last executing test programs:

5m28.270697729s ago: executing program 2 (id=291):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0xfffffffffffffffd, {0x2, 0x0, 0x0, 0xa6, 0x4000, 0x0, {0x3, 0x100000000000, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x3ff, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000001240)={0x50, 0x0, r1, {0x7, 0x2b, 0xfff, 0x83120, 0x3, 0x7, 0x1ff, 0x9, 0x0, 0x0, 0x10, 0x8}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[], 0x38}], 0x1}, 0x0)
ioctl(r2, 0x1, &(0x7f0000000000))

5m28.015444502s ago: executing program 2 (id=295):
r0 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x2, 0x0)

5m25.730820588s ago: executing program 2 (id=309):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x24b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000400)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
listen(r1, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000700)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty, {[@timestamp_addr={0x44, 0x1c, 0x12, 0x1, 0xe, [{@empty, 0xffffffff}, {@local, 0x10}, {@rand_addr=0x64010102, 0x5f65}]}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

5m25.143949076s ago: executing program 2 (id=317):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000340)={[{@shortname_winnt}, {@shortname_winnt}, {@rodir}, {@fat=@discard}, {@fat=@flush}, {@shortname_winnt}, {@numtail}, {@fat=@usefree}, {@fat=@time_offset={'time_offset', 0x3d, 0x36c}}, {@uni_xlate}, {@utf8no}, {@numtail}]}, 0x0, 0x289, &(0x7f0000000580)="$eJzs3E9rI2UYAPBn091Nt8s2PYigIL7oRS9ht36CILsgFpS6EfUgzNpUQ8ekZGIlInZvXv0ci0dvgvoFevHmXbwUQfCyBzHS/LHpGui2mKa7/f2gzNN53yfvm8lMeGYg7/5733y6tVlUN7NulBZTlCLux8OIlYNo5NJoWxrEV2PS/Xj1+p+/vPDO+x+8WVtbu72e0p3a3ddWU0rLL/7w+ZffvvRT9/q73y1/X469lQ/3/1j9de/Zvef2/747fvV2N2XpXrvdze7ljbTRLLaqKb2dN7KikZqtotE50r6Zt7e3eylrbdxY2u40iiJlrV7aavRSt526nV7KPs6arVStVtONpbhoFk6cUX+wvp7VTph0+cTDcFauTdvZ6dSyhamN9QdnMSkA4HyZV/3/SbNIzSK1jqv/S6H+n51T1f88YQ7q/6XR9XuU+h8AAAAAAAAAAAAAAJ4ED/v9Sr/fr4y3479yRCxGRL9fnvcUmaHjP//h//OeJ7Mx8cO9xYj86536Tn24HbbXNqMZeTTi5pWIvwbnw8gwvvPG2u2baWAlfsx3R/m7O/WFKI/zx1am598a5qej+VdiaXL81ajEM9PzV6fmX41XXp7Ir0Ylfv4o2pHHxuC8Psz/6lZKr7+1dpC/PJrp7k792qAfAAAAPA2q6V//uX8ftFfTeNmQR9qHOw+fD0TlmOcDj9yfX47nrSQJAAAAZ6LofbGV5XmjIzhZ4NDNPChdioj5jP57RJyPgzA9KJ8u/bfPhlf943Se9zcTAADwfzss+uc9EwAAAAAAAAAAAAAAAAAAALi4HnfxsHH/06xYNjHcwnzeJQAAAAAAAAAAAAAAAAAAAAAAAJwP/wQAAP//vLsZ+Q==")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100)

5m24.857072661s ago: executing program 2 (id=322):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r4, &(0x7f00000001c0)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file0', 0x3a, [0x46]}, 0x30)

5m23.549454821s ago: executing program 2 (id=327):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000840)={0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2f}}, {0x4, 0x0, @rand_addr=0x64010101}, {0x2, 0x0, @remote}, 0x184, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f0000002600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x4000000)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/16, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x80000000, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
write(r1, &(0x7f0000000000)="0a000000010001", 0x7)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200), 0x0, 0x80800})
ioctl$HCIINQUIRY(r6, 0x400448ca, 0x0)

5m23.357892384s ago: executing program 32 (id=327):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000840)={0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2f}}, {0x4, 0x0, @rand_addr=0x64010101}, {0x2, 0x0, @remote}, 0x184, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f0000002600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x4000000)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/16, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x80000000, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
write(r1, &(0x7f0000000000)="0a000000010001", 0x7)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200), 0x0, 0x80800})
ioctl$HCIINQUIRY(r6, 0x400448ca, 0x0)

5m3.626455337s ago: executing program 3 (id=365):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fchown(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0xc)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000001c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x1c0, 0x12, 0x60d, 0x1c0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000000000000617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2, 0x2}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)

4m55.436941152s ago: executing program 3 (id=380):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x95, &(0x7f0000000140), &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x24102}, &(0x7f0000000500)='./file0\x00', 0x18})
io_uring_enter(r3, 0x47f6, 0xbacc, 0x0, 0x0, 0x0)

4m54.354191369s ago: executing program 3 (id=382):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x840, &(0x7f0000000400)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}]}, 0x1, 0x580, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/TLJvv/K+6QvvCyo9FBUqlG6Sfmj11F7FQqEHwYuGzTaUbLIhm2gTckjvRexBVHqpNz14VDx4EC8evXpRPAvFBoWmB12Z/UjSZJMmtZvVzO8HszvPPLP7f+bjP7szPMMEkFvHs5c04umIuJxEDK6r649W5fHmfCvLi6UHy4ulJOr1K78kkUTE/eXFUnv+pPV+JCKWIuKpiPimEHEy3Ry3Nr8wMVqplGda5aHZyemh2vzCqWuTo+Pl8fLUmZdePnf+7LmR0yPrP/agvr5U2N2y3vzx1rs3v3v1zq1PPzu2VHp/NIkLMdCqW78cT1JznRTiwobpZ7sRrIeSXjeAx9LXyvMslf4fg9HXyvpO6oN72jSgy+oHIupATiXyH3Kq/T8gO/9tD3v5/+PuxeYJSBZ3pTU0a/qb1ybiYOPc5PCvyUNnJtn55tG9bCj70tKNiBju79+8/yet/e/xDT+JBtJVX19sbqjN2z9dPf5Eh+PPQPva6V/UPv6tbDr+rcXv2+L4d3mHMX5/46ePtox/I+KZjvGT1fhJh/hpRLy1w/i3X//y/FZ19Y8jTkTn+G3J9teHh65eq5SHm68dY3x14tgr2y3/4S3iN6/ZHmz8zHRa/9PRuoD2CF98+/mzS9vEf+G57bd/p/V/KCLee3Tohv/e/+S1reru3kjuZf8Cdrv9s2l3dhj/xQvHf9jhrAAAAAAAAAAAwC6kjb5sSVpcHU/TYrF5D+//4nBaqdZmT16tzk2NNfu8HY1C2u5pNdgsJ1l5pNUft10+3eqj1C6fafeT6jvUKBdL1cpYj5cdAAAAAAAAAAAAAAAAAAAA/i6ObLj//7e+xv3/Gx9XDexXWz/yG9jv5D/k18P5n/SsHcDe8/sPuVWX/5Bf8h/yS/5Dfsl/yC/5D/kl/yG/5D8AAAAAAAAAAAAAAAAAAAAAAAAAAHTF5UuXsqH+YHmxlJXH+ufnJqpvnxor1yaKk3OlYqk6M10cr1bHK+ViqTr5qO9LqtXp4Ziauz40W67NDtXmF96crM5NtZ8pWi50fYkAAAAAAAAAAAAAAAAAAADgn2cgIv4TSVqMiLRRTtNiMeLfEXE0CsnVa5XycGOeiO/7Cgey8kivGw0AAAAAAAAAAAAAAAAAAAD7TG1+YWK0UinP5GSkfzczR8TSk21G9o07mDmNiLUphda22ssVlcd9w8iGnR8AAAAAAAAAAAAAAAAAANhTazf97vQTf3S3QQAAAAAAAAAAAAAAAAAAAJBL6c9JRGTDicHnBzbW/itZ6Wu8R8Q7t698cH10dnZmJJt+b3X67Iet6ad70X5gp9p52s5jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYE1tfmFitFIpz3RxpNfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA4/gwAAP//2JHUDg==")
ioctl$SNDCTL_TMR_CONTINUE(0xffffffffffffffff, 0x5404)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r4=>0x0})
r5 = fcntl$dupfd(r3, 0x406, r3)
bind$can_j1939(r5, &(0x7f0000000040)={0x1d, r4, 0x2, {0x0, 0xff, 0x7}, 0xfe}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000400)={'vcan0\x00', <r6=>0x0})
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r7, &(0x7f0000000080)={0x1d, r6, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
sendmsg$can_j1939(r7, &(0x7f00000001c0)={&(0x7f0000000140)={0x1d, 0x0, 0x80000000000000, {0x0, 0xf0, 0x2}}, 0x18, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x400c000}, 0xee)

4m52.797259092s ago: executing program 3 (id=384):
r0 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x2, 0x0)

4m46.667743646s ago: executing program 3 (id=394):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000018c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000240)=' ', 0x1}], 0x1}}], 0x2, 0x4008000)
syz_usb_disconnect(0xffffffffffffffff)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='yeah\x00', 0x5)
shutdown(r0, 0x2)

4m42.945800543s ago: executing program 3 (id=403):
write$vhost_msg_v2(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = dup(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0)
write$P9_RGETLOCK(r3, &(0x7f0000000000)={0x20, 0x37, 0x1, {0x0, 0x8, 0x1c, r0, 0x2, ']\x00'}}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

4m26.804560921s ago: executing program 33 (id=403):
write$vhost_msg_v2(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = dup(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0)
write$P9_RGETLOCK(r3, &(0x7f0000000000)={0x20, 0x37, 0x1, {0x0, 0x8, 0x1c, r0, 0x2, ']\x00'}}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

3m48.213189042s ago: executing program 5 (id=516):
r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
ioctl$EVIOCGLED(r0, 0x40284504, &(0x7f0000000000)=""/56)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x8, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000000c0)=0x2)
setrlimit(0x6, &(0x7f0000000180)={0x1000, 0x10000})
connect$unix(0xffffffffffffffff, &(0x7f0000000340)=@file={0x1, './file1\x00'}, 0x6e)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$fb0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c910"], 0x15)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000080)={0xa, @sliced={0x8, [0x9, 0x7, 0x33db, 0x3, 0x2c1, 0x2, 0xf092, 0x25, 0x5, 0x8, 0x8000, 0x9, 0x8, 0xf, 0xd, 0x5, 0x0, 0xc3, 0x4, 0x80, 0x10, 0x2, 0x2, 0x2, 0x7, 0x8, 0x7, 0x8, 0x8000, 0x8, 0x200, 0x2, 0x6, 0x1, 0x9, 0x0, 0x8, 0x8, 0x0, 0x77d5, 0x3, 0x1, 0x100, 0x7, 0x3, 0x7, 0x2, 0xe7], 0x7}})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='projid_map\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6}]})

3m46.573274897s ago: executing program 5 (id=517):
syz_open_dev$video(0x0, 0x9, 0x40400)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000012c0)={&(0x7f0000000000)={0x2c, 0x0, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000280)=@x25, 0x80, 0x0, 0x0, 0x0, 0x68}, 0x20000000)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00000000c0), 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}], 0x10)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x2003)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x103)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', 0x0, 0x208090, 0x0)

3m45.515049953s ago: executing program 5 (id=521):
getgroups(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x1c, r3, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0)

3m44.277567713s ago: executing program 5 (id=524):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x9802}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

3m42.672047587s ago: executing program 5 (id=528):
syz_emit_ethernet(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e21, 0x18, 0x0, @wg=@data}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000845, 0x0, 0x0)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000004c0)={{0x1, 0x1, 0x80000001, 0x0, 0xfff}})
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)

3m41.217658019s ago: executing program 5 (id=530):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="30000000ec00f5849557a4717ea4acf19dce559daaefed76ec9b85097fa8c870ae17", @ANYRES16=r1, @ANYRESHEX=r0], 0x30}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000f00), r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0xd81, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00'}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r6, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
socket(0x2, 0x80805, 0x0)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r7, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)

3m25.812924345s ago: executing program 34 (id=530):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="30000000ec00f5849557a4717ea4acf19dce559daaefed76ec9b85097fa8c870ae17", @ANYRES16=r1, @ANYRESHEX=r0], 0x30}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000f00), r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0xd81, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00'}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r6, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
socket(0x2, 0x80805, 0x0)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r7, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)

9.293564888s ago: executing program 1 (id=968):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x840, &(0x7f0000000400)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}]}, 0x1, 0x580, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/TLJvv/K+6QvvCyo9FBUqlG6Sfmj11F7FQqEHwYuGzTaUbLIhm2gTckjvRexBVHqpNz14VDx4EC8evXpRPAvFBoWmB12Z/UjSZJMmtZvVzO8HszvPPLP7f+bjP7szPMMEkFvHs5c04umIuJxEDK6r649W5fHmfCvLi6UHy4ulJOr1K78kkUTE/eXFUnv+pPV+JCKWIuKpiPimEHEy3Ry3Nr8wMVqplGda5aHZyemh2vzCqWuTo+Pl8fLUmZdePnf+7LmR0yPrP/agvr5U2N2y3vzx1rs3v3v1zq1PPzu2VHp/NIkLMdCqW78cT1JznRTiwobpZ7sRrIeSXjeAx9LXyvMslf4fg9HXyvpO6oN72jSgy+oHIupATiXyH3Kq/T8gO/9tD3v5/+PuxeYJSBZ3pTU0a/qb1ybiYOPc5PCvyUNnJtn55tG9bCj70tKNiBju79+8/yet/e/xDT+JBtJVX19sbqjN2z9dPf5Eh+PPQPva6V/UPv6tbDr+rcXv2+L4d3mHMX5/46ePtox/I+KZjvGT1fhJh/hpRLy1w/i3X//y/FZ19Y8jTkTn+G3J9teHh65eq5SHm68dY3x14tgr2y3/4S3iN6/ZHmz8zHRa/9PRuoD2CF98+/mzS9vEf+G57bd/p/V/KCLee3Tohv/e/+S1reru3kjuZf8Cdrv9s2l3dhj/xQvHf9jhrAAAAAAAAAAAwC6kjb5sSVpcHU/TYrF5D+//4nBaqdZmT16tzk2NNfu8HY1C2u5pNdgsJ1l5pNUft10+3eqj1C6fafeT6jvUKBdL1cpYj5cdAAAAAAAAAAAAAAAAAAAA/i6ObLj//7e+xv3/Gx9XDexXWz/yG9jv5D/k18P5n/SsHcDe8/sPuVWX/5Bf8h/yS/5Dfsl/yC/5D/kl/yG/5D8AAAAAAAAAAAAAAAAAAAAAAAAAAHTF5UuXsqH+YHmxlJXH+ufnJqpvnxor1yaKk3OlYqk6M10cr1bHK+ViqTr5qO9LqtXp4Ziauz40W67NDtXmF96crM5NtZ8pWi50fYkAAAAAAAAAAAAAAAAAAADgn2cgIv4TSVqMiLRRTtNiMeLfEXE0CsnVa5XycGOeiO/7Cgey8kivGw0AAAAAAAAAAAAAAAAAAAD7TG1+YWK0UinP5GSkfzczR8TSk21G9o07mDmNiLUphda22ssVlcd9w8iGnR8AAAAAAAAAAAAAAAAAANhTazf97vQTf3S3QQAAAAAAAAAAAAAAAAAAAJBL6c9JRGTDicHnBzbW/itZ6Wu8R8Q7t698cH10dnZmJJt+b3X67Iet6ad70X5gp9p52s5jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYE1tfmFitFIpz3RxpNfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA4/gwAAP//2JHUDg==")
ioctl$SNDCTL_TMR_CONTINUE(0xffffffffffffffff, 0x5404)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})

7.077803101s ago: executing program 7 (id=973):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x3, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002e000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r3, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9545dd30a3731677b2d0bfa91", 0x0, 0x27cb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x4c, r7, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0x6}]}]}, 0x4c}}, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r9, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r13=>0x0})
sendmsg$NL80211_CMD_FRAME(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r13, @ANYBLOB="0c00990000000200000000000800a00094090000080026009409000008002700000000000800a1"], 0x48}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x28, 0x0, 0x1, 0x80000000, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8, 0x17, 0xffff}]}]}, 0x28}}, 0x0)
r14 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r14, 0x0, 0x485, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x110, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f00000000c0)={0x1c, r1, 0xf21, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x24000045}, 0x44000)

6.865302795s ago: executing program 1 (id=974):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x402000, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x118, 0x3, &(0x7f0000000540)=""/181, 0xffffffffffffffce)
ioctl$PIO_SCRNMAP(r3, 0x4b52, &(0x7f0000000000))
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000040)={0x1, 0x7, 0x3})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)

6.739166847s ago: executing program 6 (id=975):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
io_uring_setup(0x177f, &(0x7f0000000140))
epoll_create1(0x80000)
epoll_create1(0x80000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="f400000000000000", @ANYRES32, @ANYBLOB], 0x28}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x4, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

5.965203318s ago: executing program 7 (id=976):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c00020008000100"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

5.964623178s ago: executing program 6 (id=977):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.940700639s ago: executing program 4 (id=979):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x300000d, 0x6052, 0xffffffffffffffff, 0x1000)
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)=0x10000, 0x12)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
preadv(0xffffffffffffffff, &(0x7f00000003c0), 0x0, 0x3, 0x8)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x60, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @private=0xa010101}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x741, @empty, 0x8}}}}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'ip6gre0\x00'}}]}]}, 0x60}}, 0x0)

5.707768192s ago: executing program 4 (id=980):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x40000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x103042, 0x0)
pwritev2(r3, 0x0, 0x0, 0x8000, 0x0, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)

5.674187093s ago: executing program 1 (id=981):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x8a, 0x3})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000980)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x3}, @ptr={0x70742a85, 0x3, 0x0, 0x0, 0x800000, 0x22}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000440), 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000040)=ANY=[], 0x0)
shmget$private(0x0, 0x3000, 0x10, &(0x7f0000ffc000/0x3000)=nil)

5.625874984s ago: executing program 7 (id=982):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$alg(0x26, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB, @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

4.702816688s ago: executing program 6 (id=983):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c6572"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56f41, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {0x0, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x0, 0xe}}}]}, 0x3c}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

4.697108768s ago: executing program 0 (id=984):
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
lsetxattr$trusted_overlay_opaque(0x0, 0x0, 0x0, 0x0, 0x1)
listxattr(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)=""/22, 0x16)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x65b, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000240)={0xb1, 0x7fffffffffffffff, 0x3, 0x4000000000001, 0x10001, 0x3, 0x200, 0x2}, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x268, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1c8, 0xffffffff, 0xffffffff, 0x1c8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev, [], [0x0, 0xffffff00], '\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x4c00}}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2c8)

4.649284159s ago: executing program 1 (id=985):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x840, &(0x7f0000000400)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}]}, 0x1, 0x580, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/TLJvv/K+6QvvCyo9FBUqlG6Sfmj11F7FQqEHwYuGzTaUbLIhm2gTckjvRexBVHqpNz14VDx4EC8evXpRPAvFBoWmB12Z/UjSZJMmtZvVzO8HszvPPLP7f+bjP7szPMMEkFvHs5c04umIuJxEDK6r649W5fHmfCvLi6UHy4ulJOr1K78kkUTE/eXFUnv+pPV+JCKWIuKpiPimEHEy3Ry3Nr8wMVqplGda5aHZyemh2vzCqWuTo+Pl8fLUmZdePnf+7LmR0yPrP/agvr5U2N2y3vzx1rs3v3v1zq1PPzu2VHp/NIkLMdCqW78cT1JznRTiwobpZ7sRrIeSXjeAx9LXyvMslf4fg9HXyvpO6oN72jSgy+oHIupATiXyH3Kq/T8gO/9tD3v5/+PuxeYJSBZ3pTU0a/qb1ybiYOPc5PCvyUNnJtn55tG9bCj70tKNiBju79+8/yet/e/xDT+JBtJVX19sbqjN2z9dPf5Eh+PPQPva6V/UPv6tbDr+rcXv2+L4d3mHMX5/46ePtox/I+KZjvGT1fhJh/hpRLy1w/i3X//y/FZ19Y8jTkTn+G3J9teHh65eq5SHm68dY3x14tgr2y3/4S3iN6/ZHmz8zHRa/9PRuoD2CF98+/mzS9vEf+G57bd/p/V/KCLee3Tohv/e/+S1reru3kjuZf8Cdrv9s2l3dhj/xQvHf9jhrAAAAAAAAAAAwC6kjb5sSVpcHU/TYrF5D+//4nBaqdZmT16tzk2NNfu8HY1C2u5pNdgsJ1l5pNUft10+3eqj1C6fafeT6jvUKBdL1cpYj5cdAAAAAAAAAAAAAAAAAAAA/i6ObLj//7e+xv3/Gx9XDexXWz/yG9jv5D/k18P5n/SsHcDe8/sPuVWX/5Bf8h/yS/5Dfsl/yC/5D/kl/yG/5D8AAAAAAAAAAAAAAAAAAAAAAAAAAHTF5UuXsqH+YHmxlJXH+ufnJqpvnxor1yaKk3OlYqk6M10cr1bHK+ViqTr5qO9LqtXp4Ziauz40W67NDtXmF96crM5NtZ8pWi50fYkAAAAAAAAAAAAAAAAAAADgn2cgIv4TSVqMiLRRTtNiMeLfEXE0CsnVa5XycGOeiO/7Cgey8kivGw0AAAAAAAAAAAAAAAAAAAD7TG1+YWK0UinP5GSkfzczR8TSk21G9o07mDmNiLUphda22ssVlcd9w8iGnR8AAAAAAAAAAAAAAAAAANhTazf97vQTf3S3QQAAAAAAAAAAAAAAAAAAAJBL6c9JRGTDicHnBzbW/itZ6Wu8R8Q7t698cH10dnZmJJt+b3X67Iet6ad70X5gp9p52s5jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYE1tfmFitFIpz3RxpNfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA4/gwAAP//2JHUDg==")
ioctl$SNDCTL_TMR_CONTINUE(0xffffffffffffffff, 0x5404)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})

4.407593162s ago: executing program 7 (id=986):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000004c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2002004}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000002140)="59f1e4552e75986be30344c577df27f4b4a41646039fbf9beda7bf5a572121f6414ca8bd405e18b655af5c5e013e0c7388225a727cc1eb4eb7c7cd47b2c3d353dec75184436dfd9933bd374d8dfd322d0a5b705731fba628d06c11ab04e155f747b67108a4e376b5711565b653281ada57116b0dbf782e6f343532ef258b42d65df4a96f83b00ce9c66eb1a1ab23f2039927adfe99a3872de7a80ec34aa05b8be26021e61d2e1509d903f77783525e515ae5051541be24502d5123d1a08e06d959aae764ee7bed31361802c486a3f9fbb3824a21fc1b73f95d88167f7659cd90bbb4b7eb78c21e01a9da912544402618285e461cc1c9a1ada2f273d3799feb3d90e373c4f0132554fc3ebe0b8557d521e89f66531514ca337bb1149f86158e7ac94d88fc583a59b7ead0fc249ae26a4ef2ff5bab62209000575441363025553f5012b8eea50bb087202114f8b48ab602fe3fd952bf9886dcc41a9d6c22bfd543f7dec92f32758b99cd239cb69a2fe1c4560426e101666b862aec3e235fd308a6e7560aa2207cc185acabd03b20d4091ff7936120b450b1db200228cd435c434c2626f641cdd8180946982d665352ee755358afa123e7fd9a202e912c528929067ce785f3ba1877968a047f56dfb7cef747d59feeabcff03e73aa3dd3dafb367f32758de4d98dfe15737ba1cb7400ee5bdf4220d6e667c651757d4f8bf536771309d6dfa928e59c9171fa7a710a6d308e757775ce029e0724971c8d7782e29b8ca82de04e883ba042f92e6f7c6b2e627e1242e1f2033ca5bcc81797ba39359e320139cfcf6335086cd646b842e13ab0f90d2fa92ae3cdbeac38deebfc485b2f10f4e29507c858046ae009df144c4ab38ae70e25cccff11078408d7ef4d7bb262310fec1663f1a1dc035864a40616b4690c841c986630ccb784d7af382fef327e7e64817a48db2eae499584fb6cb758a4da7967d283c7400e87657443148a94a352bc46154849a9d6eaf85e4e5556c648017e7f5456be988abcbbcf4a5e2228d2cebf144229fb8b8b6ad244be8f6ccfecfa6df74278761bae6be823eeb6cd08bd0bc01283d04fb719f546cf4d2de5388d1f90eec21674d35c9e295cb1bff104689395cdb6349efcf3d3d99e0141b7bdd4f0ef24fdd6afc35fdca10ade6d539bf1e32ca2e5ab5223e4e975a3cdbfa604dc7904755919905e3ab5e4a1932e2cd7741dd80f4993d0822bbeaf7ea70541e7d18af5a36aa1b928b801bf5a8652adac57dd76f0b7d0629a9fa493db118d6420a18236ca92487cf1b751477bd7b66b6ab97a280306f921493eb9a6172a70cb4f62526c09bd73d148faefe36c47275a0b8822b71c6b09dc80dce0b130ede61296ea03951a563bbf020c75aeea843b95d134bd7228915c22c6e34579bf71479eb4185bf4d11f9735093d9b9d5f18f443a1925f59d2041ff9f6a017eebe9923e5b46de296ba24c25019591cde699475c075904b97f01a639dee3bfce62ecabd2ce078e5fd84b8733392e42e77a6dbb0f51fb0fc59cd7286b6912a8796cdb22e6c3949f6052a014c17b73b3cce6e531127173569d70f07d76359755a6d8bb239f135becb8524ff638452db9d7786e6c52efaa254590a9bfe6bcd485ae8b7114948d58d8c0b9620eb9ace67211e0f7eb4e75740b51f23c0d59903cf2bbcdba9fb516afb8c64cab133c51c0ccca855eba033cc4eb08bbc7632f427f6fb8de4a11bc292aa090503e96a2ae414d5c8907e599874c7e9ffbb8e57ed9b1564ea52f09afffeddb8da0a9ed228da5bbae4a1ef608a0d327cdd7f19fac5d342c31088bbd05cf87c1bb73c55db60087e058c21d313c899071a38ac027e7c2704516b2cbeeb3c18771ecaec46d90c18aaf7cc207cecd60faf27fa4fbea3fecf0dc67336263870e21a1ef39c35e89254fd02bb75848f3729450a08990a410331ac720c1b9c3859a436d65899158caacff7aea71f3bb34e69d954994b698e608836a52b88d8ae8303fb918956e13bc1bb99f955c72474d53ab8ba2ee131730f7fb7dcc4ebcf14b9c3c0553a783d6123c3b9a3cd5ff9c6c2d588c38bae6e81b5f0dabc3b4f6b2d9805474453f66e3f6bbc29b64604374ec82a602109cce44bf4ca88a8b0ea2dd27a49f70eb481f3fb59a4ec5cd0b2196c05a96905cbd0f3b01b579401d20f12aabffc6f9e869af2fb43b0c3362f67a015dbe51b33281236326c3cf93f466a07f5baa29cac348ee7c17088aca34bff6844cc60c5f9376c4869afef5e14b74d780ba0fe5ba3f919d6e3ad2c5a9b259c3a79da133173f107bc2fdf426cdbc144a96a33951bdbc43d5b5a6a5c4e8aeb90816cbde9ffcec6630ca37ae6ccddcd61dc6893b75fc6d951be9d2144b6ae4bf739ddce3400456f0bed97dcec4330b717f590ae2f30cde4203d592a4abc864b27fce63bff3da754425fa0caa91e173f8f99fb0c81910df88b01e2e4918e424322149a283a69a04effe4da0cb417126d674d802455a67bb72aa88f1a6beba6a82f9f0529caff162285679cff18c0a9387abd6ac70135ddd07d04c8cc18143c57bdbf5676feacfb5afcdde7233abc411ad08372a885ee2047017c51167112b1dfb4c3a06a829c8c57c2e6d55c85ed97063c9a5843aa299ff3c63e61440baa42b696adf218d37b39231314acc6ffff7b23d16c8762562ef8a056e31c385d57f8fda45862034abf4487d6abd7816ebda9a7aa8bcd753508babb0d4c08cc25ee88fe3a5eb26842ef5a0687f5bd5c3f0b29e4723fbacfd852f3e194e47ffcc9fefea63b972cb9f3293956ee71308ad6ccb891d760469a62c5864069cefa60b247c5366b32d864d5d63a495209627b1b36b9db1bc0979e13dbf2f7203ba69596ad6cd991dc22cadd0fc55ce89db7fed238b082674458c8fa10398e6fe69b50b8cc8df9324180305fc4c17c3f0ecab996c44f8bb2eb575bbe4300e1c93c39a34ce0f255522f4bad18b6f7ed2b5d712baf19c39bfd974dea6181511e4bce407a38e2ce591f989001bcbff570f78649b8d80d7c51d9415dfe8871f1c4161e685d9a361ee2c3f7386c7d89570ae6894f59219c9e53059a13149fe6f3d37f982c503e11f9a90fff483e3b2e4016f376fbf81a3a95d666460fa0c3f6e873ed7ba2e9b6da20b62eec19de014c540b9dc4c3c25995c0435fa5dac1d5cefd66b248db8cc951a84913341e308a318bf94d1d49e12d80053712d3d68fb4acbf8c07ff3ab721c982b114f98edb9e693afed4c80892d8d75484cf228a41fb9af3e59a31c802bb5883d88f5d804806a1747bee00a1347edffc1d832d5e01d15dcd4c7e21f35c47e90761904d0381b56e8200d69338edba5f5e5992d2439143846e1295aa77dd0745c1f33b02b108e987a3d675d8bd593ad22b49068a6f91478a807275b05261dd14553a112fc85cab73dceea1fd31a319db40ff6646afce5a9dc0588747afc06bd36c4326a5f495a12c4eb6ca44e4b23dc52836336832e267db22165554caf7925cf13c84685ee31bfd19fb988a42a2d931fe0212a64e6ffcf9fcaaeeb9fd211a529364abb1a915811a46c41289da4a3a730942d4e0b9534944ec993555d96fcfb68e4f85c53c297f1ea34781b55b69b25bbdf4f0cfc9572e924adfd354b4c291d77d802bfbdc7d7b24f1d266cabc9ecf63ea5b48d5e7f30d8ce1ee4ad861537c441667405b8223e81ba71f55e09d0e92f1c4233227eb276db865b23c8d28df9b2738f025b59d10a118e156b04da94a15b7d8393783dbbb29131603bd11397625c8cb5d8a86cabf660906bf714079f9261c901815688b76afbc65962aeba08e940c20931ea1e3b875427afbb608634eda3f7f69da64906616f24a8a750abf2da50c1e47cec369ffa25d4c199caf1da2f51ebeca7de266e7550dc12019f0e7dcd8f814c2095b12cbf94404e3343e032ebdb8b598febec6390c84fdb65c3eda086c341c09321d1ee471896be010214de39a658cf48585660010578290b3349f0233e301dce10a9dcaa372ade8a4a7170e68522add35f6cdb23c688ba42b425775f077bd0d9f6706722499763efb84c98ee3717b293b26eb46d097a7af1e8097cec825a2d92cb1038980a8a73a7a351001a6efabf812b00788bb950e8b88784054a299906786b7dbd25c9d8ef4146e45b84611d65e7ad898ac1d234574d174acb1d23d8e206518fa40e521bd3c3953c95aedf265c3755243374ce36500a62dd57a94ac22aa6c9b6d79edbad8c0633263f9ffc04524d23e64a18a22cfc1d9ff00eab75a48cffa364f025b31fc632d4ba3f1a829e78b08a9297d59b9ac9c2ae3fe7ef21a0bdc4ee34477654b4bb80b30e117dd846a4f71750f76cf93afb134eb28e0409b92016ce47871fd2a531b2b05d7684421f524833f7a9ac4a02d8c92a1c83150fbb6c68edf0c4ecc833c9e2e058c91f8f9ba81ee48ba5fb71132bb84c4e4993561b0f0ee77405a5573df396469fa5a1a761a9398e618221bdb888a9f2f07a1e9247fc7e3ff2d72bdad77654645171fc89cf4e93d6eaae95f4e7bd9dc75c1b1fc5c7926aa0d0c70b7b442ab657e734fb39660b058403057f94ae3e9b96233647216e29b891272e4403e3a155e4f77fb227cd56a3e3856969cf3ce85d1aca889c2cb1ddfab9cfdcaba80e2411243e8370757725e2875bceebec0d8174ecdda380dd8bcf63cfc619ebfd4b562949e32c8ae7173d630df595b79afc5b0c2ba6e9613ebdc3912db74a1c41bbd4c50428e1dfeff661fe3c3cbcd8fbe4a6d1c02d2b06068e3fe7fa5fb63eed98361baa5c075ea1694a575551818d3ca4988dd080df8c604f2fcaf0d3d3bd922f142ecd2b88efec2563686447750a1e814926e037c2e4d2c530bae36a0cba4b9b42d21b63d6ff403f1a5bea1a169eb494192a7adcb0787759a944043d0df72d57d775e9604a5236775b44d9553dd186f63512bfd3d4b65667f8d715bc9c100a0855e2ed963da442e0ef54b809b2e794eb9b29daea42a84c2d45c220a1ab3242bf7e2f41754feaba92998b834391aee0005c3b5bf05ca648577d77712c6a2107c0d017b1828b82a63ac32587023ae8214e55b907a08c774d12be071ae593716426038f326b45e565900ae67778cfed493dd873b613d457837bf505622d6270f7c2177b8b0048ada47e3fc97a913552d9b65be45a914c29fe5e2e398c9dc7d541f8244c9ce1fdb8d20547471ae840cdf88e4362e05b3091a80c3b32afec6747b05033f98456bb0503240d63b18d1756bd24656def9f79e6bbaca8084caf07dfd17d77f98343fb3f141f788ed0a9397f0a591023c332f4a16e468643b8dffb950f798d7cb165757b18ffa1863898de59c892b148d268b4d0ec3e5f2e4790358cbe0a40007a4be6cb789ac11badcf369f1aff5c458b5c9514b24cfc395b4b4f0df30ab6b3228feb960d545d027a76abfecf455b673be7caadf0d0f2544cb5473ecbc3a339b08652b444a3b5a28d834e63ae4d831d5abb077297428bc3b6542477fb6d4ffdb1398349cea95e7d6131184e7d793603582e81253974e10f8f947d339d2fdfa4c8871b33403cc23b2e225462d29d0450f285433c75959774fe65058188cc54488bc23a20880a0b786e6cc4622c5621f427af5dc294420c07c268cb04eef4400fcaf6fd1a500504fe59cd3c44836a0b477a62d05c8f43e96962a367cbae1f88dd4f4c22e0c7d2afea8a2de91917599f6db37449474048ba84f144532af50b65cdaba868f50f079a4a495d2ee921d835badc2ac45e2521dfc559bbc664f6f27446a6d5afcc8c0d90d68f991dd503291d7687f64641fd052c73be1786b507252749fd788c0c8edf25ab5efe9ddb2a67ec7e24f22f9fe28966d64338b691222c7cc493a9a5c10430ce0f074703047757a9abed0ee0cca14c20cfa9cb521f0e4e91e886e4b1285ffc996912ca7c9f81f2e8e64454fe6846ff44dd21c294b888d52c37bc386ba8cd7f7c0fedcd524ebf603f0a5b5f19be9c7e0f6da5d0ddbc2543d1adf46f5d0140d40c8798f8baa4ba49d99aa0171ffc797e3f919b21a37d3ca8b7a729781aa262d68a0451a2705f59f18268387fdecaed03045fd6f1759a694a5224c46f7a4c6c4eab6b11089b114e5a78546c258f23a2b80fe7f9503d006799d2b8fed769d87e9dafaf6f923ad1be071538789b771d13125049b58a2f2c4f91a5cedbfd725e419e8b640b9d704f48b96efab1b249784bed0e6c3c938b5ce66b6766ca0bbea73aa3a514a57ad7d1907f72072128be570e016a2a5b5754f60e2b0bcc3bd9a4ed21fe4e9b4655ca22656ab6cccf5091a1f85251e51f59094762252c996d9609430cfba1d160702643060cf386f3c3ab02eb5943326312444ebc0e5df143dfa8e868fafb719fbe1f5b355c472adc7694967522e39c1b162b57d49aeda122bc4a60393bba6db3f083751a41f9aa2d6cb59038f94b896a5623f82bad390d2b729f66d5f87b72cc9b54a2f08b3e7ad321310e8f79556ed4dd0c8a058e6a434b6a3fdf28a6b669b53694c16a72e14c1bce34f81c67071152d75ee8f146e465849a7b3eefc2fddb779fa34685effe59432444b3a6fc237da95fc7655aad861aa319a75880e53858ca6a7dad341b2643918e69e3c81969fecf6cdecec304c519ddd0f54b659ed7f9c3782c58202ba393c3811aa1f34d710db2cd0bd1478db3b3445c5d20811dfeb0e4bc3434ae4fa3518c9c36ebcc73d2e40a1701496f82d186309885af32b9694a7a6616bba665b94bff24ab493488c9a53cf1de2eaac644cd0f8d9ef4930f8bf56797b5ac4abc8132f62125905f7e18db3048a90c4a4779b5e29815830fb4093956bda4e2596bb8956c45313ce4e4662143a95779e5c23933e9312372e29c00ee668e82c7d4de290a5a6a66b85e6738528a58b4d169221a0ac5367196cea76c58b4c236b7da73ae1ce463656941f322d4cdec390d91d813c2c9bd70b10151673585457016c0d302f23f323c4a118fcc32a8076be44606d3241bfa66e78178c8d991093d9dd5d93d3eb455ed085eb5e88d83f3a47ce9c5fa7f9035df5c407eb27daa231c538ab58765668ed5a80e8f8a3a4470181b9f15b56d5c4a43708e7287775ee1e991c8e28af2afefef93b19ce3c4a1cf5d25e9b232f424a312cd4883230ffb071343986092141ea12e9647e5f5ab4e70de17d17756eec8ff64328c0050794c568baf183dce6c798e9b01dc53e76c4b9a0b61f1b65cfb74152d9936e05505df63048cd62cec15a97ec79995c5381b0491e65661c2804cc7a5cba0f418d5ec420ecdcf1363cc48777ac6a9901a30d6aed7bb62651480da8f84c93a61bd66ee6f218f2999d052e7e3fbcb002b57bf3c1292cf75a52a164d5c7f1265f1c7f881683dc8d6572853eef350f3834f888a1ab0eff22ee3b93ec2d82f93ddcb5b915f2c273a296be81f3ea3d5e9855863fb5cdc7289770111d02a7e0ee6558e46e754a5c11e4d36c55946fbc62d0c89f87156e33db0ac968dfb67c3a43a55328996a73cce287d518d45f5753f45051bba90d6dd06d95bd14c13d7707bc1afb44595da6783a48d6675c8e28affea30a55ee55a904d9ffb31e9c4fe04fe3dcdbb459d62d36156b2c6aa015b20205f6222008692f6be91ae531afafba348725ba820bb9fb2b93d3013e3f4766dec362a1e0cf40534eb1a18168c18afe08dfdd65e9953869353ba14cd1daaed1fc0c0ae1fc8deaa98c79b74ebd2043b18076dae9c2b4625ca9459a354ce3571b8c33870cc291983da1c0f32f87133192564e6c22abce03fdde7a7cca192d623253e99d5d1ee2f5e4c6535cb027eaae8fb1486ebd7c09881a14c88494a03030f5dba58f7e45a78905b10a5645409ea754162aeae8551d1026021da8685d4cbafbcb0ad980a1a16199be14b11434b0cd62a559b8584cd373bf9f959641059b17a654523cf3f3e7fd94a809e44a21ce2242cce6f79a32dd5443b79df68ddbbdc73eef492ef6a9f093f3131874064f89f26ff32eda7e6451081990a022a0fe52f189cd1deba409dcc090f91d10fa769d1bd75d11ec22b6e85405cbf9b3256e4f8913d7b8eda2945069e219fb4abca2a191e024d5af78e75cdbe0d9d5471a1d8e8aeb9e0a00274d4474ab6b0ebbb66d41bfc1683642c88a1155c91a7eb2295c4b9aa93eb0e77dc5a928e1698490de1226c65a7ef79fa9237dc9f7fdb8fcf9b54658ee3c714b14297fcaa1371c22e746151608f6f1f49bfdddce0ce24e6fc8da8f8dec534e5fe36106c81f25250be3fc496a4df508e79f49c7a4341d50bb6f96289afab14dbf4e8802a14ae82705a75e18330884c9bb1152792249a68ced40afc63deeb59daf9711484b982ec2675f5d9239f182849c4780046460e59aed8cdaaee156544370962771ced877365d37723bd9f935e8192ffd677348db41e3884704b5cbc6002c32111c9168dfcbbcc1c1ae3fd907b494a1fc7a8da0077517b55cc86393f61b07cf71408c47c9f4ca78c9cd48bf62c3b48232f74fa04f4e1fe9e5a4b88e94cae83397ca74948acc002afad739a3891c16c102fe026e2d1ac172a8b0f8c26689d99c371e275671b4f7ba1a08f7e955175b0dd88bdc63f6c1416fdaad20924c7dfec72d961b7fdde56de6ec0c11d43abf60fba174f4a689a1ff15016e7bbe378255f6724fac6a877a00d34a44b85c332ffb3b48101cb6137ccbb5e79f0e0ebe144800c8eb8ee3540cd23def571a4419908604a4217e4da5c72ac49c188e050c6c154df8f1ae2275a6bf123da80196a01cabbd699b215e6e1d7762c299d22e5b72dc1d17fafc2b42bf8c1546694772a2bd9a5f1f75504906c649988f88dd1f1236ab3e92907da0b87b7b674f5f3856c2d0996c20795a2cf7eca5b8dbbb4715dd4e67ce6ef38848bd50389686f17c059070fd9f1bfbd0409e3df16e7a73fb115c66cebb217cd01c5967c774143aa11d9815f2b0f9030f012bb8df1548a4e495e3553ea8524d374772a287beb18a7e88c88f4678e8835f35ee901eba3276b55095122d36a4da666e3b2a70114bc7c8faa5c73b89744c47aa138463c619a322e4dd8e4414ab12b143d2465401cafd97f500b2b035ee96f87131b3c5acbd7d336d926973e70b7c409372a1bb270e0666831de3fb5f059d25cb733106554ad892b2d46f5b33b00ae6198573c4c57b059266f806943e864a34a2b830003bdb7447fd105244bb975b0d7f1b6e25a72ac98a6fa3be7e3b430701633b95f8560620a58caa3366b0ddef41d153452417e4a5b48cfde67e6525d23c538a90d87f9b3cbd4205ccb30ebbbd54a00c4b0fb30cba4d02c5f108cb25af1cd791711d244c87de9738afd56401755ad8f5e62198d28164475997d7719f91ed7685829c6d536a090353b0b2de436d27e9f1fecb09917c1a3e7cbbe33024a74883790c9d18c2349a3f748f6362a79b92b95f1b3e8ddf118c87fc389c1ca08786b81513b62ebefb9fe472ff79eddbfa06d6569faaa1b8df516e2d0365256bf012da3571c6bc8589c49e0573da6d9ea1f7ad35840450a9f334d5d2cf9aa343dcc0f9864129bc548914507b30075d1a153d98af8a6def82e5c8619d9656f8ed0598b3463632c1cfa8ce86cbb90c772cf1298709fab835fe07b755a955f0d05c0f4dbffecaa7f6b1b6d40fffda03965021fd8f1316b62ee8e2bf6fffa01bc2740c066b7655d39f4be9d96f39713fab5ba34fc5431cd86c7384ee9177c20bf5ed5b9242b5abaefd4429a73195c166366527daaad6ce29136edf7fa974415fdeca13adb617e35d357d9c8d76953b6704bd04c391eb3070b1536342224577305c75b69cbe622e308722b3b76fdd3ad0ee69e7cef96a9cd267a92d846863b97862613b2ff5667559ed286e2fe6805a3a09ffc25e4df4b58302844e747a65310d4eb9d64c1b31995a2df3dce8026426e445b60520933fea52f4a9fc8e15033b75e5f412866f4c75371b6cb6436acb118d62752da91b64f15d40c8263bdc6ab718020442bc9cb8005ff30e90ca8bb4f489b0eb4218d323b39022fc542dcc16841899d094d4a5bf134281a330efdfb2445bb31d818b11d9abfd0e58c6497d2db7ac72a26d068b6b4b62de8d291188d4de82d9e53f3cf597e9c383a308a6a52814269c18a18b654bbf4db4502c11856637400b8c2ec3aa0127a659efcaaf5377adf69cb3d9ec65130864cd49320a8ac21aeb31c1c08f92a483c70318870b0107b4ac6070575e548bf70a25d1b220d8192697bbcf891521e4217efb59429c9ca2638a6eb13845d74a91ce45471e8df8f9d8a3a4ea4c8fab267017294f8054e43af04394dd3cbd35b6e60911f049d0f1048d1941effae8ed0ef726efeabe24607e3036e95297f7ee8d3bade2ca8cc431504524b6b40bfff220cc60f9f64376ad5b5fa7cd8dbc3baf145d6ff4ac00a4a8fc2de132af0e2d84302d02c5677b927d76094d38c8b644c1480c6dbcb7274d15362a3ec973cbe40086137160e6447ebaeec5aeeee932ef2bb03fd0754a7708968f2bba76ce16209e7bf1de26971f8c112581f9c417828a4a0fe4b6f243b939e8c4a7595230039f3f81fb64d84227c3725cde10c89d6413354e53811b2cbfc8a0d27dfb11884af23522a51a68f5415ba529690561df7d3f3d053166fc97e6c931d80968477384da3107cb5321b88940c3602a25195b870af1d956f749ecf6f0321f0bdead7cac3627d2895db23f74a244ba8cef7a7d1ff04f5258d45f5e1aa4a4baa83a36abb0e5fc94104e32314ef739725d83de8d0027218b7aea54c6de45dac43f955dd2ae4f7b89774219f12a25a7d47213d545357d7a0977486f8bbad66d8ef36bc26671c1a9c2a54d35e2e303b7cc4e3c431c2068ac10e6168ff1a0c023bf68868a20f20612ef5062ccc978332f2a97b58b0b92cbefa1ce73815776ef3e658145074592a463e5fce30fb89d3657906129fbbf369f0a7af4d9f1f153b0a840dfb80607da59ab2f01e72413d364f0c4f90a13b313b03df460696a8506c6c1dc6964918093274054bb9b46b7373a30efdea62c115fe9fd396c989c53c31402ee4b6bf6d9db19bf75906a0fd0e807f7e6cb7c5ef4daf0b21edcbf2f64605ccb7b5238bef39231d470d1542da1eab747084516fb6ef188308e62658540bf37e10215f26e2b1cab4d91a2a429e51bc270cb07c4628a8fe4066192893253d22b3a24edb3f3d02e227c613067231da02b449dc5ecce6a6e605ee5708817b2b72453fcf0f4e04f0c22996871d01cc3684e2b73573604366ca12a604f450edd6e113f4d1bda649939270c0ca493eafce9f46547b2ca1dcd8a63ec6053b99a2705a26c71df3a9dc7a347152dfc55b036701e9f7dffbe9138e6f619daff7721ab2c79e41c7f7fc829e3a22c2fc286f08a0117fc53d63d7c241aed27350badef0ff11ffee83920d62fb09f6be8ae44eab4273560e0ff14096afd10580306ab96cf9998da75e1dd04a9f70023673935a470c015762480b4182c32cf4715d7cdec146b1c8f50709c8a704922900bd1941e1e8172981b373f5de5260e84a498ec8110d55de18c99a5310ec0a7c69fcf54c8b70", 0x2000, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xb0, 0x0, 0xfffffffffffffffe, [{{0x5, 0x0, 0x2, 0x0, 0x3aba5dc0, 0x4, {0x0, 0x0, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xa000, 0x0, r2, 0x0, 0x0, 0x4}}, {0x0, 0xfffffffffffffffe, 0x1, 0x0, '..^\''}}]}, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000000)=""/192, 0xc0)

3.621635484s ago: executing program 0 (id=987):
r0 = gettid()
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000100)={@multicast2, @loopback, @empty}, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
fcntl$setown(0xffffffffffffffff, 0x8, r0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
exit(0x4)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4044881)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000002480)={{}, 0x0, 0x0, @unused, @subvolid=0x3})
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
sendto$inet6(r2, &(0x7f0000000000)="487fbb2c8e9dde8d1f404947b87c6ae2d798d08ad76636b614a6", 0x1a, 0x4000, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c)
io_uring_enter(r3, 0x1cae, 0x2e37, 0x5, &(0x7f0000000200)={[0x5]}, 0x8)
read(r3, &(0x7f0000000000), 0x2000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

3.567754525s ago: executing program 4 (id=988):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fchown(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000001c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x338, 0x1c0, 0x12, 0x60d, 0x1c0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x168, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000000000000617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2, 0x2}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)

3.395460908s ago: executing program 6 (id=989):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
io_uring_setup(0x177f, &(0x7f0000000140))
epoll_create1(0x80000)
epoll_create1(0x80000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="f400000000000000", @ANYRES32, @ANYBLOB], 0x28}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x4, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

3.299368s ago: executing program 1 (id=990):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x840, &(0x7f0000000400)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}]}, 0x1, 0x580, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/TLJvv/K+6QvvCyo9FBUqlG6Sfmj11F7FQqEHwYuGzTaUbLIhm2gTckjvRexBVHqpNz14VDx4EC8evXpRPAvFBoWmB12Z/UjSZJMmtZvVzO8HszvPPLP7f+bjP7szPMMEkFvHs5c04umIuJxEDK6r649W5fHmfCvLi6UHy4ulJOr1K78kkUTE/eXFUnv+pPV+JCKWIuKpiPimEHEy3Ry3Nr8wMVqplGda5aHZyemh2vzCqWuTo+Pl8fLUmZdePnf+7LmR0yPrP/agvr5U2N2y3vzx1rs3v3v1zq1PPzu2VHp/NIkLMdCqW78cT1JznRTiwobpZ7sRrIeSXjeAx9LXyvMslf4fg9HXyvpO6oN72jSgy+oHIupATiXyH3Kq/T8gO/9tD3v5/+PuxeYJSBZ3pTU0a/qb1ybiYOPc5PCvyUNnJtn55tG9bCj70tKNiBju79+8/yet/e/xDT+JBtJVX19sbqjN2z9dPf5Eh+PPQPva6V/UPv6tbDr+rcXv2+L4d3mHMX5/46ePtox/I+KZjvGT1fhJh/hpRLy1w/i3X//y/FZ19Y8jTkTn+G3J9teHh65eq5SHm68dY3x14tgr2y3/4S3iN6/ZHmz8zHRa/9PRuoD2CF98+/mzS9vEf+G57bd/p/V/KCLee3Tohv/e/+S1reru3kjuZf8Cdrv9s2l3dhj/xQvHf9jhrAAAAAAAAAAAwC6kjb5sSVpcHU/TYrF5D+//4nBaqdZmT16tzk2NNfu8HY1C2u5pNdgsJ1l5pNUft10+3eqj1C6fafeT6jvUKBdL1cpYj5cdAAAAAAAAAAAAAAAAAAAA/i6ObLj//7e+xv3/Gx9XDexXWz/yG9jv5D/k18P5n/SsHcDe8/sPuVWX/5Bf8h/yS/5Dfsl/yC/5D/kl/yG/5D8AAAAAAAAAAAAAAAAAAAAAAAAAAHTF5UuXsqH+YHmxlJXH+ufnJqpvnxor1yaKk3OlYqk6M10cr1bHK+ViqTr5qO9LqtXp4Ziauz40W67NDtXmF96crM5NtZ8pWi50fYkAAAAAAAAAAAAAAAAAAADgn2cgIv4TSVqMiLRRTtNiMeLfEXE0CsnVa5XycGOeiO/7Cgey8kivGw0AAAAAAAAAAAAAAAAAAAD7TG1+YWK0UinP5GSkfzczR8TSk21G9o07mDmNiLUphda22ssVlcd9w8iGnR8AAAAAAAAAAAAAAAAAANhTazf97vQTf3S3QQAAAAAAAAAAAAAAAAAAAJBL6c9JRGTDicHnBzbW/itZ6Wu8R8Q7t698cH10dnZmJJt+b3X67Iet6ad70X5gp9p52s5jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYE1tfmFitFIpz3RxpNfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA4/gwAAP//2JHUDg==")
ioctl$SNDCTL_TMR_CONTINUE(0xffffffffffffffff, 0x5404)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})
r6 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r8=>0x0})
r9 = fcntl$dupfd(r7, 0x406, r7)
bind$can_j1939(r9, &(0x7f0000000040)={0x1d, r8, 0x2, {0x0, 0xff, 0x7}, 0xfe}, 0x18)
r10 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_PROMISC(r10, 0x6b, 0x2, 0x0, 0x0)
sendmsg$can_j1939(r10, &(0x7f00000001c0)={&(0x7f0000000140)={0x1d, 0x0, 0x80000000000000, {0x0, 0xf0, 0x2}}, 0x18, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x400c000}, 0xee)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)

3.183578751s ago: executing program 6 (id=991):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x402000, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x118, 0x3, &(0x7f0000000540)=""/181, 0xffffffffffffffce)
ioctl$PIO_SCRNMAP(r3, 0x4b52, &(0x7f0000000000))
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000040)={0x1, 0x7, 0x3})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)

2.369436004s ago: executing program 0 (id=992):
io_setup(0x7, &(0x7f0000000280)=<r0=>0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)='7', 0x1, 0x4}])

2.369092544s ago: executing program 7 (id=993):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x84, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x54, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x3, 0x6, 0x5, 0x8000000000000001, 0x800000000}}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0x3a7}]}}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2.368886904s ago: executing program 4 (id=994):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2.056256918s ago: executing program 6 (id=995):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = dup(r2)
setsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, 0x0)

1.396258239s ago: executing program 4 (id=996):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x8a, 0x3})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000980)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x3}, @ptr={0x70742a85, 0x3, 0x0, 0x0, 0x800000, 0x22}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000440), 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000040)=ANY=[], 0x0)
shmget$private(0x0, 0x3000, 0x10, &(0x7f0000ffc000/0x3000)=nil)

1.215092011s ago: executing program 0 (id=997):
r0 = socket$netlink(0x10, 0x3, 0x9)
syz_mount_image$udf(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000680), 0x1, 0x5c6, &(0x7f00000006c0)="$eJzs3U1sHGf9B/DfM9511mleNmn+Sf8oiOVNQUFEthPaWK6KTMxWSIZIdVxBD6gm3oRV/RLZSZVEVemRE0i9IS5cKlUgUDnCqZQDF24cq56QChISMieORTOe9a4dQyw2G8fJ5yPF++wzv5l5Zg6Rvs+8bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEV//xtToWNrrUQAAAACD9O3Zl0bH5X8AAAB4rF1x/R8AAAAAAAAA9rsUWdyNFGdeWk+Hiu8bajPt5Vu356abO682koo1h4r6/F9tbPz8ha8++9zFzud/X/9B+/+4PHtlqnFpZenGamttrbXQmFtuX11ZaO16C/2uv93Z4gQ0ll67tXDt2lpj/Nz5LYtv1z8+8NTJ+uTFiZmhTu3cdLM521NTqf7Pe7+HOzwAAACebMORxWcjxUc//HU6HBFZ9J+F7zN3MGgjUc/zd3EQc9PN4kAW2/PLN/OFqROE61sz8XAnIz+ELN6Xn0ccz8c6LNEDAACwe9XI4oVI8cpH6+lIRAx1cvCXixcD3n8D9YcwyB3k4zwdEY3YB5kdAAAA9tiByOLPkeKfv63H0Twzd/L/aMTzez04AAAA4IGoRBZLkeLMC+upXtwPEBFn56abjZmXG99cvrbSU5tSeUV9vz8f8DC5NwEAAIBHQC2yOFxc8V9Px/Z6MAAAAMBAjEQWFyJF9WevF++Vi+K99EcnJ4bHX+19w9yp+2wnrz0XG++m280z+dXOuwbzdbMHe0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8eWopi+9Fip/+plZ8b0REJW+8/8knez02AAAA4AFJWaxGih//Yz2liLhd//jAUyfrkxcnZoaGYijyvtRbf3n2ylTj0srSjdXW2lproTG33L66stDa7e5qM+3lW7fnppsDOZj7Ghnw+Edql1Zu3FltX//BzR2XH6xNfX/t5ur81Z0Xx0g0IrLenrPFgOemm8WgF9vzy8WqKe12xAAAABBRTVm8Hyk+95f3urmznvJ2ZeNLN2i+83w3m9bStqXFvMGRYt5go310cqI6fqa3vWNkPVsE6jzgNmd7uivVe0vr5X4rfR81AAAAAAAAADxeUsri9Ujxh7efKa6rpzgY99yDXtYdiRQ/eeV0WZcNRz2ic5m+XvytXWsvtkbz2rcjxYnvdmqjqK2VtU93a8fy2lq+3Stba0fK2hPd2vG89sVI8eGLO9f+X7f2fF57J1K8+26jU3swrz1c1p7s1p67urK4MLATDAAAAI+Aasrig0jxy781UifLl3m5vM1+aLP2nTe69/u/tX1D/+Ge/37v/6/39L1VzkPUIsUXPnimmHso5ivqO89XTEWKP10+XdZtzBUMl8uPFX+78xUvR4rfr2ytPVDWHu/Wju36xAIAAMAjJM//pyPFj/74u0onG5f5v0zgO+f/T21/CH9A+f9YT1++z7U7d1+bX1xsrWpoaGhsNvr/vxAAAB53ef5/M1J8q/nh5vXuMv8f2vjWzf//erOb/ye3b2hA+f94T99k+b7BaiWidnPpRvVURG3tzt2vtJfmr7eut5bHR5+9MPbc+bELF6vDnYv73Vbf5woAAAD2qzz/z0aKX/39F5vP5+/m+v/B7RsaUP5/uqcv32f3ol/fhw4AAABPjDz/T0SK73zmvc336G3N/z2///dG9zn7L31+43NzdmBA+f9ET1+93O89cw8AAAAAAAAAAAAAAAAAAACwz1VTFmcixRf/WkmHy77dvP9vYfuGBvT8/8mevoV4OL//1/dJBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnkhZZNGOFJ8+tZ6+lne8GnGo9xMAAADY9/4dAAD//3E1G/Q=")
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fchown(r0, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r3, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
socket(0x2, 0x80805, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r4, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)
connect$rose(r4, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)

1.145136362s ago: executing program 1 (id=998):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xffe0, 0xc}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

449.622993ms ago: executing program 7 (id=999):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x84, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x54, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x3, 0x6, 0x5, 0x8000000000000001, 0x800000000}}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0x3a7}]}}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

349.442344ms ago: executing program 4 (id=1000):
r0 = socket$netlink(0x10, 0x3, 0x9)
syz_mount_image$udf(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000680), 0x1, 0x5c6, &(0x7f00000006c0)="$eJzs3U1sHGf9B/DfM9511mleNmn+Sf8oiOVNQUFEthPaWK6KTMxWSIZIdVxBD6gm3oRV/RLZSZVEVemRE0i9IS5cKlUgUDnCqZQDF24cq56QChISMieORTOe9a4dQyw2G8fJ5yPF++wzv5l5Zg6Rvs+8bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEV//xtToWNrrUQAAAACD9O3Zl0bH5X8AAAB4rF1x/R8AAAAAAAAA9rsUWdyNFGdeWk+Hiu8bajPt5Vu356abO682koo1h4r6/F9tbPz8ha8++9zFzud/X/9B+/+4PHtlqnFpZenGamttrbXQmFtuX11ZaO16C/2uv93Z4gQ0ll67tXDt2lpj/Nz5LYtv1z8+8NTJ+uTFiZmhTu3cdLM521NTqf7Pe7+HOzwAAACebMORxWcjxUc//HU6HBFZ9J+F7zN3MGgjUc/zd3EQc9PN4kAW2/PLN/OFqROE61sz8XAnIz+ELN6Xn0ccz8c6LNEDAACwe9XI4oVI8cpH6+lIRAx1cvCXixcD3n8D9YcwyB3k4zwdEY3YB5kdAAAA9tiByOLPkeKfv63H0Twzd/L/aMTzez04AAAA4IGoRBZLkeLMC+upXtwPEBFn56abjZmXG99cvrbSU5tSeUV9vz8f8DC5NwEAAIBHQC2yOFxc8V9Px/Z6MAAAAMBAjEQWFyJF9WevF++Vi+K99EcnJ4bHX+19w9yp+2wnrz0XG++m280z+dXOuwbzdbMHe0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8eWopi+9Fip/+plZ8b0REJW+8/8knez02AAAA4AFJWaxGih//Yz2liLhd//jAUyfrkxcnZoaGYijyvtRbf3n2ylTj0srSjdXW2lproTG33L66stDa7e5qM+3lW7fnppsDOZj7Ghnw+Edql1Zu3FltX//BzR2XH6xNfX/t5ur81Z0Xx0g0IrLenrPFgOemm8WgF9vzy8WqKe12xAAAABBRTVm8Hyk+95f3urmznvJ2ZeNLN2i+83w3m9bStqXFvMGRYt5go310cqI6fqa3vWNkPVsE6jzgNmd7uivVe0vr5X4rfR81AAAAAAAAADxeUsri9Ujxh7efKa6rpzgY99yDXtYdiRQ/eeV0WZcNRz2ic5m+XvytXWsvtkbz2rcjxYnvdmqjqK2VtU93a8fy2lq+3Stba0fK2hPd2vG89sVI8eGLO9f+X7f2fF57J1K8+26jU3swrz1c1p7s1p67urK4MLATDAAAAI+Aasrig0jxy781UifLl3m5vM1+aLP2nTe69/u/tX1D/+Ge/37v/6/39L1VzkPUIsUXPnimmHso5ivqO89XTEWKP10+XdZtzBUMl8uPFX+78xUvR4rfr2ytPVDWHu/Wju36xAIAAMAjJM//pyPFj/74u0onG5f5v0zgO+f/T21/CH9A+f9YT1++z7U7d1+bX1xsrWpoaGhsNvr/vxAAAB53ef5/M1J8q/nh5vXuMv8f2vjWzf//erOb/ye3b2hA+f94T99k+b7BaiWidnPpRvVURG3tzt2vtJfmr7eut5bHR5+9MPbc+bELF6vDnYv73Vbf5woAAAD2qzz/z0aKX/39F5vP5+/m+v/B7RsaUP5/uqcv32f3ol/fhw4AAABPjDz/T0SK73zmvc336G3N/z2///dG9zn7L31+43NzdmBA+f9ET1+93O89cw8AAAAAAAAAAAAAAAAAAACwz1VTFmcixRf/WkmHy77dvP9vYfuGBvT8/8mevoV4OL//1/dJBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnkhZZNGOFJ8+tZ6+lne8GnGo9xMAAADY9/4dAAD//3E1G/Q=")
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fchown(r0, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r1, 0x8914, &(0x7f0000000000))
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
socket(0x2, 0x80805, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r3, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)
connect$rose(r3, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)

143.585518ms ago: executing program 0 (id=1001):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
io_uring_setup(0x177f, &(0x7f0000000140))
epoll_create1(0x80000)
epoll_create1(0x80000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="f400000000000000", @ANYRES32, @ANYBLOB], 0x28}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x4, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

0s ago: executing program 0 (id=1002):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x8a, 0x3})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000980)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x3}, @ptr={0x70742a85, 0x3, 0x0, 0x0, 0x800000, 0x22}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000440), 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000040)=ANY=[], 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8)
shmget$private(0x0, 0x3000, 0x10, &(0x7f0000ffc000/0x3000)=nil)

kernel console output (not intermixed with test programs):

er: 4347:4350 transaction failed 29201/-22, size 0-0 line 2917
[   62.929470][ T4349] binder: BINDER_SET_CONTEXT_MGR already set
[   62.935702][ T4349] binder: 4347:4349 ioctl 4018620d 200000c0 returned -16
[   63.052934][   T21] binder: undelivered TRANSACTION_ERROR: 29201
[   67.328101][ T4367] loop3: detected capacity change from 0 to 4096
[   67.366546][ T4367] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[   67.451452][ T4387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.57'.
[   67.454965][ T4389] udc-core: couldn't find an available UDC or it's busy
[   67.457013][ T4389] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[   67.596387][ T4391] loop0: detected capacity change from 0 to 4096
[   67.633145][ T4391] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[   68.036367][ T4391] overlayfs: upper fs does not support tmpfile.
[   68.062695][ T4391] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   68.099013][ T4403] udc-core: couldn't find an available UDC or it's busy
[   68.275877][ T4403] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[   68.987216][ T4196] Bluetooth: hci2: command 0x2016 tx timeout
[   70.721632][ T4423] binder: 4419:4423 ioctl c0306201 0 returned -14
[   71.553707][ T2054] ieee802154 phy0 wpan0: encryption failed: -22
[   71.555632][ T2054] ieee802154 phy1 wpan1: encryption failed: -22
[   71.559886][ T3331] cfg80211: failed to load regulatory.db
[   71.811185][ T4434] netlink: 8 bytes leftover after parsing attributes in process `syz.3.73'.
[   73.977673][ T4463] device batadv0 entered promiscuous mode
[   73.979592][ T4463] device vlan2 entered promiscuous mode
[   73.985354][ T4435] loop4: detected capacity change from 0 to 32768
[   76.494616][ T4491] netlink: 8 bytes leftover after parsing attributes in process `syz.3.91'.
[   77.939343][ T4523] loop1: detected capacity change from 0 to 128
[   78.013990][ T4523] EXT4-fs (loop1): mounted filesystem without journal. Opts: nogrpid,resuid=0x0000000000000000,,errors=continue. Quota mode: none.
[   78.074251][ T4523] EXT4-fs warning (device loop1): verify_group_input:147: Cannot add at group 25 (only 1 groups)
[   79.143342][ T4546] netlink: 8 bytes leftover after parsing attributes in process `syz.4.105'.
[   79.320756][ T4199] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   79.720951][ T4199] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   79.724578][ T4199] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   79.727429][ T4199] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   79.744910][ T4199] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.841748][ T4538] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   80.115240][ T4199] usb 1-1: USB disconnect, device number 2
[   81.557474][ T4570] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   81.560262][ T4570] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[   82.147357][ T4587] netlink: 8 bytes leftover after parsing attributes in process `syz.3.119'.
[   84.328912][ T4620] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   84.331907][ T4620] device batadv_slave_0 entered promiscuous mode
[   85.126938][ T4637] netlink: 8 bytes leftover after parsing attributes in process `syz.4.132'.
[   85.130804][ T4637] Zero length message leads to an empty skb
[   85.141486][ T4635] udc-core: couldn't find an available UDC or it's busy
[   85.143491][ T4635] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[   85.192203][ T4639] loop3: detected capacity change from 0 to 1024
[   85.233680][ T4639] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[   85.237302][ T4639] System zones: 0-1, 3-36
[   85.262872][ T4639] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   85.329914][ T4639] EXT4-fs (loop3): shut down requested (2)
[   85.421142][  T148] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   85.424118][  T148] __quota_error: 6 callbacks suppressed
[   85.424129][  T148] Quota error (device loop3): v2_write_file_info: Can't write info structure
[   86.073395][ T4657] loop2: detected capacity change from 0 to 2048
[   86.252094][ T4657] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   86.851603][ T4196] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[   87.800165][ T4679] netlink: 28 bytes leftover after parsing attributes in process `syz.3.149'.
[   87.829376][ T4682] netlink: 8 bytes leftover after parsing attributes in process `syz.2.148'.
[   89.961409][ T4196] usb 1-1: unable to read config index 0 descriptor/all
[   89.963361][ T4196] usb 1-1: can't read configurations, error -71
[   90.344338][ T4713] loop4: detected capacity change from 0 to 40427
[   90.446989][ T4713] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[   90.449244][ T4713] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   90.485223][ T4713] F2FS-fs (loop4): invalid crc value
[   90.932863][ T4713] F2FS-fs (loop4): Found nat_bits in checkpoint
[   90.969196][ T4713] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   90.971442][ T4713] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   92.068734][   T26] audit: type=1326 audit(92.020:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.074855][   T26] audit: type=1326 audit(92.020:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.094776][ T4726] loop2: detected capacity change from 0 to 256
[   92.145507][   T26] audit: type=1326 audit(92.040:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=181 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.180361][ T4726] FAT-fs (loop2): Unrecognized mount option "nonumtail=" or missing value
[   92.184696][   T26] audit: type=1326 audit(92.040:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.210793][   T26] audit: type=1326 audit(92.040:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.285655][   T26] audit: type=1326 audit(92.040:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=83 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.306585][   T26] audit: type=1326 audit(92.050:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.345862][   T26] audit: type=1326 audit(92.050:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.386471][   T26] audit: type=1326 audit(92.050:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.392562][   T26] audit: type=1326 audit(92.050:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4712 comm="syz.4.159" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x7ffc0000
[   92.397182][ T4034] attempt to access beyond end of device
[   92.397182][ T4034] loop4: rw=2049, want=45104, limit=40427
[   93.400932][ T4733] netlink: 8 bytes leftover after parsing attributes in process `syz.2.164'.
[   95.072231][ T4746] netlink: 4 bytes leftover after parsing attributes in process `syz.2.167'.
[   95.197541][ T4754] loop1: detected capacity change from 0 to 512
[   95.265052][ T4754] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[   95.267836][ T4754] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   95.311741][ T4754] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.171: corrupted in-inode xattr
[   95.320861][ T4754] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.171: couldn't read orphan inode 15 (err -117)
[   95.329372][ T4754] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,jqfmt=vfsv0,,errors=continue. Quota mode: writeback.
[   95.453288][ T4767] netlink: 8 bytes leftover after parsing attributes in process `syz.0.178'.
[   95.464808][ T4769] loop4: detected capacity change from 0 to 512
[   95.472219][ T4769] EXT4-fs (loop4): Unrecognized mount option "fsuuid=d6fef
[   95.472219][ T4769] c-155b-9U9a-2ci-5033f538" or missing value
[   97.122866][ T4805] process 'syz.4.190' launched '/dev/fd/3' with NULL argv: empty string added
[   97.465137][ T4792] loop3: detected capacity change from 0 to 32768
[   98.240681][ T4810] loop4: detected capacity change from 0 to 32768
[   98.262727][ T4810] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.191 (4810)
[   98.286832][ T4810] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm
[   98.289424][ T4810] BTRFS info (device loop4): metadata ratio 2
[   98.307108][ T4810] BTRFS info (device loop4): allowing degraded mounts
[   98.308999][ T4810] BTRFS info (device loop4): force zlib compression, level 3
[   98.320792][ T4810] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[   98.323688][ T4810] BTRFS info (device loop4): use zstd compression, level 3
[   98.325698][ T4810] BTRFS info (device loop4): force clearing of disk cache
[   98.343141][ T4815] binder: 4814:4815 ioctl 4018620d 0 returned -22
[   98.348532][ T4810] BTRFS info (device loop4): max_inline at 0
[   98.350153][ T4810] BTRFS info (device loop4): using free space tree
[   98.356941][ T4810] BTRFS info (device loop4): has skinny extents
[   98.580669][ T4810] BTRFS info (device loop4): enabling ssd optimizations
[   98.584277][ T4810] BTRFS info (device loop4): clearing free space tree
[   98.586410][ T4810] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   98.589668][ T4810] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   98.626287][ T4842] netlink: 8 bytes leftover after parsing attributes in process `syz.2.196'.
[   98.691505][ T4810] BTRFS info (device loop4): creating free space tree
[   98.702103][ T4810] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   98.711097][ T4810] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  100.043627][ T4851] loop2: detected capacity change from 0 to 4096
[  100.105637][ T4827] loop3: detected capacity change from 0 to 32768
[  100.154955][ T4827] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.194 (4827)
[  101.291713][ T4827] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[  101.294243][ T4827] BTRFS info (device loop3): force clearing of disk cache
[  101.296241][ T4827] BTRFS info (device loop3): turning on sync discard
[  101.298051][ T4827] BTRFS info (device loop3): doing ref verification
[  101.346773][ T4827] BTRFS info (device loop3): disabling tree log
[  101.348466][ T4827] BTRFS info (device loop3): enabling tree log
[  101.350124][ T4827] BTRFS info (device loop3): enabling ssd optimizations
[  101.387414][ T4827] BTRFS info (device loop3): using spread ssd allocation scheme
[  101.415486][ T4827] BTRFS info (device loop3): not using ssd optimizations
[  101.433217][ T4827] BTRFS info (device loop3): not using spread ssd allocation scheme
[  101.435565][ T4827] BTRFS info (device loop3): using free space tree
[  101.437461][ T4827] BTRFS info (device loop3): has skinny extents
[  101.650740][ T4045] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[  101.652888][ T4045] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  101.770321][ T4827] BTRFS error (device loop3): open_ctree failed: -12
[  101.964630][ T4896] loop2: detected capacity change from 0 to 256
[  101.974733][ T4897] netlink: 8 bytes leftover after parsing attributes in process `syz.3.208'.
[  102.027376][ T4896] exfat: Deprecated parameter 'utf8'
[  102.029146][ T4896] exfat: Deprecated parameter 'namecase'
[  102.049567][ T4896] exfat: Deprecated parameter 'namecase'
[  102.070707][ T4896] exfat: Deprecated parameter 'utf8'
[  102.611992][ T4899] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  102.845420][ T4597] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by udevd (4597)
[  102.851965][ T4896] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffad0, utbl_chksum : 0xe619d30d)
[  103.153643][ T4891] loop0: detected capacity change from 0 to 32768
[  103.189826][ T4891] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.206 (4891)
[  103.205008][ T4891] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm
[  103.208859][ T4891] BTRFS info (device loop0): setting nodatacow, compression disabled
[  103.214689][ T4891] BTRFS info (device loop0): max_inline at 0
[  103.218393][ T4891] BTRFS info (device loop0): enabling disk space caching
[  103.225604][ T4891] BTRFS info (device loop0): turning off barriers
[  103.229832][ T4891] BTRFS info (device loop0): turning on flush-on-commit
[  103.236124][ T4891] BTRFS info (device loop0): doing ref verification
[  103.241016][ T4891] BTRFS info (device loop0): force clearing of disk cache
[  103.256816][ T4891] BTRFS info (device loop0): enabling ssd optimizations
[  103.263599][ T4891] BTRFS info (device loop0): max_inline at 4096
[  103.270949][ T4891] BTRFS info (device loop0): disk space caching is enabled
[  103.276482][ T4891] BTRFS info (device loop0): has skinny extents
[  104.871103][ T4891] BTRFS info (device loop0): clearing free space tree
[  104.873259][ T4891] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  104.901431][ T4891] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  105.918273][ T4964] loop3: detected capacity change from 0 to 1024
[  105.959220][ T4025] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 10 /dev/loop0 scanned by udevd (4025)
[  106.030954][ T4964] =======================================================
[  106.030954][ T4964] WARNING: The mand mount option has been deprecated and
[  106.030954][ T4964]          and is ignored by this kernel. Remove the mand
[  106.030954][ T4964]          option from the mount to silence this warning.
[  106.030954][ T4964] =======================================================
[  106.124506][ T4964] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  106.129369][ T4964] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.227214][ T4964] EXT4-fs error (device loop3): ext4_map_blocks:739: inode #15: comm syz.3.223: lblock 0 mapped to illegal pblock 0 (length 1)
[  106.281120][ T4964] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  106.321755][ T4964] EXT4-fs (loop3): This should not happen!! Data will be lost
[  106.321755][ T4964] 
[  107.255555][ T4990] loop0: detected capacity change from 0 to 512
[  107.303512][ T4990] EXT4-fs (loop0): Unrecognized mount option "fsuuid=d6fef
[  107.303512][ T4990] c-155b-9U9a-2ci-5033f538" or missing value
[  107.532585][ T4997] netlink: 8 bytes leftover after parsing attributes in process `syz.4.232'.
[  108.439411][ T5006] device syzkaller0 entered promiscuous mode
[  109.442875][ T5023] loop2: detected capacity change from 0 to 1024
[  109.579483][ T5029] loop3: detected capacity change from 0 to 512
[  109.606280][ T5031] netlink: 8 bytes leftover after parsing attributes in process `syz.4.246'.
[  109.735555][ T5029] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,bsddf,. Quota mode: writeback.
[  109.739697][ T5029] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.868267][ T5038] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  110.174780][ T5049] loop2: detected capacity change from 0 to 512
[  110.388076][ T5049] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  110.413511][ T5049] EXT4-fs (loop2): 1 truncate cleaned up
[  110.415090][ T5049] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000040,stripe=0x0000000000004000,errors=remount-ro,minixdf,. Quota mode: none.
[  111.254326][ T5049] EXT4-fs (loop2): Can't set test_dummy_encryption on remount
[  111.274022][ T5067] loop1: detected capacity change from 0 to 128
[  111.315261][ T5069] loop4: detected capacity change from 0 to 512
[  111.328629][ T5067] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  111.332388][ T5067] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  111.401703][ T5069] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.260: iget: bad i_size value: 38620345925642
[  111.410163][ T5069] EXT4-fs (loop4): Remounting filesystem read-only
[  111.427297][ T5069] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.260: couldn't read orphan inode 15 (err -117)
[  111.438523][ T5067] EXT4-fs warning (device loop1): __ext4_ioctl:881: Setting inode version is not supported with metadata_csum enabled.
[  111.445654][ T5069] EXT4-fs (loop4): Remounting filesystem read-only
[  111.470574][ T5069] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,errors=remount-ro,sb=0xfffffffffffffff7,. Quota mode: writeback.
[  111.477078][ T5077] loop2: detected capacity change from 0 to 512
[  111.724962][ T5082] EXT4-fs error (device loop4): ext4_lookup:1858: inode #15: comm syz.4.260: iget: bad i_size value: 38620345925642
[  111.789136][ T5082] EXT4-fs (loop4): Remounting filesystem read-only
[  112.022534][ T5094] loop0: detected capacity change from 0 to 8
[  112.139498][ T5094] SQUASHFS error: Unable to read inode 0xf
[  112.238042][ T5101] loop3: detected capacity change from 0 to 512
[  112.322359][ T5101] EXT4-fs (loop3): mounted filesystem without journal. Opts: noquota,barrier=0x0000000000001003,errors=remount-ro,noauto_da_alloc,dioread_lock,. Quota mode: writeback.
[  112.387149][ T5101] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.606424][ T5117] loop4: detected capacity change from 0 to 1024
[  112.633707][ T5117] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  112.668633][ T5117] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback.
[  112.699757][ T4196] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  112.940031][ T4196] usb 1-1: Using ep0 maxpacket: 8
[  113.060039][ T4196] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 202, changing to 11
[  113.063435][ T4196] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  113.068247][ T4196] usb 1-1: New USB device found, idVendor=056a, idProduct=0301, bcdDevice= 0.00
[  113.074229][ T4196] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.087674][ T4196] usb 1-1: config 0 descriptor??
[  113.586258][ T4196] wacom 0003:056A:0301.0001: unbalanced collection at end of report description
[  113.589548][ T4196] wacom 0003:056A:0301.0001: parse failed
[  113.595625][ T4196] wacom: probe of 0003:056A:0301.0001 failed with error -22
[  114.401320][ T4079] usb 1-1: USB disconnect, device number 5
[  115.457279][ T5159] binder: 5158:5159 ioctl c0306201 0 returned -14
[  115.468920][ T5159] binder: 5158:5159 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  115.503444][ T5159] binder: 5159 RLIMIT_NICE not set
[  115.530619][ T5162] binder: 5158:5162 ioctl c0306201 0 returned -14
[  115.546280][ T5162] binder: 5158:5162 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  115.576869][ T5162] binder: 5162 RLIMIT_NICE not set
[  115.724525][ T5166] udc-core: couldn't find an available UDC or it's busy
[  115.726562][ T5166] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  115.743800][ T5171] loop1: detected capacity change from 0 to 128
[  116.436915][ T5171] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  116.443414][ T5171] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  117.690219][ T5198] loop4: detected capacity change from 0 to 4096
[  117.718685][ T5198] EXT4-fs (loop4): Ignoring removed oldalloc option
[  117.751194][ T5198] EXT4-fs (loop4): mounted filesystem without journal. Opts: oldalloc,nodiscard,,errors=continue. Quota mode: writeback.
[  117.838656][ T5198] udc-core: couldn't find an available UDC or it's busy
[  117.841894][ T5198] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  117.938617][ T5205] EXT4-fs (loop4): shut down requested (2)
[  117.945853][ T4535] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4876: inode #18: block 62: len 1: ext4_ext_map_blocks returned -5
[  117.973937][ T5206] udc-core: couldn't find an available UDC or it's busy
[  117.975809][ T5206] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  118.324040][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  118.412518][ T5224] loop1: detected capacity change from 0 to 512
[  118.456156][ T5224] EXT4-fs (loop1): Test dummy encryption mode enabled
[  118.475537][ T5224] EXT4-fs error (device loop1): __ext4_iget:4894: inode #11: block 1: comm syz.1.315: invalid block
[  118.490511][ T5224] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.315: couldn't read orphan inode 11 (err -117)
[  118.517608][ T5224] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  118.551522][ T5231] loop2: detected capacity change from 0 to 128
[  118.769645][ T4380] __quota_error: 33 callbacks suppressed
[  118.769658][ T4380] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  118.774970][ T4380] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  120.610795][ T4535] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.864289][ T4535] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.951351][ T4535] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.026558][ T4535] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.056803][ T5264] xt_NFQUEUE: number of total queues is 0
[  121.828601][ T5282] netlink: 68 bytes leftover after parsing attributes in process `syz.1.332'.
[  121.942422][ T5263] chnl_net:caif_netlink_parms(): no params data found
[  123.814210][ T4199] Bluetooth: hci4: command 0x0409 tx timeout
[  124.569236][ T5263] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.574403][ T5263] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.577158][ T5263] device bridge_slave_0 entered promiscuous mode
[  124.616481][ T5263] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.770454][ T5263] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.799122][ T5263] device bridge_slave_1 entered promiscuous mode
[  125.767389][ T5263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.781695][ T5263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  126.148514][ T4199] Bluetooth: hci4: command 0x041b tx timeout
[  126.730924][ T5263] team0: Port device team_slave_0 added
[  126.927627][ T5263] team0: Port device team_slave_1 added
[  127.868212][ T5263] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.872696][ T5263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.078965][ T5263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.861233][ T3331] Bluetooth: hci4: command 0x040f tx timeout
[  129.865490][ T5263] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.877012][ T5263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.919376][ T5263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.231382][ T5263] device hsr_slave_0 entered promiscuous mode
[  130.486628][  T149] block nbd1: Attempted send on invalid socket
[  130.489232][  T149] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  130.629086][ T5263] device hsr_slave_1 entered promiscuous mode
[  131.996559][ T5263] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.019393][ T5263] Cannot create hsr debugfs directory
[  132.228500][ T3331] Bluetooth: hci4: command 0x0419 tx timeout
[  136.211481][ T2054] ieee802154 phy0 wpan0: encryption failed: -22
[  136.487878][ T5263] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  137.634107][ T5423] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  138.047568][ T5431] loop4: detected capacity change from 0 to 40427
[  138.818748][ T5431] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  138.820987][ T5431] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  138.898529][ T5263] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  138.943159][ T5263] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  139.050132][ T5431] F2FS-fs (loop4): invalid crc value
[  139.245039][  T227] block nbd0: Attempted send on invalid socket
[  139.247279][  T227] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.719089][ T5431] F2FS-fs (loop4): Found nat_bits in checkpoint
[  139.948312][ T5431] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  139.950292][ T5431] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  140.097278][ T5263] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  141.239225][ T5469] netlink: 68 bytes leftover after parsing attributes in process `syz.4.367'.
[  142.010278][ T5478] xt_NFQUEUE: number of total queues is 0
[  143.345169][ T5263] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.406108][ T4535] device hsr_slave_0 left promiscuous mode
[  143.642388][ T4535] device hsr_slave_1 left promiscuous mode
[  143.979068][ T4535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.981269][ T4535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.991021][ T4535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.993112][ T4535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  144.061043][ T4535] device bridge_slave_1 left promiscuous mode
[  144.064360][ T4535] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.303045][ T4535] device bridge_slave_0 left promiscuous mode
[  144.305049][ T4535] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.620256][ T4535] device veth1_macvtap left promiscuous mode
[  145.624325][ T4535] device veth0_macvtap left promiscuous mode
[  145.626523][ T4535] device veth1_vlan left promiscuous mode
[  145.668309][ T4535] device veth0_vlan left promiscuous mode
[  147.321891][ T5509] vcan0: tx drop: invalid da for name 0x0080000000000000
[  149.309938][ T4535] team0 (unregistering): Port device team_slave_1 removed
[  149.353483][ T5538] loop3: detected capacity change from 0 to 1024
[  149.364263][ T4535] team0 (unregistering): Port device team_slave_0 removed
[  149.638345][ T4535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  149.653620][ T5538] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  149.657982][ T5538] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.722382][ T4535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  149.950192][ T5545] vcan0: tx drop: invalid da for name 0x0080000000000000
[  150.991252][ T4535] bond0 (unregistering): Released all slaves
[  151.895240][ T5263] 8021q: adding VLAN 0 to HW filter on device team0
[  151.922299][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  151.925136][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  151.981054][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  152.001515][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  152.022156][ T5411] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.024162][ T5411] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.036171][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  152.039410][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  152.048006][ T5411] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.050046][ T5411] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.148834][ T5263] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  152.151701][ T5263] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  152.334692][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  152.344518][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  152.350104][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  152.364810][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  152.380059][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  152.406040][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  152.449251][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  152.452238][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  152.467780][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  152.488277][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  152.493440][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  152.494039][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  152.494692][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  152.546173][ T5575] netlink: 68 bytes leftover after parsing attributes in process `syz.0.388'.
[  152.674460][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  152.676917][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  152.702723][ T5263] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.997868][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  154.000864][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  154.271351][ T5263] device veth0_vlan entered promiscuous mode
[  154.277879][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  154.280664][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  154.289244][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  154.294267][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  154.996820][ T5263] device veth1_vlan entered promiscuous mode
[  155.086579][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  155.089429][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  155.113909][ T5263] device veth0_macvtap entered promiscuous mode
[  155.145175][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  155.150874][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  155.154552][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  155.328854][ T5263] device veth1_macvtap entered promiscuous mode
[  155.362214][ T5263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  155.365166][ T5263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.438950][ T5263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  155.442334][ T5263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.445585][ T5263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  155.624745][ T5263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.047858][ T5263] batman_adv: batadv0: Interface activated: batadv_slave_0
[  156.052709][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  156.055618][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  156.062735][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  156.078019][ T5263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.080961][ T5263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.117225][ T5263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.191513][ T5263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.194300][ T5263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.197016][ T5263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.233867][ T5263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.277714][ T5263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.289363][ T5263] batman_adv: batadv0: Interface activated: batadv_slave_1
[  156.292893][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  156.295933][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  156.318963][ T5263] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  156.337372][ T5263] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.339861][ T5263] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.357402][ T5263] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.508068][ T5411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.510439][ T5411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.515424][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  156.536222][ T4262] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.539326][ T4262] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.544051][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  158.114279][ T5644] loop4: detected capacity change from 0 to 40427
[  158.202667][ T5644] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  158.204882][ T5644] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  158.209971][ T5644] F2FS-fs (loop4): invalid crc value
[  158.568504][ T5644] F2FS-fs (loop4): Found nat_bits in checkpoint
[  158.785520][ T5644] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  158.787611][ T5644] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  162.331393][   T26] audit: type=1326 audit(2000000066.963:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.5.405" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff87506c28 code=0x0
[  162.337816][ T4044] Bluetooth: Unexpected continuation frame (len 16)
[  162.633450][ T5704] loop5: detected capacity change from 0 to 1024
[  163.509631][ T5704] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  163.514025][ T5704] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.387995][   T26] audit: type=1326 audit(2000000069.023:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5719 comm="syz.4.402" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x0
[  164.684257][ T3331] Bluetooth: hci3: command 0x0406 tx timeout
[  164.685941][ T3331] Bluetooth: hci2: command 0x0406 tx timeout
[  164.902496][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  164.989144][ T5736] loop1: detected capacity change from 0 to 40427
[  164.994933][ T5736] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  164.997801][ T5736] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  165.009889][ T5736] F2FS-fs (loop1): invalid crc value
[  165.040144][ T5736] F2FS-fs (loop1): Found nat_bits in checkpoint
[  165.057819][ T5736] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  165.059715][ T5736] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  167.907581][   T26] audit: type=1326 audit(2000000072.484:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5759 comm="syz.5.414" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff87506c28 code=0x0
[  168.467861][ T5768] 9p: Unknown uid 18446744073709551615
[  168.888828][ T4047] Bluetooth: Unexpected continuation frame (len 16)
[  168.892501][   T26] audit: type=1326 audit(2000000073.494:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5771 comm="syz.5.421" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff87506c28 code=0x0
[  170.336784][ T5790] xt_NFQUEUE: number of total queues is 0
[  171.293448][ T5800] syz.1.427 uses obsolete (PF_INET,SOCK_PACKET)
[  173.259194][  T227] block nbd4: Attempted send on invalid socket
[  173.497346][  T227] blk_update_request: I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  174.355715][ T5814] loop5: detected capacity change from 0 to 40427
[  174.428019][ T5814] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  174.430317][ T5814] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  174.444710][ T5814] F2FS-fs (loop5): invalid crc value
[  174.997832][ T5814] F2FS-fs (loop5): Found nat_bits in checkpoint
[  175.023410][ T5814] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  175.025561][ T5814] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  178.947960][ T5860] xt_NFQUEUE: number of total queues is 0
[  180.293340][ T5865] loop5: detected capacity change from 0 to 1024
[  181.571962][ T5865] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  181.576196][ T5865] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.848986][  T227] block nbd1: Attempted send on invalid socket
[  181.850888][  T227] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  185.047350][ T4199] Bluetooth: hci5: command 0x0409 tx timeout
[  187.156396][ T4199] Bluetooth: hci5: command 0x041b tx timeout
[  187.956649][ T5872] chnl_net:caif_netlink_parms(): no params data found
[  189.701505][ T4295] Bluetooth: hci5: command 0x040f tx timeout
[  189.847023][ T4536] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.725416][ T4297] Bluetooth: hci5: command 0x0419 tx timeout
[  192.274701][ T4536] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.359010][ T5872] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.361080][ T5872] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.370426][ T5872] device bridge_slave_0 entered promiscuous mode
[  192.385993][ T5872] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.388010][ T5872] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.404700][ T5872] device bridge_slave_1 entered promiscuous mode
[  192.480478][ T5872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  192.526759][ T5872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  192.563062][ T4536] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.599614][ T5872] team0: Port device team_slave_0 added
[  192.613184][ T5872] team0: Port device team_slave_1 added
[  192.671052][ T4536] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.689633][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.691558][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.731896][ T5872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.777809][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.789678][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.805299][ T5872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  193.767381][ T5872] device hsr_slave_0 entered promiscuous mode
[  193.815531][ T5872] device hsr_slave_1 entered promiscuous mode
[  193.857841][ T5872] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  193.860608][ T5872] Cannot create hsr debugfs directory
[  194.802524][ T6040] loop4: detected capacity change from 0 to 1024
[  195.087184][ T6040] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  195.090971][ T6040] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.108132][ T6059] loop1: detected capacity change from 0 to 4096
[  196.961546][ T6070] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  197.060621][ T6073] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  198.061302][ T2054] ieee802154 phy0 wpan0: encryption failed: -22
[  198.273524][ T5872] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  198.358943][ T5872] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  198.447091][ T5872] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  199.197323][ T5872] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  201.092288][ T6081] xt_NFQUEUE: number of total queues is 0
[  201.372152][ T5872] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.195312][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  202.199244][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  202.467782][  T149] block nbd0: Attempted send on invalid socket
[  202.469738][  T149] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  204.270229][ T5872] 8021q: adding VLAN 0 to HW filter on device team0
[  204.430607][  T227] block nbd1: Attempted send on invalid socket
[  204.432686][  T227] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  205.198073][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  205.200896][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  205.204813][ T4380] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.206719][ T4380] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.724132][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  205.727161][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  205.730103][ T4380] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.732064][ T4380] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.734612][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  205.739849][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  206.016271][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  206.029971][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  206.064174][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  206.067722][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  206.503909][ T4044] Bluetooth: Unexpected continuation frame (len 16)
[  206.507254][   T26] audit: type=1326 audit(2000000111.146:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6189 comm="syz.4.496" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x0
[  207.028108][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  207.031184][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  207.034119][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  207.146455][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  207.202968][ T6203] loop4: detected capacity change from 0 to 1024
[  207.264227][ T5872] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  208.647266][ T5872] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  208.656925][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  208.659746][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  210.474683][ T6203] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  210.484481][ T6203] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.464110][ T6264] tmpfs: Bad value for 'mpol'
[  214.046493][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  214.058793][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  214.858940][ T5872] 8021q: adding VLAN 0 to HW filter on device batadv0
[  216.614271][ T4044] Bluetooth: Unexpected continuation frame (len 16)
[  216.618066][   T26] audit: type=1326 audit(2000000121.206:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6292 comm="syz.5.516" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff87506c28 code=0x0
[  217.362194][  T227] block nbd4: Attempted send on invalid socket
[  217.364130][  T227] blk_update_request: I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  218.088687][ T6308] netlink: 68 bytes leftover after parsing attributes in process `syz.1.518'.
[  218.103961][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  218.107163][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  218.155708][ T6309] loop4: detected capacity change from 0 to 1024
[  218.296719][ T6312] netlink: 68 bytes leftover after parsing attributes in process `syz.0.520'.
[  218.398530][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  218.401578][ T6309] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  218.405919][ T6309] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.909715][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  220.999467][ T4536] device hsr_slave_0 left promiscuous mode
[  222.247857][ T4536] device hsr_slave_1 left promiscuous mode
[  222.469525][ T4536] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  222.471623][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_0
[  222.486921][ T4536] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.489041][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.475042][ T6371] tmpfs: Bad value for 'mpol'
[  223.988205][ T4536] device bridge_slave_1 left promiscuous mode
[  223.990091][ T4536] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.190844][ T4536] device bridge_slave_0 left promiscuous mode
[  226.193333][ T4536] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.414751][ T4044] Bluetooth: Unexpected continuation frame (len 16)
[  227.427395][   T26] audit: type=1326 audit(2000000132.077:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6387 comm="syz.4.536" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb2e1dc28 code=0x0
[  227.872094][ T6406] tmpfs: Bad value for 'mpol'
[  229.265507][ T4536] device veth1_macvtap left promiscuous mode
[  229.267220][ T4536] device veth0_macvtap left promiscuous mode
[  229.268970][ T4536] device veth1_vlan left promiscuous mode
[  229.271844][ T4536] device veth0_vlan left promiscuous mode
[  232.458402][ T6443] tmpfs: Bad value for 'mpol'
[  234.000357][   T26] audit: type=1326 audit(2000000138.257:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6445 comm="syz.0.547" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff918d0c28 code=0x0
[  234.969429][ T6467] tmpfs: Bad value for 'mpol'
[  237.518114][ T6483] tmpfs: Bad value for 'mpol'
[  238.014422][ T4536] team0 (unregistering): Port device team_slave_1 removed
[  238.054421][ T4536] team0 (unregistering): Port device team_slave_0 removed
[  238.087382][ T4536] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.694592][ T6502] tmpfs: Bad value for 'mpol'
[  240.047500][ T6506] loop1: detected capacity change from 0 to 1024
[  240.228595][ T4536] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  240.958822][ T6506] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  240.964008][ T6506] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.941269][ T6531] tmpfs: Bad value for 'mpol'
[  242.223696][ T4297] Bluetooth: hci3: command 0x0409 tx timeout
[  242.232745][ T4199] Bluetooth: hci6: command 0x0409 tx timeout
[  242.401147][ T4536] bond0 (unregistering): Released all slaves
[  243.542455][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  243.555690][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  244.282674][ T3615] Bluetooth: hci6: command 0x041b tx timeout
[  244.284612][ T3615] Bluetooth: hci3: command 0x041b tx timeout
[  245.504071][ T6565] tmpfs: Bad value for 'mpol'
[  246.778814][ T3615] Bluetooth: hci4: command 0x0406 tx timeout
[  246.793700][ T3615] Bluetooth: hci3: command 0x040f tx timeout
[  246.795685][ T3615] Bluetooth: hci6: command 0x040f tx timeout
[  247.004591][ T6583] tmpfs: Bad value for 'mpol'
[  248.675314][ T6589] tmpfs: Bad value for 'mpol'
[  249.072273][ T4297] Bluetooth: hci6: command 0x0419 tx timeout
[  249.074070][ T4297] Bluetooth: hci3: command 0x0419 tx timeout
[  249.364106][ T6605] tmpfs: Bad value for 'mpol'
[  250.070316][ T6598] loop1: detected capacity change from 0 to 4096
[  250.997736][ T6624] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  251.878704][ T6637] tmpfs: Bad value for 'mpol'
[  252.234825][ T6504] chnl_net:caif_netlink_parms(): no params data found
[  252.714027][ T6643] tmpfs: Bad value for 'mpol'
[  254.201855][ T6656] syz.0.585 sent an empty control message without MSG_MORE.
[  255.015990][ T6651] tmpfs: Bad value for 'mpol'
[  255.016693][ T6658] tmpfs: Bad value for 'mpol'
[  255.663735][ T6667] binder: 6663:6667 tried to acquire reference to desc 0, got 1 instead
[  255.666958][ T6667] binder_alloc: 6663: binder_alloc_buf, no vma
[  255.670192][ T6667] binder: 6663:6667 transaction failed 29189/-3, size 9-24 line 3085
[  255.682954][ T3615] binder: undelivered TRANSACTION_ERROR: 29189
[  255.758488][ T6504] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.771765][ T6504] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.803243][ T6504] device bridge_slave_0 entered promiscuous mode
[  257.036170][ T6668] netlink: 168 bytes leftover after parsing attributes in process `syz.1.588'.
[  257.044034][ T6493] chnl_net:caif_netlink_parms(): no params data found
[  257.079995][ T6504] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.087676][ T6504] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.119114][ T6504] device bridge_slave_1 entered promiscuous mode
[  258.940678][ T6504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.147224][ T2054] ieee802154 phy0 wpan0: encryption failed: -22
[  259.892249][ T6504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  260.250703][ T6721] tmpfs: Bad value for 'mpol'
[  260.450481][ T6724] tmpfs: Bad value for 'mpol'
[  261.533495][ T6493] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.535014][ T6493] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.538551][ T6493] device bridge_slave_0 entered promiscuous mode
[  262.636354][ T6735] netlink: 68 bytes leftover after parsing attributes in process `syz.0.596'.
[  262.745334][ T6504] team0: Port device team_slave_0 added
[  262.760952][ T6504] team0: Port device team_slave_1 added
[  262.876091][ T6493] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.878141][ T6493] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.880982][ T6493] device bridge_slave_1 entered promiscuous mode
[  262.961727][ T6746] tipc: Started in network mode
[  262.963265][ T6746] tipc: Node identity 3e3cedadefb8, cluster identity 4711
[  262.965502][ T6746] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  263.088525][ T6741] device syzkaller0 entered promiscuous mode
[  263.105558][ T6504] batman_adv: batadv0: Adding interface: batadv_slave_0
[  263.107717][ T6504] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.131329][ T6504] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  263.186641][ T6741] tipc: Resetting bearer <eth:syzkaller0>
[  263.190349][ T6504] batman_adv: batadv0: Adding interface: batadv_slave_1
[  263.200029][ T6504] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.228724][ T6504] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  263.253175][ T6493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.298121][ T6738] tipc: Resetting bearer <eth:syzkaller0>
[  263.328499][ T6738] tipc: Disabling bearer <eth:syzkaller0>
[  263.344355][ T6493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.268475][ T6493] team0: Port device team_slave_0 added
[  264.406022][ T6504] device hsr_slave_0 entered promiscuous mode
[  264.571866][ T6504] device hsr_slave_1 entered promiscuous mode
[  264.656876][ T6493] team0: Port device team_slave_1 added
[  264.665248][ T6770] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  265.434793][ T6766] tipc: Disabling bearer <eth:syzkaller0>
[  265.636507][ T6493] batman_adv: batadv0: Adding interface: batadv_slave_0
[  265.638531][ T6493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  265.706627][ T6493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  265.962068][ T6782] tmpfs: Bad value for 'mpol'
[  266.335408][ T6504] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  266.465497][ T6493] batman_adv: batadv0: Adding interface: batadv_slave_1
[  266.467497][ T6493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.484608][ T6493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  266.488293][ T6504] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  266.516529][ T6504] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  266.709921][ T6789] tmpfs: Bad value for 'mpol'
[  266.721409][ T6792] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  266.723925][ T6504] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  266.853518][ T6493] device hsr_slave_0 entered promiscuous mode
[  266.891514][ T6493] device hsr_slave_1 entered promiscuous mode
[  266.951564][ T6493] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  266.953764][ T6493] Cannot create hsr debugfs directory
[  268.221165][ T6820] tipc: Started in network mode
[  268.222623][ T6820] tipc: Node identity 72e1918e7323, cluster identity 4711
[  268.224554][ T6820] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  268.305340][ T6504] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.367596][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  268.370259][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  268.393288][ T6817] device syzkaller0 entered promiscuous mode
[  269.366177][ T4536] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.404097][ T4297] tipc: Node number set to 29528462
[  269.511670][ T6504] 8021q: adding VLAN 0 to HW filter on device team0
[  269.568626][ T6504] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  269.579463][ T6504] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  269.658289][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  269.664492][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  269.677243][  T578] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.679178][  T578] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.051635][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  270.190707][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  270.342882][  T578] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.344857][  T578] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.361000][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  270.368340][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  270.381932][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  270.384562][ T6848] loop1: detected capacity change from 0 to 4096
[  270.388554][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  270.415341][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  270.427608][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  270.453319][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  270.461223][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.465907][ T6852] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  270.649863][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  270.662045][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  270.666245][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  270.675555][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  270.678522][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  270.684258][ T6820] tipc: Resetting bearer <eth:syzkaller0>
[  270.703999][ T4536] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.709644][ T6816] tipc: Resetting bearer <eth:syzkaller0>
[  270.718361][ T6816] tipc: Disabling bearer <eth:syzkaller0>
[  271.297068][ T6859] tmpfs: Bad value for 'mpol'
[  271.915791][ T4536] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.227633][ T6870] tmpfs: Bad value for 'mpol'
[  273.023981][ T4536] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.152167][ T6885] binder: 6875:6885 tried to acquire reference to desc 0, got 1 instead
[  273.163031][ T6885] binder: 6875:6885 got transaction with invalid parent offset or type
[  273.166171][ T6885] binder: 6875:6885 transaction failed 29201/-22, size 120-24 line 3381
[  273.663608][ T4297] binder: undelivered TRANSACTION_ERROR: 29201
[  276.324818][ T6504] 8021q: adding VLAN 0 to HW filter on device batadv0
[  276.327607][ T4534] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  276.329852][ T4534] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  277.469415][ T6934] loop1: detected capacity change from 0 to 1024
[  277.646767][ T6493] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  278.390820][ T6493] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  278.463327][ T6493] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  278.671113][ T6934] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  278.675067][ T6934] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.859862][ T6962] tmpfs: Bad value for 'mpol'
[  278.903409][ T6493] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  279.716369][ T6963] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: none.
[  279.842983][ T6972] binder: 6966:6972 tried to acquire reference to desc 0, got 1 instead
[  279.853590][ T6972] binder: 6966:6972 got transaction with invalid parent offset or type
[  279.856845][ T6972] binder: 6966:6972 transaction failed 29201/-22, size 120-24 line 3381
[  280.368129][ T5542] binder: undelivered TRANSACTION_ERROR: 29201
[  281.406469][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  281.409468][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  281.643221][ T6504] device veth0_vlan entered promiscuous mode
[  281.650399][ T6504] device veth1_vlan entered promiscuous mode
[  282.552633][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  282.561059][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  282.571149][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  282.574224][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  282.760209][ T6999] binder: 6981:6999 tried to acquire reference to desc 0, got 1 instead
[  282.766607][ T6999] binder: 6981:6999 got transaction with invalid parent offset or type
[  282.769633][ T6999] binder: 6981:6999 transaction failed 29201/-22, size 120-24 line 3381
[  282.912794][ T4295] binder: undelivered TRANSACTION_ERROR: 29201
[  283.176849][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  283.185153][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  283.789482][ T6504] device veth0_macvtap entered promiscuous mode
[  283.910694][ T6504] device veth1_macvtap entered promiscuous mode
[  284.004020][ T7013] binder: 7012:7013 tried to acquire reference to desc 0, got 1 instead
[  284.007293][ T7013] binder: 7012:7013 got transaction with invalid data ptr
[  284.009226][ T7013] binder: 7012:7013 transaction failed 29201/-14, size 0-24 line 3186
[  284.021306][ T4297] binder: undelivered TRANSACTION_ERROR: 29201
[  284.240149][ T7018] binder: 7010:7018 tried to acquire reference to desc 0, got 1 instead
[  284.246141][ T7018] binder: 7010:7018 got transaction with invalid parent offset or type
[  284.249132][ T7018] binder: 7010:7018 transaction failed 29201/-22, size 120-24 line 3381
[  284.647162][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  284.653569][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  284.656582][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  284.690178][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  284.711211][ T6504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.714367][ T6504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.728760][ T6504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.812963][ T6504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.815652][ T6504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.818471][ T6504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.821609][ T6187] binder: undelivered TRANSACTION_ERROR: 29201
[  284.822543][ T6504] batman_adv: batadv0: Interface activated: batadv_slave_0
[  284.828907][ T6504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.834527][ T6504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.837201][ T6504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.878549][ T6504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.888507][ T6504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.891522][ T6504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.911847][ T6504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.925087][ T6504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.946653][ T6504] batman_adv: batadv0: Interface activated: batadv_slave_1
[  286.180069][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  286.223521][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  286.226544][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  286.229405][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  286.251500][ T6504] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  286.255150][ T6504] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  286.406799][ T7050] binder: 7042:7050 tried to acquire reference to desc 0, got 1 instead
[  286.413180][ T7050] binder: 7042:7050 got transaction with invalid parent offset or type
[  286.415933][ T7050] binder: 7042:7050 transaction failed 29201/-22, size 120-24 line 3381
[  286.429111][ T6504] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  286.758224][ T6504] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  286.874565][ T6187] binder: undelivered TRANSACTION_ERROR: 29201
[  287.087636][ T7057] device syzkaller0 entered promiscuous mode
[  287.275718][ T6493] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.292221][ T6493] 8021q: adding VLAN 0 to HW filter on device team0
[  287.332930][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  287.346485][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  287.354122][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  287.357348][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  287.362997][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.365027][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.367649][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  287.370677][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  287.373297][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.375149][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.453196][ T7071] binder: 7064:7071 tried to acquire reference to desc 0, got 1 instead
[  287.459624][ T7071] binder: 7064:7071 got transaction with invalid parent offset or type
[  287.462537][ T7071] binder: 7064:7071 transaction failed 29201/-22, size 120-24 line 3381
[  288.014173][ T3615] binder: undelivered TRANSACTION_ERROR: 29201
[  288.028339][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  288.047598][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  288.055361][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  288.062504][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  288.067559][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  288.074595][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  288.079675][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  288.087414][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  288.146903][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  288.157978][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  288.366750][ T6493] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  288.524355][ T7077] binder: 7072:7077 tried to acquire reference to desc 0, got 1 instead
[  288.531034][ T7077] binder: 7072:7077 got transaction with invalid parent offset or type
[  288.533818][ T7077] binder: 7072:7077 transaction failed 29201/-22, size 120-24 line 3381
[  288.884712][ T6698] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  288.887299][ T6698] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  288.906470][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  288.909402][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  288.914408][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  289.088934][ T4843] binder: undelivered TRANSACTION_ERROR: 29201
[  289.207303][  T432] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.216923][  T432] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.868451][ T6698] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  290.008445][ T7102] loop1: detected capacity change from 0 to 1024
[  290.210740][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  290.213003][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  290.230684][ T6493] 8021q: adding VLAN 0 to HW filter on device batadv0
[  290.424778][ T7102] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  290.428925][ T7102] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.855383][ T7122] tmpfs: Bad value for 'mpol'
[  292.633078][ T7138] binder: 7127:7138 tried to acquire reference to desc 0, got 1 instead
[  292.639334][ T7138] binder: 7127:7138 got transaction with invalid parent offset or type
[  292.642359][ T7138] binder: 7127:7138 transaction failed 29201/-22, size 120-24 line 3381
[  293.169045][ T4843] binder: undelivered TRANSACTION_ERROR: 29201
[  293.344020][ T7143] tipc: Started in network mode
[  293.345470][ T7143] tipc: Node identity da20d9440eb, cluster identity 4711
[  293.350124][ T7141] loop4: detected capacity change from 0 to 4096
[  293.360522][ T7143] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  293.420550][ T7143] device syzkaller0 entered promiscuous mode
[  293.436531][ T7153] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  293.630194][ T7143] tipc: Resetting bearer <eth:syzkaller0>
[  293.704020][ T7142] tipc: Resetting bearer <eth:syzkaller0>
[  294.233549][ T7142] tipc: Disabling bearer <eth:syzkaller0>
[  294.575390][ T7167] binder: 7157:7167 tried to acquire reference to desc 0, got 1 instead
[  295.073255][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  295.076488][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  295.175289][ T7177] binder: 7165:7177 tried to acquire reference to desc 0, got 1 instead
[  295.181766][ T7177] binder: 7165:7177 got transaction with invalid parent offset or type
[  295.184814][ T7177] binder: 7165:7177 transaction failed 29201/-22, size 120-24 line 3381
[  295.374587][ T3615] binder: undelivered TRANSACTION_ERROR: 29201
[  295.431490][ T6493] device veth0_vlan entered promiscuous mode
[  295.448197][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  295.455941][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  295.478791][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  295.489801][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  295.503330][ T6493] device veth1_vlan entered promiscuous mode
[  295.561092][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  295.564279][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  295.850310][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  295.853350][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  295.858731][ T6493] device veth0_macvtap entered promiscuous mode
[  295.873601][ T6493] device veth1_macvtap entered promiscuous mode
[  296.534329][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.548102][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.751543][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.754464][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.757142][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.760936][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.763518][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.766274][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.838235][ T7202] binder: 7197:7202 tried to acquire reference to desc 0, got 1 instead
[  296.844094][ T7202] binder: 7197:7202 got transaction with invalid parent offset or type
[  296.846956][ T7202] binder: 7197:7202 transaction failed 29201/-22, size 120-24 line 3381
[  297.366457][ T4101] binder: undelivered TRANSACTION_ERROR: 29201
[  297.392797][ T6493] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.398664][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  297.410051][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  297.412605][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  297.415365][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  297.477059][ T7206] netlink: 44 bytes leftover after parsing attributes in process `syz.1.678'.
[  297.681721][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.687812][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.707755][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.047365][ T7214] netlink: 68 bytes leftover after parsing attributes in process `syz.4.679'.
[  299.484185][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.486832][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.504341][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.506946][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.524713][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.527448][ T6493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.652445][ T6493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.656370][ T6493] batman_adv: batadv0: Interface activated: batadv_slave_1
[  299.725403][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  299.730195][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  299.832000][ T7218] binder: 7210:7218 tried to acquire reference to desc 0, got 1 instead
[  299.837040][ T7218] binder_alloc: 7210: binder_alloc_buf, no vma
[  299.839121][ T7218] binder: 7210:7218 transaction failed 29189/-3, size 120-24 line 3085
[  300.365432][ T6187] binder: undelivered TRANSACTION_ERROR: 29189
[  302.604358][ T7237] binder: 7227:7237 tried to acquire reference to desc 0, got 1 instead
[  302.610157][ T7237] binder: 7227:7237 got transaction with invalid parent offset or type
[  302.613287][ T7237] binder: 7227:7237 transaction failed 29201/-22, size 120-24 line 3381
[  302.761825][ T3615] binder: undelivered TRANSACTION_ERROR: 29201
[  303.826100][ T4536] device hsr_slave_0 left promiscuous mode
[  304.110437][ T4536] device hsr_slave_1 left promiscuous mode
[  304.410860][ T4536] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  304.414356][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_0
[  304.423256][ T4536] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  304.433088][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_1
[  304.567604][ T4536] device bridge_slave_1 left promiscuous mode
[  304.572867][ T4536] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.267874][ T4536] device bridge_slave_0 left promiscuous mode
[  305.269985][ T4536] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.471904][ T4536] device hsr_slave_0 left promiscuous mode
[  306.565379][ T7272] netlink: 68 bytes leftover after parsing attributes in process `syz.0.693'.
[  307.417696][ T4169] Bluetooth: hci4: command 0x0409 tx timeout
[  307.643693][ T4536] device hsr_slave_1 left promiscuous mode
[  307.649906][ T7281] xt_NFQUEUE: number of total queues is 0
[  307.654814][ T7283] binder: tried to use weak ref as strong ref
[  307.656467][ T7283] binder: 7282:7283 Acquire 1 refcount change on invalid ref 0 ret -22
[  307.685020][ T7283] binder: 7282:7283 got transaction to invalid handle, 1
[  307.686940][ T7283] binder: 7282:7283 transaction failed 29201/-22, size 120-24 line 2917
[  309.970281][ T5542] Bluetooth: hci4: command 0x041b tx timeout
[  309.979578][ T3331] binder: undelivered TRANSACTION_ERROR: 29201
[  310.018846][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.021668][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.024637][ T4536] device bridge_slave_1 left promiscuous mode
[  310.033104][ T4536] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.179291][ T4536] device bridge_slave_0 left promiscuous mode
[  310.181202][ T4536] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.291744][ T7291] loop7: detected capacity change from 0 to 1024
[  310.784880][ T7291] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  310.789817][ T7291] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.029192][ T4536] device veth1_macvtap left promiscuous mode
[  311.030968][ T4536] device veth0_macvtap left promiscuous mode
[  311.036182][ T4536] device veth1_vlan left promiscuous mode
[  311.037975][ T4536] device veth0_vlan left promiscuous mode
[  312.029127][ T4094] Bluetooth: hci4: command 0x040f tx timeout
[  312.365948][ T4536] team0 (unregistering): Port device team_slave_1 removed
[  312.379235][ T4536] team0 (unregistering): Port device team_slave_0 removed
[  312.389983][ T4536] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  312.458595][ T4536] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  312.729576][ T4536] bond0 (unregistering): Released all slaves
[  313.438437][ T7323] netlink: 68 bytes leftover after parsing attributes in process `syz.4.707'.
[  313.803804][ T4536] team0 (unregistering): Port device team_slave_1 removed
[  313.831640][ T4536] team0 (unregistering): Port device team_slave_0 removed
[  313.873092][ T4536] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  314.048292][ T4536] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  314.666048][ T4536] bond0 (unregistering): Released all slaves
[  314.674240][   T25] Bluetooth: hci4: command 0x0419 tx timeout
[  314.797468][ T7309] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  314.801102][ T7316] netlink: 'syz.1.705': attribute type 9 has an invalid length.
[  314.803245][ T7316] netlink: 'syz.1.705': attribute type 6 has an invalid length.
[  314.861556][ T7309] tipc: Disabling bearer <eth:syzkaller0>
[  314.992487][ T7335] loop1: detected capacity change from 0 to 1024
[  315.033514][ T7240] chnl_net:caif_netlink_parms(): no params data found
[  315.917620][ T7240] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.118122][ T7240] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.121610][ T7240] device bridge_slave_0 entered promiscuous mode
[  317.249077][ T7240] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.251101][ T7240] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.402304][ T7240] device bridge_slave_1 entered promiscuous mode
[  318.404915][ T7335] EXT4-fs: error -4 creating inode table initialization thread
[  318.425295][ T7335] EXT4-fs (loop1): mount failed
[  318.440652][ T7357] loop4: detected capacity change from 0 to 1024
[  318.609401][ T7357] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  318.648903][ T7240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  318.651795][ T7357] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.662737][ T7240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  319.051460][ T7377] binder: 7375:7377 got transaction to invalid handle, 1
[  319.053515][ T7377] binder: 7375:7377 transaction failed 29201/-22, size 120-24 line 2917
[  319.065332][ T3615] binder: undelivered TRANSACTION_ERROR: 29201
[  321.101244][ T2054] ieee802154 phy0 wpan0: encryption failed: -22
[  321.282821][ T7240] team0: Port device team_slave_0 added
[  321.409975][ T7240] team0: Port device team_slave_1 added
[  322.320064][ T7240] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.322089][ T7240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.346885][ T7240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.397422][ T7240] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.399639][ T7240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.548133][ T7240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  324.941997][ T7240] device hsr_slave_0 entered promiscuous mode
[  325.069528][ T7240] device hsr_slave_1 entered promiscuous mode
[  325.318321][ T7240] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  325.320429][ T7240] Cannot create hsr debugfs directory
[  327.014815][ T7422] xt_NFQUEUE: number of total queues is 0
[  329.828828][ T7444] loop7: detected capacity change from 0 to 1024
[  331.005711][ T7444] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  331.010270][ T7444] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.205726][ T7476] xt_NFQUEUE: number of total queues is 0
[  334.108658][ T7240] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  334.215924][ T7240] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  334.292749][ T7240] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  335.211388][ T7240] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  335.813648][ T7526] binder: 7519:7526 tried to acquire reference to desc 0, got 1 instead
[  335.825208][ T7526] binder: 7519:7526 got transaction with invalid parent offset or type
[  335.829251][ T7526] binder: 7519:7526 transaction failed 29201/-22, size 120-24 line 3381
[  336.909400][   T25] binder: undelivered TRANSACTION_ERROR: 29201
[  341.209759][ T7240] 8021q: adding VLAN 0 to HW filter on device bond0
[  341.411116][ T7240] 8021q: adding VLAN 0 to HW filter on device team0
[  341.413873][ T4534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  341.416694][ T4534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  342.339708][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  342.457552][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  342.460706][ T4262] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.462673][ T4262] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.524904][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  342.558268][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  342.576271][ T4262] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.578356][ T4262] bridge0: port 2(bridge_slave_1) entered forwarding state
[  342.611964][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  342.750943][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  343.617399][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  344.449248][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  344.454816][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  344.471451][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  344.597523][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  344.600500][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  344.642054][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  344.645290][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  344.649066][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  344.657469][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  345.141546][ T7240] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  345.355617][ T7612] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  345.387622][ T7612] device syzkaller0 entered promiscuous mode
[  345.449076][ T7612] tipc: Resetting bearer <eth:syzkaller0>
[  345.577705][ T7240] 8021q: adding VLAN 0 to HW filter on device batadv0
[  345.582223][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  345.584641][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  345.587540][ T7611] tipc: Resetting bearer <eth:syzkaller0>
[  345.597853][ T7611] tipc: Disabling bearer <eth:syzkaller0>
[  346.507614][ T7604] xt_NFQUEUE: number of total queues is 0
[  355.369344][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  355.372666][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  355.543843][ T7240] device veth0_vlan entered promiscuous mode
[  355.580575][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  355.583409][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  355.594341][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  355.625347][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  355.647415][ T7240] device veth1_vlan entered promiscuous mode
[  355.824910][ T7689] xt_NFQUEUE: number of total queues is 0
[  356.451222][ T5411] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  356.957458][ T4173] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  356.960378][ T4173] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  356.965285][ T7240] device veth0_macvtap entered promiscuous mode
[  356.973655][ T7240] device veth1_macvtap entered promiscuous mode
[  357.115000][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.133474][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.152709][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.183553][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.198184][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.211871][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.224357][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.836473][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.852299][ T7702] IPVS: Scheduler module ip_vs_sip not found
[  357.861595][ T7240] batman_adv: batadv0: Interface activated: batadv_slave_0
[  357.958098][ T7695] netlink: 'syz.1.781': attribute type 10 has an invalid length.
[  358.012394][ T7695] 8021q: adding VLAN 0 to HW filter on device team0
[  358.050112][ T7695] bond0: (slave team0): Enslaving as an active interface with an up link
[  358.246057][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  358.249255][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  358.251929][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  358.256357][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  358.261344][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.264197][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.267879][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.271047][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.273640][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.277902][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.790258][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.796533][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.802508][ T7240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.811180][ T7240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.823480][ T7240] batman_adv: batadv0: Interface activated: batadv_slave_1
[  358.841070][ T7240] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.855307][ T7240] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.865480][ T7240] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.955612][ T7240] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.972696][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  358.975596][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  359.197562][ T7735] netlink: 'syz.1.786': attribute type 1 has an invalid length.
[  359.198922][ T7736] loop4: detected capacity change from 0 to 1024
[  359.287138][ T7744] binder: tried to use weak ref as strong ref
[  359.288818][ T7744] binder: 7737:7744 Acquire 1 refcount change on invalid ref 0 ret -22
[  359.292866][ T7744] binder: 7737:7744 got transaction to invalid handle, 1
[  359.294802][ T7744] binder: 7737:7744 transaction failed 29201/-22, size 120-24 line 2917
[  359.851219][ T4196] binder: undelivered TRANSACTION_ERROR: 29201
[  359.897877][ T7735] 8021q: adding VLAN 0 to HW filter on device bond1
[  359.950907][ T7739] device vlan2 entered promiscuous mode
[  359.952753][ T7739] device bond1 entered promiscuous mode
[  359.956706][ T7736] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  359.960582][ T7736] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.194155][ T6698] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  360.198715][ T6698] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  360.203719][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  360.301472][ T4262] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  360.303916][ T4262] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  360.313086][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  360.573543][ T7760] xt_NFQUEUE: number of total queues is 0
[  363.390926][ T5542] Bluetooth: hci3: command 0x0409 tx timeout
[  363.598289][ T7793] device team_slave_0 entered promiscuous mode
[  363.600326][ T7793] device team_slave_1 entered promiscuous mode
[  363.608494][ T7793] device team0 entered promiscuous mode
[  363.673326][ T7797] binder: 7790:7797 tried to acquire reference to desc 0, got 1 instead
[  363.678630][ T7797] binder: 7790:7797 got transaction with invalid parent offset or type
[  363.681613][ T7797] binder: 7790:7797 transaction failed 29201/-22, size 120-24 line 3381
[  364.218829][ T4196] binder: undelivered TRANSACTION_ERROR: 29201
[  364.287321][ T7793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.796'.
[  364.328084][ T7793] device team0 left promiscuous mode
[  364.329725][ T7793] device team_slave_0 left promiscuous mode
[  364.347729][ T7793] device team_slave_1 left promiscuous mode
[  364.355915][ T4101] Bluetooth: hci6: command 0x0406 tx timeout
[  364.449119][ T7793] team0 (unregistering): Port device team_slave_0 removed
[  364.472485][ T7793] team0 (unregistering): Port device team_slave_1 removed
[  364.619414][ T7799] netlink: 'syz.4.798': attribute type 1 has an invalid length.
[  364.631976][ T7799] 8021q: adding VLAN 0 to HW filter on device bond1
[  364.777638][ T7809] binder: 7803:7809 tried to acquire reference to desc 0, got 1 instead
[  364.784638][ T7809] binder: 7803:7809 got transaction with invalid parent offset or type
[  364.787585][ T7809] binder: 7803:7809 transaction failed 29201/-22, size 120-24 line 3381
[  365.174846][ T7801] bond1: (slave gretap1): making interface the new active one
[  365.194660][ T7801] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  365.211427][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  365.286447][ T4196] binder: undelivered TRANSACTION_ERROR: 29201
[  365.465913][ T4101] Bluetooth: hci3: command 0x041b tx timeout
[  365.570956][ T7826] netlink: 36 bytes leftover after parsing attributes in process `syz.4.805'.
[  365.718595][ T7769] chnl_net:caif_netlink_parms(): no params data found
[  367.519949][ T7769] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.526044][ T7769] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.536143][ T7769] device bridge_slave_0 entered promiscuous mode
[  367.562454][ T7769] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.574153][ T7769] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.685929][ T7769] device bridge_slave_1 entered promiscuous mode
[  367.762891][ T4297] Bluetooth: hci3: command 0x040f tx timeout
[  367.864009][ T7769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  369.220045][ T7769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  369.969865][ T7882] netlink: 68 bytes leftover after parsing attributes in process `syz.1.813'.
[  371.240424][ T4101] Bluetooth: hci3: command 0x0419 tx timeout
[  371.466860][ T7769] team0: Port device team_slave_0 added
[  371.493953][ T7769] team0: Port device team_slave_1 added
[  371.531402][ T7884] tipc: Enabled bearer <ib:ip6gre0>, priority 10
[  372.403698][ T7769] batman_adv: batadv0: Adding interface: batadv_slave_0
[  372.409010][ T7769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.425854][ T7769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  372.617644][ T4536] device hsr_slave_0 left promiscuous mode
[  372.655184][ T6187] tipc: Node number set to 3566262596
[  372.658810][ T7903] xt_NFQUEUE: number of total queues is 0
[  372.737061][ T4536] device hsr_slave_1 left promiscuous mode
[  373.018153][ T4536] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  373.128259][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_0
[  373.354697][ T4536] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  373.369465][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_1
[  373.380077][ T4536] device bridge_slave_1 left promiscuous mode
[  373.391157][ T4536] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.526424][ T4536] device bridge_slave_0 left promiscuous mode
[  373.528279][ T4536] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.571145][ T4536] device veth1_macvtap left promiscuous mode
[  373.574158][ T4536] device veth0_macvtap left promiscuous mode
[  373.577531][ T4536] device veth1_vlan left promiscuous mode
[  373.579239][ T4536] device veth0_vlan left promiscuous mode
[  373.969132][ T4536] team0 (unregistering): Port device team_slave_1 removed
[  373.980081][ T4536] team0 (unregistering): Port device team_slave_0 removed
[  373.989765][ T4536] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  374.023735][ T4536] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  374.334362][ T4536] bond0 (unregistering): Released all slaves
[  374.431808][ T7932] binder: 7929:7932 tried to acquire reference to desc 0, got 1 instead
[  374.435493][ T7932] binder_alloc: 7929: binder_alloc_buf, no vma
[  374.437448][ T7932] binder: 7929:7932 transaction failed 29189/-3, size 120-24 line 3085
[  374.998434][ T4101] binder: undelivered TRANSACTION_ERROR: 29189
[  375.167953][ T7769] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.169943][ T7769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.171339][ T7934] loop1: detected capacity change from 0 to 1024
[  375.180729][ T7769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.187236][ T7905] device ip6gretap0 entered promiscuous mode
[  375.189244][ T7905] device vlan2 entered promiscuous mode
[  375.203885][ T7921] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  375.216365][ T7918] tipc: Disabling bearer <eth:syzkaller0>
[  375.297855][ T7934] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  375.301809][ T7934] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  375.337554][ T7769] device hsr_slave_0 entered promiscuous mode
[  375.375448][ T7769] device hsr_slave_1 entered promiscuous mode
[  375.514631][ T7769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  375.518055][ T7769] Cannot create hsr debugfs directory
[  377.399586][ T7769] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.284647][ T7964] IPVS: Scheduler module ip_vs_sip not found
[  378.324128][ T7769] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.449676][ T7769] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.457552][ T7769] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.543973][ T7990] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  379.658923][ T7984] tipc: Disabling bearer <eth:syzkaller0>
[  381.719221][ T8008] device team_slave_0 entered promiscuous mode
[  381.721108][ T8008] device team_slave_1 entered promiscuous mode
[  381.935277][ T8008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.840'.
[  381.945853][ T8008] device team_slave_0 left promiscuous mode
[  381.947600][ T2054] ieee802154 phy0 wpan0: encryption failed: -22
[  381.947802][ T8008] device team_slave_1 left promiscuous mode
[  382.826398][ T8022] loop1: detected capacity change from 0 to 1024
[  383.074222][ T8022] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  383.084845][ T8022] ext4 filesystem being mounted at /208/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  383.109905][ T8008] team0 (unregistering): Port device team_slave_0 removed
[  383.888826][ T8008] team0 (unregistering): Port device team_slave_1 removed
[  384.327865][ T8048] binder: 8041:8048 tried to acquire reference to desc 0, got 1 instead
[  384.332130][ T8048] binder: 8041:8048 got transaction with invalid parent offset or type
[  384.335349][ T8048] binder: 8041:8048 transaction failed 29201/-22, size 120-24 line 3381
[  384.868063][ T4094] binder: undelivered TRANSACTION_ERROR: 29201
[  384.941607][ T8046] netlink: 'syz.7.846': attribute type 10 has an invalid length.
[  385.026684][ T8046] 8021q: adding VLAN 0 to HW filter on device team0
[  385.040396][ T8046] bond0: (slave team0): Enslaving as an active interface with an up link
[  385.085140][ T7769] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  385.142744][ T7769] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  385.336916][ T7769] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  385.370811][ T8058] netlink: 24 bytes leftover after parsing attributes in process `syz.1.849'.
[  385.396809][ T7769] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  385.808221][ T8076] binder: 8065:8076 got transaction to invalid handle, 1
[  385.810392][ T8076] binder: 8065:8076 transaction failed 29201/-22, size 120-24 line 2917
[  386.368324][ T4101] binder: undelivered TRANSACTION_ERROR: 29201
[  386.759661][ T8082] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  386.774644][ T7769] 8021q: adding VLAN 0 to HW filter on device bond0
[  386.778497][ T8082] device syzkaller0 entered promiscuous mode
[  387.607716][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  387.610666][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  387.627052][ T7769] 8021q: adding VLAN 0 to HW filter on device team0
[  387.746534][ T8093] tipc: Resetting bearer <eth:syzkaller0>
[  387.769514][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  387.772461][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  387.797345][ T4535] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.799394][ T4535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  387.849262][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  387.856127][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  388.313212][ T4535] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.315544][ T4535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  388.544743][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  388.554517][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  388.692623][ T8081] tipc: Resetting bearer <eth:syzkaller0>
[  388.728921][ T8081] tipc: Disabling bearer <eth:syzkaller0>
[  388.765233][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  388.768510][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  388.773535][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  388.785600][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  388.791037][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  388.803169][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  388.815713][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  388.825173][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  388.852340][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  388.865160][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  388.874946][ T7769] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  390.260397][ T8124] netlink: 'syz.1.859': attribute type 1 has an invalid length.
[  390.381360][ T8124] 8021q: adding VLAN 0 to HW filter on device bond2
[  390.467218][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  390.469485][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  390.482937][ T8128] xt_NFQUEUE: number of total queues is 0
[  390.487680][ T7769] 8021q: adding VLAN 0 to HW filter on device batadv0
[  390.538819][ T8124] device vlan3 entered promiscuous mode
[  390.540376][ T8124] device bond2 entered promiscuous mode
[  390.635671][ T8124] bond2: (slave gretap1): making interface the new active one
[  390.637880][ T8124] device gretap1 entered promiscuous mode
[  390.643972][ T8124] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  390.660592][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  390.665049][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready
[  390.987403][ T8143] netlink: 'syz.1.862': attribute type 1 has an invalid length.
[  391.005505][ T8143] 8021q: adding VLAN 0 to HW filter on device bond3
[  391.014566][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  391.018179][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  391.041321][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  391.049191][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  391.062435][ T7769] device veth0_vlan entered promiscuous mode
[  391.124686][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  391.127449][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  391.173662][ T7769] device veth1_vlan entered promiscuous mode
[  391.416297][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  391.419328][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  391.422060][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  391.449348][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  394.261373][ T7769] device veth0_macvtap entered promiscuous mode
[  394.307294][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  394.321155][ T7769] device veth1_macvtap entered promiscuous mode
[  394.526267][ T8172] loop1: detected capacity change from 0 to 1024
[  394.586312][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  394.595490][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.775885][ T8184] binder: 8170:8184 tried to acquire reference to desc 0, got 1 instead
[  394.785462][ T8184] binder: 8170:8184 got transaction with invalid parent offset or type
[  394.789588][ T8184] binder: 8170:8184 transaction failed 29201/-22, size 120-24 line 3381
[  395.204387][ T1534] binder: undelivered TRANSACTION_ERROR: 29201
[  395.232313][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  395.311179][ T8188] xt_NFQUEUE: number of total queues is 0
[  395.405568][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  395.903873][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  395.906783][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  395.909498][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  395.912309][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.739905][ T7769] batman_adv: batadv0: Interface activated: batadv_slave_0
[  396.770873][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  396.784582][ T8172] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  396.788457][ T8172] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  396.800587][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.803358][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  396.809074][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.811735][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  396.816245][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.819134][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  396.821996][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.835097][ T7769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  396.838052][ T7769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.015455][ T7769] batman_adv: batadv0: Interface activated: batadv_slave_1
[  397.038611][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  397.041476][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  397.044922][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  397.047681][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  397.112247][ T8205] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: none.
[  397.231650][ T8202] device syzkaller0 entered promiscuous mode
[  397.578652][ T8203] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  397.582290][ T7769] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  397.587490][ T7769] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  397.590114][ T7769] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  397.592446][ T7769] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.010114][ T4534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.012626][ T4534] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.019888][ T4534] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  398.240470][ T4173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.242990][ T4173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.259621][  T578] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  399.086130][ T8236] 9p: Unknown uid 18446744073709551615
[  400.241566][ T8258] netlink: 'syz.7.885': attribute type 1 has an invalid length.
[  400.324962][ T8258] 8021q: adding VLAN 0 to HW filter on device bond1
[  400.617878][ T8263] tipc: Started in network mode
[  400.619372][ T8263] tipc: Node identity f6db08f7fdbd, cluster identity 4711
[  400.630535][ T8263] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  400.798235][ T8274] xt_NFQUEUE: number of total queues is 0
[  401.503412][ T8277] loop4: detected capacity change from 0 to 1024
[  401.511120][ T8261] tipc: Resetting bearer <eth:syzkaller0>
[  401.643629][ T3331] tipc: Node number set to 191236343
[  401.769930][ T8259] tipc: Disabling bearer <eth:syzkaller0>
[  401.779047][ T8277] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  401.782984][ T8277] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  402.669276][ T4536] device hsr_slave_0 left promiscuous mode
[  402.874296][ T4536] device hsr_slave_1 left promiscuous mode
[  403.078639][ T8292] EXT4-fs: error -4 creating inode table initialization thread
[  403.081301][ T8292] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: none.
[  404.115862][ T4536] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  404.118051][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.173013][ T8301] 9p: Unknown uid 18446744073709551615
[  404.210376][ T4536] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  404.212633][ T4536] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.720529][ T4536] device bridge_slave_1 left promiscuous mode
[  404.855249][ T4536] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.905353][ T4536] device bridge_slave_0 left promiscuous mode
[  404.907241][ T4536] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.394386][ T4536] device veth1_macvtap left promiscuous mode
[  405.396391][ T4536] device veth0_macvtap left promiscuous mode
[  405.605394][ T4536] device veth1_vlan left promiscuous mode
[  405.607343][ T4536] device veth0_vlan left promiscuous mode
[  406.070499][ T4536] team0 (unregistering): Port device team_slave_1 removed
[  406.082504][ T4536] team0 (unregistering): Port device team_slave_0 removed
[  406.095593][ T4536] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  406.143003][ T4536] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  406.281539][ T4536] bond0 (unregistering): Released all slaves
[  406.403603][ T8309] netlink: 4 bytes leftover after parsing attributes in process `syz.6.896'.
[  406.477001][ T8309] team0 (unregistering): Port device team_slave_0 removed
[  406.487036][ T8309] team0 (unregistering): Port device team_slave_1 removed
[  406.555620][ T8313] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  406.672712][ T8313] tipc: Disabling bearer <eth:syzkaller0>
[  406.793943][ T8333] netlink: 'syz.0.901': attribute type 1 has an invalid length.
[  407.578450][ T8333] 8021q: adding VLAN 0 to HW filter on device bond1
[  407.633692][ T8343] device vlan0 entered promiscuous mode
[  407.659871][ T8343] device bond1 entered promiscuous mode
[  407.682980][ T8349] netlink: 68 bytes leftover after parsing attributes in process `syz.4.904'.
[  407.720225][ T8351] 9p: Unknown uid 18446744073709551615
[  407.722964][ T8353] loop7: detected capacity change from 0 to 1024
[  407.798324][ T8345] bond1: (slave gretap1): making interface the new active one
[  407.818721][ T8345] device gretap1 entered promiscuous mode
[  407.822121][ T8345] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  407.843848][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  407.846769][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  407.876196][ T8353] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  407.880177][ T8353] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.351832][ T8367] EXT4-fs (loop7): re-mounted. Opts: (null). Quota mode: none.
[  408.750834][ T8369] binder: 8363:8369 tried to acquire reference to desc 0, got 1 instead
[  408.754616][ T8369] binder: 8363:8369 got transaction with invalid parent offset or type
[  408.756959][ T8369] binder: 8363:8369 transaction failed 29201/-22, size 120-24 line 3381
[  408.938418][ T5542] binder: undelivered TRANSACTION_ERROR: 29201
[  409.092203][ T8377] netlink: 'syz.6.911': attribute type 1 has an invalid length.
[  409.261760][ T8377] 8021q: adding VLAN 0 to HW filter on device bond1
[  410.452346][ T8402] netlink: 4 bytes leftover after parsing attributes in process `syz.6.915'.
[  410.661991][ T8405] xt_NFQUEUE: number of total queues is 0
[  411.463663][ T8414] 9p: Unknown uid 18446744073709551615
[  412.834167][ T8427] binder: 8424:8427 IncRefs 0 refcount change on invalid ref 0 ret -22
[  417.290937][ T8483] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  418.307353][ T8489] device syzkaller0 entered promiscuous mode
[  418.320167][ T8496] loop1: detected capacity change from 0 to 1024
[  418.376049][ T8490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.929'.
[  419.399144][ T8507] loop7: detected capacity change from 0 to 512
[  419.475695][ T8472] tipc: Resetting bearer <eth:syzkaller0>
[  419.485668][ T8496] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  419.489896][ T8496] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  420.104379][ T8507] UDF-fs: warning (device loop7): udf_load_vrs: No VRS found
[  420.186999][ T8507] UDF-fs: Scanning with blocksize 512 failed
[  420.204056][ T8507] UDF-fs: warning (device loop7): udf_load_vrs: No VRS found
[  420.206172][ T8507] UDF-fs: Scanning with blocksize 1024 failed
[  420.231993][ T8507] UDF-fs: warning (device loop7): udf_load_vrs: No VRS found
[  420.241905][ T8507] UDF-fs: Scanning with blocksize 2048 failed
[  420.361926][ T8507] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  420.387894][ T8507] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  420.390554][ T8496] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: none.
[  420.412659][ T8472] tipc: Disabling bearer <eth:syzkaller0>
[  427.248638][ T8581] loop4: detected capacity change from 0 to 256
[  428.742248][ T8581] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  428.745770][ T8581] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  428.786001][ T8581] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  432.507047][ T8613] netlink: 68 bytes leftover after parsing attributes in process `syz.7.960'.
[  434.937257][ T8633] netlink: 20 bytes leftover after parsing attributes in process `syz.0.967'.
[  434.956246][ T8638] loop4: detected capacity change from 0 to 256
[  434.961110][ T8633] device vlan2 entered promiscuous mode
[  434.963335][ T8633] device bridge0 entered promiscuous mode
[  435.039766][ T8641] loop1: detected capacity change from 0 to 1024
[  435.151692][ T8638] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  435.154652][ T8638] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  435.193073][ T8638] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  435.195890][ T8643] device syzkaller0 entered promiscuous mode
[  435.423925][ T8649] binder: 8644:8649 tried to acquire reference to desc 0, got 1 instead
[  435.427116][ T8649] binder: 8644:8649 ioctl c0306201 0 returned -14
[  435.497292][ T8641] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  435.501371][ T8641] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  436.892783][ T8667] binder: 8654:8667 tried to acquire reference to desc 0, got 1 instead
[  437.033222][ T8662] IPVS: Scheduler module ip_vs_sip not found
[  437.690000][ T8680] netlink: 68 bytes leftover after parsing attributes in process `syz.1.974'.
[  437.757385][ T8682] netlink: 'syz.7.976': attribute type 1 has an invalid length.
[  437.837625][ T8682] 8021q: adding VLAN 0 to HW filter on device bond2
[  437.872882][ T8688] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  437.877854][ T4380] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  437.880791][ T8691] tipc: Enabled bearer <ib:ip6gre0>, priority 10
[  437.904545][ T8689] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  437.928816][ T8689] device syzkaller0 entered promiscuous mode
[  438.007753][ T8702] loop4: detected capacity change from 0 to 256
[  438.015333][ T8689] tipc: Resetting bearer <eth:syzkaller0>
[  438.113523][ T8684] tipc: Resetting bearer <eth:syzkaller0>
[  438.148054][ T8702] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  438.151362][ T8702] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  438.199907][ T8684] tipc: Disabling bearer <eth:syzkaller0>
[  438.230663][ T8702] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  438.299420][ T8708] binder: tried to use weak ref as strong ref
[  438.301191][ T8708] binder: 8698:8708 Acquire 1 refcount change on invalid ref 0 ret -22
[  438.305254][ T8708] binder: 8698:8708 got transaction to invalid handle, 1
[  438.307174][ T8708] binder: 8698:8708 transaction failed 29201/-22, size 120-24 line 2917
[  438.844307][ T4079] binder: undelivered TRANSACTION_ERROR: 29201
[  438.919919][ T8705] netlink: 20 bytes leftover after parsing attributes in process `syz.7.982'.
[  438.978160][ T8705] device vlan2 entered promiscuous mode
[  438.979748][ T8705] device bridge0 entered promiscuous mode
[  439.002602][ T4196] tipc: Node number set to 3515149741
[  439.236792][ T8716] loop1: detected capacity change from 0 to 1024
[  439.257829][ T8712] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  440.000391][ T8716] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  440.004585][ T8716] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  441.272505][ T8759] netlink: 68 bytes leftover after parsing attributes in process `syz.6.991'.
[  441.433462][ T8763] netlink: 4 bytes leftover after parsing attributes in process `syz.4.994'.
[  441.594270][ T8768] loop1: detected capacity change from 0 to 1024
[  441.659213][ T8767] device syzkaller0 entered promiscuous mode
[  442.273277][ T8768] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,. Quota mode: none.
[  442.287690][ T8768] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  442.479222][ T8768] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: none.
[  442.603127][ T8791] binder: tried to use weak ref as strong ref
[  442.604945][ T8791] binder: 8782:8791 Acquire 1 refcount change on invalid ref 0 ret -22
[  442.609303][ T8791] binder: 8782:8791 got transaction to invalid handle, 1
[  442.611301][ T8791] binder: 8782:8791 transaction failed 29201/-22, size 120-24 line 2917
[  443.137876][ T4094] binder: undelivered TRANSACTION_ERROR: 29201
[  443.354561][ T8795] tipc: Started in network mode
[  443.355953][ T8795] tipc: Node identity , cluster identity 4711
[  443.357634][ T8795] tipc: Failed to obtain node identity
[  443.358054][ T8799] loop4: detected capacity change from 0 to 512
[  443.359061][ T8795] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  443.383416][ T8796] device syzkaller0 entered promiscuous mode
[  443.383620][ T2054] ieee802154 phy0 wpan0: encryption failed: -22
[  443.427236][ T8799] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  443.429714][ T8799] UDF-fs: Scanning with blocksize 512 failed
[  443.449683][ T8799] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  443.457603][ T8799] UDF-fs: Scanning with blocksize 1024 failed
[  443.482959][ T8799] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  443.485052][ T8799] UDF-fs: Scanning with blocksize 2048 failed
[  443.497267][ T8799] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  443.520897][ T8795] device syzkaller0 entered promiscuous mode
[  443.539278][ T8799] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  443.900325][ T8799] device bpq0 entered promiscuous mode
[  443.995642][ T8824] binder: tried to use weak ref as strong ref
[  443.997314][ T8824] binder: 8814:8824 Acquire 1 refcount change on invalid ref 0 ret -22
[  444.002162][ T8824] binder: 8814:8824 got transaction to invalid handle, 1
[  444.004133][ T8824] binder: 8814:8824 transaction failed 29201/-22, size 120-24 line 2917
[  444.532327][ T1534] binder: undelivered TRANSACTION_ERROR: 29201
[  444.547041][ T8816] ==================================================================
[  444.549470][ T8816] BUG: KASAN: use-after-free in rose_transmit_link+0x500/0x680
[  444.551410][ T8816] Read of size 1 at addr ffff0000ea207432 by task syz.4.1000/8816
[  444.553504][ T8816] 
[  444.554108][ T8816] CPU: 1 PID: 8816 Comm: syz.4.1000 Not tainted 5.15.189-syzkaller #0
[  444.556237][ T8816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  444.558921][ T8816] Call trace:
[  444.559784][ T8816]  dump_backtrace+0x0/0x43c
[  444.560979][ T8816]  show_stack+0x2c/0x3c
[  444.562095][ T8816]  __dump_stack+0x30/0x40
[  444.563232][ T8816]  dump_stack_lvl+0xf8/0x160
[  444.564453][ T8816]  print_address_description+0x78/0x30c
[  444.565995][ T8816]  kasan_report+0xec/0x15c
[  444.567234][ T8816]  __asan_report_load1_noabort+0x44/0x50
[  444.568790][ T8816]  rose_transmit_link+0x500/0x680
[  444.570129][ T8816]  rose_write_internal+0xee8/0x17c4
[  444.571499][ T8816]  rose_release+0x228/0x544
[  444.572701][ T8816]  sock_close+0xb4/0x1f8
[  444.573843][ T8816]  __fput+0x1c0/0x7f8
[  444.574887][ T8816]  ____fput+0x20/0x30
[  444.575938][ T8816]  task_work_run+0x12c/0x1e0
[  444.577154][ T8816]  get_signal+0x1240/0x1340
[  444.578349][ T8816]  do_notify_resume+0x35c/0x3128
[  444.579659][ T8816]  el0_svc+0xf0/0x1e0
[  444.580724][ T8816]  el0t_64_sync_handler+0xcc/0xe4
[  444.582122][ T8816]  el0t_64_sync+0x1a0/0x1a4
[  444.583324][ T8816] 
[  444.583937][ T8816] Allocated by task 6070:
[  444.585069][ T8816]  __kasan_kmalloc+0xb0/0xf0
[  444.586366][ T8816]  kmem_cache_alloc_trace+0x274/0x3fc
[  444.587796][ T8816]  rose_add_node+0x1f4/0xba4
[  444.588992][ T8816]  rose_rt_ioctl+0xa58/0xe38
[  444.590205][ T8816]  rose_ioctl+0x37c/0xd40
[  444.591374][ T8816]  sock_do_ioctl+0xf8/0x240
[  444.592561][ T8816]  sock_ioctl+0x5c8/0x87c
[  444.593701][ T8816]  __arm64_sys_ioctl+0x14c/0x1c8
[  444.595009][ T8816]  invoke_syscall+0x98/0x2b8
[  444.596231][ T8816]  el0_svc_common+0x138/0x258
[  444.597492][ T8816]  do_el0_svc+0x58/0x14c
[  444.598607][ T8816]  el0_svc+0x78/0x1e0
[  444.599672][ T8816]  el0t_64_sync_handler+0xcc/0xe4
[  444.601001][ T8816]  el0t_64_sync+0x1a0/0x1a4
[  444.602192][ T8816] 
[  444.602795][ T8816] Freed by task 8799:
[  444.603836][ T8816]  kasan_set_track+0x4c/0x84
[  444.605042][ T8816]  kasan_set_free_info+0x28/0x4c
[  444.606352][ T8816]  ____kasan_slab_free+0x118/0x164
[  444.607758][ T8816]  __kasan_slab_free+0x18/0x28
[  444.609011][ T8816]  slab_free_freelist_hook+0x128/0x1e8
[  444.610459][ T8816]  kfree+0x170/0x40c
[  444.611465][ T8816]  rose_remove_neigh+0x24c/0x2e0
[  444.612759][ T8816]  rose_rt_device_down+0x2d4/0x330
[  444.614101][ T8816]  rose_device_event+0x600/0x6b4
[  444.615410][ T8816]  raw_notifier_call_chain+0xd4/0x164
[  444.616833][ T8816]  __dev_notify_flags+0x250/0x46c
[  444.618174][ T8816]  dev_change_flags+0xc8/0x154
[  444.619437][ T8816]  dev_ifsioc+0x504/0xef4
[  444.620580][ T8816]  dev_ioctl+0x4d0/0xc94
[  444.621708][ T8816]  sock_do_ioctl+0x18c/0x240
[  444.622917][ T8816]  sock_ioctl+0x5c8/0x87c
[  444.624053][ T8816]  __arm64_sys_ioctl+0x14c/0x1c8
[  444.625355][ T8816]  invoke_syscall+0x98/0x2b8
[  444.626562][ T8816]  el0_svc_common+0x138/0x258
[  444.627833][ T8816]  do_el0_svc+0x58/0x14c
[  444.628953][ T8816]  el0_svc+0x78/0x1e0
[  444.630016][ T8816]  el0t_64_sync_handler+0xcc/0xe4
[  444.631396][ T8816]  el0t_64_sync+0x1a0/0x1a4
[  444.632573][ T8816] 
[  444.633179][ T8816] The buggy address belongs to the object at ffff0000ea207400
[  444.633179][ T8816]  which belongs to the cache kmalloc-512 of size 512
[  444.636904][ T8816] The buggy address is located 50 bytes inside of
[  444.636904][ T8816]  512-byte region [ffff0000ea207400, ffff0000ea207600)
[  444.640416][ T8816] The buggy address belongs to the page:
[  444.641879][ T8816] page:000000006fd71fbd refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000ea204000 pfn:0x12a204
[  444.644931][ T8816] head:000000006fd71fbd order:2 compound_mapcount:0 compound_pincount:0
[  444.647101][ T8816] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[  444.649279][ T8816] raw: 05ffc00000010200 fffffc00035a0808 fffffc0003a51208 ffff0000c0002600
[  444.651552][ T8816] raw: ffff0000ea204000 000000000010000b 00000001ffffffff 0000000000000000
[  444.653810][ T8816] page dumped because: kasan: bad access detected
[  444.655478][ T8816] 
[  444.656081][ T8816] Memory state around the buggy address:
[  444.657580][ T8816]  ffff0000ea207300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  444.659723][ T8816]  ffff0000ea207380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  444.661858][ T8816] >ffff0000ea207400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  444.663970][ T8816]                                      ^
[  444.665573][ T8816]  ffff0000ea207480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  444.667741][ T8816]  ffff0000ea207500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  444.669856][ T8816] ==================================================================
[  444.671970][ T8816] Disabling lock debugging due to kernel taint
[  444.673602][    C1] vkms_vblank_simulate: vblank timer overrun
[  444.697563][ T8816] ------------[ cut here ]------------
[  444.699129][ T8816] ODEBUG: assert_init not available (active state 0) object type: timer_list hint: rose_t0timer_expiry+0x0/0x344
[  444.705713][ T8816] WARNING: CPU: 0 PID: 8816 at lib/debugobjects.c:521 debug_print_object+0x148/0x1d4
[  444.708262][ T8816] Modules linked in:
[  444.709302][ T8816] CPU: 0 PID: 8816 Comm: syz.4.1000 Tainted: G    B             5.15.189-syzkaller #0
[  444.711880][ T8816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  444.714601][ T8816] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  444.716831][ T8816] pc : debug_print_object+0x148/0x1d4
[  444.718283][ T8816] lr : debug_print_object+0x148/0x1d4
[  444.719715][ T8816] sp : ffff8000201d7690
[  444.720866][ T8816] x29: ffff8000201d7690 x28: dfff800000000000 x27: 0000000000000004
[  444.723051][ T8816] x26: ffff800014170000 x25: ffff80000837e25c x24: dfff800000000000
[  444.725234][ T8816] x23: 0000000000000000 x22: ffff800010440eb4 x21: ffff8000117c8f60
[  444.727370][ T8816] x20: ffff800011332ce0 x19: ffff8000117c8aa0 x18: 0000000000000002
[  444.729505][ T8816] x17: 0000000040000000 x16: ffff8000111bc798 x15: 0000000000000002
[  444.731679][ T8816] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000080000
[  444.733837][ T8816] x11: 0000000000024af7 x10: ffff800026f3c000 x9 : 7af0abc48c33bd00
[  444.736011][ T8816] x8 : 7af0abc48c33bd00 x7 : 0000000000000000 x6 : ffff80000824599c
[  444.738187][ T8816] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80000a723764
[  444.740343][ T8816] x2 : ffff0001a10c5d50 x1 : 0000000100000000 x0 : 000000000000006e
[  444.742522][ T8816] Call trace:
[  444.743411][ T8816]  debug_print_object+0x148/0x1d4
[  444.744762][ T8816]  debug_object_assert_init+0x24c/0x2c4
[  444.746298][ T8816]  del_timer+0x48/0x1e4
[  444.747421][ T8816]  rose_transmit_link+0x444/0x680
[  444.748799][ T8816]  rose_write_internal+0xee8/0x17c4
[  444.750220][ T8816]  rose_release+0x228/0x544
[  444.751531][ T8816]  sock_close+0xb4/0x1f8
[  444.752676][ T8816]  __fput+0x1c0/0x7f8
[  444.753741][ T8816]  ____fput+0x20/0x30
[  444.754819][ T8816]  task_work_run+0x12c/0x1e0
[  444.756053][ T8816]  get_signal+0x1240/0x1340
[  444.757355][ T8816]  do_notify_resume+0x35c/0x3128
[  444.758703][ T8816]  el0_svc+0xf0/0x1e0
[  444.759788][ T8816]  el0t_64_sync_handler+0xcc/0xe4
[  444.761202][ T8816]  el0t_64_sync+0x1a0/0x1a4
[  444.762433][ T8816] irq event stamp: 552
[  444.763504][ T8816] hardirqs last  enabled at (551): [<ffff80000882f8a8>] ___slab_alloc+0xc34/0xda8
[  444.766030][ T8816] hardirqs last disabled at (552): [<ffff8000112962f8>] _raw_spin_lock_irqsave+0xfc/0x14c
[  444.768783][ T8816] softirqs last  enabled at (538): [<ffff80000f69f06c>] lock_sock_nested+0x14c/0x1d4
[  444.771371][ T8816] softirqs last disabled at (536): [<ffff80000f69f014>] lock_sock_nested+0xf4/0x1d4
[  444.773951][ T8816] ---[ end trace 8cb8a2e035ac3163 ]---