last executing test programs:

8m0.674964894s ago: executing program 2 (id=430):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
socket(0x2c, 0x3, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

7m59.941397631s ago: executing program 2 (id=439):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380))
syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x0, 0x6})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x0, 0x9}, 0x0, &(0x7f0000000680)={0xff}, &(0x7f00000002c0)={0x0, 0x3938700}, 0x0)

7m58.908900769s ago: executing program 2 (id=442):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe2f, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
accept4$packet(0xffffffffffffffff, 0x0, 0x0, 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00', r0}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000500), 0x77, 0x141341)

7m58.780051898s ago: executing program 2 (id=443):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRES32=0x0], 0x50)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x248, &(0x7f0000000100), 0xfd, 0x48f, &(0x7f0000000940)="$eJzs3M1rHOUfAPDvzG6SX1+TX60vrdVGq1h8SZq0akHBFxA8KAh6qCeJSVpq00aaCLYEG6XUi6AF7yJ4EfwLPHkS9SR41bsUivTS6mllMrPrJtnNSzfJptnPB6aZJ/vMPt/vzDwzz8xkGkDH6s/+SSJ2RsTvEdEbEWl9hW35lNW7dWNm9O8bM6NJVCpv/pVki8XNGzOj1apJ8XNHXihnX5ReTuLFBu1OXbh4ZmRiYvx8UR6cPvv+4NSFi0+dPjtyavzU+Lnh48ePHR169pnhp9ckzyymm/s/mjyw79W3r74+euLquz9/l9QFXZ9Hi57rrc3O1NbJQo+uUWObxa66+aTcxkBYlZ6IyDZX11z/743S5d21z3rjlU/aGhywriqVSmW4+cezFWALS6LdEQDtUT3RZ9e/1WmDhh6bwvWX8gugLO9bxZR/Us7vg/Tk10a71qn9/og4MfvPV9kUq74P0bVOUQEAW9kP2fjnyQbjv3LEPXX1dhfPhvoi4v8RsSci7oqIvRFxd+R1742I+xo30/9Ok/b7F5QXj3/Say2kt6xs/Pd88Wxr/viv9hSsr1SUds3l35WcPD0xfqRYJ4ejqycrDzX89iRiNvv52+fN2q8f/2VT1n51LFjEca3cM3+ZsZHpkZYTL1z/OGJ/uVH+SZT/yyL2RcT+22zj9OPfHpj/m1Jtbvn8l7AGz5kqX0c8lm//2ViQf1Wy9PPJwf/FxPiRwepesdgvv155o1n7ef5pLJ3/ttYTbSLb/tsb7f8v1PLvS+qf104t+oru5dq48senTa9pbnf/707emtf4hyPT0+eHIrqT1xb/vu4Gd7VcrZ/lf/hQ4/6/p1gmy//+iMh24gci4sGIOFjE/lBEPBwRh5bI/6eXH3mvaf4HW9j/10CW/1jD41+z7b/6mdKZH79v1v7Ktv+xamEuqJUc/1YaYCvrDgAAAO4UaUTsjCQdqM2n6cBA/vfye2N7OjE5Nf3EyckPzo3l7wj0RVdavdPVW3c/dKi4N1wtDxflS0X5aHHf+MvStrnywOjkxFi7k4cOt6NJ/8/8WWp3dMC6874WdC79HzrX7fd/Rw640y3Ti9ONigPYeM7i0Lka9f9L9YUk8r+SB7Yc53/oXLX+/8UKKte97rXw5U3gzrPU+b/Su4GBABvO+B86Uivv9W+KmfgmYuk6yWYJdVUzn7WyeHkDIoy0jeunuy0bZbgU0cZdorzS/9UiLlQutdxou49MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa+PfAAAA///67uRi")
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = fcntl$dupfd(r0, 0x0, r2)
close_range(r5, r7, 0x0)
ptrace(0x10, r6)
ptrace$getregset(0x4205, r6, 0x1, &(0x7f0000000080)={0x0})

7m55.449785539s ago: executing program 2 (id=452):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="d8000000200081044e81f782db44b90402000000e8fe450f55a1180015000600142603600e120900100000000401a80016000a00114006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee0808856e408e8d8cbf7a7ff4841ef52b49816277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4d180a54f14f00004d9db22fe7c9f8775730d16a4683f1aea4edbb57a5025ccca9e00360db70100000040fad95667e006d8df969b3ef35ce3bb9ad809d561cace91ed0bffd6e4edef3d93452a92954b43370e00"/216, 0xd8}], 0x1}, 0x0)

7m53.363977634s ago: executing program 2 (id=459):
r0 = socket(0x18, 0x0, 0x0)
connect$pppoe(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x40000}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0)

7m53.246402593s ago: executing program 32 (id=459):
r0 = socket(0x18, 0x0, 0x0)
connect$pppoe(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x40000}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0)

6m3.15881285s ago: executing program 1 (id=874):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001880)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001740)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&\x00\x00\x00\x00\x00\x00'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000100)="5769d2", 0x3}, {&(0x7f0000000740)="7160bdd51dc80f7e719bd3a6bbedb7f0adca1a53e6c4a64fcce522919dd5eadc03a1d43ca22c1c4acc959a0dd18a8273f7a9c516c333a08d59b596ff04fe33523c79930a71cb312b1bbe14271e51354a74809592fd3f7445f5fb7e24021407bcf8cd057f306dc9048b7fb873c5cbbfd9a3d5a24ffdc71e8fb53c60d35e5ee886ce89f6a146a63e62af1d4efb6e7361c312776019945f569c4d006c62555985c88a621c65cce833e8ca88e063527bed0125eda08e84cc87f5a573ee1e6214b853fbb2fc69acf1ae671c7878fa3bbb835873c3667c2459ee057214cdc864a68b1feb1cb0333548fd95be33b91688bf0ea3b275e887878b40e2af1ef1a5d44bc6f808e50dd3fd6fea6b7ac27164f182320708e0a681c4829109386e042bd86a540b4a1b03de9665ddeb833f859002f3583004f6177915be0f26ce8fa7be3ced65274b76f06b8854459de850e62a4fdebf639c3d4c045ccb13de3aca8ccd463f8e5961191d23e7a133bece4891f40e56e44063fca55f742b45728cc05c7b5d4835625ffd460d0ff3842ace1e017d3f4b87731c2ae2b0337037b3f3e454468e7d7bfb014a071af0740e23426f29774028fde2d1f2f2e418bb90ed9d7a09ae1765f2f47407abaaee348623b4f8f7d8eceaec45dfc2f17bc207897a99a2c60bcaa1352825e8d7207e438ec6a4ba4eaa0a4bf3a313a5b9e3d695f2a2241dab1bce76d3af3c07ba61b0690b9628c7b807f18340d3eb71fd5fb9f60b0f6e166312a65531de470c7ab26a82fa4fee71599ad641403e75ee64e1950b4df55c5089ee12f8b431d7ca410fa5859888626354b8743d6154591b899b2aca25e4c11435d456327131c45a1369cd6b49857a0e7148bbfd2f3c247b6c03e88df000a4f1d92ec9f833e7e23839488b9076110726cd2d05dfbc2c0b24140a41b081dde0641e057b729ec4edaf35547b659c5372080c7297c4c7ef7b97dd055964b9031fc1942b8c47e4f5b0d7722252e2bf1c6c55eecf7ad63e96ca1757a8720dc43c6015cb5636d471bbced663382200693897e79e347e2c65489f85026c7fd4e0dcc6101da30490147e052f0b86cb0a7ebc2a0580fd97bc77f89cdd963f2d385eb00917e51b1ca9d63c85e8daaa51685d2888e6119fcd2aaea4a1ad899f0b59886d63bb3abe4162612b5a26229a2a93a10b28156711ad219c67a6bf52c99be56747a6530928033b366a3a66ef870a15369fa732792656883a79116adcd7eb5e7481f37e3949b30f087a57275a0369c578743f2a82dc22212938def9b14f069bb744a1afe5091a6b0707a2fc909c5f874d692ec78f6ee33ad53a0239b4911f8f43d71effd552b2261e280898bac4a68d23884bb0b5a381708848f15536e64e97544bdcc8d14b17af389e941024669bf638925b61920aa2be478de6b18797a85ab35d1dec2e2db2fa276793a79ff2e18ef8224cef885dcc0173e671f81423415cf71b3733b398638ab0ec0047878574b35c13a901efd20509efb5fe76649cb1dbe2f7cb4ff1db410352d38c79ce08e29a1f2c28b166450a340575d11409f9301c36c629d431368881d0d86e61200332a67c900f5f5afaab440e21db38c6a97e1625a4b60a441f7c876681868b1d465ae6ad62f34d19108bf44d7e68bb09f00fb6bbd5c4c81894d4d7520002200856d49e2319a8f56759467cc061232c98bb67856b0f7e639be5a0546b9a9515a281fc6915bee58f479050e26243a4759ca252978ec77925df7f9bb5586a802b9dc277c4a95c71a9f6d72bd4db44c2a81b65171cd418f779660d7d4083343d1b0503fc45ad2566295ec6f279e9a2fe70acf9579b9117e4e01a14a5b1f623bde31b67060079647125022e6ea1217a0357eff99238f0bc29745726a677c4be8c62ae869d1b1379df69847007a64cf2598fe64eddc376e53d45556ad51fb30ba5dc9ad503aed960cbaad1c9f2007a6db505a14d3b915786a8f57a76a48181940ab6e21711db3fad8bc7aa12492a2b082e0f2b28a0e254111e2d0b5a72ec1fa7a48b553383b0c2e4ea2cdac6b5703ef9bf55e9a43c3ce6ca6cb11e6b957ce6fac712b4a2d09d241241f78af26ddace7c0471ed8de071eb083c1fd8fb9f585cba6afe790568cb0bcdf1fb0101a0c5ed3664327aa45d2e084a0b56b3114232db7e4053447aec658602df86e84a48537a866df1ad2592401dcb253c7b11ed10a2f23bb93553877a23ddc899839c852ef9e879f4ca69ff5b4c552d42711adda63fb58b27be8befcacb4b1dbb7ff9e5ed04ab6f13fa57e0507830650d96366a2e0ddf99f881c7dcd5e5c3d5c5a2226b48052404b9ffdc31fbc910947f423553a3ec7ab43d8a160198a5008897c7807f93377f0b6e5394f2f4d30afc7da2eb169cfeb881fd180ec3bf0f7cc38472168f7862f1bbae848550b977ebb81c6262488649ad5be0581c4bb9ccf629c7acc9afa39ec2328ebb32b9f542db1d8517077ad45c540822b848748ed4df56552f63efecd7c57574ef88bc24a0d0960a8fd6d8f3c5f0576d884f438147b04073b0fa8d0293feabd80eabff577404667a6b889fb3ed109c1073aa8fa7fe035a6dcccbf34f534768d85c88ea15419d03a7181f51dd99791317b6422da8b7bdff23199ceeb9eb025da68cd5a8c3e3c2c584c9fd39692141c67416f79d8d76df5ac4d488af54d10b5046f2d8626eedcaa3f0da48d3626cc3071f2006dcab603a3697adb0d7751defd2a4361d4ef254ce75dfbe6df74452c3e2b9f5f0af066eb27480edaa91628e5747684bf5d13aa54cc119ef4835428407cd56838834291a43958ae65562c2f3ffb2fc2e94aea24074eca33d514b3037a87815a6cd0ef8a2cda2c7976131a6dc8b64334b582bc8a0f30c61afa1500f947c50cba773397e088bfc70d1454717ed85454011c58b2a4bb4625ede457774fc5b115f7bde49246ab5fcf16dd9636d30f2818a9e531b7ab03b2232686c244f0abe46e1dec453f5e3339804a9b9e43e14fdab8ebc147136f3c314b3345ccfca382c56a221793a2ec6c249adce1151b4f08f33749aa938bb599b1bd5d6c19952460dc586997952864bb564278d5f77cc4be5b8d289206128018d7da7b28b57172aa917912f26e8193e7289f5d9a45bfbefc1d6dc11d6402837d3c00bb658d99f422850c92f27cbb7fd7b12643b5b913b6688c0cd32b583fd3aaec2d8bf3af94f3da73c3d12302d53a3c80cb323bde583b04217cba999c1e1039f4a45b2aefd305e5e887c420e183a4563777f773f1ab200502ad551f82db06ac1a85fd319cb90c548669e5d5c7f5821757b0f288ee915362feacd9235d48bff873b13f8e7adc0c1381439d212e2f059069051965759fb15803235699ae9f4c6793d28da81acaa2f6b6b34ddff96b9e73437c5adc25e63c9e305644d21d1af322d3db5366dc53ec48c9fa61e295036beb308e8a1c911ed99afe5210e848e94234e5d7c47de3c10465efd6e14b7c818e600b09643a1454219884fa466d7eacbdc04f653f3130e7d3db636edd4af64b7079198949366adabab936e42a29295b881a16becad0ebefdfe6ea8e1d30e60e3387046708896af163e0f4c735a6122822119a8cb211b02374693fc0cbc59a02f93781f38ef44108c88a6c6d3711348be87067c67c7ad819eb9cda6ad5d852247f3004b8eb436dbbe90774594330bffc0cd0d18b96073bf21beaf45919aa02d7758a24ed2752a8d8a4b256c6091fddb82e3666840f3e666ee78654bdaa8a319f27fc2ea0e6e22999a3074ac7cfa682ae16d4992160b24375bbfda43804396463b642e1eaa8f9adaf53145163dfa3aa40172e0e57154c5191babdf90c4e6627a71c8bc5306362c1d510ef2ecb98385edbcdcfbb4e5f3126b7d6f702a711da106b08e26b2c56444c8fe0d702ad0960c6abd5322676f552db9f4b8701a08bbf519e16ee5c8f84c24db09e3b740310234376171b518f8fbe0add9bf56a07b99427b60f4ab0f826f7d17f1f81d700ee3fc81d8035383d691c9e353b4d86ff6fb3dca4539996bb8c259e8e7267a9ad862e1835df6b5d80ac8ad851866ccb458c4605ea389d9c13c7745f76f64d57bef2a5c813116a2e70180735aece8d3a2ae6ea93820e55be5e07f0d99663ea23a9dd2d55383b32721be2839b35ee2961309d97ac04b57e859baa4f4396d8ba9a7d5b6172145c29f4217923c5a9c2d457fe950dd2bfd0802327cc8aec12e9bde15fa5ecf5640eb05e52e88e3d64cbc7926cab8193ed5f014c061a75176346174d47792ee5038decbdce83229828c8bac1749fae74328705c0b0838661a53a39e91298c4a893d2fcb620fd789352268e02554e9cb4d1e62214c5b994123c7610ffa0753830e5864ebfe02967efa54a82e0b44be47b489699ce8163d3e748ee6231b128991f54be6a48618c78056e755ce5c6ee7c3c5bccd3c2660a177c4c328b3400fbae6e27fbc31a5e358797c3e0261e23748ca8c15a936dad74591ffe392afa714c1b668bf2762c2ad8d00ab5334e4509823f51d4683feb5d6f403f843d6282b4615d83a8d5870a1b92e6416f81dd03a4275e38f7ae71172b7411fc7a5c29aa511e62b5f0e64704326632f9c3993e7b8bd9d77c1d602d5145350217d07c168f62132e3fbab1f832acb86dead350fa5f5180ed82ab567fd766b830d1eb3d2a2ea12849ee9b50956cd60ce5182c6323362788b06bc51f982d1983cf5da4314559aa8d9d787291916073f6e04be92378b8018a959349c7e16b062465e7c07c5d3ffa150280408acd10b3d44f6322dfe002bd707a2726431af9dd33da3893a9e96005ea21f243672e53422404e51841ac92fd9513547d72bcbb414606f6b755b7270c534caa28f692c0c6ba028e5b4bc02a5a2518cfca159921b850675e8d1cecfbdb379a75213fc5b097e84791c5f108b80efa6747bc36719ac18ff25d37acd98c0659ef715a51dcf12f32b9c0baf79644914ba1f4b456a4a50c233fc95dbdcce858b92f0fb74fd24943d8d03805f9dd472cf9bf32e5294783ecfc0c04c39dfb77bab30301eec55aa1408a8deaa4cf9528b3aefaf9cf1b73cd2960e907f1da4482ec147e246a757dfb0597b134197bd3b1f53c117ac783eda77ae91e43920070c031307fa9212675bffe38cc9eb08b4dd1df98993517564b7da44a45e49d5cc902ab72291dfa22f93bf745c72c5f21bc3eae92aef3d8658bf41cd636415b29415d1825d608eacc229cd4a925bc313a467b72e0ce9540c2c514349aa15b6ccd7d8142e3447d8e346e0abe2065d5c3ea02b3da4763e63204f22bcaaf5493d4412509a3ad689f437f50cfd04927c63d6dcafd009302b0dbedbf7a657852a7f9e5e21780acb23de72a82df8dec3de50cabf2c67a880b0377e73b3fa884085465688c81a87a7d58187c235326c33d7b86a0919faf18fbfaa06fdc76255286f846ce79f6372654fbd0061fb6235c5abc913055d05cb3909b8497d6c32017bf81a0300b35c5236bdc3cbfb68a6fe8d3f1a49c5fc2511ec31affa10dec683f1ab7cbdaa9eefa19872495bcb3117a89526247c082f08b5bedee3d924012cfb6937b5d947b56cc4c0b119579d5fffb0d221f64d3e152d7adc91fc0cc3728c14a80f6389e7a408075711f100de388f8740dc43b5cd02af1bd1a6ab0992e3b3e8859098fad4a18adfc49b75d6068445fdf846cd570e4129ec701d601f03a9215d73fdf2bf494c7404d3d3bb76ebe86347806adf3ba004c4c997c8c43805c3b2fe53acb01e997ddfe04fd3c334da7c317f015de457", 0xffe}], 0x2}, 0x4004)
recvmsg$unix(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)=""/229, 0x8ec0}], 0x1}, 0x12)

6m2.907013619s ago: executing program 1 (id=876):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380))
syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x0, 0x6})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x0, 0x9}, 0x0, &(0x7f0000000680)={0xff}, &(0x7f00000002c0)={0x0, 0x3938700}, 0x0)

6m1.205400215s ago: executing program 1 (id=885):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1fe, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000002c0)={0x0, 0x0, 0x0})

6m1.020930254s ago: executing program 1 (id=887):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRES32=0x0], 0x50)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x248, &(0x7f0000000100), 0xfd, 0x48f, &(0x7f0000000940)="$eJzs3M1rHOUfAPDvzG6SX1+TX60vrdVGq1h8SZq0akHBFxA8KAh6qCeJSVpq00aaCLYEG6XUi6AF7yJ4EfwLPHkS9SR41bsUivTS6mllMrPrJtnNSzfJptnPB6aZJ/vMPt/vzDwzz8xkGkDH6s/+SSJ2RsTvEdEbEWl9hW35lNW7dWNm9O8bM6NJVCpv/pVki8XNGzOj1apJ8XNHXihnX5ReTuLFBu1OXbh4ZmRiYvx8UR6cPvv+4NSFi0+dPjtyavzU+Lnh48ePHR169pnhp9ckzyymm/s/mjyw79W3r74+euLquz9/l9QFXZ9Hi57rrc3O1NbJQo+uUWObxa66+aTcxkBYlZ6IyDZX11z/743S5d21z3rjlU/aGhywriqVSmW4+cezFWALS6LdEQDtUT3RZ9e/1WmDhh6bwvWX8gugLO9bxZR/Us7vg/Tk10a71qn9/og4MfvPV9kUq74P0bVOUQEAW9kP2fjnyQbjv3LEPXX1dhfPhvoi4v8RsSci7oqIvRFxd+R1742I+xo30/9Ok/b7F5QXj3/Say2kt6xs/Pd88Wxr/viv9hSsr1SUds3l35WcPD0xfqRYJ4ejqycrDzX89iRiNvv52+fN2q8f/2VT1n51LFjEca3cM3+ZsZHpkZYTL1z/OGJ/uVH+SZT/yyL2RcT+22zj9OPfHpj/m1Jtbvn8l7AGz5kqX0c8lm//2ViQf1Wy9PPJwf/FxPiRwepesdgvv155o1n7ef5pLJ3/ttYTbSLb/tsb7f8v1PLvS+qf104t+oru5dq48senTa9pbnf/707emtf4hyPT0+eHIrqT1xb/vu4Gd7VcrZ/lf/hQ4/6/p1gmy//+iMh24gci4sGIOFjE/lBEPBwRh5bI/6eXH3mvaf4HW9j/10CW/1jD41+z7b/6mdKZH79v1v7Ktv+xamEuqJUc/1YaYCvrDgAAAO4UaUTsjCQdqM2n6cBA/vfye2N7OjE5Nf3EyckPzo3l7wj0RVdavdPVW3c/dKi4N1wtDxflS0X5aHHf+MvStrnywOjkxFi7k4cOt6NJ/8/8WWp3dMC6874WdC79HzrX7fd/Rw640y3Ti9ONigPYeM7i0Lka9f9L9YUk8r+SB7Yc53/oXLX+/8UKKte97rXw5U3gzrPU+b/Su4GBABvO+B86Uivv9W+KmfgmYuk6yWYJdVUzn7WyeHkDIoy0jeunuy0bZbgU0cZdorzS/9UiLlQutdxou49MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa+PfAAAA///67uRi")
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = fcntl$dupfd(r0, 0x0, r2)
close_range(r5, r7, 0x0)
ptrace(0x10, r6)
ptrace$getregset(0x4205, r6, 0x1, &(0x7f0000000080)={0x0})

5m59.71236396s ago: executing program 1 (id=894):
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
shmat(r3, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
shmat(r3, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$can_bcm(r4, &(0x7f00000001c0)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000100)={0x5, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "b68c52d2be3c0d90"}}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0x541b, &(0x7f0000000240)={<r6=>0xffffffffffffffff})
close_range(r6, 0xffffffffffffffff, 0x0)

5m59.259443059s ago: executing program 1 (id=899):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="070000100b008d2a00000000000000000a", @ANYRES32=0x0, @ANYBLOB="000000000800020000000000"], 0x24}}, 0x0)
r1 = socket$inet(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b04, &(0x7f0000000000)={'wlan0\x00'})

5m59.136589149s ago: executing program 33 (id=899):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="070000100b008d2a00000000000000000a", @ANYRES32=0x0, @ANYBLOB="000000000800020000000000"], 0x24}}, 0x0)
r1 = socket$inet(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b04, &(0x7f0000000000)={'wlan0\x00'})

11.46405693s ago: executing program 3 (id=2042):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000001200)=0x6d7c, 0x4)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

11.428960461s ago: executing program 6 (id=2043):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002502000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe5d6405000000000075040000000d00000701000000000000b70400001000e5207b0700fe000000008500000088000000b70000000a00000095000000000000006458c2c62fc206000000f909a63796c113a80c19aab9d60700ffffffff483be3f0d3253730e78000000062c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766aeb39439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c013700e69274f8e9c31975e551558055dc2dc29edc33b375fa325dcf3e91e20f63d7030dbe7ff7f51fe89c3d17cf45a1616ad237682057034dfdc81f5a53cd640212c88e8b687a2446049577c75b76b775c1e301caf2465ed4b2ad56b848d046c52bfc3737127120ab17d82a294d174f240a3cdc725cfe6e839a1f80f59486578e45b008d39ab618f660e3c53ed4409aa92ae4fecd913060ca74ed8a303e22de12087a217d8d7be0ae1117cc791313b1318497dd5ebeef0d7e1795a6ff20f699870ebb137cffa79465da52ab2b3430ba0ba59152496a1ea5dd1e4dee46f6d3688603b5f25a588a31da4e481884074e211dd09a8b8039d0834507656ed7d552a990c1354d7638b2c2215dd9f606b01a92fabc6eb6fa033a86f8920e2168a80d7c86da5ad1d27c8d2a180e56046a49b989128ea736894d3eef8dca16ed63520be4654ddb14bfe4268c487c5a75c044e21021c089608c50adbc4e3f4c6a4ca86c7d2df5bc7c76e413d05e8f57b1e22d4af34f9d4d2e6e4d4f57f47aebdd5f98f67834c656b2fe09df4a1b15116fceaa404a6df278c7c629f584ba8d37c1137c2263ae02ad371"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

11.351800801s ago: executing program 0 (id=2044):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x2, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r4, &(0x7f0000000180)=ANY=[@ANYBLOB="5245434c45560a50484f4e454f55540a535045414b455220274344272030303030303030303030303030303030303030300a4449474954414c32202706006e652043617074557265272030303030303034303030303030303030303030300a2030303030303030303030303030303030303030300a4f4741494e1357c17f9431f59b0a4449474954414c332027434420436170747572652053776974636827"], 0xb8)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r5, r4, 0x0)

11.26030079s ago: executing program 6 (id=2045):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000002140)={'wg2\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c000000680001002abd7000020000000200000000000000060007000600000008000500", @ANYRES32=r1], 0x3c}}, 0x0)

11.06371597s ago: executing program 3 (id=2047):
statx(0xffffffffffffffff, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7100, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0xfdef)

10.284178918s ago: executing program 0 (id=2048):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000002680), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002800)={&(0x7f0000002780)={0x2c, r4, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0x1}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}]}, 0x2c}}, 0x4000800)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x50483, 0x8044}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e21}]}}}]}, 0x40}}, 0x4008894)

10.093152487s ago: executing program 6 (id=2049):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="6880a642beaf34317f0dd3122a90ad0d2b", 0x11}], 0x1}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20008000)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd", 0x8}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)
r4 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x2}, 0x18)
sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000044}, 0x40)
close(r4)
syz_usb_connect$printer(0x5, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20, 0x40, @mcast2, 0x3}, 0x1e)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000025000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/187, 0xbb, 0x0, &(0x7f0000000180)=""/116, 0x74}, &(0x7f0000001280)=0x40)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

7.62628026s ago: executing program 0 (id=2050):
openat$drirender128(0xffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x4004000)
socket$inet(0x2, 0x3, 0x4)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x995e1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$pptp(0x18, 0x1, 0x2)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r5, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000330007010000000000000000027c00001800080000000100fe8000"/42], 0x2c}, 0x1, 0x0, 0x0, 0x28000}, 0x0)

7.5438307s ago: executing program 3 (id=2051):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000b80), 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x14, r1, 0x70d}, 0x14}}, 0x0)

7.46482426s ago: executing program 5 (id=2052):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1, 0x2}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000240)={0x80042, 0x1, 0x1}, 0x10)
sendmsg$tipc(r5, &(0x7f0000000380)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x42, 0x3}, 0x7}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20048000}, 0x44840)

6.667443498s ago: executing program 6 (id=2053):
syz_emit_ethernet(0x66, &(0x7f00000005c0)=ANY=[@ANYBLOB="fbffffffffffaaaaaaaaaaaa0800451a001400670000072f9078ac14142c640101010c21880b0000000204000800040086dd080088be000000041801200f01000000fffffffc080022eb0000000129043001020000000001000100ff991408006558000000005aaead189faf05d72fde362612269b321d8b65e5e8068cd9603205ba8ad93a2351167b3d04d98b57a81b86cb3b5a7f428b7b212deda9d91af9276f3fa281c33baba004d9b38772680551f68e249c5ea890f91834dbb785a46c2818d09237a4da68b4cbc6792200709367075ece84eafe390e474e244e35c4362003c53da92a566201b505451176664560d9df2064c7f5fe2bcf0c39a2"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000240)="b9ff03076003008cb89e08f086dd", 0x0, 0xfe3, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_open_dev$ttys(0xc, 0x2, 0x1)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="02b118b5234c00a83cef3adecc7e78f03ad48b3d4ded7f730ac135fa731171dd5dd50ebc03fabaa0d0415946fd8ce9f59ce121b5a1def4f9f1f12abdf2c733212004ec5a9025303c4d20072689f0b5cf616dd2d9891add52771c387531bfb900", @ANYRES32=0x0, @ANYRES64=0x0], 0x20)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000090000000a20000000000a05140000000000000000010000000900010073797a300000000058000000160a09000900000000000000010000000900010073797a30000000000900020073797a32000000002c00038018000380140001006d6163736563300000000000000000000800024000000000080001400000000014000000110001"], 0xa0}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x3c}, 0x1, 0x1200}, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
fanotify_init(0x200, 0x0)
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001dc0), 0x2, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r8=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r6, &(0x7f0000001e40)={0x1, 0x10, 0xfa00, {0x0, r8}}, 0x18)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r9, &(0x7f0000000000)={0xa, 0x4e24, 0x9, @loopback, 0x1}, 0x1c)

6.498856267s ago: executing program 4 (id=2054):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000002200), 0x1018040, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000040)=ANY=[@ANYBLOB='no'])

5.324296634s ago: executing program 4 (id=2055):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002502000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe5d6405000000000075040000000d00000701000000000000b70400001000e5207b0700fe000000008500000088000000b70000000a00000095000000000000006458c2c62fc206000000f909a63796c113a80c19aab9d60700ffffffff483be3f0d3253730e78000000062c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766aeb39439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c013700e69274f8e9c31975e551558055dc2dc29edc33b375fa325dcf3e91e20f63d7030dbe7ff7f51fe89c3d17cf45a1616ad237682057034dfdc81f5a53cd640212c88e8b687a2446049577c75b76b775c1e301caf2465ed4b2ad56b848d046c52bfc3737127120ab17d82a294d174f240a3cdc725cfe6e839a1f80f59486578e45b008d39ab618f660e3c53ed4409aa92ae4fecd913060ca74ed8a303e22de12087a217d8d7be0ae1117cc791313b1318497dd5ebeef0d7e1795a6ff20f699870ebb137cffa79465da52ab2b3430ba0ba59152496a1ea5dd1e4dee46f6d3688603b5f25a588a31da4e481884074e211dd09a8b8039d0834507656ed7d552a990c1354d7638b2c2215dd9f606b01a92fabc6eb6fa033a86f8920e2168a80d7c86da5ad1d27c8d2a180e56046a49b989128ea736894d3eef8dca16ed63520be4654ddb14bfe4268c487c5a75c044e21021c089608c50adbc4e3f4c6a4ca86c7d2df5bc7c76e413d05e8f57b1e22d4af34f9d4d2e6e4d4f57f47aebdd5f98f67834c656b2fe09df4a1b15116fceaa404a6df278c7c629f584ba8d37c1137c2263ae02ad3718a03a8"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

5.323263154s ago: executing program 0 (id=2056):
shmctl$IPC_STAT(0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4003, 0x0, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r4, 0x9, 0x0)

5.322430624s ago: executing program 3 (id=2057):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000001200)=0x6d7c, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

5.287922514s ago: executing program 5 (id=2058):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x2, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r4, &(0x7f0000000180)=ANY=[@ANYBLOB="5245434c45560a50484f4e454f55540a535045414b455220274344272030303030303030303030303030303030303030300a4449474954414c32202706006e652043617074557265272030303030303034303030303030303030303030300a2030303030303030303030303030303030303030300a4f4741494e1357c17f9431f59b0a4449474954414c332027434420436170747572652053776974636827"], 0xb8)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r5, r4, 0x0)

5.062571044s ago: executing program 4 (id=2059):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000880)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @remote}]}}]}, 0x3c}}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4.272473912s ago: executing program 0 (id=2060):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000002680), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002800)={&(0x7f0000002780)={0x2c, r4, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0x1}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}]}, 0x2c}}, 0x4000800)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x50483, 0x8044}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e21}]}}}]}, 0x40}}, 0x4008894)

4.260011161s ago: executing program 3 (id=2061):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @dev}], 0x10)

4.259566482s ago: executing program 5 (id=2062):
r0 = syz_io_uring_setup(0x466c, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000001340)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x54)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x50)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000005580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822a0269a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7ae22e16c6c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bba3d005585bf07d70e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)={@map, r7, 0x2f, 0x4, 0x4, @void, @value=r7}, 0x20)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2.851861568s ago: executing program 0 (id=2063):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="6880a642beaf34317f0dd3122a90ad0d2b", 0x11}], 0x1}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20008000)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd", 0x8}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)
r4 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x2}, 0x18)
sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000044}, 0x40)
close(r4)
syz_usb_connect$printer(0x5, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20, 0x40, @mcast2, 0x3}, 0x1e)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000025000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/187, 0xbb, 0x0, &(0x7f0000000180)=""/116, 0x74}, &(0x7f0000001280)=0x40)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

2.850493468s ago: executing program 3 (id=2064):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})

1.172526943s ago: executing program 5 (id=2065):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="7c00000010000104000000000006000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000005c0012800b00010062726964676500004c00028005002900010000000500190007000000050019"], 0x7c}}, 0x0)

1.164011753s ago: executing program 4 (id=2066):
r0 = socket(0x1e, 0x4, 0x0)
getpeername(r0, 0x0, 0x0)

1.067988693s ago: executing program 6 (id=2067):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000b80), 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x14, r1, 0x70d}, 0x14}}, 0x0)

1.059486883s ago: executing program 4 (id=2068):
openat$drirender128(0xffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x4004000)
socket$inet(0x2, 0x3, 0x4)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x995e1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$pptp(0x18, 0x1, 0x2)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r5, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000330007010000000000000000027c00001800080000000100fe8000"/42], 0x2c}, 0x1, 0x0, 0x0, 0x28000}, 0x0)

853.657283ms ago: executing program 5 (id=2069):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002502000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe5d6405000000000075040000000d00000701000000000000b70400001000e5207b0700fe000000008500000088000000b70000000a00000095000000000000006458c2c62fc206000000f909a63796c113a80c19aab9d60700ffffffff483be3f0d3253730e78000000062c28b22756bedf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766aeb39439fce41f144631ac262dcae08c3d1a1fbe96dd87235b44174f7c013700e69274f8e9c31975e551558055dc2dc29edc33b375fa325dcf3e91e20f63d7030dbe7ff7f51fe89c3d17cf45a1616ad237682057034dfdc81f5a53cd640212c88e8b687a2446049577c75b76b775c1e301caf2465ed4b2ad56b848d046c52bfc3737127120ab17d82a294d174f240a3cdc725cfe6e839a1f80f59486578e45b008d39ab618f660e3c53ed4409aa92ae4fecd913060ca74ed8a303e22de12087a217d8d7be0ae1117cc791313b1318497dd5ebeef0d7e1795a6ff20f699870ebb137cffa79465da52ab2b3430ba0ba59152496a1ea5dd1e4dee46f6d3688603b5f25a588a31da4e481884074e211dd09a8b8039d0834507656ed7d552a990c1354d7638b2c2215dd9f606b01a92fabc6eb6fa033a86f8920e2168a80d7c86da5ad1d27c8d2a180e56046a49b989128ea736894d3eef8dca16ed63520be4654ddb14bfe4268c487c5a75c044e21021c089608c50adbc4e3f4c6a4ca86c7d2df5bc7c76e413d05e8f57b1e22d4af34f9d4d2e6e4d4f57f47aebdd5f98f67834c656b2fe09df4a1b15116fceaa404a6df278c7c629f584ba8d37c1137c2263ae02ad3718a03a8"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

852.753012ms ago: executing program 6 (id=2070):
syz_usb_connect$cdc_ecm(0x3, 0x62, &(0x7f0000001580)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x50, 0x1, 0x1, 0x5, 0x10, 0x4, [{{0x9, 0x4, 0x0, 0x4, 0x3, 0x2, 0x6, 0x0, 0x80, {{0x5}, {0x5, 0x24, 0x0, 0x5}, {0xd, 0x24, 0xf, 0x1, 0x5, 0x6, 0xf, 0x2}, [@mdlm={0x15, 0x24, 0x12, 0x1}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0xbd665eb6c4433965, 0x1, 0x40, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x9, 0x0, 0x1}}}}}]}}]}}, &(0x7f0000001d80)={0x0, 0x0, 0x0, 0x0})

78.12791ms ago: executing program 4 (id=2071):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
sendmsg$NFC_CMD_DEV_UP(r1, 0x0, 0x0)
sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, r2, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x22}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x4010)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1, 0x10}, 0x32)

0s ago: executing program 5 (id=2072):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000001200)=0x6d7c, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

kernel console output (not intermixed with test programs):

options ignored when QUOTA feature is enabled
[  167.519556][ T5629] EXT4-fs (loop2): orphan cleanup on readonly fs
[  167.527792][ T5629] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5
[  167.530209][ T5629] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  167.532105][ T5629] EXT4-fs error (device loop2): ext4_acquire_dquot:6794: comm syz.2.375: Failed to acquire dquot type 1
[  167.543802][ T5629] EXT4-fs (loop2): 1 truncate cleaned up
[  167.550387][ T5629] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  168.521791][ T5610] loop3: detected capacity change from 0 to 40427
[  168.698490][ T5610] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  168.700028][ T5610] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  168.705367][ T5610] F2FS-fs (loop3): invalid crc value
[  168.747981][ T5610] F2FS-fs (loop3): Found nat_bits in checkpoint
[  168.763856][ T5610] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  168.767975][ T5610] F2FS-fs (loop3): Start checkpoint disabled!
[  168.770811][ T5610] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  168.772592][ T5610] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  169.427938][ T5644] loop4: detected capacity change from 0 to 512
[  169.507162][ T5644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  169.771201][ T5644] EXT4-fs (loop4): orphan cleanup on readonly fs
[  169.782042][ T5644] Quota error (device loop4): do_check_range: Getting block 196613 out of range 1-5
[  169.784356][ T5644] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  169.786316][ T5644] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.379: Failed to acquire dquot type 1
[  169.794983][ T5644] EXT4-fs (loop4): 1 truncate cleaned up
[  169.798872][ T5644] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  170.502550][ T4303] EXT4-fs (loop2): unmounting filesystem.
[  170.791439][ T5653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.380'.
[  170.801872][ T5654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.380'.
[  171.542263][ T4295] EXT4-fs (loop4): unmounting filesystem.
[  172.878530][ T5650] loop1: detected capacity change from 0 to 40427
[  172.915826][ T5650] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  172.917468][ T5650] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  172.946919][ T5650] F2FS-fs (loop1): invalid crc value
[  172.969223][ T5650] F2FS-fs (loop1): Found nat_bits in checkpoint
[  173.012394][ T5650] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2
[  173.016147][ T5650] F2FS-fs (loop1): Start checkpoint disabled!
[  173.028377][ T5650] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  173.029962][ T5650] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  173.093498][ T5665] loop4: detected capacity change from 0 to 40427
[  173.103903][ T5665] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  173.105478][ T5665] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  173.147725][ T5665] F2FS-fs (loop4): invalid crc value
[  173.180787][ T5665] F2FS-fs (loop4): Found nat_bits in checkpoint
[  173.278528][ T5665] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  173.291654][ T5665] F2FS-fs (loop4): Start checkpoint disabled!
[  173.303711][ T5665] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  173.305474][ T5665] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  174.559723][ T5686] loop3: detected capacity change from 0 to 512
[  174.625624][ T5686] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  174.930491][ T5686] EXT4-fs (loop3): orphan cleanup on readonly fs
[  174.949579][ T5686] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5
[  174.951946][ T5686] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  174.954037][ T5686] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.389: Failed to acquire dquot type 1
[  174.971695][ T5686] EXT4-fs (loop3): 1 truncate cleaned up
[  174.976758][ T5686] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  175.324259][ T4381] kworker/u4:9: attempt to access beyond end of device
[  175.324259][ T4381] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  175.477187][ T4525] kworker/u4:14: attempt to access beyond end of device
[  175.477187][ T4525] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  177.126413][ T4308] EXT4-fs (loop3): unmounting filesystem.
[  177.130586][ T5698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.393'.
[  177.168996][ T5698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.393'.
[  178.267311][ T5693] loop4: detected capacity change from 0 to 40427
[  179.083134][ T5693] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  179.084563][ T5693] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  179.110417][ T5693] F2FS-fs (loop4): invalid crc value
[  179.111735][ T5693] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-4)
[  179.128344][ T5715] netlink: 'syz.3.400': attribute type 4 has an invalid length.
[  179.257941][ T5719] netlink: 'syz.3.400': attribute type 4 has an invalid length.
[  179.487222][ T5725] loop3: detected capacity change from 0 to 512
[  179.492505][ T5725] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  179.530378][ T5725] EXT4-fs (loop3): orphan cleanup on readonly fs
[  179.538641][ T5725] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5
[  179.540991][ T5725] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  179.543004][ T5725] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.403: Failed to acquire dquot type 1
[  179.559621][ T5725] EXT4-fs (loop3): 1 truncate cleaned up
[  179.563917][ T5725] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  181.145545][ T5737] netlink: 8 bytes leftover after parsing attributes in process `syz.4.408'.
[  181.321162][ T5718] loop0: detected capacity change from 0 to 40427
[  181.339823][ T5718] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  181.341331][ T5718] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  181.355368][ T5718] F2FS-fs (loop0): invalid crc value
[  181.362030][ T5737] netlink: 4 bytes leftover after parsing attributes in process `syz.4.408'.
[  181.424168][ T5718] F2FS-fs (loop0): Found nat_bits in checkpoint
[  181.518113][ T5718] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[  181.562541][ T5718] F2FS-fs (loop0): Start checkpoint disabled!
[  181.592708][ T5718] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  181.594179][ T5718] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  181.756382][ T4308] EXT4-fs (loop3): unmounting filesystem.
[  181.762948][ T5749] netlink: 'syz.4.410': attribute type 6 has an invalid length.
[  181.764696][ T5749] netlink: 164 bytes leftover after parsing attributes in process `syz.4.410'.
[  183.330618][ T4452] kworker/u4:11: attempt to access beyond end of device
[  183.330618][ T4452] loop0: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  183.363328][ T5760] netlink: 'syz.4.413': attribute type 4 has an invalid length.
[  183.479058][ T5763] netlink: 'syz.4.413': attribute type 4 has an invalid length.
[  183.640440][ T5767] netlink: 64535 bytes leftover after parsing attributes in process `syz.3.417'.
[  183.671343][ T5771] binder: 5770:5771 ioctl 4018620d 0 returned -22
[  183.673421][ T5771] binder: tried to use weak ref as strong ref
[  183.674726][ T5771] binder: 5770:5771 Acquire 1 refcount change on invalid ref 0 ret -22
[  183.691563][ T5771] binder: 5770:5771 got transaction to invalid handle, 1
[  183.693255][ T5771] binder: 5771:5770 cannot find target node
[  183.699672][ T5771] binder: 5770:5771 transaction call to 0:0 failed 15/29201/-22, size 72-24 line 3054
[  183.705558][ T5771] binder: 5770:5771 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  183.726065][ T5771] binder: 5771 RLIMIT_NICE not set
[  183.756987][ T5774] binder: 5770:5774 got transaction to invalid handle, 3
[  183.758421][ T5774] binder: 5774:5770 cannot find target node
[  183.759649][ T5774] binder: 5770:5774 transaction call to 0:0 failed 16/29201/-22, size 0-0 line 3054
[  183.791122][ T5778] netlink: 8 bytes leftover after parsing attributes in process `syz.3.421'.
[  183.814083][ T5778] netlink: 4 bytes leftover after parsing attributes in process `syz.3.421'.
[  184.022859][ T5787] loop2: detected capacity change from 0 to 512
[  184.029878][ T5787] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  184.523706][ T1963] binder: undelivered TRANSACTION_ERROR: 29201
[  185.119872][ T4344] binder: undelivered TRANSACTION_ERROR: 29201
[  185.142874][ T5787] EXT4-fs (loop2): orphan cleanup on readonly fs
[  185.146501][ T5787] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5
[  185.245732][ T5787] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  185.247806][ T5787] EXT4-fs error (device loop2): ext4_acquire_dquot:6794: comm syz.2.423: Failed to acquire dquot type 1
[  185.319643][ T5787] EXT4-fs (loop2): 1 truncate cleaned up
[  185.325946][ T5787] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  186.573745][ T5797] netlink: 'syz.0.428': attribute type 4 has an invalid length.
[  187.403765][ T5802] netlink: 'syz.0.428': attribute type 4 has an invalid length.
[  187.479804][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  187.481232][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  187.586487][ T4303] EXT4-fs (loop2): unmounting filesystem.
[  187.830026][ T5817] netlink: 4 bytes leftover after parsing attributes in process `syz.4.434'.
[  188.428339][ T5824] binder: 5823:5824 ioctl 4018620d 0 returned -22
[  188.435762][ T5824] binder: tried to use weak ref as strong ref
[  188.437206][ T5824] binder: 5823:5824 Acquire 1 refcount change on invalid ref 0 ret -22
[  188.439298][ T5824] binder: 5823:5824 got transaction to invalid handle, 1
[  188.440755][ T5824] binder: 5824:5823 cannot find target node
[  188.450922][ T5830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.453393][ T5830] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.465261][ T5824] binder: 5823:5824 transaction call to 0:0 failed 19/29201/-22, size 72-24 line 3054
[  188.499747][ T5812] loop0: detected capacity change from 0 to 40427
[  188.612835][ T5832] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  189.240445][ T5824] binder: 5823:5824 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  189.310768][ T5812] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  189.312337][ T5812] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  189.315576][ T5834] binder: 5823:5834 got transaction to invalid handle, 3
[  189.317531][ T5834] binder: 5834:5823 cannot find target node
[  189.333043][ T5812] F2FS-fs (loop0): invalid crc value
[  189.334795][ T5834] binder: 5823:5834 transaction call to 0:0 failed 20/29201/-22, size 0-0 line 3054
[  189.336055][ T5824] binder: 5824 RLIMIT_NICE not set
[  189.347386][ T5812] F2FS-fs (loop0): Found nat_bits in checkpoint
[  189.371154][ T5812] F2FS-fs (loop0): Start checkpoint disabled!
[  189.382584][ T5812] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  189.384411][ T5812] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  189.433005][ T4440] binder: undelivered TRANSACTION_ERROR: 29201
[  190.111222][ T4345] binder: undelivered TRANSACTION_ERROR: 29201
[  190.436880][ T5853] loop2: detected capacity change from 0 to 512
[  190.786251][ T5853] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.2.443: corrupted xattr block 95
[  190.790963][ T5853] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2809: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  190.796193][ T5853] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.443: bg 0: block 7: invalid block bitmap
[  190.801863][ T5853] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  190.805040][ T5853] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #11: comm syz.2.443: corrupted xattr block 95
[  190.818963][ T5853] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117)
[  190.821677][ T5853] EXT4-fs (loop2): 1 orphan inode deleted
[  190.823012][ T5853] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  191.342587][ T5851] netlink: 4 bytes leftover after parsing attributes in process `syz.3.445'.
[  192.745552][ T4303] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /109/file0: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=16, rec_len=127, size=1024 fake=0
[  192.779854][ T4303] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[  192.943351][ T4303] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[  193.733061][ T5883] binder: 5882:5883 ioctl c0306201 0 returned -14
[  193.734997][ T5883] binder: 5882:5883 got transaction to invalid handle, 1
[  193.737377][ T5883] binder: 5883:5882 cannot find target node
[  193.741529][ T5883] binder: 5882:5883 transaction call to 0:0 failed 24/29201/-22, size 72-24 line 3054
[  193.747059][ T5883] binder: 5882:5883 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  193.749730][ T5883] binder: 5883 RLIMIT_NICE not set
[  193.833494][ T5886] binder: 5882:5886 got transaction to invalid handle, 3
[  193.835119][ T5886] binder: 5886:5882 cannot find target node
[  193.836518][ T5886] binder: 5882:5886 transaction call to 0:0 failed 25/29201/-22, size 0-0 line 3054
[  193.909161][ T5856] bridge0: port 3(syz_tun) entered disabled state
[  194.078340][ T5856] device syz_tun left promiscuous mode
[  194.079868][ T5856] bridge0: port 3(syz_tun) entered disabled state
[  194.480230][ T5856] EXT4-fs (loop2): unmounting filesystem.
[  194.825804][ T4877] binder: undelivered TRANSACTION_ERROR: 29201
[  194.853304][ T5895] netlink: 4 bytes leftover after parsing attributes in process `syz.4.458'.
[  194.895806][ T4440] binder: undelivered TRANSACTION_ERROR: 29201
[  194.990471][ T1610] kworker/u4:4: attempt to access beyond end of device
[  194.990471][ T1610] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  195.185316][ T4310] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  195.188480][ T4310] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  195.190605][ T4310] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  195.194079][ T4310] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  195.199147][ T4310] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  195.201005][ T4310] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  196.669795][ T5935] binder: 5934:5935 ioctl c0306201 0 returned -14
[  196.672042][ T5935] binder: 5934:5935 got transaction to invalid handle, 1
[  196.673805][ T5935] binder: 5935:5934 cannot find target node
[  196.675223][ T5935] binder: 5934:5935 transaction call to 0:0 failed 29/29201/-22, size 72-24 line 3054
[  196.677882][ T5935] binder: 5934:5935 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  196.680805][ T5935] binder: 5935 RLIMIT_NICE not set
[  196.730386][ T5936] binder: 5934:5936 got transaction to invalid handle, 3
[  196.732251][ T5936] binder: 5936:5934 cannot find target node
[  196.738020][ T5936] binder: 5934:5936 transaction call to 0:0 failed 30/29201/-22, size 0-0 line 3054
[  197.362092][ T4310] Bluetooth: hci2: command 0x0409 tx timeout
[  197.536329][ T1963] binder: undelivered TRANSACTION_ERROR: 29201
[  197.628738][ T1963] binder: undelivered TRANSACTION_ERROR: 29201
[  197.790434][ T4358] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.834318][ T5951] netlink: 4 bytes leftover after parsing attributes in process `syz.0.473'.
[  197.919600][ T4358] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.118537][ T4358] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.142856][ T5950] loop1: detected capacity change from 0 to 40427
[  198.145835][ T5950] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  198.147523][ T5950] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  198.150402][ T5950] F2FS-fs (loop1): invalid crc value
[  198.907422][ T5950] F2FS-fs (loop1): Found nat_bits in checkpoint
[  199.005339][ T5950] F2FS-fs (loop1): Start checkpoint disabled!
[  199.017883][ T5950] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  199.019495][ T5950] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  199.028403][ T4358] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.035769][ T5904] chnl_net:caif_netlink_parms(): no params data found
[  199.569647][ T4310] Bluetooth: hci2: command 0x041b tx timeout
[  199.759369][ T5904] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.761261][ T5904] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.764126][ T5904] device bridge_slave_0 entered promiscuous mode
[  201.052084][ T5904] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.053549][ T5904] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.057503][ T5904] device bridge_slave_1 entered promiscuous mode
[  201.064834][ T5988] binder: 5987:5988 IncRefs 0 refcount change on invalid ref 0 ret -22
[  201.076855][ T5988] binder: 5987:5988 ioctl c0306201 0 returned -14
[  201.078439][ T5988] binder: 5987:5988 got transaction to invalid handle, 1
[  201.079876][ T5988] binder: 5988:5987 cannot find target node
[  201.081362][ T5988] binder: 5987:5988 transaction call to 0:0 failed 32/29201/-22, size 72-24 line 3054
[  201.083814][ T5988] binder: 5987:5988 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  201.087403][ T5988] binder: 5988 RLIMIT_NICE not set
[  201.118186][ T5904] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.124876][ T5904] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.156210][ T5993] binder: 5987:5993 got transaction to invalid handle, 3
[  201.157666][ T5993] binder: 5993:5987 cannot find target node
[  201.160470][ T5993] binder: 5987:5993 transaction call to 0:0 failed 33/29201/-22, size 0-0 line 3054
[  201.173906][ T5904] team0: Port device team_slave_0 added
[  201.190084][ T5904] team0: Port device team_slave_1 added
[  201.194186][ T4474] kworker/u4:12: attempt to access beyond end of device
[  201.194186][ T4474] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  201.218669][ T5904] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.220122][ T5904] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.225501][ T5904] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.243908][ T5904] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.245452][ T5904] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.263818][ T5904] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.695844][ T4300] Bluetooth: hci2: command 0x040f tx timeout
[  201.983386][  T111] binder: undelivered TRANSACTION_ERROR: 29201
[  202.018577][ T5992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.487'.
[  202.023614][    T7] binder: undelivered TRANSACTION_ERROR: 29201
[  202.114665][ T4358] tipc: Left network mode
[  202.148065][ T5904] device hsr_slave_0 entered promiscuous mode
[  202.206564][ T5904] device hsr_slave_1 entered promiscuous mode
[  202.362543][ T5904] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  202.364229][ T5904] Cannot create hsr debugfs directory
[  202.972254][ T5904] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  203.167831][ T5904] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  203.287270][ T6031] netlink: 60 bytes leftover after parsing attributes in process `syz.1.497'.
[  203.430643][ T6031] netlink: 60 bytes leftover after parsing attributes in process `syz.1.497'.
[  203.432903][ T5904] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  203.531507][ T5904] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  203.588826][ T6030] netlink: 60 bytes leftover after parsing attributes in process `syz.1.497'.
[  203.715764][ T4300] Bluetooth: hci2: command 0x0419 tx timeout
[  203.722870][ T6032] netlink: 60 bytes leftover after parsing attributes in process `syz.1.497'.
[  203.759162][ T6046] binder: 6045:6046 got transaction to invalid handle, 1
[  203.760805][ T6046] binder: 6046:6045 cannot find target node
[  203.762091][ T6046] binder: 6045:6046 transaction call to 0:0 failed 37/29201/-22, size 72-24 line 3054
[  203.798026][ T6046] binder: 6045:6046 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  203.800624][ T6046] binder: 6046 RLIMIT_NICE not set
[  203.942644][ T6050] binder: 6045:6050 got transaction to invalid handle, 3
[  203.944823][ T6050] binder: 6050:6045 cannot find target node
[  203.946615][ T6050] binder: 6045:6050 transaction call to 0:0 failed 38/29201/-22, size 0-0 line 3054
[  203.951691][ T6051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.501'.
[  204.683110][ T5904] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.834166][ T5904] 8021q: adding VLAN 0 to HW filter on device team0
[  204.866426][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  204.868975][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  204.881669][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  204.883737][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  204.886568][ T4381] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.888008][ T4381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.246379][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  205.257377][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  205.259489][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  205.261557][ T4381] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.263204][ T4381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.265482][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  205.268852][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  205.271254][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  205.274297][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  205.282296][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  205.289739][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  205.292020][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  205.294951][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  205.297770][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  205.578659][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  205.597352][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  205.620390][ T5904] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  206.046624][ T6107] binder: 6106:6107 got transaction to invalid handle, 1
[  206.048714][ T6107] binder: 6106:6107 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  206.051489][ T6107] binder: 6107 RLIMIT_NICE not set
[  206.762204][ T6111] binder: 6106:6111 got transaction to invalid handle, 3
[  206.763808][ T6111] binder_debug: 4 callbacks suppressed
[  206.763817][ T6111] binder: 6111:6106 cannot find target node
[  206.786559][ T6111] binder: 6106:6111 transaction call to 0:0 failed 43/29201/-22, size 0-0 line 3054
[  206.840898][ T6115] netlink: 'syz.1.516': attribute type 29 has an invalid length.
[  206.850683][ T6096] netlink: 20 bytes leftover after parsing attributes in process `syz.3.511'.
[  206.863007][ T6105] netlink: 4 bytes leftover after parsing attributes in process `syz.3.511'.
[  206.865272][ T6115] netlink: 'syz.1.516': attribute type 29 has an invalid length.
[  206.869718][ T6115] netlink: 'syz.1.516': attribute type 29 has an invalid length.
[  206.936523][ T4344] binder: undelivered TRANSACTION_ERROR: 29201
[  206.967032][ T3876] binder: undelivered TRANSACTION_ERROR: 29201
[  207.733756][ T5904] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.037004][ T5554] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  208.038925][ T5554] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  208.226011][ T4358] device hsr_slave_0 left promiscuous mode
[  208.266194][ T4358] device hsr_slave_1 left promiscuous mode
[  209.156497][ T4358] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.158269][ T4358] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.165777][ T4358] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.167423][ T4358] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.171096][ T4358] device bridge_slave_1 left promiscuous mode
[  209.178218][ T6167] binder: 6166:6167 got transaction to invalid handle, 1
[  209.179695][ T6167] binder: 6167:6166 cannot find target node
[  209.181065][ T6167] binder: 6166:6167 transaction call to 0:0 failed 47/29201/-22, size 72-24 line 3054
[  209.184421][ T4358] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.193083][ T6167] binder: 6166:6167 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  209.204546][ T6167] binder: 6167 RLIMIT_NICE not set
[  209.230941][ T4358] device bridge_slave_0 left promiscuous mode
[  209.232554][ T4358] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.244836][ T6173] binder: 6166:6173 got transaction to invalid handle, 3
[  209.246636][ T6173] binder: 6173:6166 cannot find target node
[  209.247928][ T6173] binder: 6166:6173 transaction call to 0:0 failed 48/29201/-22, size 0-0 line 3054
[  209.386444][ T4358] device veth1_macvtap left promiscuous mode
[  209.387997][ T4358] device veth0_macvtap left promiscuous mode
[  209.389268][ T4358] device veth1_vlan left promiscuous mode
[  209.390606][ T4358] device veth0_vlan left promiscuous mode
[  209.991967][ T4344] binder: undelivered TRANSACTION_ERROR: 29201
[  210.033413][ T4344] binder: undelivered TRANSACTION_ERROR: 29201
[  211.429732][ T6205] loop0: detected capacity change from 0 to 40427
[  211.440713][ T6205] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  211.443499][ T6205] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  211.467156][ T6205] F2FS-fs (loop0): invalid crc value
[  211.476953][ T6205] F2FS-fs (loop0): Found nat_bits in checkpoint
[  211.498261][ T6205] F2FS-fs (loop0): Start checkpoint disabled!
[  211.503479][ T6205] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  211.505095][ T6205] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  211.543415][ T4358] team0 (unregistering): Port device team_slave_1 removed
[  212.442002][ T4380] kworker/u4:8: attempt to access beyond end of device
[  212.442002][ T4380] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  212.524836][ T4358] team0 (unregistering): Port device team_slave_0 removed
[  212.736413][ T4358] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  213.026483][ T4358] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  213.164410][ T6224] binder: 6223:6224 got transaction to invalid handle, 1
[  213.166401][ T6224] binder: 6224:6223 cannot find target node
[  213.167644][ T6224] binder: 6223:6224 transaction call to 0:0 failed 52/29201/-22, size 72-24 line 3054
[  213.170156][ T6224] binder: 6223:6224 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  213.173105][ T6224] binder: 6224 RLIMIT_NICE not set
[  213.221868][ T6225] binder: 6223:6225 got transaction to invalid handle, 3
[  213.223418][ T6225] binder: 6225:6223 cannot find target node
[  213.224683][ T6225] binder: 6223:6225 transaction call to 0:0 failed 53/29201/-22, size 0-0 line 3054
[  213.983828][    T7] binder: undelivered TRANSACTION_ERROR: 29201
[  213.995760][  T111] binder: undelivered TRANSACTION_ERROR: 29201
[  215.499434][ T4358] bond0 (unregistering): Released all slaves
[  215.731082][ T6159] netlink: 20 bytes leftover after parsing attributes in process `syz.1.527'.
[  215.808136][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.527'.
[  216.030185][ T4474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  216.032511][ T4474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  216.113763][ T5904] device veth0_vlan entered promiscuous mode
[  216.140732][ T5904] device veth1_vlan entered promiscuous mode
[  216.163285][ T6259] binder: 6257:6259 IncRefs 0 refcount change on invalid ref 0 ret -22
[  216.189433][ T6259] binder: 6257:6259 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  216.192619][ T6259] binder: 6259 RLIMIT_NICE not set
[  216.206881][ T5904] device veth0_macvtap entered promiscuous mode
[  216.235582][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  216.248808][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  216.251672][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  216.286093][ T6262] binder: 6257:6262 got transaction to invalid handle, 3
[  216.287840][ T6262] binder: 6262:6257 cannot find target node
[  216.886088][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  216.910077][ T6262] binder: 6257:6262 transaction call to 0:0 failed 55/29201/-22, size 0-0 line 3054
[  216.986332][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  216.999184][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  217.011303][ T5904] device veth1_macvtap entered promiscuous mode
[  217.016550][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  217.025127][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  217.055495][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  217.067683][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  217.080887][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.090048][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.105753][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.108247][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.110550][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.130403][ T4340] binder: undelivered TRANSACTION_ERROR: 29201
[  217.145740][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.148091][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.150305][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.182695][ T5904] batman_adv: batadv0: Interface activated: batadv_slave_0
[  217.184333][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  217.187265][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  217.197116][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.199435][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.201468][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.203601][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.205492][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.225417][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.367671][ T5904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.370013][ T5904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.373045][ T5904] batman_adv: batadv0: Interface activated: batadv_slave_1
[  217.376918][ T5904] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.379138][ T5904] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.380885][ T5904] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.382777][ T5904] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.422807][ T6242] loop3: detected capacity change from 0 to 40427
[  217.449023][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  217.453025][ T5857] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  217.493521][ T6242] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  217.503175][ T6242] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  217.527720][ T6242] F2FS-fs (loop3): invalid crc value
[  217.564530][ T6242] F2FS-fs (loop3): Found nat_bits in checkpoint
[  217.586955][ T5857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.594696][ T5857] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.604851][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  217.689437][ T6242] F2FS-fs (loop3): Start checkpoint disabled!
[  217.719364][ T6242] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  217.722412][ T5857] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.724515][ T5857] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.729539][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  217.732872][ T6242] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  218.531318][ T6299] netlink: 20 bytes leftover after parsing attributes in process `syz.1.561'.
[  218.629073][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz.1.561'.
[  218.740620][ T4552] kworker/u4:15: attempt to access beyond end of device
[  218.740620][ T4552] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  218.805749][ T3876] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  218.988250][ T3876] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  218.990275][ T3876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.993568][ T3876] usb 1-1: config 0 descriptor??
[  219.787374][ T3876] [drm] vendor descriptor length:25 data:25 5f 00 00 00 00 00 00 00 00 00
[  219.790621][ T3876] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  219.876141][ T6321] binder: 6320:6321 got transaction to invalid handle, 1
[  219.877656][ T6321] binder: 6321:6320 cannot find target node
[  219.878913][ T6321] binder: 6320:6321 transaction call to 0:0 failed 59/29201/-22, size 72-24 line 3054
[  219.904230][ T6321] binder: 6320:6321 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  219.907212][ T6321] binder: 6321 RLIMIT_NICE not set
[  219.956024][ T6326] binder: 6320:6326 got transaction to invalid handle, 3
[  219.957534][ T6326] binder: 6326:6320 cannot find target node
[  219.958801][ T6326] binder: 6320:6326 transaction call to 0:0 failed 60/29201/-22, size 0-0 line 3054
[  220.000708][ T6301] Bluetooth: MGMT ver 1.22
[  220.054039][ T3876] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2
[  220.056173][ T3876] [drm] Initialized udl on minor 2
[  220.423721][ T3876] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  220.429533][ T3876] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  220.452545][ T3876] usb 1-1: USB disconnect, device number 6
[  220.651156][ T4877] binder: undelivered TRANSACTION_ERROR: 29201
[  220.671394][ T4877] binder: undelivered TRANSACTION_ERROR: 29201
[  221.110828][ T6374] netlink: 20 bytes leftover after parsing attributes in process `syz.0.575'.
[  221.129189][ T6374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.575'.
[  222.912333][ T6402] binder: 6400:6402 tried to acquire reference to desc 0, got 1 instead
[  222.948932][ T6402] binder: 6400:6402 ioctl c0306201 0 returned -14
[  222.966043][ T6402] binder: 6400:6402 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  222.969013][ T6402] binder: 6402 RLIMIT_NICE not set
[  223.017849][ T6412] binder: 6400:6412 got transaction to invalid handle, 3
[  223.019445][ T6412] binder: 6412:6400 cannot find target node
[  223.020692][ T6412] binder: 6400:6412 transaction call to 0:0 failed 65/29201/-22, size 0-0 line 3054
[  223.108114][ T6420] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.587' sets config #0
[  223.294408][ T6430] netlink: 20 bytes leftover after parsing attributes in process `syz.5.589'.
[  223.330845][ T6430] netlink: 4 bytes leftover after parsing attributes in process `syz.5.589'.
[  223.338446][ T6430] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.344133][ T6430] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.358791][ T6430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.372998][ T6430] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.757422][    T7] binder: undelivered TRANSACTION_ERROR: 29201
[  225.640407][ T6482] netlink: 20 bytes leftover after parsing attributes in process `syz.4.601'.
[  225.652523][ T6483] binder: 6480:6483 tried to acquire reference to desc 0, got 1 instead
[  225.697397][ T6482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.601'.
[  225.703408][ T6483] binder: 6480:6483 ioctl c0306201 0 returned -14
[  225.705039][ T6483] binder: 6480:6483 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  225.708033][ T6483] binder: 6483 RLIMIT_NICE not set
[  226.406940][ T6488] binder: 6480:6488 got transaction to invalid handle, 3
[  226.408547][ T6488] binder: 6488:6480 cannot find target node
[  226.409805][ T6488] binder: 6480:6488 transaction call to 0:0 failed 70/29201/-22, size 0-0 line 3054
[  226.577562][ T4344] binder: undelivered TRANSACTION_ERROR: 29201
[  226.950152][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  226.963895][ T6509] netlink: 20 bytes leftover after parsing attributes in process `syz.4.607'.
[  228.543935][ T6539] netlink: 4 bytes leftover after parsing attributes in process `syz.3.617'.
[  229.439161][ T6545] binder: BINDER_SET_CONTEXT_MGR already set
[  229.440789][ T6545] binder: 6544:6545 ioctl 4018620d 20004a80 returned -16
[  229.470405][ T6545] binder: tried to use weak ref as strong ref
[  229.471987][ T6545] binder: 6544:6545 Acquire 1 refcount change on invalid ref 0 ret -22
[  229.506603][ T6545] binder: 6544:6545 ioctl c0306201 0 returned -14
[  229.508189][ T6545] binder: 6544:6545 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  229.510881][ T6545] binder: 6545 RLIMIT_NICE not set
[  229.520244][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  229.545505][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  229.559795][ T6550] binder: 6544:6550 got transaction to invalid handle, 3
[  229.561316][ T6550] binder: 6550:6544 cannot find target node
[  229.562617][ T6550] binder: 6544:6550 transaction call to 0:0 failed 73/29201/-22, size 0-0 line 3054
[  229.716065][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  230.935925][  T111] binder: undelivered TRANSACTION_ERROR: 29201
[  231.208850][ T6563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.067101][ T6563] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.719495][ T6572] sctp: failed to load transform for md5: -2
[  233.875222][ T6589] netlink: 4 bytes leftover after parsing attributes in process `syz.3.628'.
[  233.888537][ T1963] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  234.123239][ T6595] device geneve2 entered promiscuous mode
[  234.177260][ T1963] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  234.179136][ T1963] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.192151][ T1963] usb 1-1: config 0 descriptor??
[  234.199512][ T1963] gspca_main: spca508-2.14.0 probing 8086:0110
[  234.718993][ T1963] gspca_spca508: reg_read err -110
[  235.141560][ T1963] gspca_spca508: reg_read err -32
[  235.147376][ T1963] gspca_spca508: reg_read err -71
[  235.149098][ T1963] gspca_spca508: reg_read err -71
[  235.150559][ T1963] gspca_spca508: reg_read err -71
[  235.152714][ T1963] gspca_spca508: reg write: error -71
[  235.153910][ T1963] spca508: probe of 1-1:0.0 failed with error -71
[  235.157763][ T1963] usb 1-1: USB disconnect, device number 7
[  235.201276][ T6614] binder: 6613:6614 tried to acquire reference to desc 0, got 1 instead
[  235.203862][ T6614] binder: 6613:6614 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  235.206846][ T6614] binder: 6614 RLIMIT_NICE not set
[  235.306974][ T6615] binder: 6613:6615 got transaction to invalid handle, 3
[  235.309327][ T6615] binder: 6615:6613 cannot find target node
[  235.310639][ T6615] binder: 6613:6615 transaction call to 0:0 failed 78/29201/-22, size 0-0 line 3054
[  237.288048][ T3876] binder: undelivered TRANSACTION_ERROR: 29201
[  237.454423][ T6637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.640'.
[  242.515226][ T6689] binder: 6688:6689 tried to acquire reference to desc 0, got 1 instead
[  242.518360][ T6689] binder: 6688:6689 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  242.521402][ T6689] binder: 6689 RLIMIT_NICE not set
[  242.578400][ T6695] binder: 6688:6695 got transaction to invalid handle, 3
[  242.579923][ T6695] binder: 6695:6688 cannot find target node
[  242.581146][ T6695] binder: 6688:6695 transaction call to 0:0 failed 83/29201/-22, size 0-0 line 3054
[  242.785216][ T6705] netlink: 20 bytes leftover after parsing attributes in process `syz.5.654'.
[  242.791021][ T6705] netlink: 4 bytes leftover after parsing attributes in process `syz.5.654'.
[  243.546987][ T4341] binder: undelivered TRANSACTION_ERROR: 29201
[  246.778052][ T6758] netlink: 20 bytes leftover after parsing attributes in process `syz.0.669'.
[  246.790788][ T6758] netlink: 4 bytes leftover after parsing attributes in process `syz.0.669'.
[  247.098923][ T6766] binder: 6765:6766 tried to acquire reference to desc 0, got 1 instead
[  247.101510][ T6766] binder: 6765:6766 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  247.115137][ T6766] binder: 6766 RLIMIT_NICE not set
[  247.153029][ T6772] binder: 6765:6772 got transaction to invalid handle, 3
[  247.154740][ T6772] binder: 6772:6765 cannot find target node
[  247.168626][ T6772] binder: 6765:6772 transaction call to 0:0 failed 88/29201/-22, size 0-0 line 3054
[  247.359025][ T6774] mkiss: ax0: crc mode is auto.
[  247.470649][ T6774] misc userio: Invalid payload size
[  247.475339][ T6774] misc userio: No port type given on /dev/userio
[  247.556612][ T6775] misc userio: Invalid payload size
[  248.223166][ T6777] loop5: detected capacity change from 0 to 256
[  248.229018][ T6777] exfat: Unknown parameter '0x0000000000000050��'
[  248.550105][ T4310] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  248.552303][ T4310] Bluetooth: hci3: Injecting HCI hardware error event
[  248.555073][ T4300] Bluetooth: hci3: hardware error 0x00
[  248.710206][ T4341] binder: undelivered TRANSACTION_ERROR: 29201
[  248.966350][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  248.967869][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  250.923990][ T6813] netlink: 20 bytes leftover after parsing attributes in process `syz.5.680'.
[  250.978241][ T6813] netlink: 4 bytes leftover after parsing attributes in process `syz.5.680'.
[  250.995847][ T6817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  250.995903][ T4300] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  250.998073][ T6817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  251.241128][ T6828] binder: 6825:6828 tried to acquire reference to desc 0, got 1 instead
[  251.246497][ T6828] binder: 6825:6828 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  251.249275][ T6828] binder: 6828 RLIMIT_NICE not set
[  251.298346][ T6839] binder: 6825:6839 got transaction to invalid handle, 3
[  251.301057][ T6839] binder: 6839:6825 cannot find target node
[  251.303142][ T6839] binder: 6825:6839 transaction call to 0:0 failed 93/29201/-22, size 0-0 line 3054
[  251.777823][ T6867] netlink: 'syz.4.690': attribute type 4 has an invalid length.
[  252.100608][ T4346] binder: undelivered TRANSACTION_ERROR: 29201
[  252.155283][ T6882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.694'.
[  252.983699][ T6882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.694'.
[  253.345869][ T6907] netlink: 12 bytes leftover after parsing attributes in process `syz.1.700'.
[  253.820673][ T6911] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  254.241885][ T6914] netlink: 'syz.4.701': attribute type 4 has an invalid length.
[  254.571596][ T6926] binder: 6923:6926 tried to acquire reference to desc 0, got 1 instead
[  254.574150][ T6926] binder: 6923:6926 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  254.584350][ T6926] binder: 6926 RLIMIT_NICE not set
[  254.626661][ T6929] binder: 6923:6929 got transaction to invalid handle, 3
[  254.628475][ T6929] binder: 6929:6923 cannot find target node
[  254.630047][ T6929] binder: 6923:6929 transaction call to 0:0 failed 98/29201/-22, size 0-0 line 3054
[  255.854711][ T6809] binder: undelivered TRANSACTION_ERROR: 29201
[  256.008646][ T6955] netlink: 4 bytes leftover after parsing attributes in process `syz.0.710'.
[  256.021524][ T6955] netlink: 4 bytes leftover after parsing attributes in process `syz.0.710'.
[  257.366328][ T6966] netlink: 32 bytes leftover after parsing attributes in process `syz.4.709'.
[  258.814980][ T6997] binder: 6995:6997 IncRefs 0 refcount change on invalid ref 0 ret -22
[  258.839474][ T6997] binder: 6995:6997 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  258.854114][ T6997] binder: 6997 RLIMIT_NICE not set
[  258.889822][ T6998] binder: 6995:6998 got transaction to invalid handle, 3
[  258.891599][ T6998] binder: 6998:6995 cannot find target node
[  258.892988][ T6998] binder: 6995:6998 transaction call to 0:0 failed 101/29201/-22, size 0-0 line 3054
[  259.984208][ T7006] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.986310][ T7006] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  259.995856][  T111] binder: undelivered TRANSACTION_ERROR: 29201
[  261.759404][ T7014] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.761378][ T7014] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.243321][   T27] audit: type=1326 audit(262.200:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.5.725" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  262.255089][   T27] audit: type=1326 audit(262.210:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.5.725" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=286 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  262.270439][   T27] audit: type=1326 audit(262.230:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.5.725" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  262.440846][ T7018] netlink: 4 bytes leftover after parsing attributes in process `syz.5.726'.
[  262.493321][ T7018] netlink: 4 bytes leftover after parsing attributes in process `syz.5.726'.
[  264.509769][ T7032] netlink: 16 bytes leftover after parsing attributes in process `syz.3.731'.
[  264.511879][ T7032] netlink: 16 bytes leftover after parsing attributes in process `syz.3.731'.
[  264.645507][ T7040] binder: 7037:7040 tried to acquire reference to desc 0, got 1 instead
[  264.656077][ T7040] binder: 7037:7040 got transaction with invalid data ptr
[  264.661058][ T7040] binder: 7037:7040 transaction call to 7037:0 failed 106/29201/-14, size 0-24 line 3342
[  264.669150][ T7040] binder: 7037:7040 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  264.673268][ T7040] binder: 7040 RLIMIT_NICE not set
[  264.774578][ T7042] binder: 7037:7042 got transaction to invalid handle, 3
[  264.780718][ T7042] binder: 7042:7037 cannot find target node
[  264.784401][ T7042] binder: 7037:7042 transaction call to 0:0 failed 107/29201/-22, size 0-0 line 3054
[  264.819207][ T7044] 8021q: adding VLAN 0 to HW filter on device bond1
[  265.508407][  T111] binder: undelivered TRANSACTION_ERROR: 29201
[  265.598298][ T7050] netlink: 24 bytes leftover after parsing attributes in process `syz.0.735'.
[  265.620947][  T111] binder: undelivered TRANSACTION_ERROR: 29201
[  266.022656][ T7063] Invalid ELF header magic: != ELF
[  266.968747][ T7073] netlink: 4 bytes leftover after parsing attributes in process `syz.1.745'.
[  266.996634][ T7073] netlink: 4 bytes leftover after parsing attributes in process `syz.1.745'.
[  267.123897][ T7069] kernel profiling enabled (shift: 0)
[  269.806733][ T7085] dccp_close: ABORT with 32 bytes unread
[  270.615734][ T7110] Invalid ELF header magic: != ELF
[  271.070527][ T7114] netlink: 4 bytes leftover after parsing attributes in process `syz.4.759'.
[  271.132063][ T7114] netlink: 4 bytes leftover after parsing attributes in process `syz.4.759'.
[  271.423677][ T7124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.425932][ T7124] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.658952][ T7122] misc userio: Invalid payload size
[  272.679352][ T7122] misc userio: No port type given on /dev/userio
[  272.751955][ T7127] misc userio: Invalid payload size
[  273.236086][ T7136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.243904][ T7136] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.371767][ T7154] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  274.373431][ T7154] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  276.614962][ T7166] netlink: 'syz.3.775': attribute type 4 has an invalid length.
[  277.358420][ T7168] netlink: 'syz.3.775': attribute type 4 has an invalid length.
[  283.770174][ T7237] netlink: 4 bytes leftover after parsing attributes in process `syz.0.799'.
[  283.780558][ T7237] netlink: 4 bytes leftover after parsing attributes in process `syz.0.799'.
[  287.197201][ T7264] rdma_op 000000002c6a4b39 conn xmit_rdma 0000000000000000
[  289.188789][ T7285] netlink: 4 bytes leftover after parsing attributes in process `syz.1.815'.
[  289.366654][ T7285] netlink: 4 bytes leftover after parsing attributes in process `syz.1.815'.
[  289.418607][ T7292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.420648][ T7292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.662092][ T7315] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  292.970062][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  293.202002][ T7330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.203984][ T7330] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.434293][ T7338] netlink: 4 bytes leftover after parsing attributes in process `syz.0.832'.
[  293.471489][ T7338] netlink: 4 bytes leftover after parsing attributes in process `syz.0.832'.
[  293.894620][ T7348] syz.1.836 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  296.835907][ T7387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'.
[  297.010770][ T7387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'.
[  297.835571][ T7380] loop4: detected capacity change from 0 to 40427
[  297.967660][ T7380] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  297.971843][ T7380] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  297.981811][ T7380] F2FS-fs (loop4): invalid crc value
[  298.004561][ T7380] F2FS-fs (loop4): Found nat_bits in checkpoint
[  298.037447][ T7380] F2FS-fs (loop4): Start checkpoint disabled!
[  298.107550][ T7380] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  298.111270][ T7380] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  298.312710][ T7403] netlink: 'syz.0.852': attribute type 10 has an invalid length.
[  298.625407][ T7403] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  299.192421][ T4474] kworker/u4:12: attempt to access beyond end of device
[  299.192421][ T4474] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  302.294890][ T7434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.862'.
[  302.366190][ T7434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.862'.
[  303.725452][ T7439] loop5: detected capacity change from 0 to 40427
[  303.740553][ T7439] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  303.742201][ T7439] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  303.761696][ T7439] F2FS-fs (loop5): invalid crc value
[  303.781841][ T7439] F2FS-fs (loop5): Found nat_bits in checkpoint
[  303.822705][ T7439] F2FS-fs (loop5): Start checkpoint disabled!
[  303.858050][ T7439] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  303.859503][ T7439] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  303.903554][ T7458] netlink: 4 bytes leftover after parsing attributes in process `syz.3.869'.
[  303.910644][ T7458] device veth1_macvtap left promiscuous mode
[  304.121674][ T4579] kworker/u4:16: attempt to access beyond end of device
[  304.121674][ T4579] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  304.590095][ T7467] input: syz0 as /devices/virtual/input/input4
[  305.282897][ T7477] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  306.328175][ T7486] netlink: 'syz.5.878': attribute type 4 has an invalid length.
[  306.468448][ T7489] netlink: 4 bytes leftover after parsing attributes in process `syz.5.879'.
[  306.480434][ T7489] netlink: 4 bytes leftover after parsing attributes in process `syz.5.879'.
[  308.295929][ T7513] loop1: detected capacity change from 0 to 512
[  308.335590][ T7513] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.1.887: corrupted xattr block 95
[  308.338870][ T7513] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.887: bg 0: block 7: invalid block bitmap
[  308.343489][ T7513] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  308.347742][ T7513] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2925: inode #11: comm syz.1.887: corrupted xattr block 95
[  308.351498][ T7513] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117)
[  308.353693][ T7513] EXT4-fs (loop1): 1 orphan inode deleted
[  308.355015][ T7513] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  308.514439][ T4294] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /190/file0: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=16, rec_len=127, size=1024 fake=0
[  308.520619][ T4294] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[  308.523707][ T4294] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[  308.918999][ T7529] EXT4-fs (loop1): unmounting filesystem.
[  309.360968][ T4310] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  309.368599][ T4310] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  309.370976][ T4310] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  309.373315][ T4310] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  309.376555][ T4310] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  309.378343][ T4310] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  309.402248][ T4523] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.463981][ T7552] Invalid ELF header magic: != ELF
[  309.612713][ T4523] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.722548][ T7556] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.752257][ T7556] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.809047][ T4523] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.009592][ T4523] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.296789][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  310.296931][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  311.139674][ T7548] chnl_net:caif_netlink_parms(): no params data found
[  311.323682][ T7578] netlink: 'syz.5.909': attribute type 1 has an invalid length.
[  311.396501][ T4300] Bluetooth: hci0: command 0x0409 tx timeout
[  312.116926][ T7548] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.119246][ T7548] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.155147][ T7548] device bridge_slave_0 entered promiscuous mode
[  312.170842][ T7548] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.176699][ T7548] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.192855][ T7548] device bridge_slave_1 entered promiscuous mode
[  313.470388][ T7548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.474235][ T7548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.476793][ T4300] Bluetooth: hci0: command 0x041b tx timeout
[  313.491537][ T7548] team0: Port device team_slave_0 added
[  313.494345][ T7548] team0: Port device team_slave_1 added
[  313.506147][ T7548] batman_adv: batadv0: Adding interface: batadv_slave_0
[  313.507552][ T7548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.513106][ T7548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  313.517219][ T7548] batman_adv: batadv0: Adding interface: batadv_slave_1
[  313.518899][ T7548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.524306][ T7548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.097413][ T7548] device hsr_slave_0 entered promiscuous mode
[  314.136321][ T7548] device hsr_slave_1 entered promiscuous mode
[  314.195936][ T7617] Invalid ELF header magic: != ELF
[  314.652526][ T7623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.670937][ T7623] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  315.000004][ T7548] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  315.089613][ T7548] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  315.227360][ T7548] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  316.026644][ T7652] misc userio: Invalid payload size
[  316.205773][ T7652] misc userio: No port type given on /dev/userio
[  316.675723][ T7655] misc userio: Invalid payload size
[  318.135743][ T7654] netlink: 32 bytes leftover after parsing attributes in process `syz.0.921'.
[  318.912676][ T4300] Bluetooth: hci0: command 0x040f tx timeout
[  319.077347][ T7548] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  319.392680][ T7669] Invalid ELF header magic: != ELF
[  319.722289][ T7684] netlink: 4 bytes leftover after parsing attributes in process `syz.5.932'.
[  319.889926][ T7685] netlink: 4 bytes leftover after parsing attributes in process `syz.5.932'.
[  320.073881][ T7680] loop4: detected capacity change from 0 to 40427
[  320.075493][ T7548] 8021q: adding VLAN 0 to HW filter on device bond0
[  320.076557][ T7680] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  320.078347][ T7680] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  320.083000][ T7680] F2FS-fs (loop4): invalid crc value
[  320.123611][ T7680] F2FS-fs (loop4): Found nat_bits in checkpoint
[  320.170443][ T7680] F2FS-fs (loop4): Start checkpoint disabled!
[  320.210997][ T7680] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  320.213298][ T7680] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  320.357620][ T4310] Bluetooth: hci2: command 0x0406 tx timeout
[  322.434234][ T4300] Bluetooth: hci0: command 0x0419 tx timeout
[  322.733636][ T7548] 8021q: adding VLAN 0 to HW filter on device team0
[  322.743131][  T160] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  322.745312][  T160] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  323.412903][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  323.513051][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  323.726396][ T4349] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.728064][ T4349] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.736309][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  323.762640][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  323.782591][ T4349] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.784206][ T4349] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.816408][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  323.818648][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  323.880204][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  323.883344][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  323.904768][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  323.914244][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  323.924420][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  324.284259][ T7745] Invalid ELF header magic: != ELF
[  324.563222][ T7548] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  324.583439][ T7548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  324.604422][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  324.607356][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  324.609854][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  324.628322][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  324.637069][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  324.685109][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  324.700401][ T4523] device hsr_slave_0 left promiscuous mode
[  324.757254][ T4523] device hsr_slave_1 left promiscuous mode
[  324.897974][ T4523] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  324.899584][ T4523] batman_adv: batadv0: Removing interface: batadv_slave_0
[  324.939789][ T7758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  324.942338][ T4523] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  324.943973][ T4523] batman_adv: batadv0: Removing interface: batadv_slave_1
[  324.947140][ T4523] device bridge_slave_1 left promiscuous mode
[  324.948580][ T4523] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.956211][ T7758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.986803][ T4523] device bridge_slave_0 left promiscuous mode
[  324.988262][ T4523] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.165907][ T4523] device veth1_macvtap left promiscuous mode
[  325.167276][ T4523] device veth0_macvtap left promiscuous mode
[  325.168571][ T4523] device veth1_vlan left promiscuous mode
[  325.169928][ T4523] device veth0_vlan left promiscuous mode
[  326.463238][ T1610] kworker/u4:4: attempt to access beyond end of device
[  326.463238][ T1610] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  327.879288][ T7784] netlink: 28 bytes leftover after parsing attributes in process `syz.5.950'.
[  329.899351][ T7801] Invalid ELF header magic: != ELF
[  331.650045][ T4523] team0 (unregistering): Port device team_slave_1 removed
[  331.848515][ T4523] team0 (unregistering): Port device team_slave_0 removed
[  332.036836][ T4523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  332.247540][ T4523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.712802][ T4523] bond0 (unregistering): Released all slaves
[  334.931288][ T7754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.945'.
[  334.942169][ T7764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.945'.
[  335.265767][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  335.267441][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  335.271754][ T7548] 8021q: adding VLAN 0 to HW filter on device batadv0
[  337.330964][ T7844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  337.336909][ T7844] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  337.372117][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  337.374772][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  337.412088][ T7548] device veth0_vlan entered promiscuous mode
[  337.442284][ T4579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  337.445121][ T4579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  337.450440][ T4579] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  337.452441][ T4579] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  337.455293][ T7548] device veth1_vlan entered promiscuous mode
[  337.497397][ T7548] device veth0_macvtap entered promiscuous mode
[  337.507615][ T7548] device veth1_macvtap entered promiscuous mode
[  337.525760][ T7548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.531280][ T7548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.535553][ T7548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.541154][ T7548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.545545][ T7548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.551373][ T7548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.559235][ T7548] batman_adv: batadv0: Interface activated: batadv_slave_0
[  337.567429][ T7548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  337.573102][ T7548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.598507][ T7548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  337.604388][ T7548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.607048][ T7548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  337.609403][ T7548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.621512][ T7548] batman_adv: batadv0: Interface activated: batadv_slave_1
[  337.623233][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  337.625507][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  337.634545][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  337.652188][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  337.658620][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  337.691174][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  337.698676][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  337.704571][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  337.716226][ T7854] Invalid ELF header magic: != ELF
[  337.731305][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  337.741029][ T7548] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  337.743093][ T7548] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  337.745058][ T7548] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  337.749090][ T7548] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.054401][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  338.204717][ T7863] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.221248][ T7863] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.247136][ T4452] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.248949][ T4452] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  338.258318][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  338.378534][ T4579] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.380341][ T4579] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  338.386187][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  341.529246][ T7903] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  341.530962][ T7903] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  341.796590][ T7910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.805925][ T7910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.009359][ T7925] Invalid ELF header magic: != ELF
[  345.557167][ T7936] netlink: 8 bytes leftover after parsing attributes in process `syz.5.981'.
[  346.702127][ T7958] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  346.704096][ T7958] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.355909][ T7964] virtio-fs: tag <(null)> not found
[  347.907180][ T7951] sctp: failed to load transform for md5: -2
[  348.297030][ T7974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.299514][ T7974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.645478][ T7995] Invalid ELF header magic: != ELF
[  351.638614][ T8025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  351.640591][ T8025] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  352.080672][ T8041] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1004'.
[  352.140115][ T8048] Invalid ELF header magic: != ELF
[  352.629527][ T8056] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  354.712834][ T8088] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1017'.
[  357.022897][ T8109] Invalid ELF header magic: != ELF
[  357.565077][ T8116] device geneve2 entered promiscuous mode
[  357.981099][ T8143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  357.997214][ T8143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  359.084219][ T8169] Invalid ELF header magic: != ELF
[  359.519362][ T8173] raw_sendmsg: syz.5.1042 forgot to set AF_INET. Fix it!
[  360.205864][ T8183] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  360.207871][ T8183] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  360.209800][ T8177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  360.211803][ T8177] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  360.215361][ T8185] device geneve2 entered promiscuous mode
[  364.300260][ T8226] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  364.302062][ T8226] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  364.818962][ T8251] binder: 8233:8251 ioctl 4b71 0 returned -22
[  364.839613][ T8251] binder: 8233:8251 got transaction to invalid handle, 1
[  364.841210][ T8251] binder: 8251:8233 cannot find target node
[  364.842512][ T8251] binder: 8233:8251 transaction call to 0:0 failed 111/29201/-22, size 4192-24 line 3054
[  365.425792][ T4310] Bluetooth: hci1: command 0x0401 tx timeout
[  365.442430][ T4877] binder: undelivered TRANSACTION_ERROR: 29201
[  368.494685][ T8288] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  368.496376][ T8288] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  368.904059][ T8315] netlink: 'syz.4.1082': attribute type 4 has an invalid length.
[  369.016443][ T8321] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  369.783176][ T4300] Bluetooth: hci4: unexpected event 0x30 length: 9 > 3
[  369.783411][ T8321] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  369.909620][   T27] audit: type=1326 audit(369.870:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  369.918398][   T27] audit: type=1326 audit(369.870:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  369.923063][   T27] audit: type=1326 audit(369.870:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  370.816856][ T8332] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1085'.
[  370.842993][   T27] audit: type=1326 audit(369.870:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  370.881607][   T27] audit: type=1326 audit(369.870:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=219 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  370.888803][   T27] audit: type=1326 audit(369.870:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  370.893344][   T27] audit: type=1326 audit(369.870:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  370.898133][   T27] audit: type=1326 audit(369.870:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  370.902626][   T27] audit: type=1326 audit(369.890:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  371.013598][   T27] audit: type=1326 audit(369.890:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8327 comm="syz.0.1085" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  371.773883][ T8333] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  371.775660][ T8333] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  372.551226][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  372.556641][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  375.098687][ T8364] netlink: 'syz.6.1094': attribute type 4 has an invalid length.
[  375.232668][ T8373] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1096'.
[  375.417601][ T8382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.419609][ T8382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  377.092925][ T8397] input: syz0 as /devices/virtual/input/input5
[  378.633590][ T8413] binder: 8412:8413 tried to acquire reference to desc 0, got 1 instead
[  378.756752][ T8413] binder: 8412:8413 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  378.759435][ T8413] binder: 8413 RLIMIT_NICE not set
[  378.799320][ T8413] binder_alloc: 8412: binder_alloc_buf, no vma
[  378.800813][ T8413] binder: cannot allocate buffer: vma cleared, target dead or dying
[  378.800847][ T8413] binder: 8412:8413 transaction call to 8412:0 failed 123/29189/-3, size 0-0 line 3239
[  378.810934][ T8415] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1106'.
[  378.869003][ T1963] binder: release 8412:8413 transaction 116 out, still active
[  378.870878][ T1963] binder: undelivered TRANSACTION_COMPLETE
[  378.900003][ T8415] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1106'.
[  378.900414][ T3876] binder: undelivered TRANSACTION_ERROR: 29189
[  379.045469][ T3876] binder: send failed reply for transaction 116, target dead
[  379.366731][ T8430] input: syz1 as /devices/virtual/input/input6
[  381.681054][ T8474] netlink: 'syz.0.1118': attribute type 4 has an invalid length.
[  382.626376][ T8482] binder: 8478:8482 tried to acquire reference to desc 0, got 1 instead
[  382.637503][ T8483] netlink: 'syz.6.1120': attribute type 4 has an invalid length.
[  382.661453][ T8482] binder: 8478:8482 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  382.665783][ T8482] binder: 8482 RLIMIT_NICE not set
[  382.667304][ T8482] binder_alloc: 8478: binder_alloc_buf, no vma
[  382.668535][ T8482] binder: cannot allocate buffer: vma cleared, target dead or dying
[  382.668583][ T8482] binder: 8478:8482 transaction call to 8478:0 failed 135/29189/-3, size 0-0 line 3239
[  382.675357][ T4341] binder: release 8478:8482 transaction 128 out, still active
[  382.678002][ T4341] binder: undelivered TRANSACTION_COMPLETE
[  382.691727][ T8486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1121'.
[  382.707773][ T8488] netlink: 'syz.6.1120': attribute type 4 has an invalid length.
[  382.726458][ T8489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1121'.
[  383.941866][ T8516] netlink: 'syz.6.1131': attribute type 4 has an invalid length.
[  384.306427][ T8527] binder: 8526:8527 tried to acquire reference to desc 0, got 1 instead
[  384.309181][ T8527] binder: 8526:8527 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  384.311678][ T8527] binder: 8527 RLIMIT_NICE not set
[  384.312962][ T8527] binder_alloc: 8526: binder_alloc_buf, no vma
[  384.314194][ T8527] binder_debug: 2 callbacks suppressed
[  384.314203][ T8527] binder: cannot allocate buffer: vma cleared, target dead or dying
[  384.315358][ T8527] binder: 8526:8527 transaction call to 8526:0 failed 147/29189/-3, size 0-0 line 3239
[  384.584168][ T4877] binder: release 8526:8527 transaction 140 out, still active
[  384.586541][ T4877] binder: undelivered TRANSACTION_COMPLETE
[  385.126378][ T4341] binder: undelivered TRANSACTION_ERROR: 29189
[  385.127921][ T4341] binder: send failed reply for transaction 140, target dead
[  385.230207][ T8536] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1137'.
[  385.266033][ T8540] netlink: 'syz.0.1136': attribute type 4 has an invalid length.
[  385.314104][ T8540] netlink: 'syz.0.1136': attribute type 4 has an invalid length.
[  385.342073][ T8536] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1137'.
[  387.077370][ T8563] netlink: 'syz.0.1144': attribute type 4 has an invalid length.
[  388.114917][ T8579] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.120807][ T8579] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.191606][ T8582] binder: 8578:8582 tried to acquire reference to desc 0, got 1 instead
[  388.194370][ T8582] binder: 8578:8582 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  388.197291][ T8582] binder: 8582 RLIMIT_NICE not set
[  388.199207][ T8582] binder_alloc: 8578: binder_alloc_buf, no vma
[  388.200598][ T8582] binder: cannot allocate buffer: vma cleared, target dead or dying
[  388.200631][ T8582] binder: 8578:8582 transaction call to 8578:0 failed 159/29189/-3, size 0-0 line 3239
[  388.205410][ T4341] binder: release 8578:8582 transaction 152 out, still active
[  388.207295][ T4341] binder: undelivered TRANSACTION_COMPLETE
[  389.700762][ T8601] netlink: 'syz.0.1152': attribute type 4 has an invalid length.
[  389.750662][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1153'.
[  389.768522][ T8601] netlink: 'syz.0.1152': attribute type 4 has an invalid length.
[  389.808309][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1153'.
[  389.858147][ T8609] netlink: 'syz.4.1155': attribute type 4 has an invalid length.
[  392.416928][ T8619] binder: 8618:8619 IncRefs 0 refcount change on invalid ref 0 ret -22
[  392.434970][ T8619] binder: 8618:8619 got transaction to invalid handle, 1
[  392.495931][ T8619] binder_debug: 2 callbacks suppressed
[  392.495946][ T8619] binder: 8619:8618 cannot find target node
[  392.498515][ T8619] binder: 8618:8619 transaction call to 0:0 failed 162/29201/-22, size 72-24 line 3054
[  392.522615][ T8622] binder: 8618:8622 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  392.525564][ T8622] binder: 8622 RLIMIT_NICE not set
[  392.605195][ T8619] binder: 8618:8619 got transaction to invalid handle, 3
[  392.618510][ T8619] binder: 8619:8618 cannot find target node
[  392.619992][ T8619] binder: 8618:8619 transaction call to 0:0 failed 163/29201/-22, size 0-0 line 3054
[  392.651230][ T4877] binder: undelivered TRANSACTION_ERROR: 29201
[  392.709861][ T8641] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  392.711893][ T8641] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  392.765862][ T4877] binder: undelivered TRANSACTION_ERROR: 29201
[  392.970343][ T8653] device geneve2 entered promiscuous mode
[  393.745270][ T8663] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1169'.
[  393.762620][ T8663] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1169'.
[  393.806329][ T8664] netlink: 'syz.0.1168': attribute type 4 has an invalid length.
[  393.863550][ T8669] netlink: 'syz.0.1168': attribute type 4 has an invalid length.
[  393.893421][ T8667] netlink: 'syz.5.1170': attribute type 4 has an invalid length.
[  394.804146][ T8673] sctp: failed to load transform for md5: -2
[  395.071088][ T8694] binder: 8693:8694 tried to acquire reference to desc 0, got 1 instead
[  395.073827][ T8694] binder: 8693:8694 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  395.076838][ T8694] binder: 8694 RLIMIT_NICE not set
[  395.078138][ T8694] binder_alloc: 8693: binder_alloc_buf, no vma
[  395.079360][ T8694] binder: cannot allocate buffer: vma cleared, target dead or dying
[  395.079391][ T8694] binder: 8693:8694 transaction call to 8693:0 failed 175/29189/-3, size 0-0 line 3239
[  395.083656][ T4344] binder: release 8693:8694 transaction 168 out, still active
[  395.085417][ T4344] binder: undelivered TRANSACTION_COMPLETE
[  396.243808][ T8677] loop5: detected capacity change from 0 to 40427
[  396.255440][ T8677] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  396.257105][ T8677] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  396.561549][ T8677] F2FS-fs (loop5): invalid crc value
[  396.964437][ T8677] F2FS-fs (loop5): Found nat_bits in checkpoint
[  397.053762][ T8677] F2FS-fs (loop5): Start checkpoint disabled!
[  397.163738][ T8716] netlink: 'syz.6.1183': attribute type 4 has an invalid length.
[  397.193670][ T8716] netlink: 'syz.6.1183': attribute type 4 has an invalid length.
[  397.439753][ T8724] netlink: 'syz.5.1184': attribute type 4 has an invalid length.
[  397.491692][ T8726] binder: 8725:8726 tried to acquire reference to desc 0, got 1 instead
[  397.506574][ T8726] binder: 8725:8726 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  397.519567][ T8726] binder: 8726 RLIMIT_NICE not set
[  397.521201][ T8726] binder_alloc: 8725: binder_alloc_buf, no vma
[  397.522498][ T8726] binder_debug: 2 callbacks suppressed
[  397.522507][ T8726] binder: cannot allocate buffer: vma cleared, target dead or dying
[  397.523683][ T8726] binder: 8725:8726 transaction call to 8725:0 failed 187/29189/-3, size 0-0 line 3239
[  397.574205][ T6809] binder: release 8725:8726 transaction 180 out, still active
[  397.576057][ T6809] binder: undelivered TRANSACTION_COMPLETE
[  397.669549][ T6809] binder: undelivered TRANSACTION_ERROR: 29189
[  397.671048][ T6809] binder: send failed reply for transaction 180, target dead
[  400.314509][   T27] kauditd_printk_skb: 20 callbacks suppressed
[  400.314522][   T27] audit: type=1326 audit(400.270:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.324398][   T27] audit: type=1326 audit(400.280:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.496469][   T27] audit: type=1326 audit(400.280:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.527719][   T27] audit: type=1326 audit(400.290:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.629780][   T27] audit: type=1326 audit(400.290:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.634385][   T27] audit: type=1326 audit(400.290:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.641273][   T27] audit: type=1326 audit(400.290:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.646452][   T27] audit: type=1326 audit(400.290:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.651335][   T27] audit: type=1326 audit(400.290:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.683359][   T27] audit: type=1326 audit(400.290:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffff87f52ba8 code=0x7ffc0000
[  400.715224][ T8760] netlink: 'syz.5.1199': attribute type 4 has an invalid length.
[  401.080083][ T8766] binder: 8763:8766 tried to acquire reference to desc 0, got 1 instead
[  401.086756][ T8766] binder: 8763:8766 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  401.091651][ T8766] binder: 8766 RLIMIT_NICE not set
[  401.098168][ T8766] binder: 8766 RLIMIT_NICE not set
[  401.100714][ T8766] binder: 8763:8766 ioctl c0306201 0 returned -14
[  401.106839][ T4342] binder: release 8763:8766 transaction 192 out, still active
[  401.108589][ T4342] binder: undelivered TRANSACTION_COMPLETE
[  401.144365][ T4341] binder: release 8763:8766 transaction 192 in, still active
[  401.146210][ T4341] binder: send failed reply for transaction 192, target dead
[  401.935761][ T8783] binder: 8773:8783 ioctl 4b71 0 returned -22
[  402.015231][ T8783] binder: 8773:8783 unknown command 1074029333
[  402.016807][ T8783] binder: 8773:8783 ioctl c0306201 200003c0 returned -22
[  402.018867][ T8783] binder: 8773:8783 ioctl c0306201 0 returned -14
[  404.641846][ T8805] netlink: 'syz.5.1213': attribute type 4 has an invalid length.
[  405.761482][ T8814] binder: 8813:8814 tried to acquire reference to desc 0, got 1 instead
[  405.764216][ T8814] binder: 8813:8814 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  405.767685][ T8814] binder: 8814 RLIMIT_NICE not set
[  405.768786][ T8814] binder: 8814 RLIMIT_NICE not set
[  405.770152][ T8814] binder: 8813:8814 ioctl c0306201 0 returned -14
[  405.772075][ T4344] binder: release 8813:8814 transaction 205 out, still active
[  405.773718][ T4344] binder: undelivered TRANSACTION_COMPLETE
[  405.822664][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  405.822676][   T27] audit: type=1326 audit(405.780:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  405.862437][ T4344] binder: release 8813:8814 transaction 205 in, still active
[  405.863551][   T27] audit: type=1326 audit(405.820:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  405.864118][ T4344] binder: send failed reply for transaction 205, target dead
[  405.876183][   T27] audit: type=1326 audit(405.840:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  405.886749][   T27] audit: type=1326 audit(405.840:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  405.975890][   T27] audit: type=1326 audit(405.840:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  405.980555][   T27] audit: type=1326 audit(405.840:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  405.985340][   T27] audit: type=1326 audit(405.840:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  406.543421][   T27] audit: type=1326 audit(405.840:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  406.557820][   T27] audit: type=1326 audit(405.840:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  406.569816][   T27] audit: type=1326 audit(405.840:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8815 comm="syz.3.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  408.584849][ T8840] netlink: 'syz.4.1225': attribute type 4 has an invalid length.
[  409.571921][ T8851] netlink: 'syz.4.1229': attribute type 4 has an invalid length.
[  409.576308][ T8851] netlink: 'syz.4.1229': attribute type 4 has an invalid length.
[  409.913491][ T8865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  409.918125][ T8865] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  412.355161][ T8884] netlink: 'syz.4.1237': attribute type 4 has an invalid length.
[  412.466242][ T8886] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  413.734747][ T8904] netlink: 'syz.3.1244': attribute type 4 has an invalid length.
[  413.795543][ T8905] netlink: 'syz.3.1244': attribute type 4 has an invalid length.
[  414.887365][   T27] kauditd_printk_skb: 43 callbacks suppressed
[  414.887377][   T27] audit: type=1326 audit(414.850:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  414.896658][   T27] audit: type=1326 audit(414.860:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  414.912042][   T27] audit: type=1326 audit(414.860:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  415.504433][   T27] audit: type=1326 audit(414.860:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  415.523506][   T27] audit: type=1326 audit(414.860:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  415.557771][   T27] audit: type=1326 audit(414.860:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  415.569005][   T27] audit: type=1326 audit(414.860:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  415.573807][   T27] audit: type=1326 audit(414.860:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  415.579086][   T27] audit: type=1326 audit(414.860:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  415.583911][   T27] audit: type=1326 audit(414.860:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8914 comm="syz.5.1248" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  417.414132][ T8938] netlink: 'syz.4.1252': attribute type 4 has an invalid length.
[  417.691364][ T8940] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  419.743130][ T8965] netlink: 'syz.5.1263': attribute type 4 has an invalid length.
[  420.012142][ T8971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  420.019326][ T8971] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  420.121319][ T8972] netlink: 'syz.5.1265': attribute type 4 has an invalid length.
[  420.129376][ T8972] netlink: 'syz.5.1265': attribute type 4 has an invalid length.
[  420.882593][   T27] kauditd_printk_skb: 38 callbacks suppressed
[  420.882606][   T27] audit: type=1326 audit(420.840:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8960 comm="syz.4.1261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8c752ba8 code=0x7ffc0000
[  420.892599][   T27] audit: type=1326 audit(420.850:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8960 comm="syz.4.1261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8c752ba8 code=0x7ffc0000
[  420.915759][   T27] audit: type=1326 audit(420.860:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8960 comm="syz.4.1261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=269 compat=0 ip=0xffff8c752ba8 code=0x7ffc0000
[  420.953717][ T8980] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  420.983784][ T8955] loop3: detected capacity change from 0 to 40427
[  421.221379][ T8955] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  421.251861][ T8955] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  421.544043][ T8955] F2FS-fs (loop3): invalid crc value
[  421.718102][ T8955] F2FS-fs (loop3): Found nat_bits in checkpoint
[  421.755379][ T8955] F2FS-fs (loop3): Start checkpoint disabled!
[  421.810913][ T8955] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  421.812548][ T8955] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  423.655964][   T39] kworker/u4:2: attempt to access beyond end of device
[  423.655964][   T39] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  423.677182][ T9011] netlink: 'syz.0.1275': attribute type 4 has an invalid length.
[  423.852472][ T9016] input: syz0 as /devices/virtual/input/input8
[  424.953911][ T9030] syz.0.1280 sent an empty control message without MSG_MORE.
[  426.168815][ T9040] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  427.026667][ T9047] device geneve2 entered promiscuous mode
[  427.238533][ T9053] netlink: 'syz.4.1288': attribute type 4 has an invalid length.
[  430.191619][ T9090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  430.193591][ T9090] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  430.209837][   T27] audit: type=1326 audit(430.170:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  430.229132][   T27] audit: type=1326 audit(430.190:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  430.249991][   T27] audit: type=1326 audit(430.190:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  431.095940][ T9075] sctp: failed to load transform for md5: -4
[  431.104578][   T27] audit: type=1326 audit(430.190:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  431.109433][   T27] audit: type=1326 audit(430.190:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  431.122148][   T27] audit: type=1326 audit(430.190:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  431.136262][   T27] audit: type=1326 audit(430.190:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  431.148938][ T9099] netlink: 'syz.4.1301': attribute type 4 has an invalid length.
[  431.151568][   T27] audit: type=1326 audit(430.200:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  431.167179][   T27] audit: type=1326 audit(430.200:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  431.171689][   T27] audit: type=1326 audit(430.200:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.5.1298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffff8f752ba8 code=0x7ffc0000
[  432.586706][ T9133] netlink: 'syz.0.1314': attribute type 4 has an invalid length.
[  433.158523][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  433.161373][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  433.603638][ T9145] device geneve2 entered promiscuous mode
[  435.569813][ T4300] Bluetooth: hci0: command 0x0406 tx timeout
[  436.698720][ T9180] tipc: Started in network mode
[  436.699821][ T9180] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  436.714701][ T9180] tipc: Enabled bearer <udp:syz0>, priority 10
[  437.330550][   T27] kauditd_printk_skb: 9 callbacks suppressed
[  437.330589][   T27] audit: type=1326 audit(437.280:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  437.751791][   T27] audit: type=1326 audit(437.670:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  437.893297][ T4344] tipc: Node number set to 4269801491
[  437.940273][   T27] audit: type=1326 audit(437.670:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  437.944802][   T27] audit: type=1326 audit(437.670:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  438.644045][   T27] audit: type=1326 audit(437.670:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  438.674359][   T27] audit: type=1326 audit(437.670:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  438.684614][ T9216] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1344'.
[  438.707923][   T27] audit: type=1326 audit(437.670:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  438.715720][   T27] audit: type=1326 audit(437.670:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  438.721160][   T27] audit: type=1326 audit(437.670:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  438.731245][   T27] audit: type=1326 audit(437.670:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9194 comm="syz.0.1337" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff87f52ba8 code=0x7fc00000
[  442.086976][ T9264] Bluetooth: MGMT ver 1.22
[  443.382067][ T9288] input: syz0 as /devices/virtual/input/input10
[  443.603701][ T9292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  443.606948][ T9292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  444.256769][ T9276] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1368'.
[  445.688301][   T27] kauditd_printk_skb: 63 callbacks suppressed
[  445.688314][   T27] audit: type=1326 audit(445.650:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.697237][   T27] audit: type=1326 audit(445.660:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.701834][   T27] audit: type=1326 audit(445.660:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.725748][   T27] audit: type=1326 audit(445.660:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.740439][   T27] audit: type=1326 audit(445.660:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.744937][   T27] audit: type=1326 audit(445.670:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.765754][   T27] audit: type=1326 audit(445.670:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.770192][   T27] audit: type=1326 audit(445.670:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.795118][   T27] audit: type=1326 audit(445.670:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  445.823565][   T27] audit: type=1326 audit(445.670:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.6.1383" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  448.901454][ T9362] device geneve2 entered promiscuous mode
[  450.203875][ T9385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.218302][ T9385] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  452.778349][ T9415] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1404'.
[  453.719240][ T9429] input: syz0 as /devices/virtual/input/input12
[  455.242351][ T9451] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1413'.
[  455.365038][ T9457] netlink: 'syz.0.1415': attribute type 4 has an invalid length.
[  455.540935][ T9461] netlink: 'syz.6.1414': attribute type 1 has an invalid length.
[  458.162277][   T27] kauditd_printk_skb: 9 callbacks suppressed
[  458.162290][   T27] audit: type=1326 audit(458.120:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.172288][   T27] audit: type=1326 audit(458.130:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.181193][   T27] audit: type=1326 audit(458.140:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.194498][   T27] audit: type=1326 audit(458.140:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.208179][   T27] audit: type=1326 audit(458.140:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.213069][   T27] audit: type=1326 audit(458.140:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.225270][   T27] audit: type=1326 audit(458.140:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.240161][   T27] audit: type=1326 audit(458.140:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.253301][   T27] audit: type=1326 audit(458.140:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  458.265750][   T27] audit: type=1326 audit(458.140:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.6.1424" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f152ba8 code=0x7ffc0000
[  459.486125][ T9498] netlink: 'syz.4.1428': attribute type 4 has an invalid length.
[  460.656390][ T9522] netlink: 'syz.4.1434': attribute type 1 has an invalid length.
[  462.368270][ T9545] netlink: 'syz.4.1444': attribute type 4 has an invalid length.
[  462.392442][ T9548] device geneve2 entered promiscuous mode
[  463.455374][ T9563] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1449'.
[  463.517988][ T9564] netlink: 'syz.5.1450': attribute type 1 has an invalid length.
[  463.528405][ T9565] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1448'.
[  465.083048][ T9587] netlink: 'syz.0.1458': attribute type 4 has an invalid length.
[  468.619558][ T4310] Bluetooth: hci1: command 0x0401 tx timeout
[  468.825539][ T9627] usb usb9: usbfs: process 9627 (syz.4.1469) did not claim interface 0 before use
[  468.937690][ T9635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  468.940994][ T9635] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  468.979064][ T9636] netlink: 'syz.0.1472': attribute type 4 has an invalid length.
[  469.760164][ T9633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  469.762168][ T9633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  472.633546][ T9671] netlink: 'syz.5.1485': attribute type 4 has an invalid length.
[  473.919009][ T9691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.808988][ T9691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  476.113347][ T9706] netlink: 'syz.3.1497': attribute type 4 has an invalid length.
[  476.442589][ T9718] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  476.446304][ T9718] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  483.093211][ T9760] binder: 9750:9760 ioctl 4b71 0 returned -22
[  483.140383][ T9758] binder: 9750:9758 got transaction to invalid handle, 1
[  483.141950][ T9758] binder: 9758:9750 cannot find target node
[  483.143275][ T9758] binder: 9750:9758 transaction call to 0:0 failed 215/29201/-22, size 4192-24 line 3054
[  483.646489][ T4346] binder: undelivered TRANSACTION_ERROR: 29201
[  488.546743][ T9811] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.548843][ T9811] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  492.222127][ T9863] netlink: 'syz.3.1543': attribute type 4 has an invalid length.
[  494.616067][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  494.617578][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  495.904796][ T9900] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  496.060768][ T9907] netlink: 'syz.5.1556': attribute type 4 has an invalid length.
[  497.234850][ T9917] netlink: 'syz.3.1558': attribute type 4 has an invalid length.
[  497.245705][ T9917] netlink: 'syz.3.1558': attribute type 4 has an invalid length.
[  499.346551][ T9927] random: crng reseeded on system resumption
[  501.494732][ T9948] netlink: 'syz.6.1566': attribute type 4 has an invalid length.
[  501.558909][ T9950] netlink: 'syz.3.1567': attribute type 4 has an invalid length.
[  501.590233][ T9950] netlink: 'syz.3.1567': attribute type 4 has an invalid length.
[  505.635049][ T9989] netlink: 'syz.0.1578': attribute type 4 has an invalid length.
[  506.346899][ T9987] netlink: 'syz.5.1579': attribute type 4 has an invalid length.
[  506.355275][ T9987] netlink: 'syz.5.1579': attribute type 4 has an invalid length.
[  509.027763][T10029] netlink: 'syz.0.1591': attribute type 4 has an invalid length.
[  509.485862][T10044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.490085][T10044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.820266][T10051] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  509.873190][T10052] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  510.835718][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  512.673778][T10074] tmpfs: Bad value for 'mpol'
[  512.924446][T10083] netlink: 'syz.0.1604': attribute type 4 has an invalid length.
[  513.902911][T10095] netlink: 'syz.6.1612': attribute type 10 has an invalid length.
[  513.904646][T10095] netlink: 55 bytes leftover after parsing attributes in process `syz.6.1612'.
[  518.150281][T10132] netlink: 'syz.0.1619': attribute type 4 has an invalid length.
[  518.331330][T10141] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  518.348668][T10141] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  519.450343][T10154] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  520.332336][T10170] device geneve2 entered promiscuous mode
[  521.275226][T10181] netlink: 'syz.6.1634': attribute type 4 has an invalid length.
[  523.456175][T10202] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  524.515857][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  524.931713][T10220] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1646'.
[  524.939788][T10220] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  526.034987][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  528.327396][T10248] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  529.318394][T10261] device geneve2 entered promiscuous mode
[  529.420991][T10266] random: crng reseeded on system resumption
[  529.599900][T10270] netlink: 'syz.3.1663': attribute type 4 has an invalid length.
[  529.639027][T10270] netlink: 'syz.3.1663': attribute type 4 has an invalid length.
[  531.379893][T10290] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  531.431673][T10293] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  531.736089][T10303] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1674'.
[  531.743077][T10303] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1674'.
[  532.435755][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  533.051624][T10310] netlink: 'syz.4.1676': attribute type 10 has an invalid length.
[  533.053336][T10310] netlink: 55 bytes leftover after parsing attributes in process `syz.4.1676'.
[  535.073679][T10339] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  535.959556][T10357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  535.961636][T10357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  535.967875][T10357] x_tables: ip_tables: osf match: only valid for protocol 6
[  536.877641][T10360] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  540.151713][T10399] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  541.540215][T10421] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  541.543539][T10421] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  541.956375][T10424] 8021q: adding VLAN 0 to HW filter on device bond1
[  544.589282][T10435] bond0: (slave netdevsim0): Error: Slave device does not support XDP
[  547.311474][T10460] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  547.379789][T10466] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  551.534609][T10511] 8021q: adding VLAN 0 to HW filter on device bond0
[  551.543996][T10511] bond0: (slave rose0): Enslaving as an active interface with an up link
[  551.546311][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  555.650714][T10561] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1743'.
[  556.836243][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  556.837835][ T2059] ieee802154 phy1 wpan1: encryption failed: -22
[  556.866143][T10557] random: crng reseeded on system resumption
[  561.959902][T10608] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1754'.
[  564.065913][T10630] random: crng reseeded on system resumption
[  569.748095][T10683] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1770'.
[  571.251743][T10699] random: crng reseeded on system resumption
[  576.441131][T10767] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  583.102935][T10820] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  583.768266][T10837] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  583.918791][T10845] netlink: 'syz.6.1814': attribute type 4 has an invalid length.
[  584.142545][T10845] netlink: 'syz.6.1814': attribute type 4 has an invalid length.
[  587.278605][T10892] netlink: 'syz.6.1829': attribute type 4 has an invalid length.
[  587.314118][T10892] netlink: 'syz.6.1829': attribute type 4 has an invalid length.
[  587.625475][T10901] xt_socket: unknown flags 0x50
[  589.763575][T10928] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  589.765185][T10928] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  589.770017][T10928] vhci_hcd vhci_hcd.0: Device attached
[  589.775539][T10930] vhci_hcd: connection closed
[  589.780934][ T5554] vhci_hcd: stop threads
[  589.784025][ T5554] vhci_hcd: release socket
[  589.785305][ T5554] vhci_hcd: disconnect device
[  593.371679][T10966] bridge0: port 3(syz_tun) entered blocking state
[  593.373196][T10966] bridge0: port 3(syz_tun) entered disabled state
[  593.376271][T10966] device syz_tun entered promiscuous mode
[  593.377821][T10966] bridge0: port 3(syz_tun) entered blocking state
[  593.379262][T10966] bridge0: port 3(syz_tun) entered forwarding state
[  593.683116][T10985] capability: warning: `syz.4.1860' uses deprecated v2 capabilities in a way that may be insecure
[  596.215432][T11023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1867'.
[  596.219776][T11023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1867'.
[  604.841004][   T27] kauditd_printk_skb: 17 callbacks suppressed
[  604.841019][   T27] audit: type=1326 audit(604.790:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11116 comm="syz.4.1893" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8c752ba8 code=0x0
[  607.877375][T11153] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  607.879021][T11153] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  610.758836][T11166] block device autoloading is deprecated and will be removed.
[  613.689329][T11203] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  613.690833][T11203] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  616.139674][T11224] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1923'.
[  616.165113][T11224] netlink: 'syz.6.1923': attribute type 1 has an invalid length.
[  616.222743][T11224] 8021q: adding VLAN 0 to HW filter on device bond1
[  617.468868][T11239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1927'.
[  617.470770][T11239] device bridge_slave_1 left promiscuous mode
[  617.473433][T11239] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.477969][ T2059] ieee802154 phy0 wpan0: encryption failed: -22
[  617.516924][T11239] device bridge_slave_0 left promiscuous mode
[  617.519408][T11239] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.803264][T11245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  617.806616][T11245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  618.707954][T11258] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  618.709854][T11258] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  623.199948][T11304] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  623.201779][T11304] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  625.176553][T11324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  625.178647][T11324] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  626.679689][T11310] tipc: Started in network mode
[  626.683025][T11310] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  626.740946][T11310] tipc: Enabled bearer <eth:team0>, priority 0
[  627.891337][ T4341] tipc: Node number set to 11578026
[  628.273335][T11359] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  629.406298][T11363] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  630.715048][T11372] device geneve2 entered promiscuous mode
[  631.311028][T11394] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  631.313085][T11394] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  634.076533][T11416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  634.079185][T11416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  634.111879][T11415] netlink: 'syz.0.1979': attribute type 4 has an invalid length.
[  635.411414][T11441] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  636.435745][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  638.221819][T11463] netlink: 'syz.5.1991': attribute type 4 has an invalid length.
[  638.304768][T11466] random: crng reseeded on system resumption
[  638.786626][T11482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  638.788623][T11482] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  642.418088][T11510] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  642.419702][T11510] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  643.258945][T11508] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.972308][T11518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  643.981812][T11518] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  644.838277][T11508] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.049094][T11508] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  646.747510][T11508] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.652053][T11554] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  647.653657][T11554] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  648.031861][T11508] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  648.089773][T11508] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  648.216271][T11508] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  648.222663][T11508] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  649.480929][T11582] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2025'.
[  652.729276][T11602] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  652.731123][T11602] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  653.998137][T11606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  654.000934][T11606] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  657.868751][T11641] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2045'.
[  661.594938][T11614] Set syz1 is full, maxelem 65536 reached
[  661.758131][T11670] tmpfs: Unknown parameter 'no'
[  663.262135][T11686] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  663.263864][T11686] ALSA: mixer_oss: invalid OSS volume 'OGAINW��1��'
[  667.108879][T11710] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2065'.
[  668.062325][T11719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  668.109428][T11719] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  692.205601][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 22s! [kworker/u4:10:4399]
[  692.207882][    C1] Modules linked in:
[  692.208724][    C1] irq event stamp: 2724020
[  692.209636][    C1] hardirqs last  enabled at (2724019): [<ffff80001232d358>] exit_to_kernel_mode+0xe8/0x118
[  692.211605][    C1] hardirqs last disabled at (2724020): [<ffff80001232b034>] el1_interrupt+0x24/0x68
[  692.213628][    C1] softirqs last  enabled at (2719256): [<ffff8000081c3414>] handle_softirqs+0xb84/0xd58
[  692.215631][    C1] softirqs last disabled at (2719235): [<ffff800008020174>] __do_softirq+0x14/0x20
[  692.217545][    C1] CPU: 1 PID: 4399 Comm: kworker/u4:10 Not tainted 6.1.124-syzkaller #0
[  692.219232][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  692.221290][    C1] Workqueue: events_unbound toggle_allocation_gate
[  692.222616][    C1] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  692.224209][    C1] pc : smp_call_function_many_cond+0x20f8/0x32b8
[  692.225462][    C1] lr : smp_call_function_many_cond+0x2110/0x32b8
[  692.226692][    C1] sp : ffff800021c67520
[  692.227530][    C1] x29: ffff800021c67890 x28: 1fffe000367a2a30 x27: ffff800015a91148
[  692.229157][    C1] x26: ffff800021c67688 x25: ffff0001b3cfa308 x24: 0000000000000000
[  692.230877][    C1] x23: dfff800000000000 x22: ffff0001b3d15188 x21: 0000000000000011
[  692.232698][    C1] x20: ffff800021c67680 x19: ffff0001b3d15180 x18: 0000000000000140
[  692.234316][    C1] x17: ffff800015a8d000 x16: ffff80001232f264 x15: 0000000000000000
[  692.235884][    C1] x14: 1ffff00002b520b2 x13: dfff800000000000 x12: 0000000000000001
[  692.237474][    C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 0000000000000000
[  692.239375][    C1] x8 : 0000000000000011 x7 : 0000000000000000 x6 : 0000000000000000
[  692.241165][    C1] x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff80000844aecc
[  692.242873][    C1] x2 : 0000000000000000 x1 : 0000000000000004 x0 : 0000000000000001
[  692.244422][    C1] Call trace:
[  692.245058][    C1]  smp_call_function_many_cond+0x20f8/0x32b8
[  692.246207][    C1]  kick_all_cpus_sync+0x40/0xa0
[  692.247363][    C1]  arch_jump_label_transform_apply+0x14/0x20
[  692.248622][    C1]  __jump_label_update+0x30c/0x334
[  692.249680][    C1]  jump_label_update+0x30c/0x3bc
[  692.250844][    C1]  static_key_enable_cpuslocked+0x140/0x230
[  692.252057][    C1]  static_key_enable+0x24/0x38
[  692.252990][    C1]  toggle_allocation_gate+0xcc/0x448
[  692.254035][    C1]  process_one_work+0x7ac/0x1404
[  692.255058][    C1]  worker_thread+0x8e4/0xfec
[  692.256072][    C1]  kthread+0x250/0x2d8
[  692.256920][    C1]  ret_from_fork+0x10/0x20
[  692.257895][    C1] Kernel panic - not syncing: softlockup: hung tasks
[  692.259334][    C1] CPU: 1 PID: 4399 Comm: kworker/u4:10 Tainted: G             L     6.1.124-syzkaller #0
[  692.261354][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  692.263302][    C1] Workqueue: events_unbound toggle_allocation_gate
[  692.264626][    C1] Call trace:
[  692.265362][    C1]  dump_backtrace+0x1c8/0x1f4
[  692.266427][    C1]  show_stack+0x2c/0x3c
[  692.267330][    C1]  dump_stack_lvl+0x108/0x170
[  692.268375][    C1]  dump_stack+0x1c/0x5c
[  692.269296][    C1]  panic+0x300/0x804
[  692.270158][    C1]  softlockup_fn+0x0/0x120
[  692.271039][    C1]  __hrtimer_run_queues+0x484/0xdc0
[  692.272079][    C1]  hrtimer_interrupt+0x2c0/0xb64
[  692.273139][    C1]  arch_timer_handler_virt+0x74/0x88
[  692.274312][    C1]  handle_percpu_devid_irq+0x174/0x354
[  692.275538][    C1]  generic_handle_domain_irq+0x7c/0xc4
[  692.276698][    C1]  gic_handle_irq+0x70/0x1e4
[  692.277721][    C1]  call_on_irq_stack+0x24/0x4c
[  692.278870][    C1]  do_interrupt_handler+0xd4/0x138
[  692.279875][    C1]  el1_interrupt+0x34/0x68
[  692.280780][    C1]  el1h_64_irq_handler+0x18/0x24
[  692.281763][    C1]  el1h_64_irq+0x64/0x68
[  692.282655][    C1]  smp_call_function_many_cond+0x20f8/0x32b8
[  692.283865][    C1]  kick_all_cpus_sync+0x40/0xa0
[  692.285008][    C1]  arch_jump_label_transform_apply+0x14/0x20
[  692.286210][    C1]  __jump_label_update+0x30c/0x334
[  692.287260][    C1]  jump_label_update+0x30c/0x3bc
[  692.288306][    C1]  static_key_enable_cpuslocked+0x140/0x230
[  692.289478][    C1]  static_key_enable+0x24/0x38
[  692.290437][    C1]  toggle_allocation_gate+0xcc/0x448
[  692.291526][    C1]  process_one_work+0x7ac/0x1404
[  692.292481][    C1]  worker_thread+0x8e4/0xfec
[  692.293458][    C1]  kthread+0x250/0x2d8
[  692.294427][    C1]  ret_from_fork+0x10/0x20
[  692.295341][    C1] SMP: stopping secondary CPUs
[  693.382738][    C1] SMP: failed to stop secondary CPUs 0-1
[  693.383911][    C1] Kernel Offset: disabled
[  693.384820][    C1] CPU features: 0x080000,02070084,26017203
[  693.386030][    C1] Memory Limit: none
[  693.413682][    C1] 
[  693.414226][    C1] ================================
[  693.415221][    C1] WARNING: inconsistent lock state
[  693.416232][    C1] 6.1.124-syzkaller #0 Tainted: G             L    
[  693.417569][    C1] --------------------------------
[  693.418653][    C1] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
[  693.420010][    C1] kworker/u4:10/4399 [HC1[1]:SC0[0]:HE0:SE1] takes:
[  693.421385][    C1] ffff800015ad1118 (efi_rt_lock){?...}-{2:2}, at: virt_efi_set_variable_nonblocking+0x74/0x16c
[  693.423608][    C1] {HARDIRQ-ON-W} state was registered at:
[  693.424795][    C1]   lock_acquire+0x26c/0x7cc
[  693.425824][    C1]   _raw_spin_lock+0x54/0x6c
[  693.426824][    C1]   efi_call_rts+0x280/0x9d8
[  693.427788][    C1]   process_one_work+0x7ac/0x1404
[  693.428846][    C1]   worker_thread+0x8e4/0xfec
[  693.429787][    C1]   kthread+0x250/0x2d8
[  693.430755][    C1]   ret_from_fork+0x10/0x20
[  693.431620][    C1] irq event stamp: 2724020
[  693.432657][    C1] hardirqs last  enabled at (2724019): [<ffff80001232d358>] exit_to_kernel_mode+0xe8/0x118
[  693.434867][    C1] hardirqs last disabled at (2724020): [<ffff80001232b034>] el1_interrupt+0x24/0x68
[  693.436753][    C1] softirqs last  enabled at (2719256): [<ffff8000081c3414>] handle_softirqs+0xb84/0xd58
[  693.438804][    C1] softirqs last disabled at (2719235): [<ffff800008020174>] __do_softirq+0x14/0x20
[  693.440723][    C1] 
[  693.440723][    C1] other info that might help us debug this:
[  693.442524][    C1]  Possible unsafe locking scenario:
[  693.442524][    C1] 
[  693.444198][    C1]        CPU0
[  693.444873][    C1]        ----
[  693.445536][    C1]   lock(efi_rt_lock);
[  693.446428][    C1]   <Interrupt>
[  693.447164][    C1]     lock(efi_rt_lock);
[  693.448077][    C1] 
[  693.448077][    C1]  *** DEADLOCK ***
[  693.448077][    C1] 
[  693.449888][    C1] 6 locks held by kworker/u4:10/4399:
[  693.451030][    C1]  #0: ffff0000c0029138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x664/0x1404
[  693.453456][    C1]  #1: ffff800021c67c20 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x6a8/0x1404
[  693.455939][    C1]  #2: ffff800015b058d0 (cpu_hotplug_lock){++++}-{0:0}, at: static_key_enable+0x1c/0x38
[  693.458194][    C1]  #3: ffff800015cf12e8 (jump_label_mutex){+.+.}-{3:3}, at: static_key_enable_cpuslocked+0xe8/0x230
[  693.460576][    C1]  #4: ffff800015c65360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c
[  693.462633][    C1]  #5: ffff800017b01c48 (&psinfo->buf_lock){....}-{2:2}, at: pstore_dump+0x184/0x9f4
[  693.464816][    C1] 
[  693.464816][    C1] stack backtrace:
[  693.466096][    C1] CPU: 1 PID: 4399 Comm: kworker/u4:10 Tainted: G             L     6.1.124-syzkaller #0
[  693.468114][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  693.470103][    C1] Workqueue: events_unbound toggle_allocation_gate
[  693.471561][    C1] Call trace:
[  693.472290][    C1]  dump_backtrace+0x1c8/0x1f4
[  693.473235][    C1]  show_stack+0x2c/0x3c
[  693.474146][    C1]  dump_stack_lvl+0x108/0x170
[  693.475201][    C1]  dump_stack+0x1c/0x5c
[  693.476195][    C1]  print_usage_bug+0x654/0x9b0
[  693.477238][    C1]  mark_lock_irq+0x980/0xd2c
[  693.478342][    C1]  mark_lock+0x258/0x360
[  693.479236][    C1]  __lock_acquire+0xb4c/0x7680
[  693.480327][    C1]  lock_acquire+0x26c/0x7cc
[  693.481239][    C1]  _raw_spin_lock+0x54/0x6c
[  693.482185][    C1]  virt_efi_set_variable_nonblocking+0x74/0x16c
[  693.483646][    C1]  efivar_set_variable_locked+0x1e4/0x20c
[  693.484921][    C1]  efi_pstore_write+0x424/0x64c
[  693.485917][    C1]  pstore_dump+0x6c0/0x9f4
[  693.486853][    C1]  kmsg_dump+0x17c/0x26c
[  693.487741][    C1]  panic+0x348/0x804
[  693.488727][    C1]  softlockup_fn+0x0/0x120
[  693.489751][    C1]  __hrtimer_run_queues+0x484/0xdc0
[  693.490884][    C1]  hrtimer_interrupt+0x2c0/0xb64
[  693.491951][    C1]  arch_timer_handler_virt+0x74/0x88
[  693.493105][    C1]  handle_percpu_devid_irq+0x174/0x354
[  693.494392][    C1]  generic_handle_domain_irq+0x7c/0xc4
[  693.495490][    C1]  gic_handle_irq+0x70/0x1e4
[  693.496422][    C1]  call_on_irq_stack+0x24/0x4c
[  693.497482][    C1]  do_interrupt_handler+0xd4/0x138
[  693.498690][    C1]  el1_interrupt+0x34/0x68
[  693.499616][    C1]  el1h_64_irq_handler+0x18/0x24
[  693.500866][    C1]  el1h_64_irq+0x64/0x68
[  693.501756][    C1]  smp_call_function_many_cond+0x20f8/0x32b8
[  693.503076][    C1]  kick_all_cpus_sync+0x40/0xa0
[  693.504198][    C1]  arch_jump_label_transform_apply+0x14/0x20
[  693.505564][    C1]  __jump_label_update+0x30c/0x334
[  693.506680][    C1]  jump_label_update+0x30c/0x3bc
[  693.507669][    C1]  static_key_enable_cpuslocked+0x140/0x230
[  693.508954][    C1]  static_key_enable+0x24/0x38
[  693.509973][    C1]  toggle_allocation_gate+0xcc/0x448
[  693.511185][    C1]  process_one_work+0x7ac/0x1404
[  693.512274][    C1]  worker_thread+0x8e4/0xfec
[  693.513342][    C1]  kthread+0x250/0x2d8
[  693.514249][    C1]  ret_from_fork+0x10/0x20
[  693.994371][    C1] Rebooting in 86400 seconds..