339][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.956479][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.961791][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  129.971250][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  130.272271][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  130.275097][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.276270][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.281213][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  130.322554][ T6833] netlink: 4 bytes leftover after parsing attributes in process `syz.3.694'.
[  130.324558][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  130.335727][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  130.343432][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  130.347694][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  130.351911][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  130.361037][ T6712] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  130.362916][ T6712] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  130.375366][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  130.377791][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  130.383605][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  130.388881][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  130.395685][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  130.399353][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  130.646509][ T4338] Bluetooth: hci0: command 0x041b tx timeout
[  130.754183][ T6860] loop5: detected capacity change from 0 to 512
[  130.755511][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  130.759847][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  130.769203][ T6712] 8021q: adding VLAN 0 to HW filter on device batadv0
[  130.784895][ T6860] ext4: Unknown parameter 'fowner'
[  131.059084][ T6872] loop2: detected capacity change from 0 to 4096
[  131.184355][ T6874] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  131.305533][ T6126] device hsr_slave_0 left promiscuous mode
[  131.362058][ T6126] device hsr_slave_1 left promiscuous mode
[  131.466546][ T6126] batman_adv: batadv0: Removing interface: batadv_slave_0
[  131.477114][ T6126] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.494812][ T6126] device bridge_slave_1 left promiscuous mode
[  131.496070][ T6126] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.547960][ T6126] device bridge_slave_0 left promiscuous mode
[  131.550187][ T6126] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.785725][ T4324] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  131.788639][ T4324] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  131.793360][ T4324] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  131.827046][ T4324] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  131.828415][ T4324] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  131.829606][ T4324] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  132.133258][ T4338] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[  132.135047][ T4338] CPU: 1 PID: 4338 Comm: kworker/u5:8 Not tainted syzkaller #0
[  132.136261][ T4338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  132.137922][ T4338] Workqueue: hci5 hci_rx_work
[  132.138764][ T4338] Call trace:
[  132.139327][ T4338]  dump_backtrace+0x1c0/0x1ec
[  132.140070][ T4338]  show_stack+0x2c/0x3c
[  132.140743][ T4338]  __dump_stack+0x30/0x40
[  132.141443][ T4338]  dump_stack_lvl+0xf4/0x15c
[  132.142264][ T4338]  dump_stack+0x1c/0x5c
[  132.143022][ T4338]  sysfs_create_dir_ns+0x244/0x264
[  132.143906][ T4338]  kobject_add_internal+0x598/0xb08
[  132.144749][ T4338]  kobject_add+0x140/0x20c
[  132.145450][ T4338]  device_add+0x3f0/0xf90
[  132.146210][ T4338]  hci_conn_add_sysfs+0xbc/0x1c8
[  132.147064][ T4338]  le_conn_complete_evt+0xcc8/0x1244
[  132.147950][ T4338]  hci_le_conn_complete_evt+0x114/0x3f4
[  132.148768][ T4338]  hci_le_meta_evt+0x2c0/0x4a0
[  132.149521][ T4338]  hci_event_packet+0x6b8/0xf18
[  132.150359][ T4338]  hci_rx_work+0x324/0xa80
[  132.151116][ T4338]  process_one_work+0x7f8/0x13a4
[  132.151990][ T4338]  worker_thread+0x8c4/0xfec
[  132.152811][ T4338]  kthread+0x250/0x2d8
[  132.153577][ T4338]  ret_from_fork+0x10/0x20
[  132.164418][ T4338] kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  132.167710][ T4338] Bluetooth: hci5: failed to register connection device
[  132.726809][ T4338] Bluetooth: hci0: command 0x040f tx timeout
[  133.856549][ T4338] Bluetooth: hci3: command 0x0409 tx timeout
[  134.078592][ T6126] team0 (unregistering): Port device team_slave_1 removed
[  134.238514][ T6126] team0 (unregistering): Port device team_slave_0 removed
[  134.407757][ T6126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  134.619554][ T6929] loop5: detected capacity change from 0 to 4096
[  134.642876][ T6930] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  134.720551][ T6126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.807507][ T4338] Bluetooth: hci0: command 0x0419 tx timeout
[  135.936510][ T4329] Bluetooth: hci3: command 0x041b tx timeout
[  136.198103][ T6126] bond0 (unregistering): Released all slaves
[  136.294211][ T6938] loop5: detected capacity change from 0 to 512
[  136.300502][ T6938] ext4: Unknown parameter 'fowner'
[  136.503264][ T6912] netlink: 4 bytes leftover after parsing attributes in process `syz.2.704'.
[  136.590563][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  136.592152][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  136.624001][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  136.625608][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  136.635237][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  136.637249][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  136.683475][ T6712] device veth0_vlan entered promiscuous mode
[  136.706093][ T6712] device veth1_vlan entered promiscuous mode
[  136.775893][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  136.781510][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  136.783035][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  136.784637][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  136.821566][ T6712] device veth0_macvtap entered promiscuous mode
[  136.833876][ T6712] device veth1_macvtap entered promiscuous mode
[  136.845938][ T6894] chnl_net:caif_netlink_parms(): no params data found
[  136.904097][ T6712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.909369][ T6712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.914466][ T6712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.921987][ T6712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.930805][ T6712] batman_adv: batadv0: Interface activated: batadv_slave_0
[  136.942579][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  136.944261][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  136.945699][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  136.950181][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  137.027992][ T6894] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.034863][ T6894] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.042464][ T6894] device bridge_slave_0 entered promiscuous mode
[  137.050652][ T6712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  137.055788][ T6712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.066000][ T6712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  137.070284][ T6712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.080250][ T6712] batman_adv: batadv0: Interface activated: batadv_slave_1
[  137.083483][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  137.085587][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  137.088244][ T6894] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.089626][ T6894] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.091740][ T6894] device bridge_slave_1 entered promiscuous mode
[  137.103416][ T6712] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.114846][ T6712] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.125793][ T6712] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  137.134281][ T6712] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  137.212168][ T6894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.214801][ T6894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.300009][ T6894] team0: Port device team_slave_0 added
[  137.345635][ T6894] team0: Port device team_slave_1 added
[  137.359043][ T6918] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.360358][ T6918] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.369351][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  137.458340][ T6894] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.459532][ T6894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.467502][ T6894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.485927][   T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.487103][ T6894] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.487384][   T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.491432][ T6894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.516138][ T6894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.520277][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  137.612199][ T6894] device hsr_slave_0 entered promiscuous mode
[  137.656902][ T6894] device hsr_slave_1 entered promiscuous mode
[  137.696682][ T6894] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.697911][ T6894] Cannot create hsr debugfs directory
[  137.739765][ T4329] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection
[  138.006783][ T4329] Bluetooth: hci3: command 0x040f tx timeout
[  138.145565][ T6894] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  138.208230][ T6894] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  138.247944][ T6894] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  138.288138][ T6894] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  138.320481][ T7012] loop2: detected capacity change from 0 to 4096
[  138.446803][ T7013] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  138.703385][ T6894] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.714372][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  138.715888][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.760507][ T6894] 8021q: adding VLAN 0 to HW filter on device team0
[  138.764599][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  138.766207][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.772422][ T6271] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.773634][ T6271] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.780248][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  138.781762][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  138.785385][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  138.793680][ T6271] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.794780][ T6271] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.864789][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  138.866660][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  138.868222][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  138.874112][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  138.876122][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  138.880096][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  138.884278][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  138.885877][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  138.890125][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  138.894174][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  138.897289][ T6894] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  138.931896][ T6271] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  139.155163][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  139.156639][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  139.181983][ T6894] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.633525][ T7043] netlink: 4 bytes leftover after parsing attributes in process `syz.2.723'.
[  139.678310][ T7051] loop3: detected capacity change from 0 to 512
[  139.683736][ T7051] ext4: Unknown parameter 'fowner'
[  139.794646][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  139.797065][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  139.816399][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  139.818726][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  139.820539][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  139.822322][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  139.825197][ T6894] device veth0_vlan entered promiscuous mode
[  140.076639][ T4338] Bluetooth: hci5: command 0x0406 tx timeout
[  140.097419][ T4338] Bluetooth: hci3: command 0x0419 tx timeout
[  140.335207][ T6894] device veth1_vlan entered promiscuous mode
[  140.402853][ T6894] device veth0_macvtap entered promiscuous mode
[  140.413303][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  140.414968][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  140.416909][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  140.418629][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  140.425101][ T6894] device veth1_macvtap entered promiscuous mode
[  140.436017][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  140.438382][ T6918] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  140.649662][ T6894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.652200][ T6894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.653659][ T6894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.655310][ T6894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.666631][ T6894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.668270][ T6894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.670738][ T6894] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.677330][ T6894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.678994][ T6894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.680523][ T6894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.682123][ T6894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.683714][ T6894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.685285][ T6894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.728783][ T6894] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.731260][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  140.732985][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  140.734533][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  140.736164][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  140.771827][ T7102] loop2: detected capacity change from 0 to 4096
[  140.780991][ T6126] device hsr_slave_0 left promiscuous mode
[  140.803904][ T7104] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  140.829990][ T6126] device hsr_slave_1 left promiscuous mode
[  140.906637][ T6126] batman_adv: batadv0: Removing interface: batadv_slave_0
[  140.908336][ T6126] batman_adv: batadv0: Removing interface: batadv_slave_1
[  140.909820][ T6126] device bridge_slave_1 left promiscuous mode
[  140.910898][ T6126] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.947960][ T6126] device bridge_slave_0 left promiscuous mode
[  140.949375][ T6126] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.349003][ T6126] team0 (unregistering): Port device team_slave_1 removed
[  143.759195][ T6126] team0 (unregistering): Port device team_slave_0 removed
[  143.927140][ T6126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  144.137097][ T6126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  144.287972][ T4338] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  144.289451][ T4338] CPU: 1 PID: 4338 Comm: kworker/u5:8 Not tainted syzkaller #0
[  144.290706][ T4338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  144.292367][ T4338] Workqueue: hci0 hci_rx_work
[  144.293198][ T4338] Call trace:
[  144.293750][ T4338]  dump_backtrace+0x1c0/0x1ec
[  144.294475][ T4338]  show_stack+0x2c/0x3c
[  144.295109][ T4338]  __dump_stack+0x30/0x40
[  144.295743][ T4338]  dump_stack_lvl+0xf4/0x15c
[  144.296485][ T4338]  dump_stack+0x1c/0x5c
[  144.297202][ T4338]  sysfs_create_dir_ns+0x244/0x264
[  144.298029][ T4338]  kobject_add_internal+0x598/0xb08
[  144.298802][ T4338]  kobject_add+0x140/0x20c
[  144.299531][ T4338]  device_add+0x3f0/0xf90
[  144.300229][ T4338]  hci_conn_add_sysfs+0xbc/0x1c8
[  144.300954][ T4338]  le_conn_complete_evt+0xcc8/0x1244
[  144.301838][ T4338]  hci_le_conn_complete_evt+0x114/0x3f4
[  144.302775][ T4338]  hci_le_meta_evt+0x2c0/0x4a0
[  144.303557][ T4338]  hci_event_packet+0x6b8/0xf18
[  144.304333][ T4338]  hci_rx_work+0x324/0xa80
[  144.305005][ T4338]  process_one_work+0x7f8/0x13a4
[  144.305799][ T4338]  worker_thread+0x8c4/0xfec
[  144.306559][ T4338]  kthread+0x250/0x2d8
[  144.307255][ T4338]  ret_from_fork+0x10/0x20
[  144.316699][ T4338] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  144.319062][ T4338] Bluetooth: hci0: failed to register connection device
[  145.657994][ T6126] bond0 (unregistering): Released all slaves
[  145.965439][ T6894] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.966883][ T6894] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.968158][ T6894] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.969486][ T6894] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.975607][ T7119] netlink: 4 bytes leftover after parsing attributes in process `syz.2.734'.
[  145.980415][ T7121] validate_nla: 2 callbacks suppressed
[  145.980431][ T7121] netlink: 'syz.5.735': attribute type 12 has an invalid length.
[  145.982481][ T7121] netlink: 'syz.5.735': attribute type 29 has an invalid length.
[  145.983816][ T7121] netlink: 148 bytes leftover after parsing attributes in process `syz.5.735'.
[  146.063373][ T7144] loop5: detected capacity change from 0 to 512
[  146.064825][ T7144] ext4: Unknown parameter 'fowner'
[  146.072906][ T4380] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.074139][ T4380] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.075558][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  146.106947][ T6801] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.108256][ T6801] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.109933][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  146.157053][ T7150] loop3: detected capacity change from 0 to 4096
[  146.191956][ T7151] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  148.750565][ T7221] loop7: detected capacity change from 0 to 2048
[  148.770685][ T7221] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  149.200873][ T7246] device bond1 entered promiscuous mode
[  149.231064][ T7242] loop6: detected capacity change from 0 to 8192
[  149.263164][ T7242] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  149.265656][ T7242] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal
[  149.270758][ T7242] REISERFS (device loop6): using ordered data mode
[  149.295199][ T7242] reiserfs: using flush barriers
[  149.301524][ T7242] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  149.317584][ T7242] REISERFS (device loop6): checking transaction log (loop6)
[  149.330809][ T7242] REISERFS (device loop6): Using rupasov hash to sort names
[  149.332199][ T7242] REISERFS (device loop6): using 3.5.x disk format
[  149.339233][ T7242] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.346126][ T7242] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.396934][ T7242] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.398801][ T7242] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  149.401026][ T7242] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  149.414599][ T7242] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.417105][ T7242] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.420740][ T7242] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.423174][ T7242] overlayfs: failed to resolve './bus': -2
[  149.481561][ T7265] loop5: detected capacity change from 0 to 512
[  149.483168][ T7265] ext4: Unknown parameter 'fowner'
[  149.528523][ T4315] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  149.632752][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.766'.
[  149.641199][ T7267] loop6: detected capacity change from 0 to 8192
[  149.661574][ T7267] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  149.663906][ T7267] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal
[  149.678550][ T7267] REISERFS (device loop6): using ordered data mode
[  149.689609][ T7267] reiserfs: using flush barriers
[  149.691767][ T7267] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  149.694392][ T7267] REISERFS (device loop6): checking transaction log (loop6)
[  149.707615][ T7267] REISERFS (device loop6): Using rupasov hash to sort names
[  149.709394][ T7267] REISERFS (device loop6): using 3.5.x disk format
[  149.710487][ T7267] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.712171][ T7267] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.713839][ T7267] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.747958][ T7267] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  149.750416][ T7267] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  149.755363][ T7267] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.757494][ T7267] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.759319][ T7267] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.795407][ T7284] netlink: 'syz.3.767': attribute type 12 has an invalid length.
[  149.818017][ T7284] netlink: 'syz.3.767': attribute type 29 has an invalid length.
[  149.819443][ T7284] netlink: 148 bytes leftover after parsing attributes in process `syz.3.767'.
[  149.967536][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.969421][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.971188][ T7287] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  149.973671][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.975358][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.977029][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  149.978691][ T7287] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  150.132079][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.134315][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.136662][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.145218][ T7287] overlayfs: upper fs needs to support d_type.
[  150.146461][ T7287] overlayfs: upper fs does not support tmpfile.
[  150.149019][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.151173][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.154693][ T7287] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.157594][ T7287] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  150.159709][ T7287] overlayfs: failed to set xattr on upper
[  150.160712][ T7287] overlayfs: ...falling back to index=off,metacopy=off.
[  150.378221][ T6712] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.380205][ T6712] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.422602][ T6712] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  150.428978][ T7306] loop7: detected capacity change from 0 to 4096
[  150.430792][ T6712] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  150.441124][ T7309] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  150.458291][ T6712] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  151.443441][ T4329] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  151.445172][ T4329] CPU: 0 PID: 4329 Comm: kworker/u5:3 Not tainted syzkaller #0
[  151.446334][ T4329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  151.448012][ T4329] Workqueue: hci3 hci_rx_work
[  151.448820][ T4329] Call trace:
[  151.449328][ T4329]  dump_backtrace+0x1c0/0x1ec
[  151.450151][ T4329]  show_stack+0x2c/0x3c
[  151.450860][ T4329]  __dump_stack+0x30/0x40
[  151.451576][ T4329]  dump_stack_lvl+0xf4/0x15c
[  151.452355][ T4329]  dump_stack+0x1c/0x5c
[  151.453092][ T4329]  sysfs_create_dir_ns+0x244/0x264
[  151.453952][ T4329]  kobject_add_internal+0x598/0xb08
[  151.454854][ T4329]  kobject_add+0x140/0x20c
[  151.455632][ T4329]  device_add+0x3f0/0xf90
[  151.456397][ T4329]  hci_conn_add_sysfs+0xbc/0x1c8
[  151.457258][ T4329]  le_conn_complete_evt+0xcc8/0x1244
[  151.458145][ T4329]  hci_le_conn_complete_evt+0x114/0x3f4
[  151.459073][ T4329]  hci_le_meta_evt+0x2c0/0x4a0
[  151.459877][ T4329]  hci_event_packet+0x6b8/0xf18
[  151.460718][ T4329]  hci_rx_work+0x324/0xa80
[  151.461428][ T4329]  process_one_work+0x7f8/0x13a4
[  151.462255][ T4329]  worker_thread+0x8c4/0xfec
[  151.463018][ T4329]  kthread+0x250/0x2d8
[  151.463676][ T4329]  ret_from_fork+0x10/0x20
[  151.464659][ T4329] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  151.467516][ T4329] Bluetooth: hci3: failed to register connection device
[  151.846908][ T4329] Bluetooth: hci0: command 0x0406 tx timeout
[  151.851339][ T7344] netlink: 4 bytes leftover after parsing attributes in process `syz.2.777'.
[  152.012445][ T7350] netlink: 'syz.3.778': attribute type 12 has an invalid length.
[  152.013587][ T7350] netlink: 'syz.3.778': attribute type 29 has an invalid length.
[  152.021533][ T7350] netlink: 148 bytes leftover after parsing attributes in process `syz.3.778'.
[  152.552481][ T7372] loop5: detected capacity change from 0 to 8192
[  152.578638][ T7372] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  152.580887][ T7372] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal
[  152.582467][ T7372] REISERFS (device loop5): using ordered data mode
[  152.583387][ T7372] reiserfs: using flush barriers
[  152.621540][ T7372] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  152.626724][ T7372] REISERFS (device loop5): checking transaction log (loop5)
[  152.656266][ T7372] REISERFS (device loop5): Using rupasov hash to sort names
[  152.662419][ T7372] REISERFS (device loop5): using 3.5.x disk format
[  152.663629][ T7372] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  152.673218][ T7372] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  152.674959][ T7372] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  152.700735][ T7372] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  152.702990][ T7372] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  152.714347][ T7372] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  152.724450][ T7372] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  152.726416][ T7372] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.110643][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.112756][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.114753][ T7387] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  153.122000][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.123965][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.126004][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.128047][ T7387] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  153.143341][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.145224][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.147149][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.149032][ T7387] overlayfs: upper fs needs to support d_type.
[  153.150128][ T7387] overlayfs: upper fs does not support tmpfile.
[  153.151244][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.153142][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.155028][ T7387] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.156860][ T7387] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  153.157920][ T7387] overlayfs: failed to set xattr on upper
[  153.158786][ T7387] overlayfs: ...falling back to index=off,metacopy=off.
[  153.191473][ T7391] loop2: detected capacity change from 0 to 512
[  153.193048][ T7391] ext4: Unknown parameter 'fowner'
[  153.379393][ T6565] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.381604][ T6565] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.400034][ T6565] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  153.402121][ T6565] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  153.404140][ T6565] ==================================================================
[  153.405441][ T6565] BUG: KASAN: use-after-free in reiserfs_release_objectid+0x430/0x614
[  153.406713][ T6565] Read of size 8188 at addr ffff0000fa4c2050 by task syz-executor/6565
[  153.408068][ T6565] 
[  153.408449][ T6565] CPU: 1 PID: 6565 Comm: syz-executor Not tainted syzkaller #0
[  153.409686][ T6565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  153.411252][ T6565] Call trace:
[  153.411766][ T6565]  dump_backtrace+0x1c0/0x1ec
[  153.412541][ T6565]  show_stack+0x2c/0x3c
[  153.413196][ T6565]  __dump_stack+0x30/0x40
[  153.413863][ T6565]  dump_stack_lvl+0xf4/0x15c
[  153.414637][ T6565]  print_address_description+0x88/0x218
[  153.415543][ T6565]  print_report+0x50/0x68
[  153.416247][ T6565]  kasan_report+0xa8/0xfc
[  153.416998][ T6565]  kasan_check_range+0x258/0x290
[  153.417785][ T6565]  memmove+0x48/0x90
[  153.418425][ T6565]  reiserfs_release_objectid+0x430/0x614
[  153.419365][ T6565]  remove_save_link+0x234/0x350
[  153.420217][ T6565]  reiserfs_evict_inode+0x308/0x408
[  153.421093][ T6565]  evict+0x3e0/0x828
[  153.421727][ T6565]  iput+0x754/0x7e4
[  153.422349][ T6565]  vfs_rmdir+0x32c/0x438
[  153.423052][ T6565]  do_rmdir+0x244/0x524
[  153.423700][ T6565]  __arm64_sys_unlinkat+0xcc/0xfc
[  153.424484][ T6565]  invoke_syscall+0x98/0x2b4
[  153.425208][ T6565]  el0_svc_common+0x138/0x258
[  153.426021][ T6565]  do_el0_svc+0x58/0x130
[  153.426734][ T6565]  el0_svc+0x58/0x128
[  153.427372][ T6565]  el0t_64_sync_handler+0x84/0xf0
[  153.428160][ T6565]  el0t_64_sync+0x18c/0x190
[  153.428877][ T6565] 
[  153.429291][ T6565] The buggy address belongs to the physical page:
[  153.430347][ T6565] page:00000000a0a3f432 refcount:2 mapcount:0 mapping:000000000a44a314 index:0x10 pfn:0x13a4c2
[  153.432053][ T6565] memcg:ffff0000f8b62000
[  153.432755][ T6565] aops:def_blk_aops ino:700005
[  153.433561][ T6565] flags: 0x5ffd60000022056(referenced|uptodate|lru|workingset|private|mappedtodisk|node=0|zone=2|lastcpupid=0x7ff)
[  153.435497][ T6565] raw: 05ffd60000022056 fffffc0003e9bc88 fffffc0003e38508 ffff0000c0498810
[  153.436899][ T6565] raw: 0000000000000010 ffff0000e0b5a910 00000002ffffffff ffff0000f8b62000
[  153.438277][ T6565] page dumped because: kasan: bad access detected
[  153.439305][ T6565] 
[  153.439680][ T6565] Memory state around the buggy address:
[  153.440608][ T6565]  ffff0000fa4c2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  153.441934][ T6565]  ffff0000fa4c2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  153.443272][ T6565] >ffff0000fa4c3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  153.444598][ T6565]                    ^
[  153.445243][ T6565]  ffff0000fa4c3080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  153.446516][ T6565]  ffff0000fa4c3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  153.447831][ T6565] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  153.546605][ T6565] Disabling lock debugging due to kernel taint
[  153.606498][ T4338] Bluetooth: hci1: command 0x0406 tx timeout
[  153.607494][ T4338] Bluetooth: hci4: command 0x0406 tx timeout
[  156.282965][ T6271] device hsr_slave_0 left promiscuous mode
[  156.336588][ T6271] device hsr_slave_1 left promiscuous mode
[  156.426486][ T6271] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.428242][ T6271] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.429542][ T6271] device bridge_slave_1 left promiscuous mode
[  156.430552][ T6271] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.476828][ T6271] device bridge_slave_0 left promiscuous mode
[  156.477868][ T6271] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.638314][ T6271] team0 (unregistering): Port device team_slave_1 removed
[  158.797328][ T6271] team0 (unregistering): Port device team_slave_0 removed
[  158.987584][ T6271] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  159.197469][ T6271] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.768171][ T6271] bond0 (unregistering): Released all slaves
[  163.178749][ T6271] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.247988][ T6271] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.327473][ T6271] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0