last executing test programs:

6.68847019s ago: executing program 1 (id=1793):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="ef00000000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x4008040}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
syz_open_dev$dri(0x0, 0x3, 0x8000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
syz_io_uring_setup(0x49a, &(0x7f0000000140)={0x0, 0x79b2, 0x3180, 0x1, 0x283}, &(0x7f0000000340), &(0x7f0000000040))

5.817825967s ago: executing program 1 (id=1800):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$sequencer(0xffffff9c, 0x0, 0x2000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)={0x28, 0x4, 0x8, 0x201, 0x0, 0x0, {0xa, 0x0, 0x7}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x20004850}, 0x20000004)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9}}, './file0\x00'})
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd708", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@window={0x3, 0x3, 0x96}]}}}}}}}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x0)
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000000)="bbbe9c88b263d566a275486a714a5c7fd78b31bc83c49226e9a281ae0cdacfea36476ba9fd8f0e2cdbf430362f49fd1dbe0aad315d1bbc972d33f9381a1560589ac8837557ef96c085e4c749848d45d65241212d5c17c7d18d78d099f6812b4fc8ae7152d73638712acd788205a05d24afabce2634b56660d59a890d5c0057570320d9e476c0fb900e09c9c56a5a324f147ade4f66bf68a753b23b90d848c0d413479f022fffa59b3e32db00e7d91bddd0ca8350f723fe698b3bcfd7d92443415b721a2defa1e9ae26706abd6e0409a85955cce8519c44eb9d0c72f639e7577ac0790e0d49cf743bcf0261845f25962286416d2fd9861d7a50f1d69f4d941d87127610f9a98844dc12de33b3341b5f9abf767f0b61fe7f7526e4d0c33f6fb856fafb615608252b75151104b58ecbab5bcaab0808575b60d00c92b4de8e0f58161fb33aeb077407654a271a7d663060d75eae3268231e89ff4904c1e4731d42145b989f3c62cd0d83e2ae583aff64e9c8f8f7532dbb45cb3049af90a30ff878c8dbebca9e3f79faadc5185dc283e97d5636b5f3a462e3c625269a61b7cb620a5e0150fbd1c76d92c16eb359e27b3de172c7d6ce15e3339c086c9019a767051d6790b1ca081c95fb5bffa578eed1342890fa7bb4d58c1419d4c6d80b1345f0db4be49ad476a16202506808689bd11ff98a971e27fc2c90a3c694ddc9af729d03cda2b7f7d6dfaf645ab092b340b09ef2b4eed9c0a7eb682b6278bc084ea3717fb0603807f1036cbd46f02b96b599c42e6b11a34c108efa107f702476ef5c4c5ae0b3ddd3db34e187c2c6dca23f64cb27e059c0cac415deb86eae15ff347d72921c96fa37e5ccf8852c74926f322ecf9d199f8c552301f4f4f726645c6414cf4e201064a151bdc972a6247ae5c0ed0c1537d3891d27b9fb1128e0be5177d7e442171fb92a4a94f8a44b09ede3e54511395d9f227e58e88e3e203a3e4c4f64a78daa213928a64c1ba4c6d5e5131f48c429cc125ed8ffbe82f5d0f689b2d4ee298c2cb1d3602a9687a528de909d756e7740f0c5c3ea3b350a0a5503a49940e491f30cd1372057fcd12ce1f86fddb0888d7ad3972607eefadd19f09680698c65f4df4d260906af49d41752d2e27a7652ad19d9062c20598e48585b536322d09df03feee51fb196df0335e082d2a9d514f26ee122210dad61515bd7b39d7bf0d3815239576ab9744d59bbcb4de1c9344fdd0c5192160599e34b6dab114455aea2e726971501e35e482c690a092b19eb30c02a18cb196cf8ac1d9a7e38d95974cf452335ea0d74249bc0615b4ffb3bb7a838bca0c552224e681ef8ee50cad25602872594f63f5fe025f61220ce92794cb34e6f85a27467e4eb174cee7566882217c18d05b8ddfc1779b82fbae9534b36be6b80c3e1a478c20d5cacccc23f4869d779d64140c194b1a8c8cb78085d87147ec604bbe3a04c048a98da9972121744b6a5f40b84622e2484f53919960e6e3bc18d85d9c8dadf93c462a8de2adef5bf662ef9fe73dba3c2bb9099c064bbfff4ef967bd70c0c1bdd2783c9c9bd4b811b7217c0119819f7ec5dc6ac0c6a66dd2c8ec53541131712a4dc78bc338755306ca5ce8e6d899a070905a1915ed7a7faef73d053373b6111725858abda2e7f1a76388ba1def59ff4a0da33e0615adb18bd3ff7267cf5b5d28903542f0f714f2fb92a3a54529afd37ee46ed4a6c80bffd01269fa1c5214c6260d41aed38842bf78d1b026e80e944c524ae5dbd71685a27752f2df8608ed604b6138ae110793acb231a0083a07d0bef0dbbb2a8b6b9a6258d7a11d77564bf197d40e6e805b755acebbb0b7025f50c46981f2e5faf7e85316009df7207695c62eda779c630a248e25d654eb937ad2904751b6a8b876ec8546437a61ebec15d16d9ccc5e59c64fdfce385e3a34d0f2d6318af5364c2399afc0aa9edeb5737a008f1ca76b6428cd4f342216d135b4b1ac75b79f4ca8f1501cc821abfa7959aaaf395525efce5c1f97797dfb2be3856ecf8f1758e382dadd7542f68a66cc3ff034c55f2360b93ffd6cbeb3e92317de7af291fe3be1f7df13a837e97378be668a0961b39b4995cb1d56e9fe84c37b7c605aaab8d3e25f7639e17274d461a3a9a563d724249dcf64ac1cef7bb5262e36e02fa9f7774e5300bb4f1735bd6a148f29f5a572bb3a0f8808cfc2715a0a5cdb5c39f3f735207b69830a2603a2b91139a5cf032b06b1dd41607a7492196e52be46673dba6d634af84ee7fa1c8e6119adb25ec12d2c8364dc6b6312cdd0de85f80560fbea1983eeef9eb117aa98a9e86ed5b31eeb089edd7d451deb2b09df86fb966c48ce7048f4d50fb10b5cfa647dc362aad8cbe21d2f56e0ac033b113be1b703e6daf25eb1e60a0c1ed662e5b8acb4472ca1f743f58f6792ff3c74728b704dcf6efaa1c9e4276fadc0359b173d34495f9540697a0f1a7d321a7294d25a515806faa9cbccb127003abc4e16f3b837219d8770304391953767e144fb2ef2410d98ef617a622ab36d1637f0eeee1cf5898408bfdf4a683567f3a6e1caeb0293c462a8ea045762020b87e8d22c7b665c61a1724745a618b8ce290bebd62a8ac7b5860809f906ddc852f3d7dd6761af77301e81c866587e7ade94f119aa24c868ea6ca33a7c57a7ef0f3eb43ac3db4834c1e9ad34fa5899ef543a6d7cd861ab0949234f4511c10396c5c06b1e89223a562cb1c536b06ad3432963358760489ddf4053ba0c8f749a841bdc26ff7d9cfd27f78861739740b88835d9da4734ad1a899f8a88b7973d901919076399cb43280efa5e4e8ba20d2e0cf4bee1e24c7c4cf1f5e5d54cdfb623006a99fa4c1e9f4bb3fc07405fcfab9b0d36a7b43a4942d74da5f11caed913d67c62bcaad7df61fb2241326e4e84db1b6aa0d9d4ebda01f5eb608c25f6fbc1324759103b905533a9691dcdc45c754ded2d2f6261d766efe6e2bcbc4c3b2b27f58ef2bfab80c047de246d195d2c2e96c642747fe343828d8fd6575fc8894fa4bb8f262dbc36d704395782e00225f5b6573ff7cf013594ce2823810beda46a1ad403726e50711f9172e4af08366a5bc3ae44f74034fd37f774f8ac93ff7f9423b5cb92015d4215c1624b91af14e72902d966ff7efee4c05c22e53d58845b8d2b2f9816f6f184efde95796f52a963b0260b0d6e36f29ea3aada13a556970cfbeb02031ca5ba4eecb0ea006490ce912efce579e1169d255d5a7102b7d2d232ae81819519558e171001ef9b94d29303f2ce933e0f61f91f4a6ad238e1b03d000869028b08710f700317464f3b05cc9f70fadbbf797382d062bf850170187780293674fd67ebb088db2f271870443c7c7ebccd3ce6d3f496bfb298ebcd4c7ac78e594a3368ac60d2319f73096a601fa7d3a7ea2372dd1f7711d997fdba2bca168d57c862b7d0913db10b1a89c50343234a82c3923c7e5a36abaa59386aa7022f61399bf148df1dac5ee76eb5173e6c65d8129e9460932af766de2a5ca844d9913ed0f1e8a5b3b9b2c01880e4deda8d7ea4171a83d28473c9e69ad7deacbea7bb34b3ccd0ddd9558bb0ddf0f6d56a8d5777df3e2b66423d1a878a902a642ead4e05b980f15618061ac25a72789b294679736709c77ee39cc2c42a9b8f261d8a3a4192d7bc4572fbb4626269dc97303bdf1d36760739fa535bec50093c350042ac45a3fb464973bf916fbe638108b068372bb433bba51c1609cbb26ccd099ce3059045292fe991bbd408aad4da2e2b9affa2a9b3fb0d3d983ad4378ae38580570b6915ff4333be7d64bacb42b5cb7e884f647a84f7c519b8081da7edd746113e7e5b4011c641d80f1a8e79deb641c7d330c6377c00713c22a039eebdc604dfb7ac1a9391c4b21cc9f20b9025bd3cba7acf578600e9a7b6e94e70e83c11e0cc7ef799782a8cf232f5835b697f86d6d328f38ed308b41112c69d7335c6ad9ac4ea218b2d9ac02cb39442ebe9c621d97905c650ef207060450cd666e54fbfc11f74d394a2ff20ce60688ca159a40ad1cf814a504ca045e338019f6f3c861f233e4d37ba2f3982bcf439400cd6607ddcf3a171a92b2ddc6ce6991cfbd0b11b63dae316c8bd495d013333360bbb4df19fac90d5c423732881e2b1063eeae3c68a5b3b9368b534cc6c0cad9b522a86c5e9521fd7f644c568b6c68ed0244fccb2ce32fea175d977ecd385a2832734b05e1b729dbd2b187d089a467ebedd17659c02cc9f619a006ad4bce20e543fbcf8182624879b4404c714a1d193ebdba39ddfd8f6d0f8271ff8b8ba48e4aa499b71f11533efc98a6d1a570b4c69912db491ea3de9029a2d2ad451932ebf2574e1eadddbf73ab23419b1fb5357bafb1106367e76a31a449742c7d6342a07cceef7da1e8a5e8e28eaaf36c1a5323a4f17892840b9798ab60e2d1d7e1f48b3c27d60335b79a085b506f85a9fc4ea1eb0ca9d00c49c7a41b72b2a1c73e462f16b677e494c44ba44667dc284c830adf5f750973a640f19d6e268abdfb8ab8d97137898b77b06c63a48d9debc6eb6cf5899fb6b56bbd63c0e557bf19b0eec7667ee9e87d0c573267a2a55b9851d08f98f6e458401c9eafe782df24448669a561a7759b1e183c79dcc320b4dfb6802451ce29bca908d987d2ff0a143480ac31f465ea71e59594e51463562ac07bdd2724102423762c80253a24b099c236c2f0a66f81b0c6ad3a21129c8c1992b558dc5cef91422a7ffbd83934555c5ee74182d49b69b46b37328e17261daa83c7f8d2d7878a51b09badb09561791053c28f49ac595b8970fff23e27d199906e12e80d5d636f8340dce2053c200d2a1b88753692cfaaa80ceda3da240a2965baa8cc8f1396850b72e1a6bb98de9197ce34338a92aa74104921c339054373f18e1c2f0ad2d065ffeb7daa953fdf47803616962f00f65605bd933bf77ada780a9ddf7e5858353cf5fa33490664d32e7af0686403c2f8b29837591768bd44c41757cda495b5c59523d887bdef33124e7300a6774bfe07f0d128089efb855264566bbfec141ff6aae73d1179c4d02bc1eda98eb337505684702957e3a9000cd6386a4bda29dc9340f70986da04172b3d93c7dd8378c1a0ea60c4ace14352ee74a1cda9045bc09256a39169c7a09d99971c350f6c861c7c204271c1eeecad2e074ab6c47756e3bf34a4a814de8267c9a347d68745d400b4b18e311d9c55b15f62a94ad1bdf1e544e00e10f357d47e6e7f56e21dea6c0be18502ac5b878e9d27898503e888562e8422069455b95ce4652545c86f11bb46f9a66935a217b2f0904ecc2a3365371a0d9f2611075adf13ed8d1ad1db26ae6e0fac218abf7fee4ccbb056c6737244623802263f784ab4d7e4ce8212e1867e07ec4f209a88f32194c0b03a3aec126dd49dbda63ce56b5ee1dd127d075986529309df27f39444e06675865a3f791d4c2e34afc48cc807cb2cdf311bbed4f03cd1512e5f0f4500b6c737df1d4a4802d547eb5c94699e34b4435c02a82179dbf8c0ab033b38264fdb04f3c4589813369196409f976ef2e729115ec7c98078b41dc6646ffb52e335f01ff4e336fc2e63a2c391f7db0e2cf6d58906bcc1908b53918c4ff84c4642816ffb9b18021edbefc2f49633369d5a0b1cf01738dc48933234af8a0d93068693e02e7ef69358b07d6e1eb67ce64617a854d3feba6a54a069f807c5b5ab13b5e1")
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
ioctl$TCXONC(r0, 0x4b3a, 0x0)

5.300092393s ago: executing program 0 (id=1801):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000000840)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f0000000140)=r1)
close_range(r0, 0xffffffffffffffff, 0x0)

5.203770651s ago: executing program 0 (id=1802):
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x81})
io_uring_enter(r0, 0x3516, 0x0, 0x2, 0x0, 0x0)

4.832171314s ago: executing program 1 (id=1805):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002280)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000200)={0x2020}, 0x2020)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
socket$inet6(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
socket$inet_tcp(0x2, 0x1, 0x0)
epoll_create1(0x0)
epoll_create1(0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000004080000000000000003000000000000000000000002000000000000000000000000000002000000000000000000000004"], 0x0, 0x56}, 0x28)
sendmsg$netlink(r2, 0x0, 0x40040)
fsopen(0x0, 0x0)
write$UHID_INPUT(r0, &(0x7f0000002080)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a41c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78a57a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420800000000000000c1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1212e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b8393dee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x104b)

4.046465603s ago: executing program 0 (id=1807):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003880)=@newtfilter={0x5c, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x2c, 0x2, [@TCA_CGROUP_EMATCHES={0x28, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x1, 0x4, 0x6}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x9, 0x2}, {0xfd, 0x0, 0x2}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000850}, 0x240840c4)

4.045345034s ago: executing program 2 (id=1808):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x3, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000880)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd2a, 0xfffff000, {0x0, 0x0, 0x0, r8, {0xf000, 0xffff}, {}, {0x7, 0x1}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x0, 0xfff1}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)

4.019770846s ago: executing program 4 (id=1809):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x40100001, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[0x0], 0x0, 0x0, 0x0, 0x1})
socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

3.961572471s ago: executing program 3 (id=1810):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/tty/drivers\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x106f)

3.938175713s ago: executing program 1 (id=1811):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp', 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000080)={r3, 0x8000}, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x11, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r7=>0x0})
bind$packet(r5, &(0x7f0000000180)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @dev}, 0x14)
sendmsg$netlink(r5, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[], 0xdd12}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x3, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x6b7, 0x80, 0x0, 0x1, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x24000000)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0xc9100120, 0x0, 0x0)

2.809359922s ago: executing program 3 (id=1812):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x8, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0x0, 0x120, 0x2000, 0x0, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r4, 0x81484d11, 0x0)

2.561283434s ago: executing program 3 (id=1813):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x4000000000000, 0x0, 0x0, 0x0, 0x0, 0x9d}}, {{@in6=@mcast2, 0x0, 0x3c}, 0xa, @in=@empty, 0x0, 0x4}}, 0xe8)
socket$key(0xf, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000022c0)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0, 0x0, 0x24000040}], 0x1, 0x40800)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = mq_open(&(0x7f0000000040)='!seli\x1a\x1d!\xa7\x00\x00inux\x00G\xd0\xc6(X', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedreceive(r6, &(0x7f00000003c0)=""/83, 0x53, 0x8000000000002003, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x55)
close_range(r0, 0xffffffffffffffff, 0x0)

2.105506364s ago: executing program 4 (id=1814):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r2, 0x8004e500, &(0x7f0000000140)=r1)
close_range(r0, 0xffffffffffffffff, 0x0)

2.079873857s ago: executing program 1 (id=1815):
prctl$PR_SET_MM(0x35, 0x6, &(0x7f0000f77000/0x4000)=nil)
syz_emit_ethernet(0x0, 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
close(r2)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r4 = socket$kcm(0x1e, 0x5, 0x0)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r5, 0x84, 0x84, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
sendmsg$kcm(r4, &(0x7f0000000580)={&(0x7f0000000300)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x4, 0x4}}, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x220}, 0x0)
recvmsg$kcm(r4, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x2)
capset(0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = socket$qrtr(0x2a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
connect$qrtr(r6, &(0x7f0000000040)={0x2a, 0x0, 0xfffffffe}, 0xc)

2.065603047s ago: executing program 3 (id=1816):
r0 = socket$inet(0x2, 0x80001, 0x84)
listen(r0, 0x3)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)

2.055739028s ago: executing program 2 (id=1817):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000580)="1e", 0x1}], 0x1, 0x0, 0x0, 0x4090}, 0x0)
read$alg(r0, &(0x7f0000003780)=""/4096, 0x1000)

2.048184979s ago: executing program 0 (id=1818):
syz_usb_control_io$uac1(0xffffffffffffffff, &(0x7f0000000300)={0x14, 0x0, 0x0}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private=0xa010101, @in6=@private1, 0x0, 0xbf, 0x0, 0x0, 0x2}, {0xfffffffffffffffb, 0xfffffffffffffffd, 0x1}, {0x0, 0x0, 0x4, 0x2}, 0x0, 0x6e6bb9, 0x1, 0x0, 0x1, 0x1}, {{@in6=@empty, 0x0, 0x32}, 0x0, @in6=@rand_addr=' \x01\x00', 0x8000000, 0x3, 0x1, 0x0, 0xeffffff, 0x6}}, 0xe8)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

2.030612931s ago: executing program 4 (id=1819):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r5, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f00000000c0)=0x3f9, 0x4)
recvmmsg(r3, &(0x7f0000000300), 0x40000000000049e, 0x1000000000fe, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x1, 0x101, 0xebad, 0x3, 0x89, 0x7ff, 0x8, 0x87f5}, &(0x7f0000000140)={0x7fffffff, 0x9, 0xffffffffffffffff, 0x10001, 0x8, 0x6, 0x9, 0x8}, 0x0, &(0x7f00000001c0)={0x77359400}, &(0x7f0000000240)={&(0x7f0000000200), 0x8})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="48000000100001040000562741bef01c78340000", @ANYRES32=0x0, @ANYBLOB="01310100000000001c0012800e00010069703665727370616e00000008000280040012000a000100aaaaaaaaaaaa0000"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.979982575s ago: executing program 2 (id=1820):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x14, r4, 0x7}, 0x14}, 0x1, 0x0, 0x0, 0x48050}, 0x0)

1.978800925s ago: executing program 2 (id=1821):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000900), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000007c0)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000b80)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="110a28bd7000fddbdf2509000000050008000900000008000300", @ANYRES32=r3, @ANYBLOB, @ANYRES32=r3, @ANYBLOB, @ANYRES32], 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x40000)

1.939538429s ago: executing program 2 (id=1822):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/tty/drivers\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x106f)

1.849265917s ago: executing program 3 (id=1823):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xf0, &(0x7f0000000100)={&(0x7f0000000280)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r1, 0x21eae}}, 0x20}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r3)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r3, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)

558.42193ms ago: executing program 4 (id=1824):
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="040e0402030c"], 0x7)

555.02155ms ago: executing program 2 (id=1825):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp', 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000080)={r3, 0x8000}, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x11, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r7=>0x0})
bind$packet(r5, &(0x7f0000000180)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @dev}, 0x14)
sendmsg$netlink(r5, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[], 0xdd12}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x3, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x6b7, 0x80, 0x0, 0x1, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x24000000)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0xc9100120, 0x0, 0x0)

528.668563ms ago: executing program 4 (id=1826):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x4000000000000, 0x0, 0x0, 0x0, 0x0, 0x9d}}, {{@in6=@mcast2, 0x0, 0x3c}, 0xa, @in=@empty, 0x0, 0x4}}, 0xe8)
socket$key(0xf, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000022c0)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0, 0x0, 0x24000040}], 0x1, 0x40800)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = mq_open(&(0x7f0000000040)='!seli\x1a\x1d!\xa7\x00\x00inux\x00G\xd0\xc6(X', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedreceive(r6, &(0x7f00000003c0)=""/83, 0x53, 0x8000000000002003, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

451.58382ms ago: executing program 1 (id=1827):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x3, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000880)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd2a, 0xfffff000, {0x0, 0x0, 0x0, r8, {0xf000, 0xffff}, {}, {0x7, 0x1}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x0, 0xfff1}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)

349.150849ms ago: executing program 3 (id=1828):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003880)=@newtfilter={0x5c, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x2c, 0x2, [@TCA_CGROUP_EMATCHES={0x28, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x1, 0x4, 0x6}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x9, 0x2}, {0xfd, 0x0, 0x2}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000850}, 0x240840c4)

301.412483ms ago: executing program 0 (id=1829):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r2, 0x8004e500, &(0x7f0000000140)=r1)
close_range(r0, 0xffffffffffffffff, 0x0)

122.97µs ago: executing program 0 (id=1830):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x40100001, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[0x0], 0x0, 0x0, 0x0, 0x1})
socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

0s ago: executing program 4 (id=1831):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x2)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000840)='D', 0x1}], 0x1, &(0x7f0000000240)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x24048001}}], 0x1, 0x44080)

kernel console output (not intermixed with test programs):

550344][ T6060] netlink: 80 bytes leftover after parsing attributes in process `syz.1.515'.
[  145.705884][ T6071] loop0: detected capacity change from 0 to 764
[  145.768653][ T6075] binder: 6073:6075 IncRefs 0 refcount change on invalid ref 0 ret -22
[  145.771460][ T6075] binder: 6073:6075 got transaction to invalid handle, 1
[  145.772585][ T6075] binder: 6075:6073 cannot find target node
[  145.773470][ T6075] binder: 6073:6075 transaction call to 0:0 failed 83/29201/-22, size 0-0 line 3045
[  145.777502][ T5608] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  145.786184][ T6075] binder: 6073:6075 got reply transaction with no transaction stack
[  145.787530][ T6075] binder: 6073:6075 transaction reply to 0:0 failed 84/29201/-71, size 0-0 line 2946
[  145.810971][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  146.598260][ T6082] rdma_rxe: rxe_register_device failed with error -23
[  146.599508][ T6082] rdma_rxe: failed to add syz_tun
[  146.792921][ T6082] netlink: 80 bytes leftover after parsing attributes in process `syz.0.521'.
[  146.849204][ T6088] netlink: 8 bytes leftover after parsing attributes in process `syz.1.523'.
[  146.854460][ T6088] netlink: 'syz.1.523': attribute type 10 has an invalid length.
[  146.958981][ T6090] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  146.981667][ T6090] device syzkaller0 entered promiscuous mode
[  147.067769][ T6097] tipc: Resetting bearer <eth:syzkaller0>
[  147.069125][ T6096] netem: change failed
[  147.087793][ T6089] tipc: Resetting bearer <eth:syzkaller0>
[  147.134818][ T6089] tipc: Disabling bearer <eth:syzkaller0>
[  147.140677][ T6099] netlink: 80 bytes leftover after parsing attributes in process `syz.0.528'.
[  147.171501][ T6102] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  147.195263][ T6103] binder: BINDER_SET_CONTEXT_MGR already set
[  147.196302][ T6103] binder: 6101:6103 ioctl 4018620d 20004a80 returned -16
[  147.203544][ T6102] team0: Port device bond0 removed
[  147.218050][ T6103] binder: tried to use weak ref as strong ref
[  147.219014][ T6103] binder: 6101:6103 Acquire 1 refcount change on invalid ref 0 ret -22
[  147.220611][ T6103] binder: 6101:6103 got transaction to invalid handle, 1
[  147.222951][ T6103] binder: 6103:6101 cannot find target node
[  147.225283][ T6102] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  147.226520][ T6102] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  147.230690][ T6103] binder: 6101:6103 transaction call to 0:0 failed 87/29201/-22, size 0-0 line 3045
[  147.233319][ T6103] binder: 6101:6103 got reply transaction with no transaction stack
[  147.237631][ T6103] binder: 6101:6103 transaction reply to 0:0 failed 88/29201/-71, size 0-0 line 2946
[  147.242895][ T6110] rdma_rxe: rxe_register_device failed with error -23
[  147.244366][ T6110] rdma_rxe: failed to add syz_tun
[  147.301272][ T6109] netlink: 'syz.4.529': attribute type 10 has an invalid length.
[  147.304293][ T6102] netlink: 'syz.4.529': attribute type 10 has an invalid length.
[  147.305975][ T6102] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.307404][ T6102] team0: Port device bond0 added
[  147.355719][ T6111] loop0: detected capacity change from 0 to 764
[  147.413774][ T6110] netlink: 80 bytes leftover after parsing attributes in process `syz.2.531'.
[  147.420239][ T5608] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  147.420994][ T6118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.536'.
[  147.424698][ T6118] netlink: 'syz.4.536': attribute type 10 has an invalid length.
[  148.342872][ T6127] netem: change failed
[  148.429710][ T6131] rdma_rxe: rxe_register_device failed with error -23
[  148.439283][ T6131] rdma_rxe: failed to add syz_tun
[  148.605527][ T6138] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  148.607083][ T6138] device syzkaller0 entered promiscuous mode
[  148.615417][ T6140] binder: 6137:6140 tried to acquire reference to desc 0, got 1 instead
[  148.621861][ T6140] binder: 6137:6140 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  148.639781][ T6140] binder: 6140 RLIMIT_NICE not set
[  148.640786][ T6140] binder: 6137:6140 got reply transaction with no transaction stack
[  148.666170][ T6138] tipc: Resetting bearer <eth:syzkaller0>
[  148.685068][ T6136] tipc: Resetting bearer <eth:syzkaller0>
[  148.737697][ T6136] tipc: Disabling bearer <eth:syzkaller0>
[  148.786826][ T6131] netlink: 80 bytes leftover after parsing attributes in process `syz.2.541'.
[  148.790981][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  148.819552][ T6146] team0: Port device bond0 removed
[  148.821429][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  148.827786][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  148.840030][ T6146] bond0: (slave wlan1): Releasing backup interface
[  148.877125][ T6144] netlink: 'syz.3.546': attribute type 10 has an invalid length.
[  148.889103][ T6144] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  148.891248][ T6149] netlink: 'syz.3.546': attribute type 10 has an invalid length.
[  148.893046][ T6149] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.896905][ T6149] team0: Port device bond0 added
[  148.924044][ T6152] netlink: 80 bytes leftover after parsing attributes in process `syz.2.548'.
[  149.068798][ T6161] netlink: 'syz.0.551': attribute type 10 has an invalid length.
[  149.108918][ T6165] rdma_rxe: rxe_register_device failed with error -23
[  149.110173][ T6165] rdma_rxe: failed to add syz_tun
[  149.129236][ T6162] loop3: detected capacity change from 0 to 764
[  149.150085][ T6167] netem: change failed
[  149.157543][ T5608] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  149.309684][ T6175] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  149.311401][ T6175] device syzkaller0 entered promiscuous mode
[  149.356398][ T6175] tipc: Resetting bearer <eth:syzkaller0>
[  149.361275][ T6174] tipc: Resetting bearer <eth:syzkaller0>
[  149.450162][ T6174] tipc: Disabling bearer <eth:syzkaller0>
[  150.232318][ T6180] rdma_rxe: rxe_register_device failed with error -23
[  150.233514][ T6180] rdma_rxe: failed to add syz_tun
[  150.383562][ T6188] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  150.398721][ T6188] team0: Port device bond0 removed
[  150.400595][ T6188] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  150.401743][ T6188] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  150.423131][ T6189] __nla_validate_parse: 2 callbacks suppressed
[  150.423142][ T6189] netlink: 8 bytes leftover after parsing attributes in process `syz.1.563'.
[  150.426667][ T6189] netlink: 'syz.1.563': attribute type 10 has an invalid length.
[  150.439041][ T6188] netlink: 'syz.4.562': attribute type 10 has an invalid length.
[  150.525678][ T6188] netlink: 'syz.4.562': attribute type 10 has an invalid length.
[  150.527423][ T6188] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.534443][ T6188] team0: Port device bond0 added
[  150.536947][ T6193] netem: change failed
[  150.581178][ T6201] binder: 6200:6201 tried to acquire reference to desc 0, got 1 instead
[  150.586240][ T6180] netlink: 80 bytes leftover after parsing attributes in process `syz.3.559'.
[  150.588482][ T6201] binder: 6200:6201 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  150.590430][ T6201] binder: 6201 RLIMIT_NICE not set
[  150.591348][ T6201] binder: 6200:6201 got reply transaction with no transaction stack
[  150.592560][ T6201] binder_debug: 5 callbacks suppressed
[  150.592572][ T6201] binder: 6200:6201 transaction reply to 0:0 failed 100/29201/-71, size 0-0 line 2946
[  150.593297][ T6196] netlink: 80 bytes leftover after parsing attributes in process `syz.2.566'.
[  150.623576][ T6205] rdma_rxe: rxe_register_device failed with error -23
[  150.624928][ T6205] rdma_rxe: failed to add syz_tun
[  150.702970][ T6205] netlink: 80 bytes leftover after parsing attributes in process `syz.0.570'.
[  150.727578][ T6206] loop1: detected capacity change from 0 to 764
[  150.738579][ T6209] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  150.746278][ T6209] device syzkaller0 entered promiscuous mode
[  150.755810][ T5608] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  150.875363][ T6214] tipc: Resetting bearer <eth:syzkaller0>
[  150.879176][ T6208] tipc: Resetting bearer <eth:syzkaller0>
[  150.916980][ T6208] tipc: Disabling bearer <eth:syzkaller0>
[  150.977255][ T6222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.575'.
[  150.980680][ T6222] netlink: 'syz.0.575': attribute type 10 has an invalid length.
[  151.198435][ T6236] team0: Port device bond0 removed
[  151.205920][ T6236] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  151.207327][ T6236] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  151.256692][ T6231] netlink: 'syz.0.579': attribute type 10 has an invalid length.
[  151.261640][ T6231] netlink: 'syz.0.579': attribute type 10 has an invalid length.
[  151.267353][ T6231] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.272151][ T6231] team0: Port device bond0 added
[  151.296571][ T6238] netem: change failed
[  151.369524][ T6240] netlink: 80 bytes leftover after parsing attributes in process `syz.0.582'.
[  151.419474][ T4368] binder: release 6200:6201 transaction 99 out, still active
[  151.420742][ T4368] binder: undelivered TRANSACTION_COMPLETE
[  151.421792][ T4368] binder: undelivered TRANSACTION_ERROR: 29201
[  151.422912][ T4368] binder: send failed reply for transaction 99, target dead
[  151.513019][ T6249] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  151.519181][ T6249] device syzkaller0 entered promiscuous mode
[  151.527821][ T6250] rdma_rxe: already configured on syz_tun
[  151.530033][ T6250] netlink: 80 bytes leftover after parsing attributes in process `syz.4.584'.
[  151.539044][ T6252] netlink: 'syz.2.587': attribute type 10 has an invalid length.
[  151.630342][ T6258] tipc: Resetting bearer <eth:syzkaller0>
[  151.639364][ T6248] tipc: Resetting bearer <eth:syzkaller0>
[  151.658810][ T6260] rdma_rxe: already configured on syz_tun
[  151.674293][ T6248] tipc: Disabling bearer <eth:syzkaller0>
[  151.729537][ T6264] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  151.767300][ T6264] team0: Port device bond0 removed
[  151.769166][ T6264] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  151.770349][ T6264] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  151.782805][ T6270] binder: 6269:6270 tried to acquire reference to desc 0, got 1 instead
[  151.786501][ T6268] netlink: 80 bytes leftover after parsing attributes in process `syz.0.595'.
[  151.787832][ T6264] netlink: 'syz.2.592': attribute type 10 has an invalid length.
[  151.790006][ T6264] netlink: 'syz.2.592': attribute type 10 has an invalid length.
[  151.791650][ T6264] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.794777][ T6270] binder: 6269:6270 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  151.795140][ T6264] team0: Port device bond0 added
[  151.799592][ T6270] binder: 6269:6270 transaction reply to 0:0 failed 106/29201/-71, size 0-0 line 2946
[  151.811796][ T6260] netlink: 80 bytes leftover after parsing attributes in process `syz.4.590'.
[  151.926196][ T6283] rdma_rxe: rxe_register_device failed with error -23
[  151.927465][ T6283] rdma_rxe: failed to add syz_tun
[  151.929799][ T6283] netlink: 80 bytes leftover after parsing attributes in process `syz.3.600'.
[  151.938935][ T6284] netlink: 'syz.2.599': attribute type 10 has an invalid length.
[  152.002879][ T6285] loop0: detected capacity change from 0 to 764
[  152.295563][ T6293] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  152.297428][ T6293] device syzkaller0 entered promiscuous mode
[  152.377003][ T6295] bond0: (slave wlan1): Error: Slave device does not support XDP
[  152.379734][ T6296] tipc: Resetting bearer <eth:syzkaller0>
[  152.383935][ T6292] tipc: Resetting bearer <eth:syzkaller0>
[  152.437267][ T6292] tipc: Disabling bearer <eth:syzkaller0>
[  152.613277][ T4469] binder: release 6269:6270 transaction 105 out, still active
[  152.614853][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  152.626209][ T4469] binder: undelivered TRANSACTION_ERROR: 29201
[  152.627289][ T4469] binder: send failed reply for transaction 105, target dead
[  152.634817][ T6305] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  152.639621][ T6305] team0: Port device bond0 removed
[  152.641428][ T6305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  152.642649][ T6305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  152.714103][ T6305] bond0: (slave wlan1): Releasing backup interface
[  152.726218][ T6307] rdma_rxe: rxe_register_device failed with error -23
[  152.727390][ T6307] rdma_rxe: failed to add syz_tun
[  152.746719][ T6304] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  152.754224][ T6305] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.755887][ T6305] team0: Port device bond0 added
[  152.857628][ T6320] rdma_rxe: already configured on syz_tun
[  152.986094][ T6327] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  152.987689][ T6327] device syzkaller0 entered promiscuous mode
[  153.069889][ T6327] tipc: Resetting bearer <eth:syzkaller0>
[  153.078547][ T6326] tipc: Resetting bearer <eth:syzkaller0>
[  153.134437][ T6326] tipc: Disabling bearer <eth:syzkaller0>
[  153.173987][ T6337] netem: change failed
[  153.296707][ T6344] loop4: detected capacity change from 0 to 764
[  153.689460][ T6362] rdma_rxe: rxe_register_device failed with error -23
[  153.690750][ T6362] rdma_rxe: failed to add syz_tun
[  153.776685][ T6366] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  153.778287][ T6366] device syzkaller0 entered promiscuous mode
[  153.817516][ T6366] tipc: Resetting bearer <eth:syzkaller0>
[  153.820157][ T6365] tipc: Resetting bearer <eth:syzkaller0>
[  153.864483][ T6365] tipc: Disabling bearer <eth:syzkaller0>
[  153.866975][ T6368] netem: change failed
[  154.161383][ T6395] binder_user_error: 6 callbacks suppressed
[  154.161392][ T6395] binder: 6394:6395 tried to acquire reference to desc 0, got 1 instead
[  154.180391][ T6395] binder: 6394:6395 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  154.182344][ T6395] binder: 6395 RLIMIT_NICE not set
[  154.183259][ T6395] binder: 6394:6395 got reply transaction with no transaction stack
[  154.190493][ T6392] rdma_rxe: already configured on syz_tun
[  154.342339][ T6401] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  154.345709][ T6401] device syzkaller0 entered promiscuous mode
[  154.405686][ T6401] tipc: Resetting bearer <eth:syzkaller0>
[  154.412015][ T6400] tipc: Resetting bearer <eth:syzkaller0>
[  154.475436][ T6400] tipc: Disabling bearer <eth:syzkaller0>
[  154.580972][ T6411] netem: change failed
[  154.663826][ T6412] loop4: detected capacity change from 0 to 764
[  154.914129][ T5608] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  155.025606][ T6424] bond0: (slave wlan1): Error: Slave device does not support XDP
[  155.118680][ T6432] rdma_rxe: rxe_register_device failed with error -23
[  155.119814][ T6432] rdma_rxe: failed to add syz_tun
[  155.221884][ T6439] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  155.223403][ T6439] device syzkaller0 entered promiscuous mode
[  155.275219][ T6437] tipc: Resetting bearer <eth:syzkaller0>
[  155.376381][ T6449] binder: 6448:6449 tried to acquire reference to desc 0, got 1 instead
[  155.378597][ T6449] binder: 6448:6449 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  155.380616][ T6449] binder: 6449 RLIMIT_NICE not set
[  155.381522][ T6449] binder: 6448:6449 got reply transaction with no transaction stack
[  155.395388][ T6437] tipc: Disabling bearer <eth:syzkaller0>
[  155.398021][ T6444] netem: change failed
[  155.475902][ T6455] validate_nla: 12 callbacks suppressed
[  155.475915][ T6455] netlink: 'syz.2.669': attribute type 10 has an invalid length.
[  155.481056][ T6455] netlink: 'syz.2.669': attribute type 10 has an invalid length.
[  155.555926][ T6457] __nla_validate_parse: 12 callbacks suppressed
[  155.555938][ T6457] netlink: 16 bytes leftover after parsing attributes in process `syz.3.670'.
[  155.559074][ T6457] netlink: 'syz.3.670': attribute type 10 has an invalid length.
[  155.592165][ T6459] netlink: 80 bytes leftover after parsing attributes in process `syz.1.671'.
[  155.643377][ T6469] rdma_rxe: rxe_register_device failed with error -23
[  155.657388][ T6469] rdma_rxe: failed to add syz_tun
[  155.870481][ T6477] loop1: detected capacity change from 0 to 764
[  156.134220][ T6469] netlink: 80 bytes leftover after parsing attributes in process `syz.0.675'.
[  156.141359][ T6480] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  156.143054][ T6480] device syzkaller0 entered promiscuous mode
[  156.214363][ T6479] tipc: Resetting bearer <eth:syzkaller0>
[  156.221944][ T4469] binder_debug: 11 callbacks suppressed
[  156.221964][ T4469] binder: release 6448:6449 transaction 123 out, still active
[  156.225337][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  156.227729][ T4469] binder: undelivered TRANSACTION_ERROR: 29201
[  156.228771][ T4469] binder: send failed reply for transaction 123, target dead
[  156.308004][ T6479] tipc: Disabling bearer <eth:syzkaller0>
[  156.315515][ T6485] netem: change failed
[  156.374139][ T6488] netlink: 'syz.4.682': attribute type 10 has an invalid length.
[  156.376074][ T6488] netlink: 'syz.4.682': attribute type 10 has an invalid length.
[  156.380454][ T6489] bond0: (slave wlan1): Error: Slave device does not support XDP
[  156.493351][ T6499] netlink: 16 bytes leftover after parsing attributes in process `syz.0.684'.
[  156.495669][ T6499] netlink: 'syz.0.684': attribute type 10 has an invalid length.
[  156.547003][ T6503] netlink: 80 bytes leftover after parsing attributes in process `syz.3.687'.
[  156.627779][ T6509] binder: 6508:6509 tried to acquire reference to desc 0, got 1 instead
[  156.630024][ T6509] binder: 6508:6509 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  156.643978][ T6509] binder: 6508:6509 transaction reply to 0:0 failed 130/29201/-71, size 0-0 line 2946
[  156.650124][ T6511] rdma_rxe: rxe_register_device failed with error -23
[  156.651192][ T6511] rdma_rxe: failed to add syz_tun
[  156.707290][ T6515] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  156.710095][ T6515] device syzkaller0 entered promiscuous mode
[  156.758135][ T6514] tipc: Resetting bearer <eth:syzkaller0>
[  156.824812][ T6514] tipc: Disabling bearer <eth:syzkaller0>
[  156.826932][ T6496] netlink: 80 bytes leftover after parsing attributes in process `syz.4.686'.
[  156.828910][ T6518] netem: change failed
[  156.880673][ T6511] netlink: 80 bytes leftover after parsing attributes in process `syz.0.691'.
[  156.928196][ T6524] netlink: 'syz.4.696': attribute type 10 has an invalid length.
[  156.930138][ T6524] netlink: 'syz.4.696': attribute type 10 has an invalid length.
[  157.075606][ T6537] netlink: 16 bytes leftover after parsing attributes in process `syz.2.700'.
[  157.077927][ T6537] netlink: 'syz.2.700': attribute type 10 has an invalid length.
[  157.152180][ T6538] loop1: detected capacity change from 0 to 764
[  157.456436][ T4382] binder: release 6508:6509 transaction 129 out, still active
[  157.457780][ T4382] binder: undelivered TRANSACTION_COMPLETE
[  157.459098][ T4382] binder: undelivered TRANSACTION_ERROR: 29201
[  157.460235][ T4382] binder: send failed reply for transaction 129, target dead
[  157.479645][ T6545] netlink: 80 bytes leftover after parsing attributes in process `syz.3.705'.
[  157.570573][ T6550] netlink: 'syz.3.707': attribute type 10 has an invalid length.
[  158.650856][ T6547] netlink: 80 bytes leftover after parsing attributes in process `syz.2.706'.
[  158.700993][ T6559] netem: change failed
[  158.826031][ T4337] Bluetooth: hci2: command 0x0406 tx timeout
[  158.827025][ T4337] Bluetooth: hci1: command 0x0406 tx timeout
[  158.828003][ T4337] Bluetooth: hci0: command 0x0406 tx timeout
[  158.828930][ T4337] Bluetooth: hci3: command 0x0406 tx timeout
[  159.016883][ T6574] binder: 6572:6574 transaction reply to 0:0 failed 136/29201/-71, size 0-0 line 2946
[  160.195079][ T6587] loop2: detected capacity change from 0 to 764
[  160.470820][ T6594] bond0: (slave wlan1): Error: Slave device does not support XDP
[  160.488420][ T5608] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  160.552102][ T6601] validate_nla: 2 callbacks suppressed
[  160.552113][ T6601] netlink: 'syz.0.721': attribute type 10 has an invalid length.
[  160.558451][ T6601] netlink: 'syz.0.721': attribute type 10 has an invalid length.
[  160.593086][ T6605] xt_hashlimit: size too large, truncated to 1048576
[  160.659810][ T6609] binder_user_error: 6 callbacks suppressed
[  160.659819][ T6609] binder: 6607:6609 tried to acquire reference to desc 0, got 1 instead
[  160.663205][ T6609] binder: 6607:6609 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  160.665732][ T6609] binder: 6609 RLIMIT_NICE not set
[  160.682707][ T6609] binder: 6607:6609 got reply transaction with no transaction stack
[  160.755456][ T6598] __nla_validate_parse: 3 callbacks suppressed
[  160.755468][ T6598] netlink: 80 bytes leftover after parsing attributes in process `syz.1.724'.
[  160.766701][ T6604] netlink: 80 bytes leftover after parsing attributes in process `syz.4.726'.
[  160.891789][ T6618] netem: change failed
[  161.041297][ T6630] netlink: 16 bytes leftover after parsing attributes in process `syz.1.734'.
[  161.047944][ T6630] netlink: 'syz.1.734': attribute type 10 has an invalid length.
[  161.875279][ T4665] binder_debug: 5 callbacks suppressed
[  161.875293][ T4665] binder: release 6607:6609 transaction 141 out, still active
[  161.877503][ T4665] binder: undelivered TRANSACTION_ERROR: 29201
[  161.878610][ T4665] binder: send failed reply for transaction 141, target dead
[  162.129791][ T6647] netlink: 'syz.0.737': attribute type 10 has an invalid length.
[  162.131756][ T6647] netlink: 'syz.0.737': attribute type 10 has an invalid length.
[  162.172969][ T6655] netlink: 80 bytes leftover after parsing attributes in process `syz.2.738'.
[  162.225904][ T6657] rdma_rxe: already configured on syz_tun
[  162.325652][ T6657] netlink: 80 bytes leftover after parsing attributes in process `syz.4.740'.
[  162.431694][ T6664] loop0: detected capacity change from 0 to 764
[  162.708735][ T5608] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  162.796796][ T6663] netlink: 80 bytes leftover after parsing attributes in process `syz.2.741'.
[  162.922367][ T6675] netlink: 16 bytes leftover after parsing attributes in process `syz.2.746'.
[  162.937882][ T6675] netlink: 'syz.2.746': attribute type 10 has an invalid length.
[  162.956062][ T6677] binder: 6676:6677 tried to acquire reference to desc 0, got 1 instead
[  162.961755][ T6677] binder: 6676:6677 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  162.971641][ T6677] binder: 6677 RLIMIT_NICE not set
[  162.974932][ T6677] binder: 6676:6677 got reply transaction with no transaction stack
[  162.976302][ T6677] binder: 6676:6677 transaction reply to 0:0 failed 148/29201/-71, size 0-0 line 2946
[  162.984707][ T6681] netlink: 'syz.2.749': attribute type 10 has an invalid length.
[  162.986493][ T6681] netlink: 'syz.2.749': attribute type 10 has an invalid length.
[  163.046513][ T6685] netlink: 80 bytes leftover after parsing attributes in process `syz.2.751'.
[  164.378455][ T4368] binder: undelivered TRANSACTION_ERROR: 29201
[  164.379519][ T4368] binder: send failed reply for transaction 147 to 6676:6677
[  164.380744][ T4368] binder: undelivered TRANSACTION_ERROR: 29189
[  164.422330][ T6698] rdma_rxe: rxe_register_device failed with error -23
[  164.423453][ T6698] rdma_rxe: failed to add syz_tun
[  164.445059][ T6702] netem: change failed
[  164.520847][ T6704] netlink: 16 bytes leftover after parsing attributes in process `syz.0.759'.
[  164.522754][ T6704] netlink: 'syz.0.759': attribute type 10 has an invalid length.
[  164.665255][ T6710] netlink: 'syz.0.760': attribute type 10 has an invalid length.
[  164.717056][ T6698] netlink: 80 bytes leftover after parsing attributes in process `syz.1.756'.
[  165.059571][ T6730] loop1: detected capacity change from 0 to 764
[  165.283721][ T6732] binder: 6731:6732 tried to acquire reference to desc 0, got 1 instead
[  165.286001][ T6732] binder: 6731:6732 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  165.288194][ T6732] binder: 6731:6732 transaction reply to 0:0 failed 154/29201/-71, size 0-0 line 2946
[  165.554140][ T6743] validate_nla: 1 callbacks suppressed
[  165.554152][ T6743] netlink: 'syz.0.770': attribute type 10 has an invalid length.
[  165.615609][ T6745] netem: change failed
[  165.656225][ T6747] netlink: 'syz.4.772': attribute type 10 has an invalid length.
[  165.658059][ T6747] netlink: 'syz.4.772': attribute type 10 has an invalid length.
[  165.681705][ T6749] rdma_rxe: already configured on syz_tun
[  165.741834][ T6751] netlink: 'syz.0.774': attribute type 10 has an invalid length.
[  165.757060][ T6751] device syz_tun entered promiscuous mode
[  165.767446][ T6751] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  165.860020][ T6749] __nla_validate_parse: 3 callbacks suppressed
[  165.860039][ T6749] netlink: 80 bytes leftover after parsing attributes in process `syz.4.773'.
[  165.882745][ T6758] netlink: 80 bytes leftover after parsing attributes in process `syz.3.777'.
[  165.891532][ T6753] netlink: 80 bytes leftover after parsing attributes in process `syz.1.775'.
[  165.956285][ T6765] netlink: 16 bytes leftover after parsing attributes in process `syz.4.781'.
[  165.958211][ T6765] netlink: 'syz.4.781': attribute type 10 has an invalid length.
[  166.012523][ T6771] netlink: 8 bytes leftover after parsing attributes in process `syz.4.783'.
[  166.014518][ T6771] netlink: 'syz.4.783': attribute type 10 has an invalid length.
[  166.016147][ T6771] netlink: 'syz.4.783': attribute type 10 has an invalid length.
[  166.139017][ T1513] binder: release 6731:6732 transaction 153 out, still active
[  166.140298][ T1513] binder: undelivered TRANSACTION_COMPLETE
[  166.164581][ T6780] xt_hashlimit: size too large, truncated to 1048576
[  166.251624][ T6783] loop1: detected capacity change from 0 to 764
[  167.736159][ T6794] netlink: 80 bytes leftover after parsing attributes in process `syz.3.790'.
[  167.786247][ T6792] netlink: 'syz.4.789': attribute type 10 has an invalid length.
[  167.811709][ T6792] infiniband syz1: set active
[  167.816362][ T6792] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  167.823839][ T6798] rdma_rxe: rxe_register_device failed with error -23
[  167.825433][ T6798] rdma_rxe: failed to add syz_tun
[  167.945223][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.1.793'.
[  167.953553][ T6801] netlink: 'syz.1.793': attribute type 10 has an invalid length.
[  167.988563][ T6803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.794'.
[  167.990297][ T6803] netlink: 'syz.4.794': attribute type 10 has an invalid length.
[  168.064564][ T6798] netlink: 80 bytes leftover after parsing attributes in process `syz.3.792'.
[  168.067768][ T6808] binder_user_error: 2 callbacks suppressed
[  168.067777][ T6808] binder: 6807:6808 tried to acquire reference to desc 0, got 1 instead
[  168.071224][ T6808] binder: 6807:6808 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  168.084040][ T6808] binder: 6808 RLIMIT_NICE not set
[  168.085022][ T6808] binder: 6807:6808 got reply transaction with no transaction stack
[  168.086188][ T6808] binder_debug: 2 callbacks suppressed
[  168.086200][ T6808] binder: 6807:6808 transaction reply to 0:0 failed 160/29201/-71, size 0-0 line 2946
[  168.179374][ T6810] netlink: 80 bytes leftover after parsing attributes in process `syz.4.796'.
[  169.054177][ T4665] binder: release 6807:6808 transaction 159 out, still active
[  169.055425][ T4665] binder: undelivered TRANSACTION_COMPLETE
[  169.062106][ T4665] binder: undelivered TRANSACTION_ERROR: 29201
[  169.063149][ T4665] binder: send failed reply for transaction 159, target dead
[  169.246785][ T6822] netem: change failed
[  169.304248][ T6823] loop1: detected capacity change from 0 to 764
[  169.631694][ T5608] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  170.751543][ T6838] validate_nla: 1 callbacks suppressed
[  170.751555][ T6838] netlink: 'syz.1.804': attribute type 10 has an invalid length.
[  170.775907][ T6838] device syz_tun entered promiscuous mode
[  170.821394][ T6838] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  170.824862][ T6843] netlink: 'syz.0.805': attribute type 10 has an invalid length.
[  170.870184][ T6845] __nla_validate_parse: 2 callbacks suppressed
[  170.870194][ T6845] netlink: 8 bytes leftover after parsing attributes in process `syz.4.806'.
[  170.879710][ T6845] netlink: 'syz.4.806': attribute type 10 has an invalid length.
[  170.922757][ T6845] netlink: 'syz.4.806': attribute type 10 has an invalid length.
[  170.972748][ T6852] rdma_rxe: rxe_register_device failed with error -23
[  170.985767][ T6852] rdma_rxe: failed to add syz_tun
[  171.059350][ T6858] binder: 6855:6858 tried to acquire reference to desc 0, got 1 instead
[  171.067832][ T6858] binder: 6855:6858 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  171.069848][ T6858] binder: 6858 RLIMIT_NICE not set
[  171.085148][ T6858] binder: 6855:6858 got reply transaction with no transaction stack
[  171.096026][ T6858] binder: 6855:6858 transaction reply to 0:0 failed 166/29201/-71, size 0-0 line 2946
[  171.142884][ T6852] netlink: 80 bytes leftover after parsing attributes in process `syz.0.808'.
[  171.272696][ T6857] netlink: 80 bytes leftover after parsing attributes in process `syz.1.812'.
[  171.282395][ T6864] netem: change failed
[  171.503224][ T6871] netlink: 80 bytes leftover after parsing attributes in process `syz.1.816'.
[  172.308187][   T24] binder: release 6855:6858 transaction 165 out, still active
[  172.309473][   T24] binder: undelivered TRANSACTION_ERROR: 29201
[  172.310477][   T24] binder: send failed reply for transaction 165, target dead
[  172.453047][ T6876] netlink: 8 bytes leftover after parsing attributes in process `syz.3.818'.
[  172.471825][ T6876] netlink: 'syz.3.818': attribute type 10 has an invalid length.
[  173.375344][ T6881] netlink: 8 bytes leftover after parsing attributes in process `syz.3.820'.
[  173.424640][ T6881] netlink: 'syz.3.820': attribute type 10 has an invalid length.
[  173.426951][ T6883] netlink: 'syz.0.819': attribute type 10 has an invalid length.
[  173.448407][ T6881] netlink: 'syz.3.820': attribute type 10 has an invalid length.
[  173.657062][ T6889] rdma_rxe: rxe_register_device failed with error -23
[  173.658231][ T6889] rdma_rxe: failed to add syz_tun
[  173.746444][ T6889] netlink: 80 bytes leftover after parsing attributes in process `syz.3.823'.
[  173.747912][ T6891] netem: change failed
[  173.906673][ T6902] binder: 6901:6902 tried to acquire reference to desc 0, got 1 instead
[  173.908907][ T6902] binder: 6901:6902 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  173.910953][ T6902] binder: 6902 RLIMIT_NICE not set
[  173.918282][ T6906] netlink: 80 bytes leftover after parsing attributes in process `syz.4.827'.
[  173.922294][ T6902] binder: 6901:6902 got reply transaction with no transaction stack
[  173.926824][ T6902] binder: 6901:6902 transaction reply to 0:0 failed 172/29201/-71, size 0-0 line 2946
[  173.952095][ T6894] netlink: 80 bytes leftover after parsing attributes in process `syz.0.825'.
[  173.968648][ T6909] netlink: 8 bytes leftover after parsing attributes in process `syz.3.830'.
[  173.970705][ T6909] netlink: 'syz.3.830': attribute type 10 has an invalid length.
[  174.022796][ T6913] netlink: 'syz.3.831': attribute type 10 has an invalid length.
[  174.037794][ T6912] infiniband syz1: set down
[  175.124492][ T4382] binder: release 6901:6902 transaction 171 out, still active
[  175.125820][ T4382] binder: undelivered TRANSACTION_ERROR: 29201
[  175.127640][ T4382] binder: send failed reply for transaction 171, target dead
[  175.350371][ T6937] rdma_rxe: already configured on syz_tun
[  175.386286][ T6939] netem: change failed
[  176.246410][ T6945] __nla_validate_parse: 2 callbacks suppressed
[  176.246422][ T6945] netlink: 80 bytes leftover after parsing attributes in process `syz.3.842'.
[  176.410075][ T6947] netlink: 80 bytes leftover after parsing attributes in process `syz.1.843'.
[  176.515525][ T6951] netlink: 8 bytes leftover after parsing attributes in process `syz.2.844'.
[  176.517342][ T6951] validate_nla: 3 callbacks suppressed
[  176.517349][ T6951] netlink: 'syz.2.844': attribute type 10 has an invalid length.
[  176.520170][ T6951] netlink: 'syz.2.844': attribute type 10 has an invalid length.
[  176.546764][ T6953] netlink: 'syz.2.845': attribute type 10 has an invalid length.
[  176.558112][ T6953] device syz_tun entered promiscuous mode
[  176.569526][ T6953] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  176.600376][ T6957] binder: 6956:6957 tried to acquire reference to desc 0, got 1 instead
[  176.602692][ T6957] binder: 6956:6957 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  176.605152][ T6957] binder: 6957 RLIMIT_NICE not set
[  176.606464][ T6957] binder: 6956:6957 got reply transaction with no transaction stack
[  176.607722][ T6957] binder: 6956:6957 transaction reply to 0:0 failed 178/29201/-71, size 0-0 line 2946
[  176.659335][ T6963] xt_hashlimit: size too large, truncated to 1048576
[  176.814523][ T6975] netlink: 8 bytes leftover after parsing attributes in process `syz.0.852'.
[  176.826284][ T6975] netlink: 'syz.0.852': attribute type 10 has an invalid length.
[  177.746407][ T4373] binder: undelivered TRANSACTION_ERROR: 29201
[  177.747589][ T4373] binder: send failed reply for transaction 177 to 6956:6957
[  177.748896][ T4373] binder: undelivered TRANSACTION_ERROR: 29189
[  177.973794][ T6983] netlink: 80 bytes leftover after parsing attributes in process `syz.4.856'.
[  177.975742][ T6982] netlink: 'syz.3.855': attribute type 10 has an invalid length.
[  177.985671][ T6982] netlink: 'syz.3.855': attribute type 10 has an invalid length.
[  178.791142][ T6995] rdma_rxe: rxe_register_device failed with error -23
[  178.792300][ T6995] rdma_rxe: failed to add syz_tun
[  179.114213][ T7002] netlink: 'syz.4.861': attribute type 10 has an invalid length.
[  179.337525][ T7010] binder: 7009:7010 tried to acquire reference to desc 0, got 1 instead
[  179.337657][ T7012] netlink: 16 bytes leftover after parsing attributes in process `syz.3.866'.
[  179.339826][ T7010] binder: 7009:7010 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  179.346226][ T7010] binder: 7010 RLIMIT_NICE not set
[  179.347578][ T7010] binder: 7009:7010 got reply transaction with no transaction stack
[  179.348733][ T7010] binder: 7009:7010 transaction reply to 0:0 failed 184/29201/-71, size 0-0 line 2946
[  179.359047][ T7012] netlink: 'syz.3.866': attribute type 10 has an invalid length.
[  179.432825][ T7004] netlink: 80 bytes leftover after parsing attributes in process `syz.0.862'.
[  179.672754][ T7027] netlink: 'syz.0.869': attribute type 10 has an invalid length.
[  179.674573][ T7027] netlink: 'syz.0.869': attribute type 10 has an invalid length.
[  180.608067][ T4373] binder: release 7009:7010 transaction 183 out, still active
[  180.609380][ T4373] binder: undelivered TRANSACTION_ERROR: 29201
[  180.610401][ T4373] binder: send failed reply for transaction 183, target dead
[  180.821091][ T7035] rdma_rxe: rxe_register_device failed with error -23
[  180.822341][ T7035] rdma_rxe: failed to add syz_tun
[  180.858564][ T7033] netlink: 80 bytes leftover after parsing attributes in process `syz.0.871'.
[  181.972950][ T7044] netlink: 16 bytes leftover after parsing attributes in process `syz.2.877'.
[  181.990464][ T7044] validate_nla: 1 callbacks suppressed
[  181.990478][ T7044] netlink: 'syz.2.877': attribute type 10 has an invalid length.
[  182.063338][ T7054] netlink: 'syz.2.881': attribute type 10 has an invalid length.
[  182.069827][ T7054] netlink: 'syz.2.881': attribute type 10 has an invalid length.
[  182.137631][ T7059] binder: 7057:7059 tried to acquire reference to desc 0, got 1 instead
[  182.139860][ T7059] binder: 7057:7059 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  182.141766][ T7059] binder: 7059 RLIMIT_NICE not set
[  182.150887][ T7059] binder: 7057:7059 got reply transaction with no transaction stack
[  182.152198][ T7059] binder: 7057:7059 transaction reply to 0:0 failed 190/29201/-71, size 0-0 line 2946
[  183.247538][ T5706] binder: undelivered TRANSACTION_ERROR: 29201
[  183.248614][ T5706] binder: send failed reply for transaction 189 to 7057:7059
[  183.249845][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  183.250764][ T5706] binder: undelivered TRANSACTION_ERROR: 29189
[  183.254956][ T7050] netlink: 80 bytes leftover after parsing attributes in process `syz.0.879'.
[  183.362602][ T7070] netlink: 80 bytes leftover after parsing attributes in process `syz.2.886'.
[  183.372490][ T7069] netlink: 'syz.1.887': attribute type 10 has an invalid length.
[  183.552422][ T7079] rdma_rxe: rxe_register_device failed with error -23
[  183.556929][ T7079] rdma_rxe: failed to add syz_tun
[  183.587573][ T7083] netlink: 8 bytes leftover after parsing attributes in process `syz.3.893'.
[  183.589431][ T7083] netlink: 'syz.3.893': attribute type 10 has an invalid length.
[  183.595077][ T7083] netlink: 'syz.3.893': attribute type 10 has an invalid length.
[  183.649400][ T7085] netlink: 16 bytes leftover after parsing attributes in process `syz.2.892'.
[  183.652945][ T7085] netlink: 'syz.2.892': attribute type 10 has an invalid length.
[  184.520555][ T7092] binder: 7091:7092 tried to acquire reference to desc 0, got 1 instead
[  184.522828][ T7092] binder: 7091:7092 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  184.547950][ T7092] binder: 7092 RLIMIT_NICE not set
[  184.548958][ T7092] binder: 7091:7092 got reply transaction with no transaction stack
[  184.550081][ T7092] binder: 7091:7092 transaction reply to 0:0 failed 196/29201/-71, size 0-0 line 2946
[  184.571153][ T7094] xt_hashlimit: size too large, truncated to 1048576
[  184.681291][ T7079] netlink: 80 bytes leftover after parsing attributes in process `syz.0.890'.
[  184.878707][ T7101] netlink: 80 bytes leftover after parsing attributes in process `syz.1.899'.
[  184.907176][ T7105] netlink: 'syz.4.901': attribute type 10 has an invalid length.
[  185.046718][ T7111] netlink: 8 bytes leftover after parsing attributes in process `syz.1.904'.
[  185.050400][ T7111] netlink: 'syz.1.904': attribute type 10 has an invalid length.
[  185.056933][ T7111] netlink: 'syz.1.904': attribute type 10 has an invalid length.
[  185.061776][ T7103] netlink: 80 bytes leftover after parsing attributes in process `syz.0.900'.
[  185.103527][ T7116] netem: change failed
[  188.112973][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  188.115909][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  188.529546][ T4369] binder: undelivered TRANSACTION_ERROR: 29201
[  188.530878][ T4369] binder: send failed reply for transaction 195 to 7091:7092
[  188.532682][ T4369] binder: undelivered TRANSACTION_COMPLETE
[  188.533598][ T4369] binder: undelivered TRANSACTION_ERROR: 29189
[  188.665437][ T7138] validate_nla: 1 callbacks suppressed
[  188.665448][ T7138] netlink: 'syz.0.913': attribute type 10 has an invalid length.
[  188.669442][ T7136] rdma_rxe: rxe_register_device failed with error -23
[  188.670499][ T7136] rdma_rxe: failed to add syz_tun
[  188.676590][ T7139] netlink: 80 bytes leftover after parsing attributes in process `syz.4.912'.
[  188.869106][ T7136] netlink: 80 bytes leftover after parsing attributes in process `syz.1.910'.
[  188.892303][ T7150] netlink: 'syz.4.917': attribute type 10 has an invalid length.
[  188.988111][ T7151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.916'.
[  188.989958][ T7151] netlink: 'syz.0.916': attribute type 10 has an invalid length.
[  188.991847][ T7151] netlink: 'syz.0.916': attribute type 10 has an invalid length.
[  189.103426][ T7157] netlink: 80 bytes leftover after parsing attributes in process `syz.4.918'.
[  189.127380][ T7165] netem: change failed
[  190.053082][ T7170] binder: 7169:7170 tried to acquire reference to desc 0, got 1 instead
[  190.067999][ T7170] binder: 7169:7170 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  190.069974][ T7170] binder: 7170 RLIMIT_NICE not set
[  190.070710][ T7170] binder: 7170 RLIMIT_NICE not set
[  190.086218][ T7170] binder: 7169:7170 ioctl c0306201 0 returned -14
[  190.260875][ T7176] netlink: 80 bytes leftover after parsing attributes in process `syz.1.924'.
[  190.286352][ T7178] netlink: 'syz.4.925': attribute type 10 has an invalid length.
[  190.410158][ T7182] netlink: 'syz.4.928': attribute type 10 has an invalid length.
[  190.452519][ T7186] rdma_rxe: rxe_register_device failed with error -23
[  190.456380][ T7186] rdma_rxe: failed to add syz_tun
[  190.469643][ T7188] netlink: 16 bytes leftover after parsing attributes in process `syz.4.930'.
[  190.471399][ T7188] netlink: 'syz.4.930': attribute type 10 has an invalid length.
[  190.473088][ T7188] netlink: 'syz.4.930': attribute type 10 has an invalid length.
[  190.624904][ T7192] netlink: 80 bytes leftover after parsing attributes in process `syz.4.932'.
[  190.636892][ T7186] netlink: 80 bytes leftover after parsing attributes in process `syz.1.929'.
[  191.621416][ T5706] binder: release 7169:7170 transaction 201 out, still active
[  191.622776][ T5706] binder: release 7169:7170 transaction 201 in, still active
[  191.624302][ T5706] binder: send failed reply for transaction 201, target dead
[  191.853171][ T7208] netlink: 80 bytes leftover after parsing attributes in process `syz.1.936'.
[  192.820898][ T7219] netlink: 'syz.1.940': attribute type 10 has an invalid length.
[  192.831734][ T7219] netlink: 28 bytes leftover after parsing attributes in process `syz.1.940'.
[  192.881631][ T7223] netlink: 'syz.0.941': attribute type 10 has an invalid length.
[  193.051020][ T7227] binder: 7226:7227 tried to acquire reference to desc 0, got 1 instead
[  193.059587][ T7227] binder: 7226:7227 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  193.061591][ T7227] binder: 7227 RLIMIT_NICE not set
[  193.062409][ T7227] binder: 7227 RLIMIT_NICE not set
[  193.066341][ T7228] netem: change failed
[  193.084177][ T7227] binder: 7226:7227 ioctl c0306201 0 returned -14
[  194.648041][ T7261] netem: change failed
[  194.667622][ T4469] binder: release 7226:7227 transaction 206 out, still active
[  194.668957][ T4469] binder: release 7226:7227 transaction 206 in, still active
[  194.670135][ T4469] binder: send failed reply for transaction 206, target dead
[  194.694925][ T7259] __nla_validate_parse: 5 callbacks suppressed
[  194.694938][ T7259] netlink: 16 bytes leftover after parsing attributes in process `syz.2.955'.
[  194.698275][ T7259] validate_nla: 4 callbacks suppressed
[  194.698283][ T7259] netlink: 'syz.2.955': attribute type 10 has an invalid length.
[  194.702468][ T7259] netlink: 'syz.2.955': attribute type 10 has an invalid length.
[  194.729463][ T7267] xt_hashlimit: size too large, truncated to 1048576
[  194.789813][ T7269] netlink: 80 bytes leftover after parsing attributes in process `syz.3.961'.
[  195.923018][ T7279] netlink: 80 bytes leftover after parsing attributes in process `syz.0.962'.
[  195.979964][ T7291] netlink: 28 bytes leftover after parsing attributes in process `syz.1.965'.
[  196.192552][ T7296] netlink: 'syz.0.966': attribute type 10 has an invalid length.
[  196.249016][ T7298] netlink: 'syz.0.967': attribute type 10 has an invalid length.
[  196.255145][ T7298] netlink: 28 bytes leftover after parsing attributes in process `syz.0.967'.
[  196.345704][ T7291] netlink: 80 bytes leftover after parsing attributes in process `syz.1.965'.
[  196.398336][ T7301] binder: 7300:7301 tried to acquire reference to desc 0, got 1 instead
[  196.400609][ T7301] binder: 7300:7301 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  196.402695][ T7301] binder: 7301 RLIMIT_NICE not set
[  196.403539][ T7301] binder: 7301 RLIMIT_NICE not set
[  196.415797][ T7301] binder: 7300:7301 ioctl c0306201 0 returned -14
[  196.557182][ T7305] netlink: 16 bytes leftover after parsing attributes in process `syz.1.970'.
[  196.563765][ T7305] netlink: 'syz.1.970': attribute type 10 has an invalid length.
[  196.570054][ T7305] netlink: 'syz.1.970': attribute type 10 has an invalid length.
[  196.659850][ T7310] netem: change failed
[  197.512302][   T24] binder: release 7300:7301 transaction 211 out, still active
[  197.513562][   T24] binder: undelivered TRANSACTION_COMPLETE
[  197.515401][   T24] binder: release 7300:7301 transaction 211 in, still active
[  197.516513][   T24] binder: send failed reply for transaction 211, target dead
[  197.609365][ T7323] netlink: 80 bytes leftover after parsing attributes in process `syz.0.973'.
[  197.807289][ T7331] netlink: 16 bytes leftover after parsing attributes in process `syz.3.977'.
[  197.814254][ T7331] netlink: 'syz.3.977': attribute type 10 has an invalid length.
[  198.642138][ T7337] bond0: (slave wlan1): Error: Slave device does not support XDP
[  198.652470][ T7337] netlink: 'syz.3.978': attribute type 10 has an invalid length.
[  198.661719][ T7337] device syz_tun entered promiscuous mode
[  198.689292][ T7337] netlink: 28 bytes leftover after parsing attributes in process `syz.3.978'.
[  199.027017][ T7347] netlink: 'syz.1.982': attribute type 10 has an invalid length.
[  199.028713][ T7347] netlink: 'syz.1.982': attribute type 10 has an invalid length.
[  199.063886][ T7349] binder: 7348:7349 tried to acquire reference to desc 0, got 1 instead
[  199.066179][ T7349] binder: 7348:7349 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  199.082826][ T7349] binder: 7349 RLIMIT_NICE not set
[  199.086611][ T7349] binder: 7349 RLIMIT_NICE not set
[  200.236964][ T4469] binder: release 7348:7349 transaction 216 out, still active
[  200.238350][ T4469] binder: release 7348:7349 transaction 216 in, still active
[  200.239472][ T4469] binder: send failed reply for transaction 216, target dead
[  200.329506][ T7369] validate_nla: 1 callbacks suppressed
[  200.329517][ T7369] netlink: 'syz.0.991': attribute type 10 has an invalid length.
[  200.421978][ T7369] __nla_validate_parse: 6 callbacks suppressed
[  200.421991][ T7369] netlink: 28 bytes leftover after parsing attributes in process `syz.0.991'.
[  201.328385][ T7384] netlink: 16 bytes leftover after parsing attributes in process `syz.1.995'.
[  201.330222][ T7384] netlink: 'syz.1.995': attribute type 10 has an invalid length.
[  201.356558][ T7384] netlink: 'syz.1.995': attribute type 10 has an invalid length.
[  201.444969][ T7386] netlink: 28 bytes leftover after parsing attributes in process `syz.1.996'.
[  201.579048][ T7381] netlink: 80 bytes leftover after parsing attributes in process `syz.0.993'.
[  201.582994][ T7391] netlink: 16 bytes leftover after parsing attributes in process `syz.2.999'.
[  201.589107][ T7391] netlink: 'syz.2.999': attribute type 10 has an invalid length.
[  201.649605][ T7395] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1000'.
[  201.706212][ T7386] netlink: 80 bytes leftover after parsing attributes in process `syz.1.996'.
[  201.809423][ T7401] binder: BINDER_SET_CONTEXT_MGR already set
[  201.810433][ T7401] binder: 7400:7401 ioctl 4018620d 20004a80 returned -16
[  201.812005][ T7401] binder: tried to use weak ref as strong ref
[  201.812930][ T7401] binder: 7400:7401 Acquire 1 refcount change on invalid ref 0 ret -22
[  201.814663][ T7401] binder: 7400:7401 got transaction to invalid handle, 1
[  201.815808][ T7401] binder: 7401:7400 cannot find target node
[  201.816809][ T7401] binder: 7400:7401 transaction call to 0:0 failed 219/29201/-22, size 0-0 line 3045
[  201.818945][ T7401] binder: 7400:7401 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  201.820970][ T7401] binder: 7401 RLIMIT_NICE not set
[  201.838150][ T7404] netlink: 'syz.1.1003': attribute type 10 has an invalid length.
[  201.840196][ T7404] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1003'.
[  201.870514][ T7407] binder: 7400:7407 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  201.872558][ T7407] binder: 7407 RLIMIT_NICE not set
[  202.994055][ T4469] binder: undelivered TRANSACTION_ERROR: 29201
[  203.127545][ T7412] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1006'.
[  203.129529][ T7412] netlink: 'syz.2.1006': attribute type 10 has an invalid length.
[  203.146462][ T7412] netlink: 'syz.2.1006': attribute type 10 has an invalid length.
[  203.928074][ T7424] xt_hashlimit: size too large, truncated to 1048576
[  203.984352][ T7426] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1010'.
[  203.986113][ T7426] netlink: 'syz.1.1010': attribute type 10 has an invalid length.
[  204.013535][ T7430] fuse: Bad value for 'group_id'
[  204.253882][ T7438] binder: 7436:7438 tried to acquire reference to desc 0, got 1 instead
[  204.256148][ T7438] binder: 7436:7438 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  204.258237][ T7438] binder: 7438 RLIMIT_NICE not set
[  204.573586][ T7448] bond0: (slave wlan1): Error: Slave device does not support XDP
[  204.576792][ T7448] netlink: 'syz.3.1019': attribute type 10 has an invalid length.
[  204.689086][ T7454] netlink: 'syz.2.1022': attribute type 10 has an invalid length.
[  206.704055][ T5801] binder: release 7436:7438 transaction 224 out, still active
[  206.705328][ T5801] binder: undelivered TRANSACTION_COMPLETE
[  206.706356][ T5801] binder: release 7436:7438 transaction 224 in, still active
[  206.707543][ T5801] binder: send failed reply for transaction 224, target dead
[  207.192354][ T7475] __nla_validate_parse: 5 callbacks suppressed
[  207.192365][ T7475] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1028'.
[  207.367215][ T7469] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1027'.
[  207.369363][ T7477] netem: change failed
[  207.444821][ T7475] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1028'.
[  207.526610][ T7483] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1033'.
[  207.534535][ T7483] validate_nla: 2 callbacks suppressed
[  207.534544][ T7483] netlink: 'syz.2.1033': attribute type 10 has an invalid length.
[  207.548418][ T7485] netlink: 'syz.4.1031': attribute type 10 has an invalid length.
[  207.550589][ T7483] netlink: 'syz.2.1033': attribute type 10 has an invalid length.
[  207.572120][ T7488] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1035'.
[  207.578211][ T7488] netlink: 'syz.1.1035': attribute type 10 has an invalid length.
[  207.658022][ T7494] fuse: Bad value for 'group_id'
[  207.677255][ T7498] binder_user_error: 1 callbacks suppressed
[  207.677264][ T7498] binder: 7496:7498 tried to acquire reference to desc 0, got 1 instead
[  207.680257][ T7498] binder: 7496:7498 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  207.685890][ T7498] binder: 7498 RLIMIT_NICE not set
[  207.686863][ T7498] binder: 7498 RLIMIT_NICE not set
[  208.552271][ T5801] binder: release 7496:7498 transaction 229 out, still active
[  208.556348][ T5801] binder: release 7496:7498 transaction 229 in, still active
[  208.557442][ T5801] binder: send failed reply for transaction 229, target dead
[  208.736030][ T7510] netem: change failed
[  208.906373][ T7506] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1041'.
[  209.023324][ T7518] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1045'.
[  209.025523][ T7519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1046'.
[  209.033873][ T7519] netlink: 'syz.1.1046': attribute type 10 has an invalid length.
[  209.036355][ T7519] netlink: 'syz.1.1046': attribute type 10 has an invalid length.
[  209.037621][ T7520] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1047'.
[  209.039455][ T7520] netlink: 'syz.3.1047': attribute type 10 has an invalid length.
[  209.100583][ T7524] netlink: 'syz.1.1049': attribute type 10 has an invalid length.
[  209.207510][ T7518] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1045'.
[  209.296780][ T7531] binder: 7530:7531 tried to acquire reference to desc 0, got 1 instead
[  210.247697][ T7531] binder: 7530:7531 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  210.249800][ T7531] binder: 7531 RLIMIT_NICE not set
[  210.250603][ T7531] binder: 7531 RLIMIT_NICE not set
[  211.142959][ T5801] binder: release 7530:7531 transaction 234 out, still active
[  211.144424][ T5801] binder: undelivered TRANSACTION_COMPLETE
[  211.149059][ T5801] binder: release 7530:7531 transaction 234 in, still active
[  211.150157][ T5801] binder: send failed reply for transaction 234, target dead
[  211.160944][ T7544] netlink: 'syz.2.1058': attribute type 10 has an invalid length.
[  211.228392][ T7552] netlink: 'syz.1.1059': attribute type 10 has an invalid length.
[  211.391020][ T7558] bond0: (slave wlan1): Error: Slave device does not support XDP
[  211.618049][ T7568] xt_hashlimit: size too large, truncated to 1048576
[  212.620222][ T7578] fuse: Bad value for 'group_id'
[  212.777287][ T7580] binder: 7579:7580 tried to acquire reference to desc 0, got 1 instead
[  212.779656][ T7580] binder: 7579:7580 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  212.821748][ T7580] binder: 7580 RLIMIT_NICE not set
[  212.822649][ T7580] binder: 7580 RLIMIT_NICE not set
[  212.898182][ T7571] __nla_validate_parse: 3 callbacks suppressed
[  212.898193][ T7571] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1065'.
[  212.906872][ T7585] netem: change failed
[  213.040097][ T7588] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1072'.
[  213.046928][ T7588] validate_nla: 2 callbacks suppressed
[  213.046938][ T7588] netlink: 'syz.4.1072': attribute type 10 has an invalid length.
[  213.098038][ T7591] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1074'.
[  213.106699][ T7591] netlink: 'syz.4.1074': attribute type 10 has an invalid length.
[  213.108447][ T7591] netlink: 'syz.4.1074': attribute type 10 has an invalid length.
[  213.147209][ T7597] netlink: 'syz.1.1077': attribute type 10 has an invalid length.
[  215.670804][ T7599] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1078'.
[  215.682571][ T5800] binder: release 7579:7580 transaction 239 out, still active
[  215.684053][ T5800] binder: release 7579:7580 transaction 239 in, still active
[  215.685316][ T5800] binder: send failed reply for transaction 239, target dead
[  215.734061][ T7616] netem: change failed
[  215.787369][ T7618] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1084'.
[  215.789568][ T7618] netlink: 'syz.1.1084': attribute type 10 has an invalid length.
[  215.873350][ T7614] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1082'.
[  215.973616][ T7630] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1089'.
[  215.988193][ T7630] netlink: 'syz.2.1089': attribute type 10 has an invalid length.
[  215.989861][ T7630] netlink: 'syz.2.1089': attribute type 10 has an invalid length.
[  216.038596][ T7633] netlink: 'syz.4.1090': attribute type 10 has an invalid length.
[  216.082278][ T7638] binder: 7637:7638 tried to acquire reference to desc 0, got 1 instead
[  216.088406][ T7638] binder: 7637:7638 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  216.090435][ T7638] binder: 7638 RLIMIT_NICE not set
[  216.091218][ T7638] binder: 7638 RLIMIT_NICE not set
[  216.092264][ T7638] binder: 7638 RLIMIT_NICE not set
[  216.093325][ T7638] binder: 7637:7638 ioctl c0306201 0 returned -14
[  216.101863][ T5800] binder: undelivered TRANSACTION_COMPLETE
[  216.102848][ T5800] binder: undelivered transaction 245, process died.
[  216.109006][ T5800] binder: undelivered TRANSACTION_COMPLETE
[  217.543186][ T7651] netem: change failed
[  217.597097][ T7653] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1097'.
[  217.600243][ T7653] netlink: 'syz.2.1097': attribute type 10 has an invalid length.
[  217.623826][ T7644] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1095'.
[  217.796987][ T7665] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1102'.
[  217.798932][ T7665] netlink: 'syz.4.1102': attribute type 10 has an invalid length.
[  217.822460][ T7667] binder: 7666:7667 tried to acquire reference to desc 0, got 1 instead
[  217.831971][ T7667] binder: 7666:7667 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  217.834258][ T7667] binder: 7667 RLIMIT_NICE not set
[  217.835134][ T7667] binder: 7667 RLIMIT_NICE not set
[  217.836097][ T7667] binder: 7667 RLIMIT_NICE not set
[  217.837072][ T7667] binder: 7666:7667 ioctl c0306201 0 returned -14
[  217.848859][ T4368] binder: undelivered TRANSACTION_COMPLETE
[  217.849846][ T4368] binder: undelivered transaction 251, process died.
[  217.851006][ T4368] binder: undelivered TRANSACTION_COMPLETE
[  217.911476][ T7663] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1101'.
[  219.099987][ T7682] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1108'.
[  219.101913][ T7682] validate_nla: 2 callbacks suppressed
[  219.101921][ T7682] netlink: 'syz.1.1108': attribute type 10 has an invalid length.
[  219.326997][ T7692] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1113'.
[  219.362024][ T7701] binder: 7697:7701 tried to acquire reference to desc 0, got 1 instead
[  219.366661][ T7700] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1117'.
[  219.366952][ T7701] binder: 7697:7701 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  219.368413][ T7700] netlink: 'syz.2.1117': attribute type 10 has an invalid length.
[  219.369819][ T7701] binder: 7701 RLIMIT_NICE not set
[  219.371756][ T7701] binder: 7701 RLIMIT_NICE not set
[  219.374538][ T7701] binder: 7701 RLIMIT_NICE not set
[  219.376094][ T7701] binder: 7697:7701 ioctl c0306201 0 returned -14
[  219.383529][ T4369] binder: undelivered TRANSACTION_COMPLETE
[  219.387180][ T7700] netlink: 'syz.2.1117': attribute type 10 has an invalid length.
[  219.444730][ T7704] netlink: 'syz.1.1119': attribute type 10 has an invalid length.
[  219.716118][ T7712] can0: slcan on ttyS3.
[  219.971720][ T7715] bond0: (slave syz_tun): Releasing backup interface
[  219.974254][ T7712] can0 (unregistered): slcan off ttyS3.
[  220.015647][ T7715] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  220.020012][ T7715] team0: Port device bond0 removed
[  220.022116][ T7715] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  220.026740][ T7715] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  220.044684][ T7713] can0: slcan on ttyS3.
[  220.248533][ T7717] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1122'.
[  222.156367][ T7705] can0 (unregistered): slcan off ttyS3.
[  222.160189][ T7741] netem: change failed
[  222.356665][ T7763] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1130'.
[  222.364996][ T7763] netlink: 'syz.2.1130': attribute type 10 has an invalid length.
[  222.378063][ T4369] binder_debug: 2 callbacks suppressed
[  222.378073][ T4369] binder: undelivered TRANSACTION_COMPLETE
[  222.380000][ T4369] binder: undelivered transaction 263, process died.
[  222.381253][ T4369] binder: undelivered TRANSACTION_COMPLETE
[  222.383090][ T7763] netlink: 'syz.2.1130': attribute type 10 has an invalid length.
[  222.394712][ T7763] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.402521][ T7763] team0: Port device bond0 added
[  222.434374][ T7774] bond0: (slave syz_tun): Releasing backup interface
[  222.465200][ T7774] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  222.468792][ T7774] team0: Port device bond0 removed
[  222.470599][ T7774] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  222.471761][ T7774] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  222.486134][ T7777] xt_hashlimit: size too large, truncated to 1048576
[  222.505800][ T7758] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1129'.
[  222.508946][ T7773] netlink: 'syz.0.1132': attribute type 10 has an invalid length.
[  223.834741][ T7786] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1136'.
[  223.839597][ T7797] netem: change failed
[  223.904506][ T7803] binder_user_error: 5 callbacks suppressed
[  223.904516][ T7803] binder: 7802:7803 tried to acquire reference to desc 0, got 1 instead
[  223.907714][ T7803] binder: 7802:7803 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  223.909771][ T7803] binder: 7803 RLIMIT_NICE not set
[  223.910597][ T7803] binder: 7803 RLIMIT_NICE not set
[  223.911541][ T7803] binder: 7803 RLIMIT_NICE not set
[  223.921628][ T6079] binder: undelivered TRANSACTION_COMPLETE
[  223.922528][ T6079] binder: undelivered transaction 269, process died.
[  223.926701][ T6079] binder: undelivered TRANSACTION_COMPLETE
[  224.123995][ T7808] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1144'.
[  224.126200][ T7808] netlink: 'syz.0.1144': attribute type 10 has an invalid length.
[  224.127798][ T7808] netlink: 'syz.0.1144': attribute type 10 has an invalid length.
[  224.227221][ T7818] bond0: (slave syz_tun): Releasing backup interface
[  224.279958][ T7818] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  224.286522][ T7818] team0: Port device bond0 removed
[  224.288451][ T7818] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  224.306317][ T7818] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  224.314167][ T7822] netlink: 'syz.0.1146': attribute type 10 has an invalid length.
[  224.522140][ T7824] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1147'.
[  224.841756][ T7840] binder: 7839:7840 tried to acquire reference to desc 0, got 1 instead
[  224.847901][ T7840] binder: 7839:7840 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  224.849719][ T7840] binder: 7840 RLIMIT_NICE not set
[  224.850468][ T7840] binder: 7840 RLIMIT_NICE not set
[  224.851370][ T7840] binder: 7840 RLIMIT_NICE not set
[  224.859248][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  224.861219][ T5706] binder: undelivered transaction 275, process died.
[  224.862537][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  226.148112][ T7852] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  226.163099][ T7852] team0: Port device bond0 removed
[  226.169001][ T7852] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  226.170343][ T7852] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  226.203302][ T7852] bond0: (slave wlan1): Releasing backup interface
[  226.245674][ T7858] netlink: 'syz.0.1158': attribute type 10 has an invalid length.
[  226.247852][ T7847] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1154'.
[  227.006182][ T6079] binder: undelivered TRANSACTION_COMPLETE
[  227.105203][ T7871] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1163'.
[  227.253502][ T7879] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1167'.
[  227.400218][ T7888] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  227.408533][ T7888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  227.410906][ T7888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  227.419982][ T7890] netlink: 'syz.0.1171': attribute type 10 has an invalid length.
[  228.602486][ T5706] binder_debug: 2 callbacks suppressed
[  228.602498][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  228.604380][ T5706] binder: undelivered transaction 287, process died.
[  228.605746][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  228.612641][ T7900] netem: change failed
[  228.824534][ T7903] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1176'.
[  228.839771][ T7913] fuse: Unknown parameter 'grou00000000000000000000'
[  228.956768][ T7894] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1173'.
[  229.380963][ T7927] netlink: 'syz.2.1184': attribute type 10 has an invalid length.
[  229.387099][ T7927] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  229.391210][ T5041] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  229.396915][ T7924] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  229.423057][ T7924] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  229.425083][ T7924] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  231.372871][ T7939] binder_user_error: 10 callbacks suppressed
[  231.372880][ T7939] binder: 7937:7939 tried to acquire reference to desc 0, got 1 instead
[  231.380482][ T7938] netem: change failed
[  231.392099][ T7939] binder: 7937:7939 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  231.406074][ T7939] binder: 7939 RLIMIT_NICE not set
[  231.406851][ T7939] binder: 7939 RLIMIT_NICE not set
[  231.407857][ T7939] binder: 7939 RLIMIT_NICE not set
[  231.433752][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  231.434871][ T5706] binder: undelivered transaction 293, process died.
[  231.436145][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  231.495767][ T7950] fuse: Unknown parameter 'grou00000000000000000000'
[  231.498239][ T7952] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1192'.
[  231.559125][ T7954] xt_hashlimit: size too large, truncated to 1048576
[  231.632284][ T7960] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  231.639041][ T7960] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  231.648694][ T7960] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  231.717803][ T7952] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1192'.
[  232.078138][ T7957] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1193'.
[  232.115471][ T7971] netlink: 'syz.1.1198': attribute type 10 has an invalid length.
[  232.126584][ T7971] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  232.680001][ T7973] binder: 7972:7973 tried to acquire reference to desc 0, got 1 instead
[  232.692603][ T7973] binder: 7972:7973 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  232.694861][ T7973] binder: 7973 RLIMIT_NICE not set
[  232.695735][ T7973] binder: 7973 RLIMIT_NICE not set
[  232.696909][ T7973] binder: 7973 RLIMIT_NICE not set
[  232.704622][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  232.705538][ T4469] binder: undelivered transaction 299, process died.
[  232.725229][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  232.821211][ T7985] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.822656][ T7985] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.828756][ T7980] netem: change failed
[  232.838454][ T7986] fuse: Unknown parameter 'grou00000000000000000000'
[  233.777410][ T8004] bond0: (slave syz_tun): Releasing backup interface
[  233.790493][ T8005] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1209'.
[  233.799044][ T8004] team0: Port device bond0 removed
[  233.800856][ T8004] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  233.802256][ T8004] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  235.108507][ T8005] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1209'.
[  235.478743][ T8028] netlink: 'syz.4.1213': attribute type 10 has an invalid length.
[  235.489082][ T8028] infiniband syz1: set active
[  235.498917][ T8028] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  235.712007][ T4373] binder: undelivered TRANSACTION_COMPLETE
[  235.713086][ T4373] binder: undelivered transaction 305, process died.
[  235.714927][ T4373] binder: undelivered TRANSACTION_COMPLETE
[  235.787653][ T8036] fuse: Unknown parameter 'group_i00000000000000000000'
[  235.889522][ T8029] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1212'.
[  236.076643][ T8045] bond0: (slave syz_tun): Releasing backup interface
[  236.781323][ T8045] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  236.789745][ T8045] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  236.794961][ T8045] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  236.803633][ T8049] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1223'.
[  236.808897][ T8053] device ip6erspan0 entered promiscuous mode
[  238.570993][ T8063] netlink: 'syz.3.1226': attribute type 10 has an invalid length.
[  238.594887][ T8063] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  238.646764][ T8072] binder_user_error: 5 callbacks suppressed
[  238.646778][ T8072] binder: 8062:8072 tried to acquire reference to desc 0, got 1 instead
[  238.653005][ T8072] binder: 8062:8072 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  238.657045][ T8063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1226'.
[  238.658513][ T8072] binder: 8072 RLIMIT_NICE not set
[  238.659398][ T8072] binder: 8072 RLIMIT_NICE not set
[  238.660350][ T8072] binder: 8072 RLIMIT_NICE not set
[  238.700348][   T24] binder: undelivered TRANSACTION_COMPLETE
[  238.701244][   T24] binder: undelivered transaction 311, process died.
[  238.702424][   T24] binder: undelivered TRANSACTION_COMPLETE
[  238.736654][ T8081] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1229'.
[  238.764165][ T8083] fuse: Unknown parameter 'group_i00000000000000000000'
[  238.858474][ T8081] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1229'.
[  238.887577][ T8091] rdma_rxe: rxe_register_device failed with error -23
[  238.888703][ T8091] rdma_rxe: failed to add syz_tun
[  239.098299][ T8096] bond0: (slave syz_tun): Releasing backup interface
[  239.188240][ T8096] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  239.206199][ T8096] team0: Port device bond0 removed
[  239.208334][ T8096] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  239.209767][ T8096] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  239.236379][ T8091] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1233'.
[  239.237896][ T8101] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1234'.
[  240.380005][ T8121] xt_hashlimit: size too large, truncated to 1048576
[  240.498782][ T8125] binder: 8122:8125 tried to acquire reference to desc 0, got 1 instead
[  240.516203][ T8125] binder: 8122:8125 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  240.525339][ T8125] binder: 8125 RLIMIT_NICE not set
[  240.528503][ T8125] binder: 8125 RLIMIT_NICE not set
[  240.531881][ T8125] binder: 8125 RLIMIT_NICE not set
[  240.583441][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  240.584508][ T4469] binder: undelivered transaction 317, process died.
[  240.596364][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  240.762743][ T8130] netlink: 'syz.2.1242': attribute type 10 has an invalid length.
[  240.765375][ T8130] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  240.771694][ T8132] fuse: Unknown parameter 'group_i00000000000000000000'
[  240.780234][ T8130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1242'.
[  240.908366][ T8136] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1245'.
[  240.982749][ T8138] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  240.997248][ T8138] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  240.998593][ T8138] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  241.092427][ T8136] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1245'.
[  241.097529][ T8145] rdma_rxe: already configured on syz_tun
[  241.227831][ T8141] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1247'.
[  241.324536][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  241.325502][ T5706] binder: undelivered transaction 323, process died.
[  241.326802][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  242.327275][ T8176] fuse: Unknown parameter 'group_id00000000000000000000'
[  242.346607][ T8172] netlink: 'syz.2.1255': attribute type 10 has an invalid length.
[  242.380393][ T8172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1255'.
[  242.602387][ T8185] bond0: (slave syz_tun): Releasing backup interface
[  242.688726][ T8185] infiniband syz1: set down
[  242.691808][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  242.694408][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  242.695621][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  242.718594][ T8190] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1260'.
[  242.869051][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  242.870128][ T4469] binder: undelivered transaction 329, process died.
[  242.871321][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  242.938195][ T8190] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1260'.
[  243.543521][ T8206] device ip6erspan0 entered promiscuous mode
[  244.252715][ T8217] netlink: 'syz.4.1269': attribute type 10 has an invalid length.
[  244.260146][ T8217] infiniband syz1: set active
[  244.265577][ T8217] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  244.367799][ T8221] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  244.377851][ T8221] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  244.380249][ T8221] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  244.439982][ T8225] binder_user_error: 10 callbacks suppressed
[  244.439991][ T8225] binder: 8224:8225 tried to acquire reference to desc 0, got 1 instead
[  244.443287][ T8225] binder: 8224:8225 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  244.445486][ T8225] binder: 8225 RLIMIT_NICE not set
[  244.446547][ T8225] binder: 8225 RLIMIT_NICE not set
[  244.447525][ T8225] binder: 8225 RLIMIT_NICE not set
[  244.454717][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  244.455643][ T5706] binder: undelivered transaction 335, process died.
[  244.456836][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  245.373512][ T8246] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1276'.
[  245.971873][ T8242] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1276'.
[  246.006475][ T8267] netlink: 'syz.4.1283': attribute type 10 has an invalid length.
[  246.010361][ T8267] infiniband syz1: set down
[  246.417698][ T8273] binder: 8270:8273 tried to acquire reference to desc 0, got 1 instead
[  246.420156][ T8273] binder: 8270:8273 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  246.422178][ T8273] binder: 8273 RLIMIT_NICE not set
[  246.423001][ T8273] binder: 8273 RLIMIT_NICE not set
[  246.424470][ T8273] binder: 8273 RLIMIT_NICE not set
[  246.427737][ T8269] device ip6erspan0 entered promiscuous mode
[  246.435207][ T8272] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  246.437574][ T8272] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  246.438794][ T8272] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  246.441563][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  246.442477][ T5706] binder: undelivered transaction 341, process died.
[  246.445248][ T5706] binder: undelivered TRANSACTION_COMPLETE
[  246.509872][ T8279] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1288'.
[  248.305316][ T8308] netlink: 'syz.0.1296': attribute type 10 has an invalid length.
[  248.307707][ T8308] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  248.688517][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  248.689497][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  248.690387][ T4469] binder: undelivered transaction 347, process died.
[  248.737457][ T8305] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1294'.
[  248.762392][ T8320] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1300'.
[  248.763048][ T8321] bond0: (slave syz_tun): Releasing backup interface
[  248.809484][ T8321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  248.810716][ T8321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  248.814172][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  248.815185][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  249.040994][ T8338] netlink: 'syz.0.1308': attribute type 10 has an invalid length.
[  249.044219][ T8338] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  250.233571][ T4368] binder: undelivered TRANSACTION_COMPLETE
[  250.234555][ T4368] binder: undelivered transaction 353, process died.
[  250.235610][ T4368] binder: undelivered TRANSACTION_COMPLETE
[  250.767716][ T8355] bond0: (slave syz_tun): Releasing backup interface
[  250.819185][ T8355] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  251.144975][ T8355] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  251.146586][ T8355] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  251.202483][ T8372] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1316'.
[  251.221786][ T8361] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1313'.
[  251.233558][ T8378] xt_hashlimit: size too large, truncated to 1048576
[  251.449382][ T8388] binder_user_error: 10 callbacks suppressed
[  251.449392][ T8388] binder: 8387:8388 tried to acquire reference to desc 0, got 1 instead
[  251.457519][ T8388] binder: 8387:8388 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  251.459641][ T8388] binder: 8388 RLIMIT_NICE not set
[  251.460421][ T8388] binder: 8388 RLIMIT_NICE not set
[  251.481337][ T8388] binder: 8388 RLIMIT_NICE not set
[  251.556091][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  251.557138][ T4469] binder: undelivered transaction 359, process died.
[  251.558274][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  252.693275][ T8404] netlink: 'syz.2.1325': attribute type 10 has an invalid length.
[  253.208590][ T8415] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  253.225184][ T8415] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  253.226466][ T8415] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  253.563616][ T8424] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1332'.
[  253.602153][ T8429] binder: 8428:8429 tried to acquire reference to desc 0, got 1 instead
[  253.610626][ T8429] binder: 8428:8429 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  253.613182][ T8429] binder: 8429 RLIMIT_NICE not set
[  253.616515][ T8429] binder: 8429 RLIMIT_NICE not set
[  253.620231][ T8429] binder: 8429 RLIMIT_NICE not set
[  253.646269][ T8400] binder: undelivered TRANSACTION_COMPLETE
[  253.647238][ T8400] binder: undelivered transaction 365, process died.
[  253.648470][ T8400] binder: undelivered TRANSACTION_COMPLETE
[  254.294946][ T8439] netlink: 'syz.1.1337': attribute type 10 has an invalid length.
[  254.301619][ T8439] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  254.708375][ T8453] bond0: (slave syz_tun): Releasing backup interface
[  255.075340][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  255.077556][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  255.078894][ T8453] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  255.133856][ T4469] binder: undelivered transaction 371, process died.
[  255.135133][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  255.381809][ T8467] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1346'.
[  255.506974][ T8473] netlink: 'syz.3.1348': attribute type 10 has an invalid length.
[  255.509947][ T8473] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  255.517763][ T8473] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1348'.
[  255.638841][ T8477] netlink: 'syz.0.1349': attribute type 10 has an invalid length.
[  255.698438][ T8487] fuse: Unknown parameter 'group_id00000000000000000000'
[  255.839604][ T4368] binder: undelivered transaction 377, process died.
[  255.840996][ T4368] binder: undelivered TRANSACTION_COMPLETE
[  255.968907][ T8507] bond0: (slave syz_tun): Releasing backup interface
[  255.998436][ T8507] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  256.000482][ T8507] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  256.001702][ T8507] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  256.010911][ T8500] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1358'.
[  256.107722][ T8511] netlink: 'syz.2.1361': attribute type 10 has an invalid length.
[  256.109455][ T8511] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1361'.
[  256.114944][ T8514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1362'.
[  256.517245][ T8526] netlink: 'syz.1.1364': attribute type 10 has an invalid length.
[  256.524718][ T8528] rdma_rxe: already configured on syz_tun
[  256.586294][ T8523] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1363'.
[  256.791061][ T8543] xt_hashlimit: size too large, truncated to 1048576
[  256.800701][ T8544] binder_user_error: 10 callbacks suppressed
[  256.800712][ T8544] binder: 8542:8544 tried to acquire reference to desc 0, got 1 instead
[  256.813073][ T8544] binder: 8542:8544 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  256.824679][ T8544] binder: 8544 RLIMIT_NICE not set
[  256.825534][ T8544] binder: 8544 RLIMIT_NICE not set
[  256.826552][ T8544] binder: 8544 RLIMIT_NICE not set
[  256.859876][ T4469] binder: undelivered transaction 383, process died.
[  256.861099][ T4469] binder: undelivered TRANSACTION_COMPLETE
[  257.003085][ T8550] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  257.005597][ T8550] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  257.006787][ T8550] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  257.520019][ T8560] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1373'.
[  257.561569][ T8563] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1374'.
[  257.646636][ T8565] netlink: 'syz.4.1375': attribute type 10 has an invalid length.
[  257.648787][ T8565] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1375'.
[  257.689190][ T8567] netlink: 'syz.1.1376': attribute type 10 has an invalid length.
[  257.912241][ T8582] rdma_rxe: rxe_register_device failed with error -23
[  257.913446][ T8582] rdma_rxe: failed to add syz_tun
[  257.975434][ T8586] binder: 8585:8586 tried to acquire reference to desc 0, got 1 instead
[  257.985108][ T8586] binder: 8585:8586 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  257.989801][ T8586] binder: 8586 RLIMIT_NICE not set
[  257.990498][ T8586] binder: 8586 RLIMIT_NICE not set
[  257.991394][ T8586] binder: 8586 RLIMIT_NICE not set
[  258.034158][ T4372] binder: undelivered transaction 389, process died.
[  258.035372][ T4372] binder: undelivered TRANSACTION_COMPLETE
[  258.066742][ T8590] bond0: (slave syz_tun): Releasing backup interface
[  258.218439][ T8590] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  258.431611][ T8590] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  258.432830][ T8590] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  258.440116][ T8582] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1379'.
[  258.664010][ T8599] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1385'.
[  258.836744][ T8606] netlink: 'syz.4.1388': attribute type 10 has an invalid length.
[  258.848791][ T8606] infiniband syz1: set active
[  258.850060][ T8606] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  258.852884][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1388'.
[  258.965923][ T8604] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1387'.
[  258.978743][ T8615] netlink: 'syz.0.1389': attribute type 10 has an invalid length.
[  259.345462][ T8621] netem: change failed
[  259.425173][ T8627] binder: BINDER_SET_CONTEXT_MGR already set
[  259.427165][ T8627] binder: 8626:8627 ioctl 4018620d 20004a80 returned -16
[  259.428593][ T8627] binder: 8627:8626 cannot find target node
[  259.429697][ T8627] binder: 8626:8627 transaction call to 0:0 failed 392/29201/-22, size 0-0 line 3045
[  259.451365][ T8630] rdma_rxe: rxe_register_device failed with error -23
[  259.452511][ T8630] rdma_rxe: failed to add syz_tun
[  259.457895][ T8631] bond0: (slave syz_tun): Releasing backup interface
[  259.485555][ T8632] binder: 8626:8632 transaction reply to 0:0 failed 393/29201/-71, size 0-0 line 2946
[  259.497403][ T8631] infiniband syz1: set down
[  259.499294][ T8631] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  259.501358][ T8631] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  259.507595][ T8631] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  259.528746][ T8630] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1395'.
[  259.640217][ T8641] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1397'.
[  259.868689][ T8650] netlink: 'syz.4.1401': attribute type 10 has an invalid length.
[  259.871586][ T8650] infiniband syz1: set active
[  259.874875][ T8650] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  260.248192][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  260.249356][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  260.269000][ T8656] netlink: 'syz.4.1402': attribute type 10 has an invalid length.
[  260.578375][ T8671] bond0: (slave syz_tun): Releasing backup interface
[  260.625550][ T8671] infiniband syz1: set down
[  260.627656][ T8677] rdma_rxe: rxe_register_device failed with error -23
[  260.627665][ T8671] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  260.629096][ T8677] rdma_rxe: failed to add syz_tun
[  260.638747][ T8671] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  260.644303][ T8671] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  261.203075][ T8689] netlink: 'syz.1.1412': attribute type 10 has an invalid length.
[  261.213107][ T8689] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  261.272696][ T4372] binder: undelivered transaction 399, process died.
[  261.298657][ T8696] netlink: 'syz.2.1414': attribute type 10 has an invalid length.
[  261.429316][ T8706] xt_hashlimit: size too large, truncated to 1048576
[  261.657155][ T8714] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  261.661719][ T8714] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  261.666605][ T8714] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  261.698432][ T8712] __nla_validate_parse: 5 callbacks suppressed
[  261.698445][ T8712] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1419'.
[  261.858442][ T8725] rdma_rxe: rxe_register_device failed with error -23
[  261.859751][ T8725] rdma_rxe: failed to add syz_tun
[  262.296987][ T8729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1424'.
[  262.330925][ T8725] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1423'.
[  262.380592][ T8732] netlink: 'syz.3.1425': attribute type 10 has an invalid length.
[  262.390782][ T8732] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  262.504815][ T8736] netlink: 'syz.2.1427': attribute type 10 has an invalid length.
[  262.506581][ T8736] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1427'.
[  262.700354][ T8757] rdma_rxe: already configured on syz_tun
[  262.759837][ T8755] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  262.761891][ T8755] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  262.763020][ T8755] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  262.789475][ T8755] bond0: (slave wlan1): Releasing backup interface
[  262.825160][ T8757] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1433'.
[  262.900367][ T8765] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1435'.
[  262.978682][ T8767] netlink: 'syz.4.1436': attribute type 10 has an invalid length.
[  262.997417][ T8770] rdma_rxe: rxe_register_device failed with error -23
[  262.998565][ T8770] rdma_rxe: failed to add syz_tun
[  263.019953][ T8773] netlink: 'syz.4.1439': attribute type 10 has an invalid length.
[  263.022852][ T8773] infiniband syz1: set active
[  263.031828][ T8773] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  263.037736][ T8773] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1439'.
[  263.892471][ T8770] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1437'.
[  263.935949][ T8783] netlink: 'syz.0.1450': attribute type 10 has an invalid length.
[  264.269043][ T8786] can0: slcan on ttyS3.
[  264.553838][ T8786] can0 (unregistered): slcan off ttyS3.
[  264.567032][ T8787] can0: slcan on ttyS3.
[  265.060801][ T8802] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  265.062808][ T8802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  265.064651][ T8802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  265.114232][ T8781] can0 (unregistered): slcan off ttyS3.
[  265.211793][ T8813] rdma_rxe: already configured on syz_tun
[  265.304140][ T8817] netlink: 'syz.2.1451': attribute type 10 has an invalid length.
[  265.383241][ T8821] rdma_rxe: rxe_register_device failed with error -23
[  265.391019][ T8821] rdma_rxe: failed to add syz_tun
[  265.427568][ T8813] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1448'.
[  266.196818][ T8825] netlink: 'syz.0.1454': attribute type 10 has an invalid length.
[  266.234203][ T8825] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1454'.
[  266.606984][ T8837] bond0: (slave syz_tun): Releasing backup interface
[  266.669742][ T8837] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  266.672337][ T8837] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  266.673997][ T8837] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  266.684249][ T8844] netem: change failed
[  266.825157][ T8858] netlink: 'syz.3.1462': attribute type 10 has an invalid length.
[  266.829233][ T8858] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  266.868761][ T8862] rdma_rxe: rxe_register_device failed with error -23
[  266.869966][ T8862] rdma_rxe: failed to add syz_tun
[  266.874750][ T8864] netlink: 'syz.0.1466': attribute type 10 has an invalid length.
[  266.876665][ T8864] __nla_validate_parse: 1 callbacks suppressed
[  266.876673][ T8864] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1466'.
[  267.270018][ T8868] xt_hashlimit: size too large, truncated to 1048576
[  267.282117][ T8870] rdma_rxe: rxe_register_device failed with error -23
[  267.287767][ T8870] rdma_rxe: failed to add syz_tun
[  267.365426][ T8862] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1465'.
[  267.398674][ T8870] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1468'.
[  268.355933][ T8885] bond0: (slave syz_tun): Releasing backup interface
[  268.415734][ T8885] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  268.417668][ T8885] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  268.700074][ T8904] netlink: 'syz.3.1475': attribute type 10 has an invalid length.
[  268.879282][ T8911] netlink: 'syz.0.1478': attribute type 10 has an invalid length.
[  268.887087][ T8915] rdma_rxe: rxe_register_device failed with error -23
[  268.889524][ T8911] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  268.891094][ T8913] netem: change failed
[  268.893889][ T8915] rdma_rxe: failed to add syz_tun
[  268.934361][ T8911] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1478'.
[  268.969049][ T8915] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1479'.
[  269.002547][ T8918] rdma_rxe: rxe_register_device failed with error -23
[  269.003628][ T8918] rdma_rxe: failed to add syz_tun
[  269.386645][ T8926] can0: slcan on ttyS3.
[  269.964830][ T8919] can0 (unregistered): slcan off ttyS3.
[  270.010660][ T8930] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  270.012751][ T8930] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  270.023920][ T8930] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  270.047619][ T4332] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  270.049117][ T4332] CPU: 0 PID: 4332 Comm: kworker/u5:5 Not tainted syzkaller #0
[  270.050246][ T4332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  270.051684][ T4332] Workqueue: hci1 hci_rx_work
[  270.052369][ T4332] Call trace:
[  270.052828][ T4332]  dump_backtrace+0x1c0/0x1ec
[  270.053569][ T4332]  show_stack+0x2c/0x3c
[  270.054220][ T4332]  __dump_stack+0x30/0x40
[  270.054906][ T4332]  dump_stack_lvl+0xf4/0x15c
[  270.055620][ T4332]  dump_stack+0x1c/0x5c
[  270.056317][ T4332]  sysfs_create_dir_ns+0x244/0x264
[  270.057128][ T4332]  kobject_add_internal+0x598/0xb08
[  270.057943][ T4332]  kobject_add+0x140/0x20c
[  270.058629][ T4332]  device_add+0x3f0/0xf90
[  270.059309][ T4332]  hci_conn_add_sysfs+0xbc/0x1c8
[  270.060117][ T4332]  le_conn_complete_evt+0xcc8/0x1244
[  270.060967][ T4332]  hci_le_conn_complete_evt+0x114/0x3f4
[  270.061866][ T4332]  hci_le_meta_evt+0x2c0/0x4a0
[  270.062638][ T4332]  hci_event_packet+0x6b8/0xf18
[  270.063396][ T4332]  hci_rx_work+0x324/0xa80
[  270.064045][ T4332]  process_one_work+0x7f8/0x13a4
[  270.064799][ T4332]  worker_thread+0x8c4/0xfec
[  270.065445][ T4332]  kthread+0x250/0x2d8
[  270.066066][ T4332]  ret_from_fork+0x10/0x20
[  270.067927][ T4332] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  270.069983][ T4332] Bluetooth: hci1: failed to register connection device
[  270.118454][ T8918] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1481'.
[  270.342254][ T8947] netlink: 'syz.2.1489': attribute type 10 has an invalid length.
[  270.401341][ T8952] netlink: 'syz.0.1492': attribute type 10 has an invalid length.
[  270.427961][ T8954] netem: change failed
[  270.877813][ T8959] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1493'.
[  271.600819][ T4332] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  271.602588][ T4332] CPU: 0 PID: 4332 Comm: kworker/u5:5 Not tainted syzkaller #0
[  271.603790][ T4332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  271.605362][ T4332] Workqueue: hci2 hci_rx_work
[  271.606148][ T4332] Call trace:
[  271.606677][ T4332]  dump_backtrace+0x1c0/0x1ec
[  271.607405][ T4332]  show_stack+0x2c/0x3c
[  271.608106][ T4332]  __dump_stack+0x30/0x40
[  271.608786][ T4332]  dump_stack_lvl+0xf4/0x15c
[  271.609466][ T4332]  dump_stack+0x1c/0x5c
[  271.610084][ T4332]  sysfs_create_dir_ns+0x244/0x264
[  271.610886][ T4332]  kobject_add_internal+0x598/0xb08
[  271.611667][ T4332]  kobject_add+0x140/0x20c
[  271.612281][ T4332]  device_add+0x3f0/0xf90
[  271.612900][ T4332]  hci_conn_add_sysfs+0xbc/0x1c8
[  271.613729][ T4332]  le_conn_complete_evt+0xcc8/0x1244
[  271.614534][ T4332]  hci_le_conn_complete_evt+0x114/0x3f4
[  271.615367][ T4332]  hci_le_meta_evt+0x2c0/0x4a0
[  271.616094][ T4332]  hci_event_packet+0x6b8/0xf18
[  271.616809][ T4332]  hci_rx_work+0x324/0xa80
[  271.617531][ T4332]  process_one_work+0x7f8/0x13a4
[  271.618281][ T4332]  worker_thread+0x8c4/0xfec
[  271.618962][ T4332]  kthread+0x250/0x2d8
[  271.619560][ T4332]  ret_from_fork+0x10/0x20
[  271.622987][ T4332] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  271.625487][ T4332] Bluetooth: hci2: failed to register connection device
[  272.032973][ T8973] bond0: (slave syz_tun): Releasing backup interface
[  272.065040][ T8973] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  272.067611][ T8973] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  272.068965][ T8973] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  272.069344][ T8977] rdma_rxe: rxe_register_device failed with error -23
[  272.074875][ T8977] rdma_rxe: failed to add syz_tun
[  272.093892][ T4332] Bluetooth: hci1: command 0x2016 tx timeout
[  272.154053][ T8977] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1499'.
[  272.341804][ T8987] can0: slcan on ttyS3.
[  272.629737][ T8991] netlink: 'syz.1.1503': attribute type 10 has an invalid length.
[  272.645046][ T8991] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  272.767794][ T9008] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1505'.
[  272.888720][ T9014] netlink: 'syz.1.1506': attribute type 10 has an invalid length.
[  272.917416][ T4337] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  272.919009][ T4337] CPU: 0 PID: 4337 Comm: kworker/u5:7 Not tainted syzkaller #0
[  272.920158][ T4337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  272.921770][ T4337] Workqueue: hci3 hci_rx_work
[  272.922510][ T4337] Call trace:
[  272.923041][ T4337]  dump_backtrace+0x1c0/0x1ec
[  272.923775][ T4337]  show_stack+0x2c/0x3c
[  272.924386][ T4337]  __dump_stack+0x30/0x40
[  272.925082][ T4337]  dump_stack_lvl+0xf4/0x15c
[  272.925857][ T4337]  dump_stack+0x1c/0x5c
[  272.926490][ T4337]  sysfs_create_dir_ns+0x244/0x264
[  272.927265][ T4337]  kobject_add_internal+0x598/0xb08
[  272.928066][ T4337]  kobject_add+0x140/0x20c
[  272.928715][ T4337]  device_add+0x3f0/0xf90
[  272.929360][ T4337]  hci_conn_add_sysfs+0xbc/0x1c8
[  272.930116][ T4337]  le_conn_complete_evt+0xcc8/0x1244
[  272.930930][ T4337]  hci_le_conn_complete_evt+0x114/0x3f4
[  272.931702][ T4337]  hci_le_meta_evt+0x2c0/0x4a0
[  272.932448][ T4337]  hci_event_packet+0x6b8/0xf18
[  272.933186][ T4337]  hci_rx_work+0x324/0xa80
[  272.933844][ T4337]  process_one_work+0x7f8/0x13a4
[  272.934632][ T4337]  worker_thread+0x8c4/0xfec
[  272.935335][ T4337]  kthread+0x250/0x2d8
[  272.935944][ T4337]  ret_from_fork+0x10/0x20
[  272.937889][ T4337] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  272.939973][ T4337] Bluetooth: hci3: failed to register connection device
[  273.820043][ T4337] Bluetooth: hci2: command 0x2016 tx timeout
[  273.884527][ T8979] can0 (unregistered): slcan off ttyS3.
[  274.286235][ T9038] xt_hashlimit: size too large, truncated to 1048576
[  274.295975][ T9040] rdma_rxe: rxe_register_device failed with error -23
[  274.297244][ T9040] rdma_rxe: failed to add syz_tun
[  274.870833][ T9040] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1512'.
[  274.925923][ T9062] netlink: 'syz.0.1515': attribute type 10 has an invalid length.
[  274.984042][ T4332] Bluetooth: hci3: command 0x2016 tx timeout
[  275.069979][ T9068] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1516'.
[  275.160699][ T9075] netlink: 'syz.1.1518': attribute type 10 has an invalid length.
[  275.218377][ T4337] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  275.219952][ T4337] CPU: 0 PID: 4337 Comm: kworker/u5:7 Not tainted syzkaller #0
[  275.221153][ T4337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  275.222602][ T4337] Workqueue: hci2 hci_rx_work
[  275.223300][ T4337] Call trace:
[  275.223850][ T4337]  dump_backtrace+0x1c0/0x1ec
[  275.224601][ T4337]  show_stack+0x2c/0x3c
[  275.225236][ T4337]  __dump_stack+0x30/0x40
[  275.225906][ T4337]  dump_stack_lvl+0xf4/0x15c
[  275.226630][ T4337]  dump_stack+0x1c/0x5c
[  275.227169][ T4337]  sysfs_create_dir_ns+0x244/0x264
[  275.227941][ T4337]  kobject_add_internal+0x598/0xb08
[  275.228720][ T4337]  kobject_add+0x140/0x20c
[  275.229396][ T4337]  device_add+0x3f0/0xf90
[  275.230030][ T4337]  hci_conn_add_sysfs+0xbc/0x1c8
[  275.230798][ T4337]  le_conn_complete_evt+0xcc8/0x1244
[  275.231553][ T4337]  hci_le_conn_complete_evt+0x114/0x3f4
[  275.232455][ T4337]  hci_le_meta_evt+0x2c0/0x4a0
[  275.233200][ T4337]  hci_event_packet+0x6b8/0xf18
[  275.233923][ T4337]  hci_rx_work+0x324/0xa80
[  275.234542][ T4337]  process_one_work+0x7f8/0x13a4
[  275.235256][ T4337]  worker_thread+0x8c4/0xfec
[  275.235968][ T4337]  kthread+0x250/0x2d8
[  275.236619][ T4337]  ret_from_fork+0x10/0x20
[  275.237696][ T4337] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  275.239676][ T4337] Bluetooth: hci2: failed to register connection device
[  275.420547][ T9085] netem: change failed
[  276.194293][ T9091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.196637][ T9091] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.671016][ T9105] rdma_rxe: rxe_register_device failed with error -23
[  276.672469][ T9105] rdma_rxe: failed to add syz_tun
[  276.829945][ T9105] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1526'.
[  276.942769][ T9110] can0: slcan on ttyS3.
[  277.303795][ T4337] Bluetooth: hci2: command 0x2016 tx timeout
[  277.336423][ T9113] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1528'.
[  277.389300][ T9118] netlink: 'syz.2.1530': attribute type 10 has an invalid length.
[  277.430788][ T9121] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1541'.
[  277.433944][ T9125] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.438690][ T9125] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.634404][ T9106] can0 (unregistered): slcan off ttyS3.
[  277.850832][ T9160] netem: change failed
[  278.027585][ T4332] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  278.029223][ T4332] CPU: 0 PID: 4332 Comm: kworker/u5:5 Not tainted syzkaller #0
[  278.030409][ T4332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  278.031995][ T4332] Workqueue: hci1 hci_rx_work
[  278.032738][ T4332] Call trace:
[  278.033320][ T4332]  dump_backtrace+0x1c0/0x1ec
[  278.034024][ T4332]  show_stack+0x2c/0x3c
[  278.034632][ T4332]  __dump_stack+0x30/0x40
[  278.035286][ T4332]  dump_stack_lvl+0xf4/0x15c
[  278.036009][ T4332]  dump_stack+0x1c/0x5c
[  278.036645][ T4332]  sysfs_create_dir_ns+0x244/0x264
[  278.037405][ T4332]  kobject_add_internal+0x598/0xb08
[  278.038187][ T4332]  kobject_add+0x140/0x20c
[  278.038899][ T4332]  device_add+0x3f0/0xf90
[  278.039554][ T4332]  hci_conn_add_sysfs+0xbc/0x1c8
[  278.040303][ T4332]  le_conn_complete_evt+0xcc8/0x1244
[  278.041069][ T4332]  hci_le_conn_complete_evt+0x114/0x3f4
[  278.041974][ T4332]  hci_le_meta_evt+0x2c0/0x4a0
[  278.042737][ T4332]  hci_event_packet+0x6b8/0xf18
[  278.043428][ T4332]  hci_rx_work+0x324/0xa80
[  278.044147][ T4332]  process_one_work+0x7f8/0x13a4
[  278.044850][ T4332]  worker_thread+0x8c4/0xfec
[  278.045520][ T4332]  kthread+0x250/0x2d8
[  278.046087][ T4332]  ret_from_fork+0x10/0x20
[  278.050375][ T4332] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  278.052511][ T4332] Bluetooth: hci1: failed to register connection device
[  278.508355][ T9179] rdma_rxe: rxe_register_device failed with error -23
[  278.509682][ T9179] rdma_rxe: failed to add syz_tun
[  278.658619][ T9179] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1539'.
[  279.267486][ T9193] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1543'.
[  279.281143][ T9194] netlink: 'syz.0.1542': attribute type 10 has an invalid length.
[  279.491100][ T9207] netem: change failed
[  279.515672][ T9209] can0: slcan on ttyS3.
[  279.564633][ T9209] can0 (unregistered): slcan off ttyS3.
[  279.711655][ T9218] rdma_rxe: already configured on syz_tun
[  280.104852][ T4332] Bluetooth: hci1: command 0x2016 tx timeout
[  280.263843][ T9228] xt_hashlimit: size too large, truncated to 1048576
[  280.364073][ T9218] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1551'.
[  280.580736][ T9238] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1556'.
[  280.604110][ T9240] netlink: 'syz.0.1555': attribute type 10 has an invalid length.
[  281.893264][ T9270] can0: slcan on ttyS3.
[  281.989961][ T9281] rdma_rxe: rxe_register_device failed with error -23
[  281.991110][ T9281] rdma_rxe: failed to add syz_tun
[  282.004379][ T9270] can0 (unregistered): slcan off ttyS3.
[  282.102376][ T9288] netlink: 'syz.2.1568': attribute type 10 has an invalid length.
[  282.171999][ T9294] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1567'.
[  282.207164][ T9297] netlink: 'syz.2.1570': attribute type 10 has an invalid length.
[  282.215838][ T9297] netlink: 'syz.2.1570': attribute type 10 has an invalid length.
[  282.217552][ T9297] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.219074][ T9297] team0: Port device bond0 added
[  282.307269][ T9301] can0: slcan on ttyS3.
[  282.543838][ T9301] can0 (unregistered): slcan off ttyS3.
[  282.546857][ T9302] can0: slcan on ttyS3.
[  282.553495][ T9281] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1566'.
[  282.643581][ T5176] IPv6: ADDRCONF(NETDEV_CHANGE): can0: link becomes ready
[  282.657208][ T9306] netem: change failed
[  283.103993][ T9291] can0 (unregistered): slcan off ttyS3.
[  283.511436][ T9355] can0: slcan on ttyS3.
[  283.574278][ T9355] can0 (unregistered): slcan off ttyS3.
[  283.660123][ T9359] fuse: Bad value for 'fd'
[  283.711568][ T9361] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1581'.
[  283.727240][ T9363] netlink: 'syz.4.1582': attribute type 10 has an invalid length.
[  283.730823][ T9363] netlink: 'syz.4.1582': attribute type 10 has an invalid length.
[  283.741723][ T9363] 8021q: adding VLAN 0 to HW filter on device bond0
[  283.756711][ T9363] team0: Port device bond0 added
[  283.814048][ T9368] rdma_rxe: already configured on syz_tun
[  283.826912][ T9365] netem: change failed
[  284.489859][ T9368] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1585'.
[  285.135386][ T9392] can0: slcan on ttyS3.
[  285.174000][ T9393] can0 (unregistered): slcan off ttyS3.
[  285.176631][ T9394] can0: slcan on ttyS3.
[  285.177278][ T9397] fuse: Bad value for 'fd'
[  285.300744][ T9406] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1595'.
[  285.303013][ T9406] netlink: 'syz.4.1595': attribute type 10 has an invalid length.
[  285.478433][ T9406] netlink: 'syz.4.1595': attribute type 10 has an invalid length.
[  285.693795][ T9384] can0 (unregistered): slcan off ttyS3.
[  285.832587][ T9422] rdma_rxe: rxe_register_device failed with error -23
[  285.844229][ T9422] rdma_rxe: failed to add syz_tun
[  286.446564][ T9433] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1599'.
[  286.597222][ T9442] can0: slcan on ttyS3.
[  286.754324][ T9442] can0 (unregistered): slcan off ttyS3.
[  286.770958][ T9443] can0: slcan on ttyS3.
[  286.894967][ T9452] fuse: Bad value for 'fd'
[  286.962507][ T9464] xt_hashlimit: size too large, truncated to 1048576
[  287.116225][ T9478] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1607'.
[  287.118173][ T9478] netlink: 'syz.0.1607': attribute type 10 has an invalid length.
[  287.119878][ T9478] netlink: 'syz.0.1607': attribute type 10 has an invalid length.
[  287.132587][ T9478] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.147096][ T9478] team0: Port device bond0 added
[  287.388579][ T9435] can0 (unregistered): slcan off ttyS3.
[  287.855523][ T9498] can0: slcan on ttyS3.
[  288.173932][ T9499] can0 (unregistered): slcan off ttyS3.
[  288.186244][ T9498] can0: slcan on ttyS3.
[  288.364011][ T9483] can0 (unregistered): slcan off ttyS3.
[  288.760651][ T9515] rdma_rxe: rxe_register_device failed with error -23
[  288.761893][ T9515] rdma_rxe: failed to add syz_tun
[  288.805694][ T9518] fuse: Bad value for 'fd'
[  288.973200][ T9515] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1615'.
[  289.095999][ T9537] netem: change failed
[  289.164075][ T9540] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1620'.
[  289.168398][ T9540] netlink: 'syz.3.1620': attribute type 10 has an invalid length.
[  289.170081][ T9540] netlink: 'syz.3.1620': attribute type 10 has an invalid length.
[  289.171820][ T9540] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.191501][ T9540] team0: Port device bond0 added
[  289.543396][ T9557] can0: slcan on ttyS3.
[  289.944062][ T9557] can0 (unregistered): slcan off ttyS3.
[  289.958645][ T9559] can0: slcan on ttyS3.
[  290.142937][ T9564] fuse: Bad value for 'fd'
[  290.144506][ T9548] can0 (unregistered): slcan off ttyS3.
[  290.438415][ T9576] rdma_rxe: rxe_register_device failed with error -23
[  290.456150][ T9576] rdma_rxe: failed to add syz_tun
[  291.254580][ T9583] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1633'.
[  291.256695][ T9583] netlink: 'syz.2.1633': attribute type 10 has an invalid length.
[  291.258451][ T9583] netlink: 'syz.2.1633': attribute type 10 has an invalid length.
[  291.371828][ T9576] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1630'.
[  291.794883][ T9598] can0: slcan on ttyS3.
[  291.883885][ T9598] can0 (unregistered): slcan off ttyS3.
[  291.890595][ T9599] can0: slcan on ttyS3.
[  292.128040][ T9595] fuse: Invalid rootmode
[  292.275176][ T9586] can0 (unregistered): slcan off ttyS3.
[  292.469324][ T9622] can0: slcan on ttyS3.
[  292.714098][ T9622] can0 (unregistered): slcan off ttyS3.
[  292.718012][ T9623] can0: slcan on ttyS3.
[  293.164704][ T9614] can0 (unregistered): slcan off ttyS3.
[  293.227658][ T9639] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1646'.
[  293.231690][ T9639] netlink: 'syz.1.1646': attribute type 10 has an invalid length.
[  293.233545][ T9639] netlink: 'syz.1.1646': attribute type 10 has an invalid length.
[  293.242162][ T9639] 8021q: adding VLAN 0 to HW filter on device bond0
[  293.246137][ T9639] team0: Port device bond0 added
[  293.248409][ T9640] netem: change failed
[  293.645605][ T9662] rdma_rxe: rxe_register_device failed with error -23
[  293.649031][ T9662] rdma_rxe: failed to add syz_tun
[  293.823326][ T9662] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1649'.
[  293.968548][ T9665] fuse: Invalid rootmode
[  294.496824][ T9681] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1657'.
[  294.498734][ T9681] netlink: 'syz.3.1657': attribute type 10 has an invalid length.
[  294.535439][ T9681] netlink: 'syz.3.1657': attribute type 10 has an invalid length.
[  294.610168][ T9697] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1659'.
[  294.687121][ T9698] can0: slcan on ttyS3.
[  294.756579][ T9698] can0 (unregistered): slcan off ttyS3.
[  294.762939][ T9699] can0: slcan on ttyS3.
[  294.987651][ T9701] fuse: Invalid rootmode
[  294.992177][ T9703] rdma_rxe: rxe_register_device failed with error -23
[  294.993238][ T9703] rdma_rxe: failed to add syz_tun
[  295.025534][ T9706] Bluetooth: MGMT ver 1.22
[  295.114434][ T9710] xt_hashlimit: size too large, truncated to 1048576
[  295.136067][ T9714] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1665'.
[  295.458797][ T9703] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1660'.
[  295.515005][ T9680] can0 (unregistered): slcan off ttyS3.
[  295.544667][ T9725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.547284][ T9725] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.629169][ T9749] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1672'.
[  296.662953][ T9761] fuse: Bad value for 'rootmode'
[  296.871005][ T9767] can0: slcan on ttyS3.
[  297.088292][ T4337] Bluetooth: hci2: command 0x0401 tx timeout
[  297.089336][ T4332] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  297.103808][ T9767] can0 (unregistered): slcan off ttyS3.
[  297.107348][ T9768] can0: slcan on ttyS3.
[  297.132070][ T9774] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1676'.
[  297.198340][ T9784] rdma_rxe: already configured on syz_tun
[  297.371822][ T9788] lo speed is unknown, defaulting to 1000
[  297.684014][ T9762] can0 (unregistered): slcan off ttyS3.
[  297.713598][ T9784] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1679'.
[  297.801941][ T9795] can0: slcan on ttyS3.
[  297.893875][ T9795] can0 (unregistered): slcan off ttyS3.
[  297.901482][ T9796] can0: slcan on ttyS3.
[  298.981723][ T9790] can0 (unregistered): slcan off ttyS3.
[  299.214413][ T9822] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1688'.
[  299.260802][ T9820] fuse: Bad value for 'rootmode'
[  299.388300][ T9835] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1690'.
[  299.504362][ T4372] libceph: connect (1)[c::]:6789 error -13
[  299.505479][ T4372] libceph: mon0 (1)[c::]:6789 connect error
[  299.522159][ T4372] libceph: connect (1)[c::]:6789 error -13
[  299.523174][ T4372] libceph: mon0 (1)[c::]:6789 connect error
[  299.794425][ T4372] libceph: connect (1)[c::]:6789 error -13
[  299.795472][ T4372] libceph: mon0 (1)[c::]:6789 connect error
[  300.604156][ T4372] libceph: connect (1)[c::]:6789 error -13
[  300.643501][ T4372] libceph: mon0 (1)[c::]:6789 connect error
[  300.867137][ T9846] ceph: No mds server is up or the cluster is laggy
[  300.936343][ T9892] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1699'.
[  301.733034][ T9900] can0: slcan on ttyS3.
[  301.786857][ T9902] can0 (unregistered): slcan off ttyS3.
[  301.915473][ T9913] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1703'.
[  302.038186][ T9922] binder_user_error: 13 callbacks suppressed
[  302.038197][ T9922] binder: 9922 RLIMIT_NICE not set
[  302.044234][ T9923] fuse: Unknown parameter 'use00000000000000000000'
[  302.107042][ T9927] Set syz1 is full, maxelem 1023 reached
[  302.259422][ T9935] can0: slcan on ttyS3.
[  302.653952][ T9935] can0 (unregistered): slcan off ttyS3.
[  302.690432][ T9925] can0: slcan on ttyS3.
[  302.857741][ T9939] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1713'.
[  302.893890][ T9919] can0 (unregistered): slcan off ttyS3.
[  303.108717][ T9950] can0: slcan on ttyS3.
[  303.326237][ T9950] can0 (unregistered): slcan off ttyS3.
[  303.329366][ T9951] can0: slcan on ttyS3.
[  303.365491][ T9957] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1716'.
[  303.417226][ T9960] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1718'.
[  303.591339][ T9981] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1724'.
[  303.623704][ T9984] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  303.667049][ T9990] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  303.752090][T10002] fuse: Unknown parameter 'use00000000000000000000'
[  304.064175][ T9945] can0 (unregistered): slcan off ttyS3.
[  304.233228][T10014] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1730'.
[  304.726876][T10022] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  304.729850][T10022] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.899960][T10029] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1735'.
[  304.973751][ T5801] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  305.027631][T10034] netem: change failed
[  305.155248][ T5801] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  305.156963][ T5801] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  305.158285][ T5801] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.160757][ T5801] usb 1-1: config 0 descriptor??
[  305.166199][ T5801] pwc: Askey VC010 type 2 USB webcam detected.
[  305.327225][T10039] fuse: Unknown parameter 'user_i00000000000000000000'
[  305.583474][T10043] can0: slcan on ttyS3.
[  305.786521][ T5801] pwc: recv_control_msg error -32 req 02 val 2b00
[  305.794856][ T5801] pwc: recv_control_msg error -32 req 02 val 2700
[  305.800789][ T5801] pwc: recv_control_msg error -32 req 02 val 2c00
[  305.803534][ T5801] pwc: recv_control_msg error -32 req 04 val 1000
[  305.808931][ T5801] pwc: recv_control_msg error -32 req 04 val 1300
[  305.813547][ T5801] pwc: recv_control_msg error -32 req 04 val 1400
[  305.817065][ T5801] pwc: recv_control_msg error -32 req 02 val 2000
[  305.822683][ T5801] pwc: recv_control_msg error -32 req 02 val 2100
[  305.825986][ T5801] pwc: recv_control_msg error -32 req 04 val 1500
[  305.827562][ T5801] pwc: recv_control_msg error -32 req 02 val 2500
[  305.829963][ T5801] pwc: recv_control_msg error -32 req 02 val 2400
[  305.832511][ T5801] pwc: recv_control_msg error -32 req 02 val 2600
[  305.835837][ T5801] pwc: recv_control_msg error -32 req 02 val 2900
[  305.838361][ T5801] pwc: recv_control_msg error -32 req 02 val 2800
[  305.839982][ T5801] pwc: recv_control_msg error -32 req 04 val 1100
[  305.844015][T10043] can0 (unregistered): slcan off ttyS3.
[  305.846636][T10044] can0: slcan on ttyS3.
[  305.856752][ T5801] pwc: Registered as video11.
[  305.865612][ T5801] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input2
[  306.049580][ T5801] usb 1-1: USB disconnect, device number 4
[  306.095098][   T27] audit: type=1326 audit(306.080:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff90176c28 code=0x7ffc0000
[  306.098913][   T27] audit: type=1326 audit(306.080:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff90176c28 code=0x7ffc0000
[  306.106540][   T27] audit: type=1326 audit(306.080:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff90176c28 code=0x7ffc0000
[  306.139130][   T27] audit: type=1326 audit(306.080:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff90176c28 code=0x7ffc0000
[  306.473889][   T27] audit: type=1326 audit(306.080:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=243 compat=0 ip=0xffff90176c28 code=0x7ffc0000
[  306.478213][   T27] audit: type=1326 audit(306.160:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff90176c28 code=0x7ffc0000
[  306.481304][   T27] audit: type=1326 audit(306.160:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff90176920 code=0x7ffc0000
[  306.505985][T10040] can0 (unregistered): slcan off ttyS3.
[  306.507408][   T27] audit: type=1326 audit(306.160:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=226 compat=0 ip=0xffff9017698c code=0x7ffc0000
[  306.510991][   T27] audit: type=1326 audit(306.160:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=135 compat=0 ip=0xffff901559f8 code=0x7ffc0000
[  306.535991][   T27] audit: type=1326 audit(306.160:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10050 comm="syz.1.1741" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=435 compat=0 ip=0xffff90177c28 code=0x7ffc0000
[  306.711894][T10073] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1743'.
[  307.115001][T10090] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1746'.
[  307.209895][T10101] fuse: Unknown parameter 'user_i00000000000000000000'
[  307.246756][T10104] netem: change failed
[  307.385908][T10114] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1755'.
[  308.621571][T10133] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1759'.
[  308.694363][T10128] slcan: can't register candev
[  310.254937][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  310.256008][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  321.187600][T10182] bond0: (slave syz_tun): Releasing backup interface
[  321.796919][T10182] team0: Port device bond0 removed
[  321.801185][T10182] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  321.806861][T10182] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  321.916992][T10195] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1771'.
[  322.818092][T10212] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1774'.
[  322.931673][T10225] netem: change failed
[  323.647161][T10245] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  323.704099][T10245] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  323.721275][T10251] netlink: 'syz.0.1783': attribute type 10 has an invalid length.
[  323.723105][T10251] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.727628][T10251] team0: Port device bond0 added
[  324.109430][T10260] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1788'.
[  324.472428][   T27] kauditd_printk_skb: 278 callbacks suppressed
[  324.472452][   T27] audit: type=1326 audit(324.210:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9af76c28 code=0x7ffc0000
[  324.472753][   T27] audit: type=1326 audit(324.210:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9af76c28 code=0x7ffc0000
[  324.472844][   T27] audit: type=1326 audit(324.220:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9af76c28 code=0x7ffc0000
[  324.472925][   T27] audit: type=1326 audit(324.220:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9af76c28 code=0x7ffc0000
[  324.473007][   T27] audit: type=1326 audit(324.220:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=243 compat=0 ip=0xffff9af76c28 code=0x7ffc0000
[  324.473087][   T27] audit: type=1326 audit(324.420:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9af76c28 code=0x7ffc0000
[  324.473163][   T27] audit: type=1326 audit(324.420:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff9af76920 code=0x7ffc0000
[  324.473924][   T27] audit: type=1326 audit(324.420:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=226 compat=0 ip=0xffff9af7698c code=0x7ffc0000
[  324.474059][   T27] audit: type=1326 audit(324.420:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=135 compat=0 ip=0xffff9af559f8 code=0x7ffc0000
[  324.474192][   T27] audit: type=1326 audit(324.420:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.2.1785" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=435 compat=0 ip=0xffff9af77c28 code=0x7ffc0000
[  324.891960][T10268] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1799'.
[  325.036832][T10277] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1793'.
[  325.079817][T10283] netem: change failed
[  325.534539][T10288] can0: slcan on ttyS3.
[  325.713892][T10289] can0 (unregistered): slcan off ttyS3.
[  325.724553][T10291] can0: slcan on ttyS3.
[  326.402313][T10284] can0 (unregistered): slcan off ttyS3.
[  326.816300][T10329] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1804'.
[  328.875032][T10375] fuse: Bad value for 'fd'
[  328.879001][T10357] netem: change failed
[  329.679034][T10412] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1821'.
[  330.621732][T10424] can0: slcan on ttyS3.
[  331.118004][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  331.128485][T10431] team0: Port device bond0 removed
[  331.130994][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  331.132251][T10431] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  331.145907][T10431] bond0: (slave wlan1): Releasing backup interface
[  331.156610][T10424] can0 (unregistered): slcan off ttyS3.
[  331.230953][T10433] netem: change failed
[  331.276247][T10439] netlink: 'syz.3.1823': attribute type 10 has an invalid length.
[  331.278020][T10439] 8021q: adding VLAN 0 to HW filter on device bond0
[  331.279509][T10439] team0: Port device bond0 added
[  331.659542][ T5041] 
[  331.659990][ T5041] ============================================
[  331.660908][ T5041] WARNING: possible recursive locking detected
[  331.661704][ T5041] syzkaller #0 Not tainted
[  331.662313][ T5041] --------------------------------------------
[  331.663214][ T5041] kworker/u4:14/5041 is trying to acquire lock:
[  331.664142][ T5041] ffff0000d9ebb9e8 (rlock-AF_UNIX){+.+.}-{2:2}, at: unix_collect_skb+0x140/0x480
[  331.665527][ T5041] 
[  331.665527][ T5041] but task is already holding lock:
[  331.666659][ T5041] ffff0000d9ebe1e8 (rlock-AF_UNIX){+.+.}-{2:2}, at: unix_collect_skb+0xa8/0x480
[  331.667967][ T5041] 
[  331.667967][ T5041] other info that might help us debug this:
[  331.669102][ T5041]  Possible unsafe locking scenario:
[  331.669102][ T5041] 
[  331.670089][ T5041]        CPU0
[  331.670559][ T5041]        ----
[  331.671020][ T5041]   lock(rlock-AF_UNIX);
[  331.671717][ T5041]   lock(rlock-AF_UNIX);
[  331.672393][ T5041] 
[  331.672393][ T5041]  *** DEADLOCK ***
[  331.672393][ T5041] 
[  331.673606][ T5041]  May be due to missing lock nesting notation
[  331.673606][ T5041] 
[  331.674824][ T5041] 4 locks held by kworker/u4:14/5041:
[  331.675637][ T5041]  #0: ffff0000c0029138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x6b8/0x13a4
[  331.677300][ T5041]  #1: ffff8000213e7c20 (unix_gc_work){+.+.}-{0:0}, at: process_one_work+0x6fc/0x13a4
[  331.678810][ T5041]  #2: ffff800017977af8 (unix_gc_lock){+.+.}-{2:2}, at: __unix_gc+0xcc/0x1404
[  331.680110][ T5041]  #3: ffff0000d9ebe1e8 (rlock-AF_UNIX){+.+.}-{2:2}, at: unix_collect_skb+0xa8/0x480
[  331.681502][ T5041] 
[  331.681502][ T5041] stack backtrace:
[  331.682382][ T5041] CPU: 1 PID: 5041 Comm: kworker/u4:14 Not tainted syzkaller #0
[  331.683462][ T5041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  331.684875][ T5041] Workqueue: events_unbound __unix_gc
[  331.685658][ T5041] Call trace:
[  331.686119][ T5041]  dump_backtrace+0x1c0/0x1ec
[  331.686861][ T5041]  show_stack+0x2c/0x3c
[  331.687451][ T5041]  __dump_stack+0x30/0x40
[  331.688104][ T5041]  dump_stack_lvl+0xf4/0x15c
[  331.688836][ T5041]  dump_stack+0x1c/0x5c
[  331.689423][ T5041]  __lock_acquire+0x15cc/0x6800
[  331.690181][ T5041]  lock_acquire+0x20c/0x63c
[  331.690902][ T5041]  _raw_spin_lock+0x54/0x6c
[  331.691557][ T5041]  unix_collect_skb+0x140/0x480
[  331.692253][ T5041]  __unix_gc+0xd70/0x1404
[  331.692905][ T5041]  process_one_work+0x7f8/0x13a4
[  331.693664][ T5041]  worker_thread+0x8c4/0xfec
[  331.694316][ T5041]  kthread+0x250/0x2d8
[  331.694913][ T5041]  ret_from_fork+0x10/0x20
[  331.695644][    C1] vkms_vblank_simulate: vblank timer overrun