last executing test programs:

10.92546856s ago: executing program 2 (id=896):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000140), 0x4)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r0, 0x0, 0x0)
r4 = syz_open_dev$video(0x0, 0x9, 0x4a142)
ioctl$VIDIOC_S_PARM(r4, 0xc0cc5616, 0x0)
sendmsg$AUDIT_USER_AVC(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)=ANY=[], 0x454}}, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)=ANY=[], 0x20}}, 0x40000)
shutdown(r3, 0x1)
recvfrom(r2, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x0, 0x0, 0x0)

10.109837367s ago: executing program 4 (id=899):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@sysvgroups}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@usrjquota}, {@init_itable_val={'init_itable', 0x3d, 0x4}}]}, 0x1, 0x55a, &(0x7f0000001880)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLKMJh1rHbhduBtvZAgiDsR7vfdy+A/4Vwx0MGQUvfAmctKTLluTNuuypprPB05533NO8p435zxvn5M3IQEMrYnsTyHixYj4Kok4HBFJvm008o0Ta/utPrw+my1JNBof/5E098vqredqPe5gXnkhIn75IuJkYWO7teWVhVK5nC7m9cl65cpkbXnl1KVKaT6dTy9Pz8yceXNm+p233+pbX187/9e3H919/8yXx1e/+en+kdtJnI1D+bb2fjyDG+2ViZjIX5OxOPvEjlN9aGw3SQZ9AGzLSB7nY5GNAYdjJI964L/v84hoAEMqEf8wpFp5QOvefvP74P/vUFaycx68t3YDtLH/o2vvjcS+5r3RgdXksTuj7H53vA/tZ238/Pud29kS/XsfAmBLN25GxOnR0Y3jX5KPf9t3uvPqfe2VJ9sw/sHOuZvlP693yn8K6/lPdMh/DnaI3e3YOv4L9/vQTFdZ/vdux/x3fdJqfCSv/a+Z840lFy+V09N5NnwixvZm9c3mc86s3mt029ae/2VL1n4rF8yP4/7o3scfM1eql56lz+0e3Ix4qWP+m6yf/6TD+c9ej/M9tnEsvfNKt21b9//5avwQ8WrH8/9oRivZfH5ysnk9TLauio3+vHXs127tD7r/2fk/sHn/x5P2+dra07fx/b6/027bHut/9H7970k+aZb35Ouuler1xamIPcmHG9dPP3psq97aP+v/ieObj3+drv/9EfFpj/2/dfTHl3vq/4DO/9xTnf+nL9z74LPvurXf2/j3RrN0Il/Ty/jX6wE+y2sHAAAAAAAAu00hIg5FUiiulwuFYnHt8x1H40ChXK3VT16sLl2ei+Z3ZcdjrNCa6T7c9nmIqfzzsK369BP1mYg4EhFfj+xv1ouz1fLcoDsPAAAAAAAAAAAAAAAAAAAAu8TBLt//z/w2MuijA547P/kNw2vL+O/HLz0Bu5L//zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPw0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dP3cuWxqrD6/PZvW5q8tLC9Wrp+bS2kKxsjRbnK0uXinOV6vz5bQ4W61s9XzlavXK1HQsXZusp7X6ZG155UKlunS5fuFSpTSfXkjHdqRXAAAAAAAAAAAAAAAAAAAA8O9SW15ZKJXL6aKCwrYKo7vjMBT6XBj0yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj/wTAAD//wQrN8c=")
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/mcfilter\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
shmctl$IPC_INFO(0x0, 0x3, 0x0)
read$FUSE(r0, &(0x7f0000006280)={0x2020}, 0x2020)

9.346004369s ago: executing program 2 (id=901):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0xf, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r3, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400})
sendmsg$key(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="0208000002"], 0x10}}, 0x0)

8.736493959s ago: executing program 4 (id=903):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000200)='\b', 0x1}], 0x1, 0x0, 0x0, 0x60000000}, 0x20000004)
unshare(0x8040480)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x5, 0x100)
r3 = syz_open_dev$vim2m(&(0x7f0000000140), 0x10001, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f14258313260608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
syz_mount_image$iso9660(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000580), 0x1, 0x4f8, &(0x7f00000005c0)="$eJzs3M9u1NoZAHA7JGqUSqjSVS/cXBa+3C7ogsEzKUERK9fjSQwz45HtoLCqUElQ1IRWhUqFHRvaSu1DsO0TdNU3Qn2EVp6ZUCB/hgJluOj3k+CcsT+f8x1rdI7G0XEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARh2o3jdhj08+H2TnS6tFsWgzPOH7X3jzeKM/oNgrD5FywvBxcnhy5+9d/TP23+uxxcmHy6ECw3xXLw9Mdf/+TmV4sLR9efkdAn8ejJ09/cOzjY/f28E5mTzWyYV0U+SDazKK+KaGN9Pb621auiXt7PqrtVnQ2itMySuiijK+nPo/bGxlqUte4W28PNbtLPjg7euNqJ4/XoVmuUJWVVDK/dalXpVt7v58PNcUxzuom50XwRb+d1VGfJIIr29g9212Yl2QS13yWoMyuoE3c67Xan016/vnH9RhwvHjsQvyU4FjH/Ly3z9ZFncHh//56u/wAAAMCXKxw/Y29+/y+Nn8OHQS/vZ/G80wIAAAA+ovFf/i80xVJTuxiEfv8DAADAl+bPM/fYVaMfhf/8V1CWS+Gz0c7PwsOkiUsOz02uO/d2i3VvNTw/bWRcrC9OP6XZpfCbSdA3R9Evp8XerDzCj5BA8NdgdRKzen9S3j86M+llpZf3s1Za9G+2gyQ5v1BnO/UfHu7/MRgP/y/Dwfkw2Ns/2G39+rcH98e5PGtaeXY43UBxbB/FGbk8frXv8eQRL40fxEz7XZn0G78+/oXJ5Qv/Q5/Pg28nMd+uTMqVN8e/3PTZbp02+mkW7Q8c+fPg0iTm0pXvm+L7Kydk0ZmVRef1LN7rXrxDFmuzslj7wCwA5mVvxioUHl/432OW+zSr+/Pgu0nMd6vjiXVx9YQZPZ41o8cfuLr9Pbg8ibl8FHzaGtv0+7e3VtUXzQUvTu236nfC5haee3z4u+DrR0+eXt0/vPdg98Huw05nbT3+RRxf7wRL42FMC2sPACfIypfhSv2nsCzz0a/aGxvtpN7KorJIb0dl3t3MonxYZ2W6lQw3s2hUFnWRFv2mcifvZlVUbY9GRVlHvaKMRkWV74zf/BJNX/1SZYNkWOdpNepnSZVFaTGsk7SOunmVRqPtX/bzaisrxxdXoyzNe3ma1HkxjKpiu0yzVhRVWfZaYN7NhnXey5vqMBqV+SAp70Z3iv72IIu6WZWW+aguJg0e9ZUPe0U5GDfbmvfNBoDPxKs32P0fK/MeIwDwJqs0AAAAAAAAAAAAAAB8/j7F/j8VFZUfWmXeMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHPefAAAA///v3qTr")

8.530680716s ago: executing program 4 (id=905):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6)

6.828889164s ago: executing program 4 (id=910):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000ac0), 0x1, 0xa10, &(0x7f0000001540)="$eJzs3U2MG1cdAPBn73rTfJQ4JaFLGtqEQls+uttslvARQVM1F6Km6q1SxSVK0xKRBkQqQasekpy40aoKVz7EqZcKEBK9oKgnLpVoJC49FQ4ciIJUiQMUkkXrfc/r/cfW2Jvser3+/aTZ55n/s98b73g8npn3XgLGVr31d35+upbS5XfePPaPh/6+dXHJ4+0czdbfyY65Rkqplucnw+t9OLGU3vjotVPd0lqaa/0t8+np6+3nbk8pXUj705XUTHsvX33jvbmnTlw8funA+28dubY2aw8AAOPlmStH5vf89c/37fr47fuPpi3t5eX4vJnnd+Tj/qP5wL8c/9fTyvlax9RpKuSbzFM95Jvokq+znEbIN9mj/Knwuo0e+bZUlD/RsazbesMoK9txM9XqMyvm6/WZmaXf5Kn1u36qNnPuzNkXzg+posAd968HUkr7TSbTOE4LO4e9BwJYEq8X3uJCPLNwe9qvNtlf+defqHd/PtwB6739K3+0yv/1RXsc7pzNujWV9Sqfox15Pl5HiPcvDfr5L68Xr0c0+qxnr+sIo3J9oVc9J9a5HqvVq/5xu9isvpnT8j58K8Q7Pz/xfzoq/2Ogu387/28yje20MOwdELBhxfvmFrISj/f1xfiWivhdFfGtFfFtFfHtFXEYZ797+afp9dry7/z4m37Q82HlPNvdOf3EgPWJ5yMHLT/e9zuo2y0/3k8MG9kfTj57+mvPP3d16f7/2uL237rl/2be3vfnfM382bqSN/dyvjCeV1++9/+ZFeXUe+S7J9Tn7i75W493r8xX2738OqljP3NLPaZXPm9nr3z7VuZrhnxb83RXqG88PtkWnleOP8p+tbxfk2F9G2E9pkI9yn5lV05jPWA1yvbY6/7/sn1Op0bthTNnTz+W58t2+qeJxpbF5QfXud7A7eu3/c90Wtn+Z0d7eaPeuV/Yuby81rlfaIblcz2WH8rz5XvuuxNbW8tnTn3/7PN3euVhzJ1/5dXvnTx79vQPPfDAAw/aD4a9ZwLW2uzLL/1g9vwrrz565qWTL55+8fS5Q4cPH5qbO/z1Q/OzreP62c6je2AzWf7SH3ZNAAAAAAAAAAAAgH796Pixq39596sfLLX/X27/V9r/lzt/S/v/n4T2/7GdfGkHX9oB7uoSb+UJHaxOhXyNPH0y1Hd3KGdPeN6nctoexy+3/y/FxX5dS33uDctj/70lX+hO4Jb+UqZCHyRxvMDP5vRSTn+VYIhqW7svzmlV/9ZlWy/9U+iXYjSV/1vZGko/JqX9d69+ncr+f9c61JE7bz2aEw57HYHu/qn/b5NpbKeFBaN4ABvDsMf/LOc9S3ruj9++a3Eq2a4/sXJ/Gfsvhdux0cefVP7mGv+zPf5d3/u/MGJec3Xl/ufn1z7oKDbt7bf8uP6lH+jdg5X/cS6/rM3Dqb/yF34Zyo8XhPr031D+tj7Lv2X9962u/P/l8svb9siD/Za/VONafWU94nnjcv0vnjcuboT1L317Drz+qxyo8WYuH8bZqIwzO6hRGf+3l3gfxlfyfNkRlvsc4ngng9a/3F9Rvgf2hNevVXy/bfbxfy+uY12G4Rs5rfo8lPF/y/bY7DJf75hvdHlvN+u+BkbVh67/mUxjOy0sLKztCa0KQy2cob//w/6dMOzyh/3+V4nj/8Zj+Dj+b4zH8X9jPI7/G+NxfL0Yj+P/xvczjv8b4/eG143jA09XxD9dEd9bEb+vIr6vIv6ZiviBivj9FfEHKuL3VMQfrIh/riL++Yr4QxXxRyriX6iIb3alPcq4rj+Ms9g+z+cfxke5/tPr87+7Ig6Mrp+9ffDJ5377neZS+/+p9vmQch3vaJ7fn387/zjPx+veqWN+MfZunv9biG/08x0wTmL/GfH7/eGKODC6yn1ePt8whmrde+zpt9+qXsf5jJYv5vRLOf1yTh/N6UxOZ3N6MKdz61Q/1saTv/n9kddry7/3d4Z4v/eTx/ZAsZ+oQ33WJ54fGPR+9tiP36But/xVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmnrr7/z8dC2ly++8eezZE2dmF5c83s7RbP2d7JhrtJ+X0mM5ncjpL/KDGx+9dqozvZnTWppLtVRrL09PX2+XtD2ldCHtT1dSM+29fPWN9+aeOnHx+KUD77915NravQMAAACw+f0/AAD//8MLDok=")
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000740)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

6.215729204s ago: executing program 2 (id=911):
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendto$packet(r0, &(0x7f0000000040), 0x0, 0x4000800, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)

5.308980478s ago: executing program 4 (id=916):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x5, 0xb}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xffff0f0e, 0x9, 0xfffffffe, 0x7, 0x7, 0x4, 0x7, 0xd, 0x10a3}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2404c020}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.307830018s ago: executing program 2 (id=917):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
mkdirat(0xffffffffffffff9c, 0x0, 0x28)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000100)={'veth0_to_hsr\x00', 0x4000})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x62)

5.16392273s ago: executing program 3 (id=919):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x16)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_ethernet(0x3d, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x7, 0x0, 0x0, @private2, @local, {[], "223427d5c9a46b"}}}}}, 0x0)
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4004080}, 0x20008004)
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="00bc7811e943bbb3bc31a70c81525069e4320000000000", @ANYRES64], 0x1, 0x1a1, &(0x7f0000000440)="$eJzs0bFrFEEUx/Hvm53b2whRT8UiggkYXPeI5HaDFlaHVYRbsLARPPS4rElwo1z2ChMSvEYCEs2/oIVoqYJWIgrWwUKw0Nikk1wRLMRCTvZuIvg3ZD7Nb99bdmfmzVzWyorAn92VJlX6HA7yCUEDozLoKTXIN6b+YXJjEFw09brJ5yZHsqXlW400TRbHLhQo/dcAfo4VS/Cvlb3kuGJIqCJfdleaDbkR06uyoGZiSjXKD3HqtIJHjOhhjl3Hoeevc0nREr8GhybbHpPZ0vLZ+YXGbDKb3I6iqfP3qFTO5ftPk8prJHggisesEkAxZihYpVDn/qY+wIQgwZzacqTcxa2zsemcOTXRRQU79BDe+12K37SLusJpvGv5gaY5KjzBiRmvcVihuTmfJpVp5LJ6JaH+rH8VFF7HcbzmnXRm7aqS3+6zqux4Em5T8EOicshUPhqO8IG1LTpmqGx/Z1Te5qvszVX3370w1QlO8tTlbqPdXgxd+Ch+TNSBqATD/d+pmPH8gnlnvjHB170Hy7Isy7Isy7Isax/4GwAA//+IG117")

4.236999565s ago: executing program 2 (id=920):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f00000000c0)='%pS    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r4}, 0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000540)=ANY=[@ANYBLOB="180200000000000000000000030000008500000017000000b7080000000000007b8af8ff00000000b7080000000000807b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc09b6f2609", 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4.149337662s ago: executing program 0 (id=921):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000000))
mmap$dsp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000140))
ioctl$SNDCTL_DSP_GETIPTR(r1, 0x800c5011, &(0x7f0000000040))
mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0)

4.145716492s ago: executing program 4 (id=922):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r3, 0xc02c564a, &(0x7f0000000040)={0x6, 0x34324258, 0x3, @discrete={0x3b79f0fc, 0xffffffff}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x6000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

4.126816184s ago: executing program 1 (id=923):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
r3 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000000840)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b1a03dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc95b4b88e2afb55ae6f1229bcf13ecff7a597f452bed6b6fb4c812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1d48f913f8b22a30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec9dd375031ba5ae65e31f00e641832d29ed658b91f349b801b8b0d2de59d006ce210a0351b6bbd06c77c9aa67b5d7287fc1bfa1d0bf035ccdd4b20d7f95b5c77afde046b146ce8b395126fceb6cca68972ac02bc7d3cbca85e30a02db8f48b9eb10526d0c7ade3391d6c844fb8b2fb70ec826465726fb78cc47db9636d337038f016d27c2eb3fa0da403214d11f3b3ea42b8b183e9226665de1fa1c808ad8ea5bf3080b0ad7d12050000001c1428f0e17612738a97fdc8ddffb031b71347213264d4f6972a888ba9fa77efede5bdbaf65fb32eddedeb421fa7f60c35d68372e2c80561588ec11456f5e53b7bdcf72d3e0272f1b22399ec78d37acac485e5375f1b654c70f0a1ae81f5940cddaac3", 0x1fc, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha256\x00'}})

4.097567717s ago: executing program 0 (id=924):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x1, 0xfa, 0x200d}}}, 0x7)
r3 = socket$unix(0x1, 0x1, 0x0)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r4, 0x5760, 0x3c)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)

3.165876482s ago: executing program 0 (id=925):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0xc02, &(0x7f0000000280)={[{@iocharset={'iocharset', 0x3d, 'macturkish'}}, {}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@keep_last_dots}, {@errors_remount}, {@namecase}, {@keep_last_dots}, {}]}, 0x1, 0x151e, &(0x7f0000007640)="$eJzs3AucT9XaOPDnWWvtMSbp1ySXYa31bH7JZZkkySVJLkmSJEluCUmTHElIDLklDUlILkNyGUJymZg07ve7JCRJkyQhuSXr/5ni73TqvOec9/Qe7+ed5/v57I/1zN7P2s/+PbNnXzDfdh1Wq0nt6o2ICP4t+OsfyQAQCwCDAOAaAAgAoHx8+fjs9bklJv97O2F/rofSrnQF7Eri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxsy4xC1/KScxd+/5+T8fX//4aLJx98ua7M9d0AYv7ZPO5/zsb9/z8r+Gc24v7nbNz/nCr2ShfA/hfg8z8nyPV313D/czbuP2M52ZV+/3ylF4jk7M/gSn//McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLGc74yxQAXBpf6boYY4wxxhhjjDH25/G5rnQFjDHGGGOMMcYY+5+HIECCggBiIBfEQm6IAwEAV0NeuAYicC3Ew3WQD66H/FAACkIhSIDCUAQ0GIgBghCKQjGIwg1QHG6EElASSkFpcFAGEuEmKAs3Qzm4BcrDrVABboOKUAkqQxW4HarCHVAN7oTqcBfUgJpQC2rD3VAH7oG6cC/Ug/ugPtwPDeABaAgPQiN4CBrDw9AEHoGm8Cg0g+bQAlpCq/9W/gvQE16EXtAbkqEP9IWXoB/0hwEwEAbByzAYXoEh8CqkwFAYBq/BcHgdRsAbMBJGwWh4E8bAWzAWxsF4mACpMBEmwdswGd6BKTAVpsF0SIMZMBPehVkwG+bAezAX3od5MB8WwEJIhw9gESyGDPgQlsBHkAlLYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHHfAx7IRPYBd8CrthD+yFz2AffP4v5p/+m/xuCAgoUKBChTEYg7EYi3EYh3kwD+bFvBjBCMZjPObDfJgf82NBLIgJmIBFsAgaNEhIWBSLYhSjWByLYwksgaWwFDp0mIiJWBZvxnJYDstjeayAFbAiVsJKWAWrYFWsitWwGlbH6lgDa2AtrIV3493YB+tiXayH9bA+1r/0egobYSNsjI2xCTbBptgUm2EzbIEtsBW2wtbYGttgG2yH7bA9tscO2AGTMAk7YkfshJ2wM3bGLtgFu2JX7IbdsXvWC7kAX8QXsTfWEH2wL/bFfpiSawAOxIH4Mg7GV/AVfBVTcCgOw9fwNXwdR+ApHImjcDSOxqriLRyL45DEBEzFVJyEk3AyTsYpOBWn4nRMwxk4E2fiLJyNs/E9nIvv4/s4H+fjQkzHdFyEizEDM3AJnsZMXIrLcDmuwJW4AlfjGlyN63A9rsONuBE342bciltxO27Hj/Fj/AQVAH6Ke3APpuA+3If7cT8ewAN4EA9iFmbhITyEh/EwHsEjeBSP4jE8jifwOJ7Ek3gKT+MZPIPn8Byex+cSvm78Scm1KSCyKaFEjIgRsSJWxIk4kUfkEXlFXhEREREv4kU+kU/kF/lFQVFQJIgEUUQUEUYYQSKMAQARFVFRXBQXJUQJUUqUEk44kSgSRVlRVpQT5UR5cauoIG4TFUUl0dZVEVVEVdHOVRN3iuqiuqghaopaoraoLeqIOqKuqCvqiXqivqgvGogHREPRBwfgQyK7M03EUGwqhmEz0VzIiz/BWosR2Ea0Fe3EE2IUjsQOorVLEk+LjmIsdhJ/EePwWdFFTMCu4nnRTXQXPcQLoqdo43qJ3mIK9hF9xXTsJ/qLAWKgmIU1xXs4N3ct8apIEUPFMPGaWIivixHiDTFSjBKjxZtijHhLjBXjxHgxQaSKiWKSeFtMFu+IKWKqmCamizQxQ8wU74pZYraYI94Tc8X7Yp6YLxaIhSJdfCAWicUiQ3woloiPRKZYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hY7BSfiF3iU7Fb7BF7xWdin/hc7BdfiAPiS3FQfCWyxNfikPhGHBbfiiPiO3FUfC+OiePihPhBnBQ/ilPitDgjzopz4idxXvwsLggvQKIUUkolAxkjc8lYmVvGyatkHhlc/HSvlfHyOplPXi/zywKyoCwkE2RhWURqaaSVJENZVBaTUXmDLC5vlCVkSVlKlpZOlpGJ8iZZVt4sy8lbZHl5q6wgb5MVZSVZWVaRt8uq8g4JkV/3UUPWlLVkbXm3TIZ7ZF15r6wn75P15f2ygXxANpQPykbyIdlYPiybyEdkU/mobCabyxaypWwlH5Ot5eOyjWwr28knZHv5pOwgn5JJ8mnZUfqL3yLPyi7yOdlVPi+7ye6yh/xZXpBe9pK9JfQB2Ve+JPvJ/nKAHCgHyZflYPmKHCJflSlyqBwmX5PD5etyhHxDjpSj5Gj5phwj35Jj5Tg5Xk6QqXKinCTflpPlO3KKnCqnyekyTc6QAy7ONEfKf5j/9h/kD/ll75vlFrlVbsOLrZCfyF1yl9wtd8u9cq/cJ/fJ/XK/PCAPyIPyoMySWfKQPCQPy8PyiDwij8qj8pg8Ls/KH+RJ+aM8JU/L0/KsPCfPyfMXPwNQqISSSqlAxahcKlblVnHqKpVHXa3yqmtURF2r4tV1Kp+6XuVXBVRBVUglqMKqiNLKKKtIhaqoKqai6oZLVapSqrRyqoxKVDf9K/mquLpRlVAlf5N/qb7kv1NfK9VKtVatVRvVRrVT7VR71V51UB1UkkpSHVVH1Ul1Up1VZ9VFdVFdVVfVTXVTPVQP1VP1VL1UL5WsklVf9ZLqp/qrAWqgGqReVoPVYDVEDVEpKkUNU8PUcDVcjVAj1Eg1Uo1Wo9UYNUaNVWPVeDVepapUNUlNUpPVZDVFTVHT1DSVptLUTDVTzVKz1Bw1R81Vc9U8NU8tUAtUukpXi9QilaEy1BK1RGWqpWqpWq6Wq5VqpVqtVqu1aq1ar9arjWqjylRb1Ba1TW1TO9QOtVPtVLvULrVb7VZ71V61T+1T+9V+dUAdUAfVQZWlstQhdUgdVofVEXVEHVVH1TF1TJ1QJ9RJdVKdUqfUGXVGnVPn1Hl1Xl1QF7Jv+wIRiEAF2VfamCA2iA3igrggT5AnyBvkDSJBJIgP4oN8wfVB/qBAUDAoFCQEhYMigQ5MYANxsenR4IageHBjUCIoGZQKSgcuKBMkBjcFZYObg3LBLUH54NagQnBbUDGoFFQOqgS3B1WDO4JqwZ1B9eCuoEZQM6gV1A7uDuoE9wR1g3uDesF9Qf3g/qBB8EDQMHgwaBQ8FDQOHg6aBI8ETYNHg2ZB86BF0DJo9afO7/2pAo+7zbq3TtZ9dF/9ku6n++sBeqAepF/Wg/Ureoh+VafooXqYfk0P16/rEfoNPVKP0qP1m3qMfkuP1eP0eD1Bp+qJepJ+W0/W7+gpeqqepqfrND1Dz9Tv6ll6tp6j39Nz9ft6np6vF+iFOl1/oBfpxTpDf6iX6I90pl6ql+nleoVeqVfp1XqNXqvX6fV6g96oN+nNeoveqrfp7XqH/ljv1J/oXfpTvVvv0Xv1Z3qf/lzv11/oA/pLfVB/pbP01/qQ/kYf1t/qI/o7fVR/r4/p4/qE/kGf1D/qU/q0PqPP6nP6J31e/6wvaJ99c599eTfKKBNjYkysiTVxJs7kMXlMXpPXREzExJt4k8/kM/lNflPQFDQJJsEUMUVMNjJkipqiJmqiprgpbkqYEqaUKWWccSbRJJqypqwpZ8qZ8qa8qWAqmIqmoqlsKpvbze3mDnOHudPcae4yd5mapqapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWwamyamiWlqmppmpplpYVqYVqaVaW1amzamjWln2pn2pr3pYDqYJJNkOpqOppPpZDqbzqaL6WK6mq6mm+lmepgepqfpaXqZXibZJJu+pq/pZ/qZAWaAGWQGmcFmsBlihpgUk2KGmWFmuBluRpgRZqQZZUZnnz7mLTPWjDPjzQSTalLNJDPJTDaTzRQzxUwz00yaSTMzzUwzy8wyc8wcM9fMNfPMPLPALDDpJt0sMotMhskwS8wSk2kyzTKzzKwwK8wqs8qsMWvMOrPObIANZpPZZLaYLWab2WZ2mB1mp9lpdpldZrfZbfaavWaf2Wf2m/3mgDlgDpqDJstkmUPmkDlsDpsj5og5ao6aY+aYOWFOmJPmpDllTpkz5ow5ZwpcvF56E2tz2zh7lc1jr7Z57TX2b+OCtpBNsIVtEattflvgN7Gx1pawJW0pW9o6W8Ym2pt+F1e0lWxlW8XebqvaO2y138V17D22rr3X1rP32dr27t/E9e39toF9xDZEBLDNbWPb0jaxj9im9lHbzDa3LWxL294+aTvYp2ySfdp2tM/8Ll5kF9s1dq1dZ9fb3XaPPWPP2sP2W3vO/mR72d52kH3ZDrav2CH2VZtih/4uHm3ftGPsW3asHWfH2wm/i6fZ6TbNzrAz7bt2lp39uzjdfmDn2gw7z863C+zCX+LsmjLsh3aJ/chm2gCW2eV2hV1pV9nV/7/W5Xaj3WQ32132U7vNbrc77Md256UbYbvH7rWf2X32c3vIfmMP2C/tQXvEZtmvf4mzj++I/c4etd/bY/a4PWF/sCftj+pSdvax/2B/thest0BIQJIUBRRDuSiWclMcXUV56GrKS9dQhK6leLqO8tH1lJ8KUEEqRAlUmIqQJkOWiEIqSsUoSjfQpfJKUWlyVIYS6SYqSzdTObqFytOtVIFuo4pUiSpTFbqdqtIdVI3upOp0F9WgmlSLatPdVIfuobp0L9WD+6g+3U8N6AFqSA9SI3qIGtPD1IQeoab0KDWj5tSCWlIreoxa0+PUhtpSO3qC2tOT1IGeoiR6mjrSM9SJ/kKd6VnqQs9RV3qeulF36kEvUE96kXpRb0qmPtSXXqJ+1J8G0EAaRC/TYHqFhtCrlEJDaRi9RsPpdRpBb9BIGkWj6U0aQ2/RWBpH42kCpdJEmkRv02R6h6bQVJpG0ymNZtBMepdm0WyaQ+/RXHqf5tF8WkALKZ0+oEW0mDLoQ1pCH1EmLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQx7STPqFd9Cntpj20lz6jffQ57acv6AB9SQfpK8qir+kQfUOH6Vs6Qt/53vQ9HaPjdIJ+oJP0I52i03SGztI5+onO0890gTxBiKEIZajCIIwJc4WxYe4wLrwqzBNeHeYNrwkj4bVhfHhdmC+8PswfFggLhoXChLBwWCTUoQltSGEYFg2LhdHwhrB4eGNYIiwZlgpLhy4sEyaGN4Vlw5vDcuEtYfnw1rBCeFtYMawUPnJflfD2sGp4R1gtvDOsHt4V1ghrhrXC2uHdYZ3wnrBueG9YL7wvLBfeHzYIHwgbhg+GjcKHwsbhw2GT8JGwafho2CxsHrYIW4atwsfC1uHjYZuwbdgufCJsHz4ZdgifCpPCp8OO4TO/rL9/8d9fnxz2CfuGL4Uvhd7fKxdEF0bTox9EF0UXRzOiH0aXRD+KZkaXRpdFl0dXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e9r50LHDrhpFMucDEul4t1uV2cu8rlcVe7vO4aF3HXunh3ncvnrnf5XQFX0BVyCa6wK+K0M846cqEr6oq5qLvBFXc3uhKupCvlSjvnyrhE19K1cq1ca/e4a+PaunbuCfeEe9I96Z5yT7mnXUf3jOvk/uI6u2ddF/ece84977q57q6He8H1dBPz/npOJru+rq/r5/q5AW6AG+QGucFusBvihrgUl+KGuWFuuBvuRrgRbqQb6Ua70W6MG+PGurFuvBvvUl2qm+QmucluspviprhpbppLc2luppvpZrlZrursX/cyz81zC9wCl+7S3SKXfc+Y4Za4JS7TZbplbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vldrnd/ppfJ3X73H633x1wB9xB95XLcl+7Q+4bd9h9646479xR97075o67E+4Hd9L96E650+6MO+vOuZ/cefezu+C8S41MjEyKvB2ZHHknMiUyNTItMj2SFpkRmRl5NzIrMjsyJ/JeZG7k/ci8yPzIgsjCSHrkg8iiyOJIRuTDyJLIR5HMyNLIssjyyIrIyoj3hbeFvqgv5qP+Bl/c3+hL+JK+lC/tnS/jE/1Nvqy/2Zfzt/jy/lZfwd/mK/pKvrJ/1DfzzX0L39K38o/51v5x38a39e38E769f9J38E/5JP+07+if8Z38X3xn/6zv4p/zXf3zvpvv7nv4F3xP/6Lv5Xv7ZN/H9/Uv+X6+vx/gB/pB/mU/2L/ih/hXfYof6of51/xw/7of4d/wI/0oPzrmTT/m0iMyTPCpfqKf5N/2k/07cKef6qf56T7Nz/Az/bt+lp/t5/j3/Fz/vp/n5/sFfqFP9x/4RX6xz/Af+iX+I5/pl156qexX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//Y7/Sf+F3+U7/b7/F7/Wd+n//c7/df+AP+S3/Qf+Wz/Nf+kP/GH/bf+iP+O3/Uf++P+eP+hP/Bn/Q/+lP+tD/jz/pz/id/3v/sL/D/WWOMMcYY+6dMvDwUv13z6+v8Pn+QI/5q474AcPX2Qll/vT77jnJD/l/H/UVC+wgAPN2760OXlho1kpOTL26bKSEoNh/g0t8EZYuBy/FSaAdPQhK0hbJ/WH9/0f0c/YP5o7cCxP1VTixcji/P/wUAJv/B/I89MXpRhfBM/H8x/3yAEsUu5+SGy/FSaPfL+5W2UO7v1F+g9T+oP/eXqQBt/ionD1yOL9efCI/DM5D0my0ZY4wxxhhjjLFf9ReVO196/rz0Lz7/6Pk8QV3OyQWX43/0fM4YY4wxxhhjjLEr79nuPZ56LCmpbed/fVDtv5X1Tw+awv/UzDz4w4H3AJe+ogDg35wQIHsg/5NHsfU/sq+Ui6fO365acdYH8L+jlX/G4Ar/YGKMMcYYY4z96S7f9P/26+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVA/4lfJ3alj5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//85evzE")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x40f, &(0x7f0000000000), &(0x7f0000000080)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_io_uring_setup(0x2bac, &(0x7f0000000340), &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000000))
syz_io_uring_submit(r6, r5, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x2a, 0x0, @fd_index=0x3})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x40, &(0x7f0000000140)=0x80000004, 0x0, 0x4)
io_uring_enter(r3, 0x1469, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r3, 0x47e9, 0xeb13, 0x6, 0x0, 0x0)

3.164937183s ago: executing program 1 (id=926):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x90e7d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x80383, 0x0)
setpriority(0x2, 0x0, 0x3)
r3 = socket$kcm(0x2, 0xa, 0x2)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x400000001aa82, 0x0)
r5 = dup(r4)
sendfile(r3, r5, 0x0, 0x400)

3.164061162s ago: executing program 2 (id=927):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x11)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x89b0, &(0x7f0000000180)={'macvlan1\x00', &(0x7f00000001c0)=@ethtool_cmd={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x100000]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

3.063016731s ago: executing program 3 (id=928):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, 0x12, r2, 0xfae76000)
semget$private(0x0, 0x5, 0x0)

1.850284789s ago: executing program 0 (id=929):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x1, @local, 'bridge0\x00'}}, 0x1e)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000000)=ANY=[], 0x68)
r2 = socket$pppoe(0x18, 0x1, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x1, @local, 'ip_vti0\x00'}}, 0x1e)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect(r4, &(0x7f00000004c0)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8}, 0x80)
shutdown(r4, 0x1)
syz_emit_vhci(&(0x7f0000003980)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0x6, 0xc8}}}, 0x6)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, 0x0)
syz_mount_image$udf(&(0x7f0000000540), &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x516, &(0x7f0000000600)="$eJzs289vHGcZB/Dn9azd9Raom4bUrSpkVImmTRMldtJEMofmBwmRqoBIwz2N7WDVsUPsVE2FSiWQ+g9whQMoBw4gcS2iNyQOSFSAUKAceuKChHxA4gia2Znd2a0Tb0jsjevPJ4pndvbZ9Tuj/e7M+77jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiTn3t5OEjaditAAC204WL3zo84/wPALvK6/r/AACwW6TIYjxSPPOn9fRC8bit+dri8s23L505u/HLxlOkGImsqM//N49Mzxw99srxE9Xy3q9/2J6Jb1x8/eTU6ZVr12/Mr67Oz01dWl68sjI3P/A7POjr+71UHICpa2/enFtYWJ2aPjTT8/TbE/947PF9E7MnDh74UlV76czZsxdrNY3R//u3f4oeHhsZiyx+HylO/fyXaX9EjMSDZ2GT746tNh6NPH/FTlw6c7bYkaXFy8tr+ZNppKxq9GZirMrINmTxgTQiDuZtHZNoHtxoZPFxpDj33fX0YkRkVQ4OFBODm79BYxsaeZdfeygivhk7ILPwiHossjgWKS78dCJeKnNV5L8R8e6wGwdsqUZk8aNIsZLW04HieiA/n+aXza99e+r88sJKrTaNlGfUnd4/2E6uTXiENSOLF4sz/np6ediNAbbVeGSxFik++vdbxbhSFOPST8yeuHCqUR9henqT90llf3x2wD75aDnWmEbyfw9/v4DNNVMW70eKP/ysWTzOs9sq1j75b9uQGwhsnZTFSKT43en1lPrmpbPa/H7HTu/7b237x5unV67furF49TtrGz7fap58Y3XtxuUrGz/dnrvM6ls2m8fs1yjncGEArZTFTyLFbz5Zj9rUeJ75z7cfdT+Nt7/X/S7Y37es1L8/BlkfeBb7PsbR8jallMWrkWLhg8l2PyO/qpEN6JHn/weR4vjiR6lKepn/cma/lv+vdvPTTL3LjiLbX2jf11aNJZxvPX+37VuR/7xNef5vRopTeybLexra+c/6avO6c5Hi3MfPlXUjY3lddVvDRPsdFxaX5g/ntX+NFH+/U9VGUVtNKDzVrT2S1zYixZc/7K1tlbV7u7XTVRtu/mLj2i92a2fy2tuRYnJuqqpt5bV7y9p93dpDV1aW5gY9vOxOef4/jBQ//u3XU/WZv2v+a+f/9/qWHZ/K/L3XH1b+J2rb3itz/VaZ/8Ym+T8YKd64/Vy130X2qq+VJ4uf3fwfihTP/qu3tlnW7unWHhl0t2CY8vz/LVL8euZO5zNffrbLh92E1vP/bKN32bmuHlL+n6xtmyjbNXafxwJ2m9Vb77x5eWlp/oYVK1asdFaG/c0EbLX8+v9XkeL9J7JU9WPL6//PtR91e8z/ebd7/T/bt+wY0vX/ntq22bLXMpr3zdeuXR99OqK5euudg4vXLl+dvzq/PPPK0elj08dPHD08OlZ17rtrAx872Ony/P8lUvx58o+dceze/v/G43+tvmXHkPL/VH2fevo1Ax8K2HWq+b+vLN3pZPle43/VON/+53uXnT+qGVL+99a2TZTtevw+jwUAAAAAAAAAAADsFK2UxQ8jxfl/vpyqe+gGuf93rm/ZMaT7//bVts1t0981DnyQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdrCRyOJ6pPjg1fX0/XzDZMQL9SXwmfW/AAAA///+zUk1")
syz_emit_vhci(&(0x7f0000005980)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x7}, @hci_rp_read_enc_key_size={{}, {0xf, 0xc9, 0x8}}}}, 0xa)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000000)={0x2, 0x1, 0x2, 0x8})

1.849920059s ago: executing program 3 (id=930):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000001000)='dns_resolver\x00', &(0x7f0000001040)={'syz', 0x2}, &(0x7f0000001080)='\x00', 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
connect$netrom(0xffffffffffffffff, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f0000000b00)="86cf8445f4ba1d9f20174688f169e58c", 0x10)
listen(r3, 0x0)

1.848099909s ago: executing program 1 (id=931):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

948.057773ms ago: executing program 1 (id=932):
socket$netlink(0x10, 0x3, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x802c, @mcast2, 0x5}, 0x1c)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300"], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r4, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}}, 0x0)
sendfile(r3, r1, 0x0, 0x100000000)

947.315153ms ago: executing program 3 (id=933):
r0 = fsopen(&(0x7f0000000400)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000540)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f0000000240)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='\xd1S{O', &(0x7f0000000080)='\x1e\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001680)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f0000000640)='dU|\xcbM\xe6\x91q\xe0\x05\xbes\xc0\xd2\xdb0}\xa6\xc4tly\xe0+\xb8~\xd9ymx\xa1\x06\xb4F\xf3Q:\xfem\xea\xed\xfc\x04\xf88\xe0\xa1&\xa8\xff\x10\xb3\xb2\x92N\f\x00!\xdbV\xc3\xca\r\x8c\xfb\x8esJ\xb3\x1bf\xce\v\x0e\xe3\xd5', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f00000000c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='(\x00', &(0x7f0000000440)='\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000007c0)='{)+}@@!}\x00', &(0x7f0000000800)='dU|\xcbM\xe6\x91q\xe0', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001ec0)='\\$#[\\/\x00\xd5\xd4^\xa7\xe4\xd4\x1f.yh\x18\xb8s\xe6\f\xaf*4\xe1\xa1e\x04%f\x8f\xde\x91\x04\xbb\xc8\x17\x15\xa4\xf0\x00\x15w\x00\x00\xed\xdd}\x00\x18\xf3\xde\n\xbe\x91\xc4\xc5\xe6\xd3o\xaau\xf34\t\x9d\x80rg\xbc\xee\x96p\x18\x9e(h\xeb\xd9\xde\xa6\xfc\x8e\xe3,\xae\xa8\xf0\x82y\x91\x1c{\x85 \xc7P\xa3\x9c\x06\xc1\xd3\x92\xcd\xcc\x17\xb2}\x13:\xbbh\"%;\b\x7f\x91\x8a\xa5Z\x92~<\xfe3\x19\xdcVJ\f\xd1\x89d\xf9N\xbd\x92\x86\xa2\xa8\xc0:\x1f\n\xc9\x8eUO\x8e\xea\x99\xe1\xbe%Y\x9eH#\xa4\x9d5\xa88m6\x89kE\xce\xc3\aBW\xec_\xea_\x81\xbe\x86~\x84F\xa9\xcd\xba\xfb\xd8\x8f\x01\x81~\x9c#\r\x87\xcf\x19\xb9\xbd \xcb\xff\x88io\xb0\xb1\xa0B\x8cI\x82+\xc4\xcf\xf4!+\x16v\xb6\x8a\xb7k}\x1d\xf2\x1c\x00\x8f\xd7\x84R\x12\xed){SM[\xe6g6\xfeF\x1dJ\x83', &(0x7f0000000380)='\xbd\x10\xe2\n\xc4\xa8\xa8?\a\x9e@O<\xf4s\x85~X\x85\xdc\x11\x04a\xf8\xa6f\x96nB\x02\x10+C$\f\xb3\xcc\xed\"M\xb6 V\xc5\x9a\x11o^\xda\xc8', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000ec0)='\xcfD\xbc\xbf\x95@\xd6j\'$\x1d\x14\xb7!\x8b\xff\xdc\x83\xc5$\xb3\xecr\xe4G:\x93\xdfj\x96\x7f\x03\xe5\x94\x04[\x02\xa9[>\xf9\x9c\x83@\x1e\x99\xcah\x85\xb8\xbeSAk\xf4\xb6 \xdf\xa0P\x18\x19\xae\x8c\x9a\x19mm\r<|\xe8\x9e\xa0x\x84p2\xf9\xe2\xed\xb0\f\x7f;\xf6J18G\x84c\x88\x9d{\xf4~\xdby\xe1\xdf\x1a\xae\xd6ez\xe5\xa8\xe1\'', 0x0, r0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000a00)='wsync', &(0x7f0000000b40)="b2", 0x1)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000840)='\x00\x9b~\xd7\xde\x91d\r\xa3e\xec=Z\xce\xb0\xdfr\xbfQ\x85n4\xf5T\xc2\x86;\x03K\x80pF\xeaK\xb4t\xef\'\n\x05\xc9\xcfc\x92\bE\xf9\xf9\xcf\x96\x99\xde\x1e3\xcdA\xf9\x1bj\xc3\x8b\xbe\xee\xb3e\xd8Mk\xf1+\xbf\xd5\x98\x8c\x13\xdc\x85\x17\xcd\xf8\xf5\a\xde9\xd1\x8b\xf0&P\x92\x99u8\xb6,#\x0f\x89\xd9ic\xb5\xba\xe7\x03\x8d-\v\xd3S\x98\x89@\x8aWLU\xb1\xc4i6\xa5\xb7\x1d\xf3s\xaf\x7f\xb16\xa2\xbe\xfa\xfa~2\x1d\xeb\xd0G\xdc\a\xa3\x93n\x82\xa7h\xd7\x83N\x8aW\xaa\xc1\xc7\xec\xea\x13\xbe\xf3fQ\xfa\x8cP\xa7\xc1O,\x83\xec\xa9\xeb\xb2 u\x15A\xde\f8T\x81\xccces\xfa\xef\xf4 =z\xfc\xef]~tY \xef8\r,x~\xa0,\xc7@\xc0\xef\xc1`\xec}\xa2\x8d\x95\xff0c\xcd\x02~\xb7\x1a\x93\xff\xcd\xadB7\x13\x84BPC\xa4\xa2O\xf0\xdd\xde\xc5H.y\xfc\xe9$\xf6\xa6t\xa3\xdbr\x00+\x01{\xfb-\x1f\x1b\xeb\xd9b\xf0\n\x99\x0f4\xfa_\x10\xd0%\xe7o\xc9\bO\xfe\xfb\xca\xf8\x9d]\xa1\x98(Nw\x87\xd15', &(0x7f0000000100)="8d", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000a40)='\xcfD\xbc\xbf\xff\xdc\x83\xc5$\xb3\xecr\xe4G:\x93\xdfj\x96\x7f\x03\xe5\x94\xec\xe6\x04T\xcbn\xa5\xc3\x04[\x02\xa9[=\xf9\x8b\xf7\xc1\x9c\x83@\x1e\x99\xca\xc3\x85\xb8\xbeSAk\xf4\xb6 \xdf\xa0P\x18\x19\xae\x8c\x9a\x19mm\r<|\xe8\x9e\xa0x\x84p2\xf9\xe2\xed\xb0\f\x7f;\xf6J18G\x84c\x88\x9d{\xf4~\xdby:\xd8\xc5\xccrun4\xe0\xca\xc1\x0f\xc3\x03D\xe1\f\xb3O\xa4\x1c\x04]8)}\x83:\x9e\xc0X\xdb\xd9\x89\x94\x9b(\x19\\\xf5!w\xbafo\xea\xe4\xb5Xe\x84\xbc\xcdw\x802\xb4\xb8\x1f\xc2\x97\xbfi\xe8\xf8\xbd\x1d,\xffUX\xbeA\x00{\"\xdbya#I\x03\xec\xed\x8b\x97\xff\x1eiq\xd1n\xf99\xc6\a\a\xed\x0f\x15x\x91\xdc\x05P\xf7\xf3\xad\xa3\xbc\xe4[\xa2\xc7\xfa\x9e\xad\xa2\xad\x86\xc4\aD\xc9\xdf\xf8\xf7\xc1\xc5\xc5.\x8a&:\x90\xb2\x8c\x86\xb2\\\xa8%!\x98TQ\x91\x00\x00\x00\x00$\x99\xbf', &(0x7f00000006c0)='\x01\x8dik\xc2\xed\xf9\x8a\xae\x86\xae)Dn<(\x02:cU\xa0d\xd4\x1f\xd4\x95\x93\xb7\xc1\xcc\x84\x8c\xdd\xbf^]~\xcf\xcb6w\xb3\xfa0b\x88\x04\x10\x9d_\x97\x9f\x89\xb7\xe35C\xf3\x1b\xafV\\wGU\xaf\xa4\f&\xe7m\xf0\xaa{\xb2\xe5\xe2\xeb\x9bN#\x99\xdc\x9f\"\xab&\x8f\x01\x17Y\xaf\xb7\xdc`r\x9c6\\\x0e\x94\xc0a\xf7\xd4u\xdf\xf0\x9b\xb0p\v\xa1\x8a\x145\x9b\xd95\xc8U\xe4V\x81-1\xb0K\x9a\xa3+\x03\xc1\xf0\xeb\xafYI&\x9e\xd0\xe1\x148\xfe\x10\x0f\xbd\xa2\xed}\xe6\x1asT\x1f\x92\xdb\xa1&\'\xc7\xe9\xa5\xd0\x89\x8d\xf1$\"\xdc\xe5\xfcT\xad\fj\xfe\'t', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='$\x00', &(0x7f0000000340)='{)+}@@!}\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000980)=',\xce\xed\"OF\x83\xbfd?.\'R\xa3\x81\x02\x11z@P\xe1\f\xd9\xaaa\xb4\xcb\xbf\xc2\xd4\x97<qe\xc7C\x9e\xad\x92\xa5\x14\xee\xaf\x14\x83^Dr\x19dj\xd6\xcf\xcd\xe0\xfb\x98\xa4IPm\x17\x06\xf9\xde\x8a\xf0\x1a\xd9\x7fKC\xab\xb9\xf0', 0x0, r0)
read(r0, 0x0, 0x0)
close(r0)

884.444708ms ago: executing program 0 (id=934):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002300), 0x2, 0x0)
r2 = syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000006340)={0x2020, 0x0, <r3=>0x0}, 0x2023)
userfaultfd(0x1)
write$FUSE_INIT(r1, &(0x7f0000002200)={0x50, 0x0, r3, {0x7, 0x27, 0x2, 0x1dd880, 0x0, 0x0, 0x4}}, 0x50)
read$FUSE(r1, &(0x7f0000000100)={0x2020}, 0x2020)
io_uring_setup(0x3eae, &(0x7f0000002280)={0x0, 0x9da2, 0x2, 0x1002, 0x65, 0x0, r2})
syz_open_dev$usbfs(&(0x7f00000000c0), 0x205, 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = getpid()
syz_pidfd_open(r4, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xff7ffffffffffffd, 0x2, 0xffffffffffffffff, 0xfffffffffffffffe, 0x9, 0x2, 0x8}, 0x0, &(0x7f0000000400)={0x7fc, 0x2, 0x800000, 0x0, 0x0, 0xc3ad, 0x0, 0xc2c5}, 0x0, 0x0)

883.944078ms ago: executing program 3 (id=935):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$inet6(r0, &(0x7f0000000500)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000440), 0x1000a)
sendfile(r0, r4, &(0x7f0000000180)=0x2, 0x2001001)

883.377768ms ago: executing program 1 (id=936):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

44.596606ms ago: executing program 0 (id=937):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, <r3=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000300)=r2}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000640)="8d", &(0x7f00000007c0)=@tcp=r0, 0x2}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0x5, 0xe, 0x0, &(0x7f00000003c0)="000000000000000000000001e370", 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50)

14.392479ms ago: executing program 3 (id=938):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 1 (id=939):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pipe2$watch_queue(&(0x7f0000001180)={<r3=>0xffffffffffffffff}, 0x80)
r4 = add_key(&(0x7f0000000480)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0x7)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r3, 0xf9)
keyctl$setperm(0x5, r4, 0x8082008)

kernel console output (not intermixed with test programs):

IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   27.292399][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   27.294813][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   27.296349][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   27.297572][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   27.302521][ T4320] device veth0_vlan entered promiscuous mode
[   27.306372][ T4336] 8021q: adding VLAN 0 to HW filter on device batadv0
[   27.307612][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   27.309060][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.310881][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   27.312320][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.316556][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   27.318372][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.320029][ T1694] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.321202][ T1694] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.322599][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.324098][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.325568][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   27.329994][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   27.331481][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.332903][ T1694] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.334086][ T1694] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.339758][ T4327] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   27.341692][ T4327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   27.348067][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   27.349549][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   27.350996][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   27.356073][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   27.359326][ T4320] device veth1_vlan entered promiscuous mode
[   27.360640][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   27.362154][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   27.364581][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.369790][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   27.371673][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   27.373282][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   27.388295][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   27.389890][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   27.391542][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   27.395057][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   27.396391][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   27.399337][ T4321] 8021q: adding VLAN 0 to HW filter on device batadv0
[   27.405879][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   27.407513][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.412353][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   27.416635][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.418110][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   27.419620][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   27.425797][ T4336] device veth0_vlan entered promiscuous mode
[   27.430301][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   27.433326][ T4320] device veth0_macvtap entered promiscuous mode
[   27.436602][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.438099][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.439456][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   27.441468][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.447297][ T4336] device veth1_vlan entered promiscuous mode
[   27.450509][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   27.452251][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   27.459850][ T4320] device veth1_macvtap entered promiscuous mode
[   27.468297][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   27.469905][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   27.471276][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   27.472431][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   27.481040][ T4327] 8021q: adding VLAN 0 to HW filter on device batadv0
[   27.482711][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   27.484505][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.491305][ T4336] device veth0_macvtap entered promiscuous mode
[   27.495704][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_0
[   27.498701][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   27.500208][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   27.501822][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   27.509997][ T4336] device veth1_macvtap entered promiscuous mode
[   27.512675][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_1
[   27.515444][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   27.517061][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   27.518636][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   27.522140][ T4320] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   27.526777][ T4320] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   27.528232][ T4320] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   27.529683][ T4320] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   27.533396][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   27.535308][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.547933][ T4336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   27.549639][ T4336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.552024][ T4336] batman_adv: batadv0: Interface activated: batadv_slave_0
[   27.554383][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   27.555940][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   27.563564][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   27.565301][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.567582][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   27.569097][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.570599][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.572007][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.575409][ T4336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   27.577071][ T4336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.579199][ T4336] batman_adv: batadv0: Interface activated: batadv_slave_1
[   27.581372][ T4336] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   27.582680][ T4336] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   27.584790][ T4336] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   27.586204][ T4336] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   27.588370][ T4327] device veth0_vlan entered promiscuous mode
[   27.590574][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   27.592122][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   27.602668][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   27.604119][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   27.607131][ T4327] device veth1_vlan entered promiscuous mode
[   27.619859][ T4328] 8021q: adding VLAN 0 to HW filter on device batadv0
[   27.621235][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   27.622733][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   27.624983][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.626547][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.627932][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.638520][ T4321] device veth0_vlan entered promiscuous mode
[   27.657412][ T4321] device veth1_vlan entered promiscuous mode
[   27.660361][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   27.661944][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   27.663363][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   27.666257][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.673109][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   27.677169][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.685454][ T4327] device veth0_macvtap entered promiscuous mode
[   27.698439][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   27.699688][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   27.700007][ T4327] device veth1_macvtap entered promiscuous mode
[   27.706957][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   27.708492][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   27.709924][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   27.711394][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   27.718207][  T868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   27.719602][  T868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   27.721936][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   27.726544][ T4327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   27.728315][ T4327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.729899][ T4327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   27.731586][ T4327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.734441][ T4327] batman_adv: batadv0: Interface activated: batadv_slave_0
[   27.735691][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   27.737389][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.738930][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   27.740590][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   27.745163][ T1694] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   27.745616][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.746331][ T1694] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   27.747810][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.750073][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   27.757470][ T4327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   27.759118][ T4327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.760538][ T4327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   27.762095][ T4327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.765487][ T4327] batman_adv: batadv0: Interface activated: batadv_slave_1
[   27.766845][ T4328] device veth0_vlan entered promiscuous mode
[   27.770396][  T868] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   27.771779][  T868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   27.775041][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   27.776687][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   27.778175][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   27.785730][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   27.788052][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.793899][ T4327] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   27.795413][ T4327] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   27.796883][ T4327] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   27.798280][ T4327] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   27.801215][ T4321] device veth0_macvtap entered promiscuous mode
[   27.803347][ T4328] device veth1_vlan entered promiscuous mode
[   27.895107][ T4328] device veth0_macvtap entered promiscuous mode
[   27.897575][ T4328] device veth1_macvtap entered promiscuous mode
[   27.902238][ T4321] device veth1_macvtap entered promiscuous mode
[   27.907309][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   27.908838][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   27.910249][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   27.911678][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   27.913091][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   27.915085][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.916602][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   27.921689][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   27.923555][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.927809][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   27.929407][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.930957][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   27.932537][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   27.935884][ T4321] batman_adv: batadv0: Interface activated: batadv_slave_0
[   28.067575][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   28.070666][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.106051][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.239675][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   28.241402][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.243055][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   28.245125][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.246579][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   28.248219][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.250303][ T4321] batman_adv: batadv0: Interface activated: batadv_slave_1
[   28.253363][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   28.260726][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.262479][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   28.264840][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.266680][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   28.268572][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.270312][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   28.272072][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.275760][ T4328] batman_adv: batadv0: Interface activated: batadv_slave_0
[   28.277313][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.278935][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.280651][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.282213][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.287453][ T4321] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   28.288951][ T4321] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   28.290351][ T4321] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   28.291825][ T4321] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   28.401563][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   28.403582][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.405680][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   28.407420][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.409071][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   28.410877][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.412755][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   28.415372][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   28.417886][ T4328] batman_adv: batadv0: Interface activated: batadv_slave_1
[   28.421970][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.423789][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.432979][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   28.434440][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   28.435385][ T4328] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   28.437431][ T4328] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   28.438912][ T4328] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   28.440441][ T4328] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   28.443214][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   28.742689][  T868] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   28.745122][  T868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   28.753279][ T4443] loop1: detected capacity change from 0 to 512
[   28.760382][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   28.762735][  T868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   28.768432][  T868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   28.769149][ T4443] EXT2-fs (loop1): warning: mounting ext3 filesystem as ext2
[   28.772140][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   28.801541][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   28.802970][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   28.805674][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   28.815084][ T4324] Bluetooth: hci1: command 0x041b tx timeout
[   28.816049][ T4324] Bluetooth: hci0: command 0x041b tx timeout
[   28.819559][  T868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   28.823239][  T868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   28.829505][  T868] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   28.835315][ T4435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   28.836563][ T4435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   28.838621][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   28.893796][ T4324] Bluetooth: hci2: command 0x041b tx timeout
[   28.904495][   T47] Bluetooth: hci3: command 0x041b tx timeout
[   28.904505][ T4324] Bluetooth: hci4: command 0x041b tx timeout
[   28.922201][ T4450] device bridge0 entered promiscuous mode
[   28.924219][ T4450] batman_adv: batadv0: Adding interface: macsec1
[   28.925406][ T4450] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.930067][ T4450] batman_adv: batadv0: Interface activated: macsec1
[   29.018251][ T4454] binder: 4453:4454 tried to acquire reference to desc 0, got 1 instead
[   29.018727][ T4456] loop0: detected capacity change from 0 to 128
[   29.025787][ T4454] binder_alloc: 4453: pid 4453 spamming oneway? 2 buffers allocated for a total size of 5120
[   29.027934][ T4454] binder_alloc: 4453: pid 4453 spamming oneway? 3 buffers allocated for a total size of 5128
[   29.029980][ T4454] binder: 4453:4454 BC_FREE_BUFFER u0000000020ffd000 matched unreturned or currently freeing buffer
[   29.032952][ T4364] binder: undelivered TRANSACTION_COMPLETE
[   29.034660][ T4364] binder: undelivered TRANSACTION_COMPLETE
[   29.035587][ T4364] binder: undelivered TRANSACTION_COMPLETE
[   29.365160][ T3899] binder: undelivered transaction 6, process died.
[   29.369013][ T3899] binder: undelivered transaction 7, process died.
[   29.374362][ T3899] binder: undelivered transaction 5, process died.
[   29.376998][ T4456] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   29.432704][ T4456] syz.0.10 (pid 4456) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   29.474202][ T4456] fscrypt: Adiantum using implementation "adiantum(xchacha12-neon,aes-ce,nhpoly1305-generic)"
[   29.491151][ T4474] process 'syz.1.14' launched '/dev/fd/8' with NULL argv: empty string added
[   29.505937][ T4328] EXT4-fs (loop0): unmounting filesystem.
[   29.526319][ T4477] =======================================================
[   29.526319][ T4477] WARNING: The mand mount option has been deprecated and
[   29.526319][ T4477]          and is ignored by this kernel. Remove the mand
[   29.526319][ T4477]          option from the mount to silence this warning.
[   29.526319][ T4477] =======================================================
[   29.880470][ T4481] loop2: detected capacity change from 0 to 512
[   29.885786][ T4481] EXT2-fs (loop2): error: revision level too high, forcing read-only mode
[   29.888012][ T4481] EXT2-fs (loop2): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8]
[   30.436365][ T4496] binder: 4495:4496 tried to acquire reference to desc 0, got 1 instead
[   30.457863][ T4496] binder: 4495:4496 got transaction with invalid offset (24, min 24 max 24) or object.
[   30.460620][ T4496] binder: 4495:4496 transaction call to 4495:0 failed 12/29201/-22, size 24-24 line 3355
[   30.462878][ T4364] binder: undelivered TRANSACTION_ERROR: 29201
[   31.039029][ T4322] Bluetooth: hci1: command 0x040f tx timeout
[   31.039655][   T47] Bluetooth: hci3: command 0x040f tx timeout
[   31.040576][ T4329] Bluetooth: hci4: command 0x040f tx timeout
[   31.041900][   T47] Bluetooth: hci2: command 0x040f tx timeout
[   31.042531][ T4324] Bluetooth: hci0: command 0x040f tx timeout
[   31.135122][ T4509] mmap: syz.3.26 (4509): VmData 175833088 exceed data ulimit 67108945. Update limits or use boot option ignore_rlimit_data.
[   32.341513][ T4520] binder: 4519:4520 tried to acquire reference to desc 0, got 1 instead
[   32.351269][ T4520] binder: 4519:4520 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   32.353390][ T4520] binder: 4520 RLIMIT_NICE not set
[   32.373399][ T4520] binder: 4520 RLIMIT_NICE not set
[   33.054309][ T4329] Bluetooth: hci0: command 0x0419 tx timeout
[   33.054380][ T4324] Bluetooth: hci4: command 0x0419 tx timeout
[   33.056533][ T4322] Bluetooth: hci1: command 0x0419 tx timeout
[   33.057724][ T4322] Bluetooth: hci3: command 0x0419 tx timeout
[   33.090657][ T4504] Bluetooth: hci2: command 0x0419 tx timeout
[   33.138763][ T4526] netlink: 4 bytes leftover after parsing attributes in process `syz.4.28'.
[   33.140440][ T4526] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   33.164753][ T4364] binder: release 4519:4520 transaction 17 out, still active
[   33.166068][ T4364] binder: undelivered TRANSACTION_COMPLETE
[   33.185602][ T4533] loop2: detected capacity change from 0 to 1024
[   33.253307][ T4540] Zero length message leads to an empty skb
[   33.278566][ T4526] batman_adv: batadv0: Removing interface: batadv_slave_1
[   33.361898][ T4546] tipc: Failed to remove unknown binding: 66,1,1/0:551692591/551692593
[   33.365152][ T4546] tipc: Failed to remove unknown binding: 66,1,1/0:551692591/551692593
[   33.366460][ T4546] tipc: Failed to remove unknown binding: 66,1,1/0:551692591/551692593
[   33.680850][ T4548] syz.1.38 uses obsolete (PF_INET,SOCK_PACKET)
[   33.733687][ T4364] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   34.043256][ T4364] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   34.045993][ T4364] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   34.047960][ T4364] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[   34.059878][ T4364] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   34.271054][ T4364] usb 1-1: config 0 descriptor??
[   34.433039][ T4566] binder: 4565:4566 tried to acquire reference to desc 0, got 1 instead
[   34.788385][ T3899] usb 1-1: USB disconnect, device number 2
[   35.265169][ T4379] binder_debug: 5 callbacks suppressed
[   35.265185][ T4379] binder: release 4565:4566 transaction 29 out, still active
[   35.303945][ T4379] binder: undelivered TRANSACTION_COMPLETE
[   35.305005][ T4379] binder: send failed reply for transaction 36 to 4565:4568
[   35.306279][ T4379] binder: undelivered TRANSACTION_COMPLETE
[   35.307187][ T4379] binder: undelivered TRANSACTION_ERROR: 29189
[   35.308166][ T4379] binder: send failed reply for transaction 29, target dead
[   35.740128][ T4586] loop1: detected capacity change from 0 to 256
[   35.750148][ T4586] FAT-fs (loop1): Directory bread(block 64) failed
[   35.752173][ T4586] FAT-fs (loop1): Directory bread(block 65) failed
[   35.753423][ T4586] FAT-fs (loop1): Directory bread(block 66) failed
[   35.758051][ T4586] FAT-fs (loop1): Directory bread(block 67) failed
[   35.759199][ T4586] FAT-fs (loop1): Directory bread(block 68) failed
[   35.760369][ T4586] FAT-fs (loop1): Directory bread(block 69) failed
[   35.761511][ T4586] FAT-fs (loop1): Directory bread(block 70) failed
[   35.762585][ T4586] FAT-fs (loop1): Directory bread(block 71) failed
[   35.763964][ T4586] FAT-fs (loop1): Directory bread(block 72) failed
[   35.765064][ T4586] FAT-fs (loop1): Directory bread(block 73) failed
[   35.842433][ T4587] Unsupported ieee802154 address type: 0
[   36.079799][ T4589] loop0: detected capacity change from 0 to 4096
[   36.082675][ T4589] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[   36.086012][ T4589] ntfs3: loop0: Failed to load $MFT.
[   36.799746][ T4601] loop2: detected capacity change from 0 to 8
[   36.803286][ T4601] MTD: Attempt to mount non-MTD device "/dev/loop2"
[   36.900078][ T4601] cramfs: Error -5 while decompressing!
[   36.901020][ T4601] cramfs: 00000000f78153aa(26)->00000000826f794b(4096)
[   36.902183][ T4601] cramfs: Error -3 while decompressing!
[   36.903038][ T4601] cramfs: 00000000901568c0(26)->0000000095da0705(4096)
[   36.904248][ T4601] cramfs: Error -3 while decompressing!
[   36.905134][ T4601] cramfs: 00000000cd3eee45(16)->000000003a1a4b82(4096)
[   36.906216][ T4601] cramfs: Error -5 while decompressing!
[   36.948235][ T4601] cramfs: 00000000f78153aa(26)->00000000826f794b(4096)
[   37.110550][ T4313] udevd[4313]: incorrect cramfs checksum on /dev/loop2
[   37.120533][ T4603] device vlan2 entered promiscuous mode
[   37.126196][ T4313] udevd[4313]: incorrect cramfs checksum on /dev/loop2
[   37.172395][ T4605] netlink: 4 bytes leftover after parsing attributes in process `syz.1.56'.
[   37.267914][ T4607] loop0: detected capacity change from 0 to 32768
[   37.274867][ T4607] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.55 (4607)
[   37.289087][ T4607] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   37.292922][ T4607] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm
[   37.294483][ T4607] BTRFS info (device loop0): metadata ratio 2
[   37.295366][ T4607] BTRFS info (device loop0): allowing degraded mounts
[   37.296355][ T4607] BTRFS info (device loop0): force zlib compression, level 3
[   37.297903][ T4607] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[   37.299236][ T4607] BTRFS info (device loop0): use zstd compression, level 3
[   37.300318][ T4607] BTRFS info (device loop0): force clearing of disk cache
[   37.301785][ T4607] BTRFS info (device loop0): using free space tree
[   37.348625][ T4607] BTRFS info (device loop0): enabling ssd optimizations
[   37.351398][ T4607] BTRFS info (device loop0): rebuilding free space tree
[   37.410560][ T4328] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   37.569367][ T4645] syz.0.59 sent an empty control message without MSG_MORE.
[   37.912244][ T4648] device syzkaller0 entered promiscuous mode
[   38.789767][ T4670] netlink: 4 bytes leftover after parsing attributes in process `syz.4.71'.
[   39.242354][ T4681] netlink: 8 bytes leftover after parsing attributes in process `syz.3.74'.
[   39.247085][ T4681] netlink: 48 bytes leftover after parsing attributes in process `syz.3.74'.
[   40.135552][ T4702] binder: 4700:4702 tried to acquire reference to desc 0, got 1 instead
[   40.141826][ T4642] binder: release 4700:4702 transaction 41 out, still active
[   40.143170][ T4642] binder: undelivered TRANSACTION_COMPLETE
[   40.158650][ T4642] binder: send failed reply for transaction 41, target dead
[   40.159972][ T4642] binder: undelivered death notification, 0000000000000000
[   40.272191][ T4689] tipc: Started in network mode
[   40.273185][ T4689] tipc: Node identity 1e01a55f9139, cluster identity 4711
[   40.274933][ T4689] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   40.276403][ T4692] device syzkaller0 entered promiscuous mode
[   40.282583][ T4704] tipc: Resetting bearer <eth:syzkaller0>
[   40.296100][ T4678] tipc: Resetting bearer <eth:syzkaller0>
[   40.345178][ T4678] tipc: Disabling bearer <eth:syzkaller0>
[   41.398336][ T4729] loop0: detected capacity change from 0 to 128
[   41.746480][ T4729] syz.0.85: attempt to access beyond end of device
[   41.746480][ T4729] loop0: rw=2049, sector=145, nr_sectors = 89 limit=128
[   41.768604][ T4732] loop1: detected capacity change from 0 to 256
[   41.789940][ T4732] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   41.935661][ T4737] netlink: 60 bytes leftover after parsing attributes in process `syz.1.88'.
[   41.946727][ T4729] syz.0.85: attempt to access beyond end of device
[   41.946727][ T4729] loop0: rw=2049, sector=241, nr_sectors = 800 limit=128
[   42.329071][ T4742] syz.0.85: attempt to access beyond end of device
[   42.329071][ T4742] loop0: rw=524288, sector=241, nr_sectors = 256 limit=128
[   42.334474][ T4742] syz.0.85: attempt to access beyond end of device
[   42.334474][ T4742] loop0: rw=0, sector=241, nr_sectors = 8 limit=128
[   42.336618][ T4742] syz.0.85: attempt to access beyond end of device
[   42.336618][ T4742] loop0: rw=0, sector=241, nr_sectors = 8 limit=128
[   42.347417][ T4742] syz.0.85: attempt to access beyond end of device
[   42.347417][ T4742] loop0: rw=0, sector=241, nr_sectors = 8 limit=128
[   42.349772][ T4742] syz.0.85: attempt to access beyond end of device
[   42.349772][ T4742] loop0: rw=0, sector=241, nr_sectors = 8 limit=128
[   42.371882][ T4742] syz.0.85: attempt to access beyond end of device
[   42.371882][ T4742] loop0: rw=0, sector=241, nr_sectors = 8 limit=128
[   42.375218][ T4742] syz.0.85: attempt to access beyond end of device
[   42.375218][ T4742] loop0: rw=0, sector=241, nr_sectors = 8 limit=128
[   42.379906][ T4742] syz.0.85: attempt to access beyond end of device
[   42.379906][ T4742] loop0: rw=0, sector=241, nr_sectors = 8 limit=128
[   42.458144][ T4750] loop2: detected capacity change from 0 to 1024
[   42.530278][ T4750] hfsplus: bad catalog entry type
[   42.826286][ T4742] Buffer I/O error on dev loop0, logical block 241, async page read
[   42.854111][ T4742] Buffer I/O error on dev loop0, logical block 242, async page read
[   42.855710][ T4742] Buffer I/O error on dev loop0, logical block 243, async page read
[   42.857035][ T4742] Buffer I/O error on dev loop0, logical block 244, async page read
[   42.858394][ T4742] Buffer I/O error on dev loop0, logical block 245, async page read
[   42.859781][ T4742] Buffer I/O error on dev loop0, logical block 246, async page read
[   42.861130][ T4742] Buffer I/O error on dev loop0, logical block 247, async page read
[   42.862450][ T4742] Buffer I/O error on dev loop0, logical block 248, async page read
[   42.864209][ T4742] Buffer I/O error on dev loop0, logical block 241, async page read
[   42.865531][ T4742] Buffer I/O error on dev loop0, logical block 242, async page read
[   43.244160][   T39] hfsplus: b-tree write err: -5, ino 4
[   44.800968][ T4782] tipc: Started in network mode
[   44.801857][ T4782] tipc: Node identity ac1414aa, cluster identity 4711
[   44.803514][ T4782] tipc: Enabled bearer <udp:syz2>, priority 10
[   44.809444][ T4782] tipc: Enabled bearer <eth:team0>, priority 0
[   46.184858][ T4642] tipc: Node number set to 2886997162
[   46.268869][ T4792] loop2: detected capacity change from 0 to 32768
[   46.301568][ T4792] XFS (loop2): Mounting V5 Filesystem
[   46.328535][ T4792] XFS (loop2): Ending clean mount
[   46.364538][ T4327] XFS (loop2): Unmounting Filesystem
[   47.658694][   T27] audit: type=1326 audit(47.640:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4831 comm="syz.2.113" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb6f5af28 code=0x0
[   47.692522][ T4836] loop3: detected capacity change from 0 to 128
[   47.696803][ T4836] FAT-fs (loop3): bogus number of FAT structure
[   47.698013][ T4836] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   47.699536][ T4836] FAT-fs (loop3): Can't find a valid FAT filesystem
[   47.719681][ T4836] xt_bpf: check failed: parse error
[   49.419420][ T4851] loop2: detected capacity change from 0 to 32768
[   49.431231][ T4851] XFS (loop2): Mounting V5 Filesystem
[   49.447515][ T4851] XFS (loop2): Ending clean mount
[   49.505176][ T4327] XFS (loop2): Unmounting Filesystem
[   58.433875][ T4796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.106'.
[   58.485431][ T4821] netlink: 4 bytes leftover after parsing attributes in process `syz.4.111'.
[   58.491896][ T4830] netlink: 4 bytes leftover after parsing attributes in process `syz.4.111'.
[   58.718605][ T4881] binder: 4879:4881 tried to acquire reference to desc 0, got 1 instead
[   58.722300][ T4881] binder: 4879:4881 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   58.730488][ T4881] binder: 4881 RLIMIT_NICE not set
[   58.731474][ T4881] binder: 4881 RLIMIT_NICE not set
[   58.738309][ T4881] binder: 4881 RLIMIT_NICE not set
[   58.741704][ T4881] binder: 4879:4881 got reply with fd, -1, but target does not allow fds
[   58.744478][ T4881] binder: 4881:4879 translate fd failed
[   58.745517][ T4881] binder: 4879:4881 transaction reply to 4879:4881 failed 53/29201/-1, size 88-24 line 3424
[   58.747097][ T4881] binder: send failed reply for transaction 52 to 4879:4881
[   58.757302][ T4364] binder: undelivered TRANSACTION_ERROR: 29190
[   58.758372][ T4364] binder: undelivered TRANSACTION_COMPLETE
[   58.759341][ T4364] binder: undelivered TRANSACTION_ERROR: 29201
[   59.115389][ T4892] tipc: Started in network mode
[   59.116474][ T4892] tipc: Node identity 4, cluster identity 4711
[   59.117414][ T4892] tipc: Node number set to 4
[   59.813396][ T4919] loop0: detected capacity change from 0 to 64
[   59.893361][ T4922] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   59.896431][ T4922] device syzkaller0 entered promiscuous mode
[   59.910869][ T4922] tipc: Resetting bearer <eth:syzkaller0>
[   59.922927][ T4921] tipc: Resetting bearer <eth:syzkaller0>
[   60.303581][ T4929] binder: 4928:4929 tried to acquire reference to desc 0, got 1 instead
[   60.309127][ T4929] binder: 4928:4929 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   60.311659][ T4929] binder: 4929 RLIMIT_NICE not set
[   60.312476][ T4929] binder: 4929 RLIMIT_NICE not set
[   60.316716][ T4921] tipc: Disabling bearer <eth:syzkaller0>
[   60.338478][ T4642] binder: undelivered TRANSACTION_COMPLETE
[   60.339695][ T4642] binder: undelivered TRANSACTION_COMPLETE
[   60.340657][ T4642] binder: undelivered transaction 59, process died.
[   60.393294][ T4935] loop1: detected capacity change from 0 to 1024
[   60.409539][ T4934] MPTCP: kernel_bind error, err=-98
[   60.460947][ T4935] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   60.535300][ T4320] EXT4-fs (loop1): unmounting filesystem.
[   60.539612][ T4948] loop3: detected capacity change from 0 to 2048
[   60.550461][ T4948] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[   60.551980][ T4948] UDF-fs: Scanning with blocksize 512 failed
[   60.555656][ T4948] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   60.960743][ T4505] bio_check_eod: 7381 callbacks suppressed
[   60.960759][ T4505] kworker/u4:9: attempt to access beyond end of device
[   60.960759][ T4505] loop3: rw=1, sector=2048, nr_sectors = 2 limit=2048
[   60.964115][ T4505] buffer_io_error: 5366 callbacks suppressed
[   60.964129][ T4505] Buffer I/O error on dev loop3, logical block 1024, lost async page write
[   60.966403][ T4505] kworker/u4:9: attempt to access beyond end of device
[   60.966403][ T4505] loop3: rw=1, sector=2048, nr_sectors = 2 limit=2048
[   61.160058][ T4505] Buffer I/O error on dev loop3, logical block 1024, lost async page write
[   61.222262][ T4505] kworker/u4:9: attempt to access beyond end of device
[   61.222262][ T4505] loop3: rw=1, sector=2048, nr_sectors = 2 limit=2048
[   61.297108][ T4505] Buffer I/O error on dev loop3, logical block 1024, lost async page write
[   61.301758][ T4505] kworker/u4:9: attempt to access beyond end of device
[   61.301758][ T4505] loop3: rw=1, sector=2048, nr_sectors = 2 limit=2048
[   61.308576][ T4505] Buffer I/O error on dev loop3, logical block 1024, lost async page write
[   61.321433][ T4505] kworker/u4:9: attempt to access beyond end of device
[   61.321433][ T4505] loop3: rw=1, sector=2050, nr_sectors = 2 limit=2048
[   61.323854][ T4505] Buffer I/O error on dev loop3, logical block 1025, lost async page write
[   61.325327][ T4505] kworker/u4:9: attempt to access beyond end of device
[   61.325327][ T4505] loop3: rw=1, sector=2050, nr_sectors = 2 limit=2048
[   61.327429][ T4505] Buffer I/O error on dev loop3, logical block 1025, lost async page write
[   61.328969][ T4505] kworker/u4:9: attempt to access beyond end of device
[   61.328969][ T4505] loop3: rw=1, sector=2050, nr_sectors = 2 limit=2048
[   61.331360][ T4505] Buffer I/O error on dev loop3, logical block 1025, lost async page write
[   61.332702][ T4505] kworker/u4:9: attempt to access beyond end of device
[   61.332702][ T4505] loop3: rw=1, sector=2050, nr_sectors = 2 limit=2048
[   61.335125][ T4505] Buffer I/O error on dev loop3, logical block 1025, lost async page write
[   61.336672][ T4505] kworker/u4:9: attempt to access beyond end of device
[   61.336672][ T4505] loop3: rw=1, sector=2052, nr_sectors = 2 limit=2048
[   61.341254][ T4505] Buffer I/O error on dev loop3, logical block 1026, lost async page write
[   61.342775][ T4505] kworker/u4:9: attempt to access beyond end of device
[   61.342775][ T4505] loop3: rw=1, sector=2052, nr_sectors = 2 limit=2048
[   61.345504][ T4505] Buffer I/O error on dev loop3, logical block 1026, lost async page write
[   61.362539][ T4960] loop4: detected capacity change from 0 to 512
[   61.367121][ T4962] loop0: detected capacity change from 0 to 512
[   61.374769][ T4962] EXT2-fs (loop0): warning: feature flags set on rev 0 fs, running e2fsck is recommended
[   61.392909][ T4962] EXT2-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[   61.411605][ T4962] EXT2-fs (loop0): 0.5b, 95/08/09, bs=2048, gc=1, bpg=16384, ipg=32, mo=8021c]
[   61.417880][ T4960] Injecting memory failure for pfn 0x211290 at process virtual address 0x20001000
[   61.417969][ T4940] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   61.421677][ T4960] Memory failure: 0x211290: recovery action for reserved kernel page: Ignored
[   61.531078][ T4966] loop1: detected capacity change from 0 to 40427
[   61.543104][ T4966] F2FS-fs (loop1): Unrecognized mount option "whint_mode=off" or missing value
[   62.518976][ T4966] sched: RT throttling activated
[   63.019106][ T4980] netlink: 'syz.2.159': attribute type 3 has an invalid length.
[   63.020848][ T4980] netlink: 'syz.2.159': attribute type 3 has an invalid length.
[   63.027161][ T4981] binder_alloc: 4975: binder_alloc_buf, no vma
[   63.028218][ T4981] binder: cannot allocate buffer: vma cleared, target dead or dying
[   63.065736][ T4986] netlink: 12 bytes leftover after parsing attributes in process `syz.4.161'.
[   63.093062][ T4986] bridge1: port 1(ip6gretap1) entered blocking state
[   63.098267][ T4986] bridge1: port 1(ip6gretap1) entered disabled state
[   63.099783][ T4986] device ip6gretap1 entered promiscuous mode
[   63.147920][ T4322] Bluetooth: hci2: Malformed Event: 0x48
[   63.152895][ T4986] device veth3 entered promiscuous mode
[   63.155207][ T4986] bridge1: port 2(veth3) entered blocking state
[   63.156388][ T4986] bridge1: port 2(veth3) entered disabled state
[   63.924444][ T4433] binder_debug: 2 callbacks suppressed
[   63.924456][ T4433] binder: undelivered TRANSACTION_ERROR: 29190
[   63.959636][ T5017] binder_user_error: 9 callbacks suppressed
[   63.959647][ T5017] binder: 5016:5017 tried to acquire reference to desc 0, got 1 instead
[   63.962853][ T5017] binder: 5016:5017 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   63.965528][ T5017] binder: 5017 RLIMIT_NICE not set
[   63.966484][ T5017] binder: 5017 RLIMIT_NICE not set
[   63.968866][ T4433] binder: release 5016:5017 transaction 70 out, still active
[   63.970117][ T4433] binder: undelivered TRANSACTION_COMPLETE
[   63.978724][ T4433] binder: release 5016:5017 transaction 70 in, still active
[   63.980040][ T4433] binder: send failed reply for transaction 70, target dead
[   64.683533][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[   64.684265][    T7] cfg80211: failed to load regulatory.db
[   64.684998][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[   64.720840][ T5026] binder: 5025:5026 tried to acquire reference to desc 0, got 1 instead
[   64.732715][ T5026] binder: 5025:5026 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   64.737720][ T5026] binder: 5026 RLIMIT_NICE not set
[   64.740865][ T5026] binder: 5026 RLIMIT_NICE not set
[   64.743590][ T5026] binder: 5026 RLIMIT_NICE not set
[   64.760635][   T22] binder: undelivered TRANSACTION_COMPLETE
[   64.761833][   T22] binder: undelivered TRANSACTION_COMPLETE
[   64.762903][   T22] binder: undelivered transaction 76, process died.
[   64.770488][ T5034] binder: 5033:5034 tried to acquire reference to desc 0, got 1 instead
[   64.772779][ T5034] binder: 5033:5034 transaction call to 5033:0 failed 82/29201/-71, size 0-48 line 3114
[   64.778775][    T7] binder: release 5033:5034 transaction 81 out, still active
[   64.786823][ T5036] capability: warning: `syz.0.175' uses deprecated v2 capabilities in a way that may be insecure
[   66.104114][ T5075] loop3: detected capacity change from 0 to 256
[   66.107997][ T5075] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   66.110151][ T5075] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[   66.114422][ T5075] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[   66.747665][ T5081] loop4: detected capacity change from 0 to 164
[   67.347586][ T5092] 9pnet_fd: Insufficient options for proto=fd
[   67.353396][ T5092] loop3: detected capacity change from 0 to 512
[   67.357190][ T5092] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   67.366483][ T5092] EXT4-fs (loop3): required journal recovery suppressed and not mounted read-only
[   67.885521][ T5109] loop4: detected capacity change from 0 to 16
[   67.971936][ T5109] erofs: (device loop4): mounted with root inode @ nid 36.
[   69.220140][ T5134] loop3: detected capacity change from 0 to 512
[   69.241611][ T5134] EXT2-fs (loop3): warning: feature flags set on rev 0 fs, running e2fsck is recommended
[   69.252659][ T5134] EXT2-fs (loop3): error: couldn't mount RDWR because of unsupported optional features (1000000)
[   69.698681][ T5146] netlink: 24 bytes leftover after parsing attributes in process `syz.4.209'.
[   69.740574][ T5148] netlink: 44 bytes leftover after parsing attributes in process `syz.2.206'.
[   69.856236][ T5156] netlink: 20 bytes leftover after parsing attributes in process `syz.4.210'.
[   72.250025][ T5216] loop4: detected capacity change from 0 to 256
[   72.587111][ T5229] loop0: detected capacity change from 0 to 8192
[   72.602542][ T5229] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   72.607996][ T5229] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   72.609762][ T5229] REISERFS (device loop0): using ordered data mode
[   72.610845][ T5229] reiserfs: using flush barriers
[   72.616133][ T5229] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   72.619302][ T5229] REISERFS (device loop0): checking transaction log (loop0)
[   72.623288][ T5229] REISERFS (device loop0): Using r5 hash to sort names
[   72.628227][ T5229] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   72.677210][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   72.680685][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   72.683891][ T5229] REISERFS (device loop0): Remounting filesystem read-only
[   72.692824][ T5229] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data
[   72.703337][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   72.706728][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   72.708644][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   72.711297][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   72.713114][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   72.721128][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   72.723263][ T5249] loop3: detected capacity change from 0 to 2048
[   72.825592][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.081594][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.083570][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.086136][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.088249][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.090968][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.092896][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.095627][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.097557][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.100185][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.101988][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.135238][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.137459][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.140120][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.151401][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.190350][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.203848][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.206795][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.209794][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.231335][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.233121][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.258461][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.260519][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.310157][ T5303] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   73.375350][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.380953][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.387174][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   73.389057][ T5229] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[   73.396538][ T5229] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[   74.889830][ T5327] binder_user_error: 4 callbacks suppressed
[   74.889839][ T5327] binder: 5325:5327 tried to acquire reference to desc 0, got 1 instead
[   74.907031][ T5327] binder: 5325:5327 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   74.922498][ T5327] binder: 5327 RLIMIT_NICE not set
[   74.923395][ T5327] binder: 5327 RLIMIT_NICE not set
[   74.932751][ T5327] binder: 5327 RLIMIT_NICE not set
[   75.237471][ T5329] binder: 5325:5329 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   75.248206][ T5329] binder: 5329 RLIMIT_NICE not set
[   75.268884][   T22] binder_debug: 4 callbacks suppressed
[   75.268897][   T22] binder: undelivered TRANSACTION_COMPLETE
[   75.271256][   T22] binder: undelivered TRANSACTION_COMPLETE
[   75.272260][   T22] binder: undelivered transaction 88, process died.
[   76.594311][ T5353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.249'.
[   76.597299][ T5353] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[   76.633503][ T5341] loop0: detected capacity change from 0 to 32768
[   76.650738][ T5351] loop3: detected capacity change from 0 to 32768
[   76.686858][ T5341] XFS (loop0): Mounting V5 Filesystem
[   76.690678][ T5351] XFS (loop3): alignment check failed: sunit/swidth vs. blocksize(2048)
[   76.750381][ T5341] XFS (loop0): Ending clean mount
[   77.391677][ T4328] XFS (loop0): Unmounting Filesystem
[   77.431918][ T5382] loop4: detected capacity change from 0 to 32768
[   77.483004][ T5382] XFS (loop4): Mounting V5 Filesystem
[   77.826531][ T5382] XFS (loop4): Ending clean mount
[   77.891403][ T4321] XFS (loop4): Unmounting Filesystem
[   78.263780][ T5407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.261'.
[   79.233585][   T27] audit: type=1326 audit(79.210:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5428 comm="syz.3.265" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb4b5af28 code=0x0
[   81.805781][ T5458] Cannot find set identified by id 0 to match
[   82.684603][ T5474] netlink: 'syz.0.278': attribute type 12 has an invalid length.
[   83.056771][ T5485] loop0: detected capacity change from 0 to 8192
[   83.065346][ T5478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.279'.
[   83.644856][ T5496] loop1: detected capacity change from 0 to 512
[   83.649615][ T5496] EXT2-fs (loop1): warning: feature flags set on rev 0 fs, running e2fsck is recommended
[   83.654562][ T5496] EXT2-fs (loop1): error: couldn't mount RDWR because of unsupported optional features (1000000)
[   84.539288][ T5515] netlink: 12 bytes leftover after parsing attributes in process `syz.1.292'.
[   84.566771][ T5517] netlink: 8 bytes leftover after parsing attributes in process `syz.1.293'.
[   84.568236][ T5517] netlink: 'syz.1.293': attribute type 5 has an invalid length.
[   84.569476][ T5517] netlink: 28 bytes leftover after parsing attributes in process `syz.1.293'.
[   84.572418][ T5517] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[   84.574230][ T5517] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[   84.575737][ T5517] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[   84.577175][ T5517] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[   84.578541][ T5517] device geneve2 entered promiscuous mode
[   84.580492][ T5512] netlink: 4 bytes leftover after parsing attributes in process `syz.3.291'.
[   86.561663][ T5548] loop4: detected capacity change from 0 to 512
[   86.579545][ T5551] netlink: 4 bytes leftover after parsing attributes in process `syz.3.304'.
[   87.426465][    C0] vxcan0: j1939_tp_rxtimer: 0x00000000e046afe6: rx timeout, send abort
[   87.428719][    C0] vxcan0: j1939_tp_rxtimer: 0x000000009aca99dc: rx timeout, send abort
[   87.442955][ T5548] EXT2-fs (loop4): warning: feature flags set on rev 0 fs, running e2fsck is recommended
[   87.457661][ T5548] EXT2-fs (loop4): error: couldn't mount RDWR because of unsupported optional features (1000000)
[   87.558407][ T4940] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   88.923341][ T5584] netlink: 76 bytes leftover after parsing attributes in process `syz.3.311'.
[   88.931132][ T5582] netlink: 'syz.1.310': attribute type 4 has an invalid length.
[   90.636697][ T5611] netlink: 8 bytes leftover after parsing attributes in process `syz.3.321'.
[   90.643435][ T5611] netlink: 'syz.3.321': attribute type 5 has an invalid length.
[   90.646350][ T5611] netlink: 28 bytes leftover after parsing attributes in process `syz.3.321'.
[   90.649363][ T5611] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[   90.650745][ T5611] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[   90.652029][ T5611] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[   90.653485][ T5611] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[   90.664520][ T5611] device geneve2 entered promiscuous mode
[   91.494752][ T5625] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[   92.445119][ T5641] loop1: detected capacity change from 0 to 8192
[   93.943585][ T5666] netlink: 8 bytes leftover after parsing attributes in process `syz.0.337'.
[   93.965807][ T5666] netlink: 'syz.0.337': attribute type 5 has an invalid length.
[   93.976851][ T5666] netlink: 28 bytes leftover after parsing attributes in process `syz.0.337'.
[   93.981813][ T5666] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[   93.983132][ T5666] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[   93.998587][ T5666] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[   94.000088][ T5666] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[   94.001481][ T5666] device geneve2 entered promiscuous mode
[   97.216552][ T5723] loop0: detected capacity change from 0 to 512
[   97.233529][ T5720] overlayfs: failed to clone upperpath
[   97.242306][ T5723] EXT2-fs (loop0): error: revision level too high, forcing read-only mode
[   97.246445][ T5723] EXT2-fs (loop0): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8]
[   97.965972][ T5729] netlink: 4 bytes leftover after parsing attributes in process `syz.1.365'.
[   97.967716][ T5729] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.091769][ T5727] loop3: detected capacity change from 0 to 32768
[   98.153483][ T5727] XFS (loop3): Mounting V5 Filesystem
[   98.548076][ T5729] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.556924][ T5750] binder: 5749:5750 tried to acquire reference to desc 0, got 1 instead
[   98.558922][ T5750] binder: 5749:5750 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   98.561126][ T5750] binder: 5750 RLIMIT_NICE not set
[   98.561909][ T5750] binder: 5750 RLIMIT_NICE not set
[   98.565500][ T5727] XFS (loop3): Ending clean mount
[   98.566398][ T4642] binder: release 5749:5750 transaction 93 out, still active
[   98.567625][ T4642] binder: undelivered TRANSACTION_COMPLETE
[   98.577782][ T5733] binder: release 5749:5750 transaction 93 in, still active
[   98.578965][ T5733] binder: send failed reply for transaction 93, target dead
[  100.472733][ T5766] loop0: detected capacity change from 0 to 128
[  100.511442][ T5766] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  100.527640][ T4940] udevd[4940]: incorrect ext4 checksum on /dev/loop0
[  100.976718][ T5775] binder: 5774:5775 tried to acquire reference to desc 0, got 1 instead
[  100.989949][ T4336] XFS (loop3): Unmounting Filesystem
[  101.131812][ T5777] binder: 5774:5777 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  101.136436][ T5777] binder: 5777 RLIMIT_NICE not set
[  101.137469][ T5777] binder: 5777 RLIMIT_NICE not set
[  101.139041][ T5777] binder: 5777 RLIMIT_NICE not set
[  101.140073][ T5777] binder_alloc: 5774: binder_alloc_buf, no vma
[  101.141447][ T5777] binder: cannot allocate buffer: vma cleared, target dead or dying
[  101.141483][ T5777] binder: 5774:5777 transaction reply to 5774:5775 failed 99/29189/-3, size 0-0 line 3239
[  101.146245][ T5777] binder: send failed reply for transaction 98 to 5774:5775
[  101.149091][ T5775] binder: 5774:5775 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  101.394765][ T5780] MPTCP: kernel_bind error, err=-98
[  101.831660][ T3899] binder: undelivered TRANSACTION_ERROR: 29190
[  102.835671][ T5787] loop1: detected capacity change from 0 to 32768
[  102.930876][ T5787] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.367 (5787)
[  103.513425][ T5787] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  103.515326][ T5787] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm
[  103.517472][ T5787] BTRFS info (device loop1): metadata ratio 2
[  103.518395][ T5787] BTRFS info (device loop1): allowing degraded mounts
[  103.519539][ T5787] BTRFS info (device loop1): force zlib compression, level 3
[  103.520907][ T5787] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  103.522513][ T5787] BTRFS info (device loop1): use zstd compression, level 3
[  103.523766][ T5787] BTRFS info (device loop1): force clearing of disk cache
[  104.232309][ T5787] BTRFS info (device loop1): using free space tree
[  104.329500][ T5284] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.358735][ T5787] BTRFS info (device loop1): enabling ssd optimizations
[  104.360878][ T5787] BTRFS info (device loop1): rebuilding free space tree
[  105.242230][ T4320] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  105.367481][ T5844] binder_user_error: 1 callbacks suppressed
[  105.367490][ T5844] binder: 5841:5844 tried to acquire reference to desc 0, got 1 instead
[  105.717068][ T5847] binder: 5841:5847 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  105.724220][ T5847] binder: 5847 RLIMIT_NICE not set
[  105.725024][ T5847] binder: 5847 RLIMIT_NICE not set
[  105.728247][ T5847] binder: 5847 RLIMIT_NICE not set
[  105.729210][ T5847] binder_alloc: 5841: binder_alloc_buf, no vma
[  105.732363][ T5847] binder: cannot allocate buffer: vma cleared, target dead or dying
[  105.732392][ T5847] binder: 5841:5847 transaction reply to 5841:5844 failed 105/29189/-3, size 0-0 line 3239
[  105.739379][ T5847] binder: send failed reply for transaction 104 to 5841:5844
[  105.740802][ T5844] binder: 5841:5844 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  105.749207][ T5844] binder: 5844 RLIMIT_NICE not set
[  106.136035][ T4363] binder: undelivered TRANSACTION_ERROR: 29190
[  106.746009][ T5862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.385'.
[  106.850562][ T5866] netlink: 32 bytes leftover after parsing attributes in process `syz.1.388'.
[  107.382049][ T5880] loop4: detected capacity change from 0 to 1024
[  108.098767][ T5880] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  109.076325][   T27] audit: type=1326 audit(109.060:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.079962][   T27] audit: type=1326 audit(109.060:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.092100][   T27] audit: type=1326 audit(109.060:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.108627][   T27] audit: type=1326 audit(109.060:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.112126][   T27] audit: type=1326 audit(109.060:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.112373][ T5911] loop3: detected capacity change from 0 to 2048
[  109.141616][   T27] audit: type=1326 audit(109.060:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.145267][   T27] audit: type=1326 audit(109.060:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.148844][   T27] audit: type=1326 audit(109.060:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.151300][ T5911] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  109.152391][   T27] audit: type=1326 audit(109.060:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.165174][   T27] audit: type=1326 audit(109.060:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.0.400" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffffacd5af28 code=0x7ffc0000
[  109.178914][ T4321] EXT4-fs (loop4): unmounting filesystem.
[  109.334495][ T5921] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  109.897736][ T5924] netlink: 'syz.4.404': attribute type 11 has an invalid length.
[  109.969676][ T4336] EXT4-fs (loop3): unmounting filesystem.
[  111.227695][ T5952] devtmpfs: Unknown parameter 'dirsync���k��9ě��k9X��[G���cN���13���H����s���~�v�Ѹ���L�����D쮔 eOp���t�C�{7-`'�*�+���k�2�WQҗN�EZ'��r�{�ҬZ��z�6���e�Ub��:Ԑ���$#C�6�[Y�H�^�B���@ɜ�l !�/�J���U�����8q�~�쭶H7�؇#�e�QR�ՆNWXa�'
[  111.675785][ T5965] xt_bpf: check failed: parse error
[  112.097440][ T5963] loop3: detected capacity change from 0 to 32768
[  113.789030][ T5963] XFS (loop3): Mounting V5 Filesystem
[  113.819709][ T5963] XFS (loop3): Ending clean mount
[  113.925482][ T4336] XFS (loop3): Unmounting Filesystem
[  114.056874][ T6015] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  114.058467][ T6015] device syzkaller0 entered promiscuous mode
[  114.064645][ T6015] tipc: Resetting bearer <eth:syzkaller0>
[  114.073361][ T6014] tipc: Resetting bearer <eth:syzkaller0>
[  114.608281][ T6020] loop4: detected capacity change from 0 to 128
[  114.610212][ T6020] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  114.625953][ T6020] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  114.652106][ T6014] tipc: Disabling bearer <eth:syzkaller0>
[  114.903776][ T6022] netlink: 20 bytes leftover after parsing attributes in process `syz.0.429'.
[  114.922782][ T6024] x_tables: duplicate underflow at hook 3
[  115.093152][ T6026] loop3: detected capacity change from 0 to 32768
[  115.390824][ T6026] XFS (loop3): Mounting V5 Filesystem
[  115.441169][ T6026] XFS (loop3): Ending clean mount
[  115.463958][ T4336] XFS (loop3): Unmounting Filesystem
[  115.837598][ T6053] netlink: 4 bytes leftover after parsing attributes in process `syz.4.438'.
[  115.841778][ T6053] netlink: 4 bytes leftover after parsing attributes in process `syz.4.438'.
[  116.569488][ T6068] netlink: 8 bytes leftover after parsing attributes in process `syz.0.442'.
[  116.616846][ T6072] fuse: Bad value for 'fd'
[  116.620944][ T6070] netlink: 4 bytes leftover after parsing attributes in process `syz.0.444'.
[  116.633471][ T6070] netlink: 4 bytes leftover after parsing attributes in process `syz.0.444'.
[  116.664117][ T6077] binder: 6076:6077 tried to acquire reference to desc 0, got 1 instead
[  116.667537][ T6077] binder: 6076:6077 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  116.670115][ T6077] binder: 6077 RLIMIT_NICE not set
[  116.671074][ T6077] binder: 6077 RLIMIT_NICE not set
[  116.672390][ T6077] binder: 6077 RLIMIT_NICE not set
[  116.676746][ T6077] binder: 6076:6077 got reply with fd, -1, but target does not allow fds
[  116.678202][ T6077] binder: 6077:6076 translate fd failed
[  116.679093][ T6077] binder: 6076:6077 transaction reply to 6076:6077 failed 111/29201/-1, size 88-24 line 3424
[  116.681064][ T6077] binder: send failed reply for transaction 110 to 6076:6077
[  116.699164][   T22] binder: undelivered TRANSACTION_ERROR: 29190
[  116.700260][   T22] binder: undelivered TRANSACTION_COMPLETE
[  116.701270][   T22] binder: undelivered TRANSACTION_ERROR: 29201
[  117.322088][ T6101] binder: 6100:6101 tried to acquire reference to desc 0, got 1 instead
[  117.328178][ T6101] binder: 6100:6101 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  117.330308][ T6101] binder: 6101 RLIMIT_NICE not set
[  117.331212][ T6101] binder: 6101 RLIMIT_NICE not set
[  117.607259][ T4642] binder: undelivered TRANSACTION_COMPLETE
[  117.608478][ T4642] binder: undelivered TRANSACTION_COMPLETE
[  117.609520][ T4642] binder: undelivered transaction 117, process died.
[  117.722968][ T6108] loop1: detected capacity change from 0 to 512
[  117.727218][ T6108] EXT2-fs (loop1): error: revision level too high, forcing read-only mode
[  117.729783][ T6108] EXT2-fs (loop1): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8]
[  117.832280][ T6110] tipc: Started in network mode
[  117.833134][ T6110] tipc: Node identity ac1414aa, cluster identity 4711
[  117.835422][ T6110] tipc: Enabled bearer <udp:syz2>, priority 10
[  117.858320][ T6110] tipc: Enabled bearer <eth:team0>, priority 0
[  117.979093][    C0] vcan0: j1939_tp_rxtimer: 0x0000000063eb817e: rx timeout, send abort
[  117.980676][    C0] vcan0: j1939_tp_rxtimer: 0x00000000b32050c1: rx timeout, send abort
[  118.478192][    C0] vcan0: j1939_tp_rxtimer: 0x0000000063eb817e: abort rx timeout. Force session deactivation
[  118.480027][    C0] vcan0: j1939_tp_rxtimer: 0x00000000b32050c1: abort rx timeout. Force session deactivation
[  118.570051][ T6104] loop0: detected capacity change from 0 to 32768
[  119.136589][ T4640] tipc: Node number set to 2886997162
[  119.412348][ T6133] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  119.416716][ T6104] XFS (loop0): Mounting V5 Filesystem
[  119.434398][ T6104] XFS (loop0): Ending clean mount
[  119.467032][ T4328] XFS (loop0): Unmounting Filesystem
[  120.907194][ T6168] loop3: detected capacity change from 0 to 512
[  120.930367][ T6167] tipc: Enabled bearer <udp:syz2>, priority 10
[  120.932964][ T6168] EXT2-fs (loop3): error: revision level too high, forcing read-only mode
[  120.934264][ T6168] EXT2-fs (loop3): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8]
[  120.940511][ T6167] tipc: Enabled bearer <eth:team0>, priority 0
[  122.464305][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  123.142870][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  123.509742][   T27] kauditd_printk_skb: 33 callbacks suppressed
[  123.509751][   T27] audit: type=1326 audit(123.699:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.2.484" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb6f5af28 code=0x0
[  123.573083][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  124.158282][ T6226] loop3: detected capacity change from 0 to 1024
[  124.194741][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  124.200987][ T6226] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  124.509779][ T6229] loop0: detected capacity change from 0 to 8192
[  124.518959][ T6229] FAT-fs (loop0): Unrecognized mount option "./file0" or missing value
[  124.586439][ T4336] EXT4-fs (loop3): unmounting filesystem.
[  124.841321][ T6235] could not allocate digest TFM handle sha1-ssse3
[  125.029206][ T6245] loop3: detected capacity change from 0 to 128
[  125.035080][ T6245] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  125.063048][ T6245] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  125.435564][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  125.484414][ T6255] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  125.687067][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  125.688432][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[  125.688447][ T4640] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  125.705423][ T6258] netlink: 'syz.2.495': attribute type 1 has an invalid length.
[  125.716162][ T6258] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  125.717710][ T6258] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  125.719440][ T6258] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  125.720987][ T6258] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  125.724510][ T6258] bond1: (slave geneve2): making interface the new active one
[  125.729650][ T6258] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  125.733058][ T6258] netlink: 28 bytes leftover after parsing attributes in process `syz.2.495'.
[  125.736574][ T6258] 8021q: adding VLAN 0 to HW filter on device bond1
[  126.283147][ T6268] netlink: 20 bytes leftover after parsing attributes in process `syz.2.496'.
[  126.633992][ T4385] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  126.635481][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  126.715168][ T5282] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  126.719970][ T6272] netlink: 28 bytes leftover after parsing attributes in process `syz.3.499'.
[  126.721509][ T6272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.499'.
[  126.725653][ T6274] netlink: 'syz.0.502': attribute type 4 has an invalid length.
[  126.734149][ T6276] netlink: 'syz.3.499': attribute type 10 has an invalid length.
[  126.735635][ T6276] bridge0: port 3(team0) entered blocking state
[  126.736666][ T6276] bridge0: port 3(team0) entered disabled state
[  126.738353][ T6276] device team0 entered promiscuous mode
[  126.739266][ T6276] device team_slave_0 entered promiscuous mode
[  126.743033][ T6276] device team_slave_1 entered promiscuous mode
[  126.745178][ T6276] bridge0: port 3(team0) entered blocking state
[  126.746405][ T6276] bridge0: port 3(team0) entered forwarding state
[  127.288783][ T6285] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  127.290537][ T6285] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  127.292095][ T6285] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  127.293650][ T6285] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  127.299434][ T6285] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  127.945390][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.014426][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.394371][ T4322] Bluetooth: hci4: command 0x0409 tx timeout
[  130.064581][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  130.171810][ T4642] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  130.727293][ T6357] loop0: detected capacity change from 0 to 512
[  130.786073][ T6357] EXT2-fs (loop0): error: revision level too high, forcing read-only mode
[  130.787716][ T6357] EXT2-fs (loop0): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8]
[  131.071175][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  131.373160][ T4504] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  131.375359][ T4504] Bluetooth: hci4: Injecting HCI hardware error event
[  131.378550][ T4322] Bluetooth: hci4: hardware error 0x00
[  132.424980][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  132.940671][ T6394] serio: Serial port pts0
[  133.192213][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.449761][ T5733] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.750761][ T4322] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  134.672739][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  135.184985][ T4640] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  135.886900][ T6457] loop1: detected capacity change from 0 to 8
[  135.888478][ T6457] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  135.939603][ T6457] cramfs: Error -5 while decompressing!
[  135.940645][ T6457] cramfs: 00000000d2b5dcd5(26)->0000000002cfacd0(4096)
[  135.941848][ T6457] cramfs: Error -3 while decompressing!
[  135.942772][ T6457] cramfs: 00000000e5763131(26)->000000005a24f85a(4096)
[  135.943929][ T6457] cramfs: Error -3 while decompressing!
[  135.944913][ T6457] cramfs: 00000000e64c4902(16)->00000000cc68f32b(4096)
[  135.946844][ T6457] cramfs: Error -5 while decompressing!
[  135.947797][ T6457] cramfs: 00000000d2b5dcd5(26)->0000000002cfacd0(4096)
[  136.096431][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  136.208023][ T4940] udevd[4940]: incorrect cramfs checksum on /dev/loop1
[  136.215257][ T4642] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  137.184430][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.190879][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.332309][ T6471] loop1: detected capacity change from 0 to 32768
[  138.811012][ T6471] XFS (loop1): Mounting V5 Filesystem
[  139.063222][ T6471] XFS (loop1): Ending clean mount
[  139.558534][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  139.571989][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  140.169013][   T27] audit: type=1326 audit(140.536:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.227420][   T27] audit: type=1326 audit(140.596:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=34 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.480115][   T27] audit: type=1326 audit(140.767:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.484748][ T4320] XFS (loop1): Unmounting Filesystem
[  140.486179][   T27] audit: type=1326 audit(140.858:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=292 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.489652][   T27] audit: type=1326 audit(140.858:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.529508][   T27] audit: type=1326 audit(140.858:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.536546][   T27] audit: type=1326 audit(140.858:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.544060][   T27] audit: type=1326 audit(140.858:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.549685][   T27] audit: type=1326 audit(140.858:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.557679][   T27] audit: type=1326 audit(140.858:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.2.570" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffb6f5af28 code=0x7ffc0000
[  140.618442][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  140.624522][ T6535] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  141.720067][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.920428][ T4385] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.921819][ T4385] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.983960][ T6578] xt_bpf: check failed: parse error
[  144.108771][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.669044][ T6605] loop1: detected capacity change from 0 to 32768
[  144.692464][ T6605] XFS (loop1): Mounting V5 Filesystem
[  144.712967][ T4642] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.715908][ T6605] XFS (loop1): Ending clean mount
[  145.122926][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.212337][ T4320] XFS (loop1): Unmounting Filesystem
[  145.216901][ T6629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.598'.
[  145.220144][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  145.253461][ T6629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.598'.
[  145.513746][ T6636] loop0: detected capacity change from 0 to 1024
[  145.557789][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.559505][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.564925][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.566287][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.803265][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.804596][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.816513][ T6646] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.817924][ T6646] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.894966][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.896275][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.903713][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.905059][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.907765][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.909733][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.910842][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.911840][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.913685][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.916697][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.922271][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.926190][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.927595][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.930367][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.931701][ T6636] hfsplus: request for non-existent node 33423360 in B*Tree
[  145.988046][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.227876][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.229293][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.108886][ T6666] loop0: detected capacity change from 0 to 256
[  147.262699][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.267094][ T6666] FAT-fs (loop0): Directory bread(block 64) failed
[  147.268186][ T6666] FAT-fs (loop0): Directory bread(block 65) failed
[  147.269452][ T6666] FAT-fs (loop0): Directory bread(block 66) failed
[  147.270544][ T6666] FAT-fs (loop0): Directory bread(block 67) failed
[  147.271873][ T6666] FAT-fs (loop0): Directory bread(block 68) failed
[  147.273026][ T6666] FAT-fs (loop0): Directory bread(block 69) failed
[  147.274304][ T6666] FAT-fs (loop0): Directory bread(block 70) failed
[  147.275530][ T6666] FAT-fs (loop0): Directory bread(block 71) failed
[  147.276763][ T6666] FAT-fs (loop0): Directory bread(block 72) failed
[  147.277910][ T6666] FAT-fs (loop0): Directory bread(block 73) failed
[  148.069444][ T4504] Bluetooth: hci1: command 0x0406 tx timeout
[  148.070261][ T4322] Bluetooth: hci2: command 0x0406 tx timeout
[  148.072483][ T4322] Bluetooth: hci3: command 0x0406 tx timeout
[  148.072505][ T4504] Bluetooth: hci0: command 0x0406 tx timeout
[  148.308246][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  148.386139][ T6679] loop0: detected capacity change from 0 to 512
[  148.421025][ T6679] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  148.792617][ T4328] EXT4-fs (loop0): unmounting filesystem.
[  148.859415][ T6694] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.860658][ T6694] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.862369][ T6694] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.866156][ T6694] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.939421][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.345536][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.399657][ T6707] loop0: detected capacity change from 0 to 512
[  149.401109][ T6707] EXT4-fs: Ignoring removed mblk_io_submit option
[  149.402190][ T6707] EXT4-fs: Ignoring removed bh option
[  149.405820][ T6707] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  149.407980][ T6707] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  149.410023][ T6707] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  149.413255][ T6718] netlink: 8 bytes leftover after parsing attributes in process `syz.1.624'.
[  149.416900][ T6718] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  149.431230][ T6707] EXT4-fs (loop0): 1 truncate cleaned up
[  149.432238][ T6707] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  149.434996][ T6718] netlink: 36 bytes leftover after parsing attributes in process `syz.1.624'.
[  149.438748][ T6718] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  149.460560][ T4328] EXT4-fs (loop0): unmounting filesystem.
[  150.868830][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  151.038328][ T6737] loop0: detected capacity change from 0 to 32768
[  151.356117][ T4643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  151.374038][ T6737] XFS (loop0): Mounting V5 Filesystem
[  151.405548][ T6737] XFS (loop0): Ending clean mount
[  151.703932][ T6761] loop1: detected capacity change from 0 to 1764
[  151.963771][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  151.967124][ T4385] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  152.271014][ T4642] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  152.310156][ T4871] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  152.630150][ T4328] XFS (loop0): Unmounting Filesystem
[  152.674321][ T6767] netlink: 'syz.3.636': attribute type 10 has an invalid length.
[  152.677427][ T6767] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  153.242885][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  153.611526][ T6790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.642'.
[  154.422169][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  154.513164][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.137962][ T6822] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  157.231356][ T6851] netlink: 'syz.4.661': attribute type 1 has an invalid length.
[  157.317229][ T6851] bond1 (unregistering): Released all slaves
[  158.527428][ T6872] loop0: detected capacity change from 0 to 32768
[  158.727673][ T6872] XFS (loop0): Mounting V5 Filesystem
[  158.746399][ T6872] XFS (loop0): Ending clean mount
[  158.955641][ T6903] loop1: detected capacity change from 0 to 8
[  159.035706][ T6902] SQUASHFS error: Failed to read block 0x2fc: -5
[  159.036853][ T6902] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  159.038114][ T6902] SQUASHFS error: read_indexes: reading block [2fa:0]
[  159.039198][ T6902] SQUASHFS error: Failed to read block 0xfc: -5
[  159.040325][ T6902] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  159.042041][ T6902] SQUASHFS error: read_indexes: reading block [2fa:0]
[  159.043277][ T6902] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  159.044397][ T6902] SQUASHFS error: read_indexes: reading block [2fa:0]
[  159.045464][ T6902] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  159.046488][ T6902] SQUASHFS error: read_indexes: reading block [2fa:0]
[  159.047663][ T6902] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  159.048828][ T6902] SQUASHFS error: read_indexes: reading block [2fa:0]
[  159.083045][ T6904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.673'.
[  159.097306][ T4328] XFS (loop0): Unmounting Filesystem
[  159.278077][ T6914] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  159.879816][ T6923] binder_user_error: 2 callbacks suppressed
[  159.879824][ T6923] binder: 6922:6923 tried to acquire reference to desc 0, got 1 instead
[  159.883511][   T22] binder: undelivered TRANSACTION_COMPLETE
[  159.891228][   T22] binder: undelivered transaction 122, process died.
[  159.903010][ T6925] mmap: syz.1.682 (6925) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  159.981682][ T6930] loop0: detected capacity change from 0 to 16
[  160.348458][ T6930] erofs: (device loop0): mounted with root inode @ nid 36.
[  160.360247][ T6935] netlink: 48 bytes leftover after parsing attributes in process `syz.2.686'.
[  160.361852][ T6935] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  160.363256][ T6935] IPv6: NLM_F_CREATE should be set when creating new route
[  160.657917][ T6943] erofs: (device loop0): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 36
[  160.659746][ T6943] bio_check_eod: 60 callbacks suppressed
[  160.659757][ T6943] syz.0.684: attempt to access beyond end of device
[  160.659757][ T6943] loop0: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16
[  160.866801][ T6942] syz.0.684: attempt to access beyond end of device
[  160.866801][ T6942] loop0: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  161.540790][ T6951] netlink: 'syz.4.691': attribute type 1 has an invalid length.
[  162.037601][ T6951] device veth7 entered promiscuous mode
[  162.045208][ T6951] bond1: (slave veth7): Enslaving as a backup interface with a down link
[  162.096333][ T6956] loop0: detected capacity change from 0 to 32768
[  162.239045][ T6956] XFS (loop0): Mounting V5 Filesystem
[  162.834028][ T6956] XFS (loop0): Ending clean mount
[  162.901532][ T4328] XFS (loop0): Unmounting Filesystem
[  164.373515][ T6999] loop0: detected capacity change from 0 to 8
[  164.482185][ T6999] SQUASHFS error: Failed to read block 0x2fc: -5
[  164.483454][ T6999] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  164.484836][ T6999] SQUASHFS error: read_indexes: reading block [2fa:0]
[  164.486190][ T6999] SQUASHFS error: Failed to read block 0xfc: -5
[  164.487652][ T6999] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  164.489006][ T6999] SQUASHFS error: read_indexes: reading block [2fa:0]
[  164.490990][ T6999] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  164.492412][ T6999] SQUASHFS error: read_indexes: reading block [2fa:0]
[  164.493893][ T6999] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  164.495181][ T6999] SQUASHFS error: read_indexes: reading block [2fa:0]
[  164.497243][ T6999] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  164.498544][ T6999] SQUASHFS error: read_indexes: reading block [2fa:0]
[  165.588201][ T7010] loop0: detected capacity change from 0 to 32768
[  165.645357][ T7010] XFS (loop0): Mounting V5 Filesystem
[  165.674888][ T7010] XFS (loop0): Ending clean mount
[  165.743194][ T4328] XFS (loop0): Unmounting Filesystem
[  167.143691][ T7041] netlink: 8 bytes leftover after parsing attributes in process `syz.1.711'.
[  167.993384][ T7057] netlink: 'syz.4.715': attribute type 1 has an invalid length.
[  168.012462][ T7057] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  168.013889][ T7057] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  168.015394][ T7057] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  168.016855][ T7057] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  168.019873][ T7057] bond2: (slave geneve3): making interface the new active one
[  168.021726][ T7057] bond2: (slave geneve3): Enslaving as an active interface with an up link
[  168.541072][ T7071] loop1: detected capacity change from 0 to 16
[  168.553326][ T7071] erofs: (device loop1): mounted with root inode @ nid 36.
[  168.603684][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.610464][ T7071] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[1851]
[  168.612474][ T7071] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  168.634900][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.636575][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.637964][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 42 @ nid 36
[  168.639746][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.641211][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 41 @ nid 36
[  168.642691][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.644277][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 40 @ nid 36
[  168.645804][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 39 @ nid 36
[  168.647231][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 38 @ nid 36
[  168.648932][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 36 @ nid 36
[  168.650962][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.652449][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 31 @ nid 36
[  168.654108][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 25 @ nid 36
[  168.655640][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 24 @ nid 36
[  168.657352][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 19 @ nid 36
[  168.660065][ T7071] syz.1.717: attempt to access beyond end of device
[  168.660065][ T7071] loop1: rw=524288, sector=784, nr_sectors = 64 limit=16
[  168.662347][ T7071] syz.1.717: attempt to access beyond end of device
[  168.662347][ T7071] loop1: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  168.664908][ T7071] syz.1.717: attempt to access beyond end of device
[  168.664908][ T7071] loop1: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  168.668508][ T7071] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[2639]
[  168.672580][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 87 @ nid 36
[  168.674119][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 86 @ nid 36
[  168.675760][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.677278][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 83 @ nid 36
[  168.678654][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.680119][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 82 @ nid 36
[  168.681668][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 79 @ nid 36
[  168.683182][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 78 @ nid 36
[  168.684811][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.686389][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 76 @ nid 36
[  168.687880][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.689463][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 75 @ nid 36
[  168.691062][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 74 @ nid 36
[  168.692579][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 72 @ nid 36
[  168.694124][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 71 @ nid 36
[  168.695556][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 70 @ nid 36
[  168.697240][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 63 @ nid 36
[  168.698818][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 61 @ nid 36
[  168.700252][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.701788][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 59 @ nid 36
[  168.703173][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.704789][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 58 @ nid 36
[  168.706365][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 56 @ nid 36
[  168.708121][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.709658][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 47 @ nid 36
[  168.711137][ T7071] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.712690][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 46 @ nid 36
[  168.714344][ T7071] erofs: (device loop1): z_erofs_readahead: readahead error at page 45 @ nid 36
[  168.716167][ T7071] syz.1.717: attempt to access beyond end of device
[  168.716167][ T7071] loop1: rw=524288, sector=32, nr_sectors = 64 limit=16
[  168.719497][ T7071] syz.1.717: attempt to access beyond end of device
[  168.719497][ T7071] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[  168.722177][ T7071] syz.1.717: attempt to access beyond end of device
[  168.722177][ T7071] loop1: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  168.725269][ T7071] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[5297]
[  169.593699][ T7091] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  169.596686][ T7091] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  169.633065][ T7091] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  171.377156][ T7133] loop0: detected capacity change from 0 to 16
[  171.419318][ T7133] erofs: (device loop0): mounted with root inode @ nid 36.
[  171.736747][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.748272][ T7133] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[1851]
[  171.750673][ T7133] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117]
[  171.755217][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.757830][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.759558][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 42 @ nid 36
[  171.761170][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.762677][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 41 @ nid 36
[  171.764215][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.765666][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 40 @ nid 36
[  171.767186][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 39 @ nid 36
[  171.768593][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 38 @ nid 36
[  171.770098][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 36 @ nid 36
[  171.771664][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.773245][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 31 @ nid 36
[  171.775271][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 25 @ nid 36
[  171.776956][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 24 @ nid 36
[  171.778661][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 19 @ nid 36
[  171.780581][ T7133] syz.0.734: attempt to access beyond end of device
[  171.780581][ T7133] loop0: rw=524288, sector=784, nr_sectors = 64 limit=16
[  171.783139][ T7133] syz.0.734: attempt to access beyond end of device
[  171.783139][ T7133] loop0: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  171.785861][ T7133] syz.0.734: attempt to access beyond end of device
[  171.785861][ T7133] loop0: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  171.788464][ T7133] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[2639]
[  171.792328][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 87 @ nid 36
[  171.793896][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 86 @ nid 36
[  171.795600][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.797133][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 83 @ nid 36
[  171.798710][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.800284][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 82 @ nid 36
[  171.801955][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 79 @ nid 36
[  171.803527][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 78 @ nid 36
[  171.805137][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.806839][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 76 @ nid 36
[  171.808583][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.810291][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 75 @ nid 36
[  171.812039][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 74 @ nid 36
[  171.813675][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 72 @ nid 36
[  171.815201][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 71 @ nid 36
[  171.816882][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 70 @ nid 36
[  171.818595][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 63 @ nid 36
[  171.820167][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 61 @ nid 36
[  171.821755][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.823380][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 59 @ nid 36
[  171.825038][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.826776][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 58 @ nid 36
[  171.828511][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 56 @ nid 36
[  171.830411][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.832055][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 47 @ nid 36
[  171.833713][ T7133] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.835356][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 46 @ nid 36
[  171.837111][ T7133] erofs: (device loop0): z_erofs_readahead: readahead error at page 45 @ nid 36
[  171.838844][ T7133] syz.0.734: attempt to access beyond end of device
[  171.838844][ T7133] loop0: rw=524288, sector=32, nr_sectors = 64 limit=16
[  171.842809][ T7133] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[5297]
[  172.110592][ T7136] netlink: 'syz.4.736': attribute type 1 has an invalid length.
[  172.139731][ T7136] 8021q: adding VLAN 0 to HW filter on device bond3
[  172.203182][ T7136] 8021q: adding VLAN 0 to HW filter on device bond3
[  172.205557][ T7136] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  172.207884][ T7136] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  172.220902][ T7142] netlink: 28 bytes leftover after parsing attributes in process `syz.0.738'.
[  172.261401][ T7145] device gretap1 entered promiscuous mode
[  172.265113][ T7145] bond3: (slave gretap1): making interface the new active one
[  172.269740][ T7145] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  172.293613][ T7145] device macvlan2 entered promiscuous mode
[  172.295259][ T7145] device bond3 entered promiscuous mode
[  172.296413][ T7145] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  172.817000][ T7145] bond3: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  172.844289][ T7145] device bond3 left promiscuous mode
[  173.094007][ T7166] xt_CT: You must specify a L4 protocol and not use inversions on it
[  173.629631][ T7177] netlink: 28 bytes leftover after parsing attributes in process `syz.1.749'.
[  174.709289][ T7205] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  174.714264][ T7205] device team0 left promiscuous mode
[  174.715152][ T7205] device team_slave_0 left promiscuous mode
[  174.716169][ T7205] device team_slave_1 left promiscuous mode
[  174.718327][ T7205] bridge0: port 3(team0) entered disabled state
[  175.085453][ T7205] device bridge_slave_0 left promiscuous mode
[  175.088508][ T7205] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.134581][ T7205] device bridge_slave_1 left promiscuous mode
[  175.135880][ T7205] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.185180][ T7205] bond0: (slave bond_slave_0): Releasing backup interface
[  175.218836][ T7205] bond0: (slave bond_slave_1): Releasing backup interface
[  175.279200][ T7205] team0: Port device team_slave_0 removed
[  175.288296][ T7205] team0: Port device team_slave_1 removed
[  175.289748][ T7205] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  175.291186][ T7205] batman_adv: batadv0: Removing interface: batadv_slave_0
[  175.293337][ T7205] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  175.294837][ T7205] batman_adv: batadv0: Removing interface: batadv_slave_1
[  175.300182][ T7205] bond0: (slave wlan1): Releasing backup interface
[  175.368164][ T7209] netlink: 'syz.3.757': attribute type 10 has an invalid length.
[  175.371068][ T7209] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  175.377924][ T5286] tipc: Resetting bearer <eth:team0>
[  176.089052][ T7253] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  176.091052][ T7253] device syzkaller0 entered promiscuous mode
[  176.147973][ T7253] tipc: Resetting bearer <eth:syzkaller0>
[  176.151514][ T7252] tipc: Resetting bearer <eth:syzkaller0>
[  176.375518][ T7252] tipc: Disabling bearer <eth:syzkaller0>
[  176.485193][ T7261] netlink: 8 bytes leftover after parsing attributes in process `syz.3.764'.
[  176.492742][ T7261] netlink: 8 bytes leftover after parsing attributes in process `syz.3.764'.
[  176.506857][ T7263] netlink: 'syz.2.765': attribute type 10 has an invalid length.
[  176.538543][ T7263] 8021q: adding VLAN 0 to HW filter on device bond0
[  176.540361][ T7263] team0: Port device bond0 added
[  176.551930][ T7263] tipc: Resetting bearer <eth:team0>
[  177.082679][ T7278] loop1: detected capacity change from 0 to 16
[  177.092158][ T7278] erofs: (device loop1): mounted with root inode @ nid 36.
[  177.114185][ T7278] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.491871][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.491931][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.491939][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 42 @ nid 36
[  177.491954][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.491961][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 41 @ nid 36
[  177.491968][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.491975][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 40 @ nid 36
[  177.491987][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 39 @ nid 36
[  177.491994][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 38 @ nid 36
[  177.492036][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 36 @ nid 36
[  177.492061][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.492068][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 31 @ nid 36
[  177.492119][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 25 @ nid 36
[  177.492128][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 24 @ nid 36
[  177.492155][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 19 @ nid 36
[  177.492235][ T7279] bio_check_eod: 2 callbacks suppressed
[  177.492241][ T7279] syz.1.768: attempt to access beyond end of device
[  177.492241][ T7279] loop1: rw=524288, sector=784, nr_sectors = 64 limit=16
[  177.492274][ T7279] syz.1.768: attempt to access beyond end of device
[  177.492274][ T7279] loop1: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  177.492295][ T7279] syz.1.768: attempt to access beyond end of device
[  177.492295][ T7279] loop1: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  177.492933][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 87 @ nid 36
[  177.492943][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 86 @ nid 36
[  177.492966][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.492972][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 83 @ nid 36
[  177.492979][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.492985][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 82 @ nid 36
[  177.493002][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 79 @ nid 36
[  177.493009][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 78 @ nid 36
[  177.493022][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.493028][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 76 @ nid 36
[  177.493034][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.493041][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 75 @ nid 36
[  177.493053][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 74 @ nid 36
[  177.493065][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 72 @ nid 36
[  177.493072][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 71 @ nid 36
[  177.493081][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 70 @ nid 36
[  177.493129][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 63 @ nid 36
[  177.493144][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 61 @ nid 36
[  177.493155][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.493162][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 59 @ nid 36
[  177.493168][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.493175][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 58 @ nid 36
[  177.493187][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 56 @ nid 36
[  177.493234][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.493245][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 47 @ nid 36
[  177.493255][ T7279] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  177.493262][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 46 @ nid 36
[  177.493271][ T7279] erofs: (device loop1): z_erofs_readahead: readahead error at page 45 @ nid 36
[  177.493305][ T7279] syz.1.768: attempt to access beyond end of device
[  177.493305][ T7279] loop1: rw=524288, sector=32, nr_sectors = 64 limit=16
[  177.493367][ T7279] syz.1.768: attempt to access beyond end of device
[  177.493367][ T7279] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[  177.493385][ T7279] syz.1.768: attempt to access beyond end of device
[  177.493385][ T7279] loop1: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  177.655301][ T7278] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[5297]
[  177.655674][ T7278] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  177.947387][ T7285] loop1: detected capacity change from 0 to 512
[  177.948100][ T7285] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  178.508867][ T7285] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  179.110207][ T4320] EXT4-fs (loop1): unmounting filesystem.
[  179.858489][ T7305] loop0: detected capacity change from 0 to 32768
[  180.442507][ T7302] loop1: detected capacity change from 0 to 32768
[  180.613626][ T7302] XFS (loop1): Mounting V5 Filesystem
[  180.635477][ T7302] XFS (loop1): Ending clean mount
[  180.987124][   T27] kauditd_printk_skb: 27 callbacks suppressed
[  180.987139][   T27] audit: type=1326 audit(437.447:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7320 comm="syz.4.779" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b15af28 code=0x0
[  181.286873][ T4320] XFS (loop1): Unmounting Filesystem
[  181.305558][ T7263] tipc: Disabling bearer <eth:team0>
[  181.339667][ T7263] team0 (unregistering): Port device team_slave_0 removed
[  181.354108][ T7263] team0 (unregistering): Port device team_slave_1 removed
[  181.361581][ T7263] team0 (unregistering): Port device bond0 removed
[  181.418389][ T7328] loop0: detected capacity change from 0 to 32768
[  181.432174][ T7328] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 scanned by syz.0.778 (7328)
[  181.438669][ T7328] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  181.440364][ T7328] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  181.441751][ T7328] BTRFS info (device loop0): using free space tree
[  181.576351][ T7328] BTRFS info (device loop0): enabling ssd optimizations
[  181.932500][ T7358] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.937958][ T7358] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.123788][ T7362] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.127825][ T7362] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.778270][ T4328] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  186.893409][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  186.894584][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[  187.116192][ T7417] netlink: 'syz.3.800': attribute type 10 has an invalid length.
[  187.660788][ T7425] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  187.698162][ T7433] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  188.515045][ T7456] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  190.042101][ T7479] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.045202][ T7479] device batadv_slave_0 entered promiscuous mode
[  190.692007][ T7497] netlink: 52 bytes leftover after parsing attributes in process `syz.0.829'.
[  191.207249][ T7511] loop1: detected capacity change from 0 to 1024
[  191.262106][ T7508] netlink: 160 bytes leftover after parsing attributes in process `syz.2.830'.
[  191.274697][ T7511] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  191.663361][ T7522] loop0: detected capacity change from 0 to 512
[  191.665383][ T7522] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  191.711126][ T7522] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  192.315756][ T4320] EXT4-fs (loop1): unmounting filesystem.
[  192.826961][ T4328] EXT4-fs (loop0): unmounting filesystem.
[  192.931258][ T7541] loop0: detected capacity change from 0 to 8192
[  192.955750][ T7541] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  192.957981][ T7541] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  192.959614][ T7541] REISERFS (device loop0): using ordered data mode
[  192.966798][ T7541] reiserfs: using flush barriers
[  192.970736][ T7541] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  192.991277][ T7541] REISERFS (device loop0): checking transaction log (loop0)
[  192.998257][ T7541] REISERFS (device loop0): Using r5 hash to sort names
[  193.007072][ T7541] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  193.560941][ T7556] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  193.967243][ T7565] loop1: detected capacity change from 0 to 16
[  194.002345][ T7565] erofs: (device loop1): mounted with root inode @ nid 36.
[  195.284855][ T7580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.851'.
[  195.288618][ T7580] netlink: 24 bytes leftover after parsing attributes in process `syz.4.851'.
[  195.775845][ T7572] loop1: detected capacity change from 0 to 32768
[  195.782700][ T7572] xfs: Unknown parameter 'uid>00000000000000000000'
[  197.144165][ T7572] loop1: detected capacity change from 0 to 32768
[  197.784328][ T4940] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by udevd (4940)
[  197.903574][ T7618] No such timeout policy "syz1"
[  198.756297][ T7613] loop1: detected capacity change from 0 to 32768
[  198.759187][ T7613] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.860 (7613)
[  198.765857][ T7613] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  198.767552][ T7613] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  198.769093][ T7613] BTRFS info (device loop1): using free space tree
[  199.212381][ T7613] BTRFS info (device loop1): enabling ssd optimizations
[  199.687725][ T7665] loop6: detected capacity change from 0 to 524287999
[  200.058586][ T4320] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  201.289645][ T7696] loop1: detected capacity change from 0 to 4096
[  201.331656][ T7696] EXT4-fs (loop1): Test dummy encryption mode enabled
[  201.354513][ T7696] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  201.372014][ T7670] device vlan2 entered promiscuous mode
[  201.438079][ T7701] loop0: detected capacity change from 0 to 8
[  201.470423][ T7701] SQUASHFS error: Failed to read block 0x4de: -5
[  201.471771][ T7701] SQUASHFS error: Failed to read block 0x4de: -5
[  201.473851][ T7701] SQUASHFS error: Failed to read block 0x4de: -5
[  201.475249][ T7701] SQUASHFS error: Failed to read block 0x4de: -5
[  201.675329][ T7670] netlink: 4 bytes leftover after parsing attributes in process `syz.4.870'.
[  203.872069][ T7727] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  203.876795][ T7727] device syzkaller0 entered promiscuous mode
[  203.894517][ T4320] EXT4-fs (loop1): unmounting filesystem.
[  203.916244][   T27] audit: type=1326 audit(460.377:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  203.921870][   T27] audit: type=1326 audit(460.377:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  203.927013][   T27] audit: type=1326 audit(460.377:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  203.930627][   T27] audit: type=1326 audit(460.377:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  203.936685][   T27] audit: type=1326 audit(460.377:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  203.940505][ T7727] tipc: Resetting bearer <eth:syzkaller0>
[  203.942650][   T27] audit: type=1326 audit(460.397:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  203.946701][ T7726] tipc: Resetting bearer <eth:syzkaller0>
[  203.949893][   T27] audit: type=1326 audit(460.407:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  203.953417][   T27] audit: type=1326 audit(460.407:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  204.054442][ T7726] tipc: Disabling bearer <eth:syzkaller0>
[  204.059165][   T27] audit: type=1326 audit(460.517:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  204.062993][   T27] audit: type=1326 audit(460.517:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9b5af28 code=0x7ffc0000
[  204.274511][ T7751] ptrace attach of "./syz-executor exec"[4336] was attempted by ""[7751]
[  206.185386][ T7784] input: syz1 as /devices/virtual/input/input3
[  209.248903][ T7812] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  210.371499][ T7831] netlink: 'syz.3.914': attribute type 10 has an invalid length.
[  210.924557][ T7837] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  213.048251][ T7863] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.050288][ T7863] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.096729][ T7879] loop0: detected capacity change from 0 to 256
[  213.113971][ T7879] exfat: Deprecated parameter 'namecase'
[  213.118740][ T7879] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  214.911984][ T7895] loop0: detected capacity change from 0 to 256
[  215.101520][ T7895] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  215.105088][ T7895] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  215.108571][ T7895] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  215.110003][ T7895] UDF-fs: Scanning with blocksize 512 failed
[  215.112339][ T7895] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  215.114760][ T7895] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  215.118943][ T4324] Bluetooth: hci3: failed to read key size for handle 201
[  215.779980][ T7915] Illegal XDP return value 4294967274 on prog  (id 57) dev N/A, expect packet loss!
[  216.000354][ T7863] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.237503][ T7924] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
[  216.239294][ T7924] Mem abort info:
[  216.239842][ T7924]   ESR = 0x0000000086000006
[  216.240595][ T7924]   EC = 0x21: IABT (current EL), IL = 32 bits
[  216.241542][ T7924]   SET = 0, FnV = 0
[  216.242170][ T7924]   EA = 0, S1PTW = 0
[  216.242909][ T7924]   FSC = 0x06: level 2 translation fault
[  216.243816][ T7924] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000112ea7000
[  216.245060][ T7924] [0000000000000000] pgd=0800000113078003, p4d=0800000113078003, pud=0800000115c62003, pmd=0000000000000000
[  216.247130][ T7924] Internal error: Oops: 0000000086000006 [#1] PREEMPT SMP
[  216.248309][ T7924] Modules linked in:
[  216.248950][ T7924] CPU: 0 PID: 7924 Comm: syz.0.937 Not tainted 6.1.147-syzkaller #0
[  216.250205][ T7924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/18/2025
[  216.251792][ T7924] pstate: 82400805 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=-c)
[  216.253181][ T7924] pc : 0x0
[  216.253692][ T7924] lr : bond_xdp_xmit+0x27c/0x45c
[  216.254467][ T7924] sp : ffff800020e07220
[  216.255127][ T7924] x29: ffff800020e072e0 x28: 000000000000000f x27: ffff800020e07248
[  216.256412][ T7924] x26: dfff800000000000 x25: ffff800012b56b98 x24: ffff0000db1e8000
[  216.257612][ T7924] x23: fffffbffeff9bbe0 x22: ffff0000d0f9c000 x21: fffffbffeff9bbe0
[  216.258880][ T7924] x20: 0000000000000001 x19: 0000000000000000 x18: 0000000000000000
[  216.260104][ T7924] x17: ffff8000181e7000 x16: ffff8000082d0ec4 x15: 0000000000000002
[  216.261304][ T7924] x14: 0000000000000001 x13: 0000000000ff0100 x12: 0000000000080000
[  216.262607][ T7924] x11: 000000000000513f x10: ffff800021f79000 x9 : ffff800020e07280
[  216.263948][ T7924] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000
[  216.265276][ T7924] x5 : 0000000000000000 x4 : 0000000000000008 x3 : 0000000000000001
[  216.266534][ T7924] x2 : ffff800020e072a0 x1 : 0000000000000001 x0 : ffff0000db1e8000
[  216.267816][ T7924] Call trace:
[  216.268319][ T7924]  0x0
[  216.268754][ T7924]  bq_xmit_all+0xab0/0xf10
[  216.269486][ T7924]  __dev_flush+0xc4/0x18c
[  216.270255][ T7924]  xdp_do_flush+0x14/0x28
[  216.271042][ T7924]  bpf_test_run_xdp_live+0x10e0/0x1544
[  216.272055][ T7924]  bpf_prog_test_run_xdp+0x560/0xb88
[  216.272916][ T7924]  bpf_prog_test_run+0x2dc/0x364
[  216.273760][ T7924]  __sys_bpf+0x4ec/0x634
[  216.274471][ T7924]  __arm64_sys_bpf+0x80/0x98
[  216.275231][ T7924]  invoke_syscall+0x98/0x2bc
[  216.276022][ T7924]  el0_svc_common+0x138/0x258
[  216.276789][ T7924]  do_el0_svc+0x58/0x13c
[  216.277460][ T7924]  el0_svc+0x58/0x138
[  216.278095][ T7924]  el0t_64_sync_handler+0x84/0xf0
[  216.278896][ T7924]  el0t_64_sync+0x18c/0x190
[  216.279656][ T7924] Code: bad PC value
[  216.280242][ T7924] ---[ end trace 0000000000000000 ]---
[  216.570434][ T7924] Kernel panic - not syncing: Oops: Fatal exception in interrupt
[  216.571721][ T7924] SMP: stopping secondary CPUs
[  216.572438][ T7924] Kernel Offset: disabled
[  216.573139][ T7924] CPU features: 0x080000,000f0097,a65bfea7
[  216.574053][ T7924] Memory Limit: none
[  216.863851][ T7924] Rebooting in 86400 seconds..