last executing test programs:

10.478523365s ago: executing program 2 (id=1967):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x0, 0x0, 0x0}, 0x94)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x80042, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000cf8bed20d90f25004029000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000580)={0x24, &(0x7f0000000700)={0x28f6c81d26a0207, 0x11, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x5, 0x20010, r0, 0x4934f000)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
prlimit64(0x0, 0xe, &(0x7f0000000480)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r6, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r6, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

7.425575843s ago: executing program 2 (id=2003):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c8000000020101020000000000000000000000006c00028006000340000400001400"], 0xc8}, 0x1, 0x0, 0x0, 0x4048040}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x8, 0x0)
sendfile(r4, r5, 0x0, 0xc0)
r6 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000480), 0x0)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000005c0)={r7, 0x800, {0x2a00, 0x80010000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r8 = syz_open_dev$loop(&(0x7f00000001c0), 0x5, 0x8a502)
r9 = semget$private(0x0, 0x2, 0x10)
r10 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r10, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
semctl$SETVAL(r9, 0x1, 0x8, 0x0)
semctl$SETALL(r9, 0x0, 0x9, &(0x7f0000000200)=[0x1c, 0x7, 0x9b])
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000001280)={r6, 0x0, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9603dda1af1ea80000000000000000000000deff00000000000000000000000014a2648f00", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x800]}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000010000000000000000000000850000008700000018010000202073250000c986bfbcc24de92dd2b9eb29030000002020207b1af8ff00000000bfa10000000000000700b7030000feffffff850000007b0000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)

6.547217134s ago: executing program 2 (id=2013):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x0, 0x0, 0x0}, 0x94)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x80042, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000cf8bed20d90f25004029000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000580)={0x24, &(0x7f0000000700)={0x28f6c81d26a0207, 0x11, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x5, 0x20010, r0, 0x4934f000)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
prlimit64(0x0, 0xe, &(0x7f0000000480)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r6, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r6, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

4.283249225s ago: executing program 0 (id=2030):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x30}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=@newtfilter={0x790, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, 0x0, {0x4, 0x10}, {}, {0x7, 0x6}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}, @filter_kind_options=@f_fw={{0x7}, {0x754, 0x2, [@TCA_FW_ACT={0x670, 0x4, [@m_police={0x638, 0x8, 0x0, 0x0, {{0xb}, {0x4}, {0x60b, 0x6, "35f4bad1ede1bdfdb3de3746838ea0b860af2c20e88dfb5f263eabf1c14277d51632d86e2099c79f6a05330349b30701a1d12e7d24526f381034171812eca252dd858c8af7f397cc655dd77c5e1b0905f9937e59bbb3d85bdd3a137f4aa7ec1a62172a79a5b3193f18771da526081dd9026dbf43498cdc82b486e192e93cf3279e5ab42fa836ee5ac5cbb53513809bcd5680a3d1d1799b99c36f53de8611a6b894f097619dea002caa7181fcf9b31b7edff1f99c8a1272e8ee3ea8ca5cd8e747563361e5b337c6acf536f898dcff96d78b6a3e0b368105938e2efb62692f191cb0508634e2982955c55ebeb1c5b36e21a2e8605929d6457d4a75969469e4d4a294c66ea5bd66c2f5334f904f7b91af511659d16693ed7f026e9fec785b10106459817a95dc4f36cd56d3da4ba8bfdd39c195ddf1b0a009a255962135c7d9075257983923ad00145f8c4275be27c53dbe6be805525c630bb5a2fb2b1ec8e162f0c9f78750c0ff295f600719817f870f50233847937d717443604a3344f314e95d6fd0858abec943d9ee974b820313c76c2fb2109c4dca108cfb5dacf0622b99efd7a617f0ea466580c0cf2d37623c6152cf09b6c66d856cf1ef6f0e0d0606a7c3b4b9af8f02dfed58e769344d521094201a29218f430c7aa6cdc44afc075a61d8c037fa195aaef186a5122222d8a2c983b19a43ecb20394bee0d9faec47028612e2b5322981c31795d5498464d4184c9866c788227fc6f2f928667fa78e99a139d05dc2dcda4a3d8b036d72dbe6e03b095db1b3f513feb997014725e9617ded7d27b80fcd6fc2167db65156af78d2f6be02fe2891afcd5270438c22971d12a672b326baf3331961bf94da42afac6999c39ff51870ddbc5f4f9e0cf8dac3f75d2683fca7672c4510df49944e7cf7fa168b2f9d4da9dd2d01540e06af5e6fa665a5f1bb3c0790e49675ead2d90b0c6b30938356ffd2a3c2a143bbd44f78de4e57c46afa835c7a87c485680c14351523dfaa3174fdf81bdf62a1dec8fc1d8a4637327acf58c9c63166407283fa5d7da328b8586308cb93f647b4f6f8f0a9337e5a5e7348fce1d7b2303f2f61d5f3a063806603dc52bd3bf3ac05d47e14e03cbc5fa2ccc7ac3c594673e82f20fe5ca724702da40f68f85ddfddcbbaffcfdb0a00fdeb5ae3e5958e3c547ff5c0f8eb9ccf9e8f66881138a3b43f60f24ce6c0934c758a8470a4e6f771c386bfd3db9e29cc64bdcb848c4de0b21bcf5f80529dbfbdcdf3441a8af5c0148ab6237857a199a0311ebc60ed570836e765766aca1555fe4c6d2368c1fbaaf18d8e9683c5d723ac65d18df70d996b9b99397115f1a2ec6e5cfa8b0ba6c0d2cd22024bd455cfffee9f7bfcb18d00cdefca25cf9b50074aff814e7ab7febbc15eb951382a4bff3052b267e48b6ba593d6be619d1f745d891692005e7053f212f9770884243052e695d12a68290f696743a31fae3e6edcfa48263520b26b549d294c936e08cb66f1d1dc79ccee57ef49d4ed41ad791d05b709fc30649f28c3a74f6682dedd21a77dd483ae859ed0989822fa3458efad40ed23e1814598b193fcbb4a15aa77b1bbd9dfe5db520d9224ade96aebec3f7b6a37cb05341a8e6167971d3e1f3dd15c397efac72ba5f70f9ef479ac8bfe4961b81f871e58d6cb2d5c1a1eb39eb7cd1942e74cbc4e6c4cf970c9fc61d01bb81ae2e9ca1e18f847ea41b2cc5b2e13b3c59e0c8631fbf0a37b847c321dc10e44af18c65c142277a418ba46dece13b91d184802608bb0ecc861dbe9c3b3c757e888baa696f7a3222193fc8a2a4ca833772a80c8baa915565e43f7b5b33c32dcd39c0ea13d593b24eb868af02bc80b2cc3748400daf258a91dab8734ffca2b5b6a2556ac2903574924b71d21af1460c4a7d79aa8dfc155946c6bbbb9ef045c7bce865526d832f7f7817fa74ac8622a952ee34ea36e89e55d9756ec86a8c01e94be57ee773882b2a3fe4aec6b20d29a0cea9c238ea8f8aa438386be4675e9f91f0cac66397be6220f8b8c9ddb49f9a14cf735fd88bd1684e0e804d1115a7fa6eb9d8dad8e5dd741bf1133f1e28d8321a3f65643ae4e87ea9c8495cbf4ce9cbaae6651845bd97976157b993b9806e9403966e648b9f77bd08265fc21f02e44447d84336e464eceae19adc30bcc7752"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x34, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0xb, 0x6, "093d4b88e14ab5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}, @TCA_FW_MASK={0x8, 0x5, 0x8d37}, @TCA_FW_ACT={0xc0, 0x4, [@m_connmark={0x64, 0x1d, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0xffff0000, 0xc24ba5996f978a81, 0x10000, 0x3}, 0x5}}]}, {0x17, 0x6, "bda5d5437d3d49903c5fe5229718e0677fa6fb"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_connmark={0x58, 0x8, 0x0, 0x0, {{0xd}, {0x4}, {0x26, 0x6, "82fdc54105578b90de160f075541cbf91b45474a4bf836c9297311734d725b2d77c7"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_FW_CLASSID={0x8, 0x1, {0xf, 0xffe0}}, @TCA_FW_MASK={0x8, 0x5, 0x100}, @TCA_FW_MASK={0x8, 0x5, 0x6}]}}]}, 0x790}, 0x1, 0x4000000}, 0x0)

3.97869694s ago: executing program 4 (id=2036):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff90adedc4, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x10}}, 0x50)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000083c0)="c91443d5daaf04b192358b692f84d66c60492a57cffd585b0068ccde45d94ded1e86d3670791c21f8e0b2153d10d45d37b72ee2fa06ad61b0a9354045a8dae1bd1cfb49f3c11fe54c17eee632d95574681e6c472eb8a1beaf3a4b88561847a0a0f05fa4a26639d7e74a0c1c2790d6a59d4073b1c55539b7c21b8550efbd5f835c56642f4be57d170e36a6bf3a995f418554f0cab342769089d0777b28daad5c0c4ba56a0bd6c0515d9bf488fdcf49a9a7bbfcf5ad78733f8119f2568daefbd0985a9916c0d048e38765cc7bb1c82e0f3c81d98e7179ec782331bc3cfb2caf58a99668420795e6a00ef41dcf5283bbb61ebaedbb7a675be4fb2d11c31f9b76936d1112c68978c73f42e145b094490d748c1456a14c23fe25e2fdaeaaa7dc0d35dcc9bbfe86361f99f4d04090d1e66aa9714ee9f4608ad66c60f500bf06a1b5b90fbe2f6c42c4b5f337393b0bb201473712c48f898c514fff84c46b50d3aaf44578f41d312bb5a73526db7818617dcb938ebdb17f92423ca2cf7ea2c611483e0baff012fd97e28558317049e4fe2d27f72796d7260b33900cd61f984c087d3c54f6aa11e389a49069ef99ca86c279598b42dd3485f09fc7e119f707438498316cf2f2bc8a293eeb1a35635989327d4f6c9ba6b2d5b9b8ee89a1e13d538b954479663223bb704af6a63ee497734410ea43bfdb0ad3708cb7155df2432c44e8468a7b77b807d345c9b94fedadfdeba12f4b6d11d16fd6dd5fff6cf896d0f40785ffca538dae61d8a5ffee814e96628cd945553e788b8d915762ca3b40124149b3c186ddd5f7af5b75f4725444f2f7e54b999c93e8c5fd4d4fbd7a3b3d7e85df3053c866f1dd247cac6912ed8b0e491101ca5a0b999a21014b573ba3996c76065c9d8bebf431f8be6435837193efd6e5a565b2ced30d04355435f166b09f9dc91ee50412d0daf72b28ec14c505cb155de1a46362f140ac2b633fa42b12109f0a29fa8ba271d6fc2a77af3b16032ee46b3ddead76a481ef52f6bd25cab4494681f0abc2ffc60ebb36cffcc058a067fcdae6c9de670cd6fde6eb8086a65fc05df17cf69f654516ba30ee04a1427b40fb8e81fe46787d557046854ad342442bacd781c7a6063892402fb0d765397448991206b28193e20f285e50d9219ace39b311e572ebcd80702164315656e7fa92960d0fd28c6489406f0b3061218417548e7e78b8aaaf5a623eb47c92aebfebd1c78343bc781f184e0122a28f56b18832da5646ee8405fa2fc040ab30377c447b42d0bfdddc65e064ccdf1ad52a94309a819caeb523e22b25d1ba288b7f2c726290d50021b9839c5d3c471aadb08025d97619935a9880942cf653508a0b2c43838e5aada8b84d22042928dd372dedec14672266ddceb0744c7464ab282d7fbfb2767e891832aa25d1425b33a60c6894a8d5292fdd73e05a868b8e50cb1a412d1249a77ccfc3d3eb35a67221f80bb8960fd93ceb74e102f2a6946b50caae3ccb86a8ec441d6e58dbf24b3eb962c8a28cffeded9b7cf4a54f524a1ef49fbdc91e125aad65a54df6a0f10cd8799f48aa144f7aec977b4a347c5c9628c4805ecf71f305adc9e5ca7c1f313f9ea3e99b3590efd94d831e1ff5cd7a26b72281109547facfa3abac2cfc9177b117a3757b778e95b5069236abb25d8fb032c38d296f87388fdd364b491cb828732177a2c6bcaaf831d138c898bb60c0d9d8a02d8b4b8e7efa87d3ed66221ac52e31ba9c2da488b999eaf82994bc8f1ac29d5e60b8b1cdc30a1c9829aca1cd7881c8aaac9ede0f5d8b85538d2b13751cfc6b37587b0223b9f6b6dd9340753106b1eecdf4f63c51cc2c63a1f86235bad7602e115d1e0ed78a6b170b88eb9584d2098b187695627612189998171d245797391b2b79bb690a79dac4b769e3f18c4d49359f7b460d997c03c793f51a830d5b21faed2ae1c3eb0fce0cdadde3c789ec931b6397c2a2fb2eda87756fec031e5f50f07619130f8e39f1e00004a1f204e5d87780542bdedf0b1ca5168779ad7cb2ebf27e0a5d760a2492b4d92eab24f2bc9af0a3e51140c415a6f885d0faa38ee6dcffc41652b28e628b859db0e7a0f961e37c5806df137e68c5316667f36051eb05c971e208721fdb8a49b8c49f85114be9dd7288f4e95c5f6fb8c1bc1bc7d79f32ba5419d90130a0328ba70d10c770a1540718f7d890dba9c39a116623d492275a1268c91149bfe026ca1c6a458449d4004d653f4b0a234eacd1f4da495fd1f936b4b335f64514fc8091b1dab132f599e26cb127e25011efa30a922b5a3e8807db9a00a9cc732fd323708767c905c8a3cd53e2e8d377d3b43cb971cbd0e66e2e47f3d601d49e29941b2ea4d3c8b7f5698e1a633ebba00f6c178d6d04b9f1544f04cd173e2d49f129a8725a647e1a9e798b5581c6a461b585012a302353178188e55f8102a49343c9c370ee505d09e4be8580d95f5bf39267b00e93adb6b52b2029160d78ac271e4e0c70ed835484e80302b93efd599707d4d22c806476fd04d18ebd6a9bf88c11dc2c96041ac8c3e04ac0aa5d2ac6740972717b543fb871884a7a0434a433571fd621977777984ea9c06914be966da9f349cb1ef3a116c49f0c716eae1df118cd3d5b350b917c06d853c1e1514213f5a29071e42eecee264ff20529c53c3a060a18a680ade2a08b4549e6998f06e61e4f4c36d578e9ad83dd38d1eeb100e7ab023edb38426d5165b867b9507a6b644aa0322da335b208105f2e74a9841ea7c629ea20cef740f6364e9d84a4485d3bb6b5f4e14c7764f78b65c0647870638a8f618381ec0823faed0424a448f753a59fb22e5138e0ca537b6935befb99fc6eea2d9457c01345afbbaaf3a7a96a39478b222af322f86730d137c3f570b38c7363bb9a89bb4b3b8979b9afd232927becbc91c8d4a276febe47bacd4a84c0bfdd54e685080f2c3be0b1e37bc6d21b13b7b1bfd507880f6ad7fa39bf99eaf6b7088d758d9383e38326381088e9e3e792f75d682cf61cf1176953960b0e160b2a535495d52c28f14fa45ed7a3f91e219dcd05afdda2b7e6c1b742b29f6c5f62a040a5fe6606433fce7de757ed76372dfc0b1af9af10c0128bcd335eff1c6c9660b0893730c3ef8de6e50dba419b35d1766eb9a5dce4c2fa518f8e3e2a27855e04d06b89e97578a4406ac03f3314575143db5e43ae3d03a7e90a590b4c188a5acbe1cf23cd4cf60ca98248d4e740122a55ac6e463511b4c4cd47040aafc0bed7878348a4caad4d977671cf4ac319773767ee28f8ccc4c9deae531b029eff5345470f20865549b2f2c4089306304e13e42ca37fbca6839bbcd2f10bd20c81d44ab73ad5ffcc55f51b53efb00d3c68d8d8505e005247ba23e86a803b199f36447fd01f192994b2fa27c9db59ae66b56b30c1ae5cd717407068a9b13ca941b82db254f4ecdbd1751a3f8f1061031bb41af5c04a33ffc98509f456830cf3c94c14451f04d84844e41c618e82958710d07daeba666329b914f2cc7c1d34ffbf6b50620b7c78c25c5d82a5aadcc4d824b3b68c34231fa7c0befe5241c447f90111c55848feed9d1ee67f61095ec2c0b4ac82f5cf169201516082a804c9d1775990d430d21bc65877041905caf385918f44191c134e493d960724b28f01e79fbf3b99eac1e75fbc8ab8dcfdd98b573fa6d7e6a6ead6b15ed78e2a8d564f61d8c52be8104306c104146696e16c9e9bff79a5fc1d92326cf0f2ff5e5c5c252773f2bd2c554bc409aaec03055f71d439daebc1d8b06c9ca0e1fe4729e8e6119616e8fb861b1e2694d1df267cbc496ba4a87013c3317a16b4c1e369748507794a20ad06aad20e4dbfc1834d789d2a8e9395ddad33a74c6c7cf54e61e533cae228909536eba8020f0c3845d2063270cae4d8e8dd8cfe3f112c46751444546ced9f6434741656dcda2185be13eebcc0392c256f384fc16353e89cbdeef8fb2e3cadc1ed2142f3b6485dc2d540fe799d027413128f624aaf8bc1933d3a0e6a954931bfc914921dec7ec822a31ebb652d4f312ab4068cedc6203b0de98e60c5f82296a3482132b288ba0a8eabdd8ac40faf145928e7563dbcb14d0625c92b542860993bb0388d8390dae727ae4086d4de1b7fea9d79f4844374bcd67fa5e1a3a28cd6d8da3f171fcf9d13062bb149fde18917c6650cdfa2be8de33b556ad34fad454db13a446e8a7c40167117e884d874c786768975df0b201ea0077ba735d31d65a832dc122d13c6559601b83899af1f14808f55f077ad465ed61378c63abff3ad742691168fe1e31bfd0dbb9f43d364ddf0bb185f69e69110c9eb1ab808354fdd2cf571838d5ec63bac3d70ca40878dc3c3cea26adffd5a197206d7c80d6a86c202338e72f17dc7185e1df0cfefa9475a2156738f90c6410c1698d1a160fd396548323c796ec5dca3cd59e468ff6a14caf34b4fdb16f1c92acb6bff2e859f9de1266dea0d1828598319b40a3edef657be02188fc94490c1da088d3ec2f315d6b5bb2f262764b67ba321379f4c93bb3ef9bc7db0c0e5f1e680ebfa84463e904d5351ecf25d1d22a98f81f7a1fc4c4fee3934b7672661f0bcd94109706644d0fdac4b7933b5db2acf39b98c0a8106a7a757408404a4c299a077379458e2118fb0a53b798adc1b85d3eb20b539e572741b9855e44a545809f897dde06730145b5caefe9db1c321783450d25d38834532c3e372fa92a53ac9cb4330eaaf65fe1b69a66459058e02d20c6641b7d8edfa8e356baaeb011b61208ef36ed33235144c86d6ce65da89d66da06291d4acc05e3136559ab77a7c4ad229c5307b48ed642d96c28cd06c82dedd4a16ed90bceda81292120438fd5c47b7b41b2646fe0899643f896ddb2d11e7311f8a0cbb9bfa38106507e06f35b3052ad6b6a11ac5f0129bedc59d04aee3737ebbf10f97c80f1a4e3f51ac8ac4488ad9e3f685a7c0dd4074b07774f4efe4b9f2cba400ef49f73b12fc7d96d8f3283a1eaf8c003931fc24a9248e201ac31bb49226c37d535592e00308d86ba0765a7eda13b72686101d352fb959598038b8dec44a0f18e5c8ec089912d325880390ce5186d4585df46e5662987c164f0ccfb8f12f6144f91349051d3ffa35ba597d2b5920e279ca8e139dfe2ba9923c0190fd444c8bf12a627618791a8781d6b54470777e6a5dac8cb505ae1e534b0c3af7db010dd602b1459964e1e15a812f3b4c8038e6bc1dc568ba482ee4944582abeeda1ed012391706ddb1e0ce60efd15acde8283d3612de5d0cf76185ad3a1ce89488e1cea4009573b55a2766d100ecefc5d53c99876cfec65daea82f55cf9687ec70e45cfdba9fe69fc3a822c29ff4be34857bdcd4313fb23d1d01d8a79cbd0057eeb5c1c0b39f75d5a753a2e10bd0ebb91dab1312bdf1a984332d566ab56dfd838d285995bec8726c5d1358fe10b0b6aaa99b9d9b08894c1dbd06356e5c693ddebb9d8b306062defb160db9d8f02ae3df59697866f5adeb34c8c5b27b63b09675030f344197b3bff097b996819dec9059aaf5ec1a6c585a86d16528091543a9e6bca4d850b7963fd1e7d981814dedb165c1a6444ec0a21743a4de8845b386ad4e1e9c9f2873f6a353487d9a8f8f56ae1d0f69124ee56b5c2b2a48c78cc6ba6b313b889adf0acfaebb4e2dc71054a4992366a2b6ff1f5972d7d2f0e9e3b17d7fbe931f43871819dc6e6040ba239ebce2cfa424ff7344b8a880040321909dcd16956594f5d99fdd39ea5d7209b906d2601572c56c72db899f986185194fe5aab45f27d9ac12aa8600b3c2728ef2e589a6886d711edf4d7f95b2e10d9adde3009560ad754f9e7a52808720a973dc475f8177fd5b199b69925f03a44a8bd9f3c3369861802ce5ca4b40cb47d19e2e1bda1b054f16b66ac7b7c0e5205112e011d6957f1df50505003544631ff4385d8128d46838338930aebc0496348045a7c05abd7a56e1079947d3eb1c50e4d8be001d03d8973f8f08f2f21a415174173ccb90f7ab615be5036947e164a434c059637bfeebb8b9f2e87b9774a4595c71122c9fac74347488b9a054e2e7b9c45b7b12fcca0fe789db614c70d4149d44e50fb64aabccee7447288a5b865a60c2640171f89afecda2cb18b7ecea214bd32f43d5ff66e90741697d085f3ee9bfd8662a3cc570999bb151090160d3bf5bf1d85e896d66276cba7ed97f341f595b13c02ac2a1352aec7a5980de2c8f9d890951108947b7602dcf2bdd2aef680667572b87aadf7c54338492eae763df73e89e3c438c196da83d98bc65233a242e08894f2390d8714f0abb801d9e5c42f169555284b6cf079005b373e9938db71a93ee5945c2a43a06e3df580d372318b3d203503c6e968206d7db8116cca2f2a1fae7f5b5195bea92914d66516bc3ceb2d9dc4de59d0d52ab80910aba7ebb696c7deaddcf0fedf56e2a88c3496bb79897c6420a0ef1b03ad89c76b24f67ffd41c9227d464565457bb25f0b32c83e676b0a3284f2acbed39c6875871c5e866a8284f12e383f87f12dd9bbe3078c68b3711eaa9bc17a7ac8413a8ef486922eddf43f01625671b7c3d0a4c6c2dc38217b4135c8cb46df7d936aabfd253e95e0816dd1f92b257e2f96d2a259a320756ba77d99b709711326f2ea42def974d60f817a1f6779121dd32a1cb194c7809e4c8fd052ba357323436491ec45a49fa601ed373aadd2199e4483704fb2f4edd7bf2815b552fb84d09094cab9700b5125887ee508570217c16799bc11d9e3658de8d9812f30dc8078bbecaf887a6527686b026eea70229df1e61759adf19c1b96673419decb382ae29bd685c5f32120b2d56d3e97c9ef00a2c0598c2181b8fa53172312590a9549ff55dffb9070b042c74654b2ae56371b2a6bac8e2808a40fd5d6d0af184c035101394e347521467e0ddb962e0d63614cf1461ac7b9d744084e9f6f26c88d515dbb1b7392b8e9384b81f186224d5c09e266682d8044d8afb1bd6483962b03ed6884759d2647b8f174a6695a437a1f1aac3e6a2f8ca658ee8a8ae44a77393cec61a9f335a1e859825e73df4125828fbde19d3695125992ddb2826ffbc6c7cfbfdbae19ba864c4170c79cce408e8b280a7632c855d802029ebac8627fbd6fec1c3bd858411c969ca035992f2ab909c423158dffd0dd5a407b3e0c2d9b180440996e09e15f17b4e42f365371d9dd58c4609455253c44c2ba73f592e360ab5fcccdb6e90ae0c60ada9325c4824242c0d866e7dfbefe091067d5c7ff0432814f733591eb0096659738b34cfa8c6c988ec628f34fe08f31dc0156dc39866412932d045168f4f3a48f24fb3b884be1384845d496c3009626f1c41b0189e95c9055d24eb5a0390596f6ccf50d3727e607875a3b2cf076a277e12ac07ddc59da78ee16e1952706ac6a1a9ade80b867d889789c935d196cc4da67aa35ba80ef2077ee4dd69c5f31a0410f7fd0739303ddcdbff2f53e0a44ec5de0f062e533444bd946959a1d9c25b297b6fc7675ca4add9e24e8ff390e0375f3b15e1d3e8129007d743e384659f191bd23ffe02140fa64d5c6d75937b28d51afcaa9d207f57c878f2f54493025e9eff5b5ce0c997d11c9690262e38e1e83c7f1a0ed3f200d9d0472739d59dea3cc6e8783758e3e3201731cf27211267702594356345449b42fa64b64c6f00a8f26665524fe2208b1a7c5fbdc822ea611c1811526471e4f52ab5e3a43de8fd4eba2fb2796a206e348de9b0be78ded78204dc82d9e9adccbe408d7ff538aab3d663eab189927a9cd597388e8dc5063d2db42cd65415fa32d20288da017c9f94e788dfe7cc3a0f6b6ab06116ed3f72f3c048cb1e51abf308ed7169908d1ad5b7ab3a86a3316d164084f8d88c6f96142d888ccb158efa586015914c116db114aa82c44a55d4c33bd901dc34e820d3120d57def03ea4f01b263913cc02ca586b208506d149ef03a706fd5360a12b83acb7bf97ac1f1f85389d4fbfdcf38551e9dbce760a05e8e4023d85038570d3697b3e7de73aac9c7feb39b6ccd1a775c8ce01b08d7190e28866aa7bb8d0cff0fc45b452fcb6a290f98f4b5ec125224c8a93918b1f2888befba6de3d294ee1f13a9c56e92eaac0b8e6c6905e77a60ea7e1d1ed979b6b2606652e7d75750a065c57c7efb1ef5708719ef04e354bd861b15e0a1cbc7cfe65c8a3d9a2b790260d6e6eb60bd4e0fb3f040dfa27fa00797664122add0750a23a8b20fcd68b6be1e21620dda4bf0561f4c5ed74f41612a0676dcdbf669df3436cbf2ce253e69319e3ab36e6e6314f11e0d0882ee3d7f3d3b3dcfe3cd7f061e301369207545676e09801f9bc4bc4c3dcaf48e5320a4b3211051a7525868a0ac1278ed6fc9531ed89cf4205458acc05d5351bcab7ea50250b6cb4c6fdd0cd96f30cdc9a820f495d0a3e14eb6c493a85a87e3b7fb8e5f23431c3c5359f5802f1fc11ff71c3172c6b57b5587ab38579b79e328792edb7a81d60762bc6c88693a00712f811cab9b075a97535c904396dbd2fa0994ba9c9b06fe9c042cb6860d22844b94863bf7b68a1ab8639e4487b38d48e40da4a98dedd7d73ca4b575bf4c604a364a9247c2ea5e3b127ff42f9bce1d3d37c2428edab1708ebd71ac0e4a408a9c6eb97407a4a8b5e912e2c63fadd1abad9a772a96fc4666f7d2b604adbde6f1136de2adfe38994491ab0f34ff1fd20cb8034ad39aae4c5c0076da2e7a157764b770e1c5f35b6f323ce809b2e92be1345204021d74712368e0ef77056afd85f065bba085793c9b6950d3c3fc6c445afbdd5a80cf7b0bb13055fd486700be1500bdf8771e286a63962e56d4771ed5eefbf111ba7380f02d6f96eed174246820b73bd772689c072bb3d8e43ef96f5466dce5c9392e34b7176821d2f4df3dab4c6ef5e0238ffe61582812fdacc987fbb6d98cad5a2d7af0e4c8dd3f800cd75c38a515d4d4c7118c5f81c6f7504e7ae452370c56c4b7fb4daa65bf26919c12081485d09e9d142965320211f483ed2a0a6836fa2488a878eaf9653b0528c3680b75a1920a25b5c5c17548c7ceb9a1656a0cf6a404aec14f7ed8a1dcf8ed32e1cf94dc2f60b65aa102650b7a22d9e708c606ce8403ceb81434bd9938b2c4e5a8530a156a1df7d143b2da54071ba3e673ce11760f72c32273b7bcd9a48da2a6caeb4b782cf1c3a044c1731f3ad61ce32bbd0b52cbb187cb3ecc1e85a67ffe27cf86769a0d69fe293dd30f060b8a0f26ccd0287d0b8d941ee7410a7c6aa430add67c2dd60db292e24f294ce80b0321aaa4d054a6f5d9981e1d5e859b454f5005be082bd59baca5775eedb7994333c62c452ef7b2893e4d03a28c0e368928b4bdd6e31f52a83cd7e162975405fd128321e0a8e3e77fd93257b0c46b309e16203974382ced818faac3a02e74141e9ea36c4a1b98bd859fafce43b2984d856c832f61b1ca562cee96f5843adc14b35bec1ccdafedd214f1a344345373f3c9eccee8324950a23c3e77d55dbde9a7ac1b7804927affb8b0e1488dcd8919d227bd1f50a35abf25e3f120c25b0dfb4d85b4c2a2c69cf7047c76c45e4e901e7396140496f9a322c2c2ac777a27adff5a6daf32e852b1bac89f1086739a603cf0f6838f792351c08e38ab130e5a83aa5a4f2da19df131770a308d810eed0059a2e5546a2169b9d0119f6df7c18981f4b4f119c76fdaac031ce7551f25678b5c4d8815a7ea9565e63389fca6ea0bcd40e71ac72124113dc0041ce26a0c9979ff76d7f1f2c0cd2c16d8c7a36930b909ed7e2d4adfa8352b12b99bdcbc25b485f652539fab7ac983c1ae925967c15ba2345e45d6bafe13b3e9d7acf1a592422ea09c3a45f7fe24e235bd70b106cdaa665584e74cdaf9f39b804bc6c4e7f0bf572225acd4dfe010081b91c2d5970d4f43d2e1a0e05f84baaf50642991b3704034aed74572e6a4715b79276432d06660b39c989570fc0d5d0071a7c690658caee447370d3295db3b5dc625e697e1ca2675b5430b9969024835c7d001fbce86c5165c4fe8f2d46b883daaa3fbf42dc5cf61209379013896df740b9cc32638358ea8079a33f04197f650471086e67e5cf9779268d7973c73bbbde2f1c11e1a8e2b154aaa8b4b74f8a03f14ceb7afc4ba35e6620b7af89c969021d20cb260c1868f3fa432ce7e509db06001ae6540531b126c1e3a851acbf0a9c1354bece05c094d69d9bd87f99391e23306911383d2082997339daebd67d8a707c9b496a309b7921696f39a07864f31208802db7188881e346b41c34f4129fca9c6a13172a4dabfe791584d240fc03685057d53c08737aa1d486233318eb4545f2e8d18087705b9d3a7658564592f56aea3aee53d66c249988bf353853728553a1577062e24af533f47dc012ae90c5c085babc121be2993c063e203ab949a088041271ac0527c56edd4b7a87e98323a0137cd493aa05fe38d02754a66d89348b119e6200d5919bc366788eb67115fc57c4c1a9dd42c7411d6709ad82de8662a1849445b39beb2ba8f894860e41a054f61337179a9214b0884f3964c95ed2a4ab37de8038566bba76fbaa7502c0460558ff4bf4793ca68d78e50f384a81da4cfa23723747e906b82290e0b8ea07e3404bee0915800d4c3c07f94c43e7aafbc7a44d923de97963d0d1586bee06fc90aadbe5758fb9933ff7df346d62e082223741f5cb26ef953ca654ab983a72b30b296891c9e3f1ed5216b0e588eb25f5d4ccad6f96973cc2d26196bbd37c83266473071ccd84d9e3c74f22621e8bd60afa4bcad6c853c7591fe5d4298a954ea5006f682a7a65aeb26b230f3866a28a58bf532aca8fd5eaec64f442ac510a7df4114f00fd6ff7e02d77f8e72797222556959958c4c4d166c5af18a6e25588cac9871a3d5bb453889ff8d13db22024a997bf97a5afdf698b1deaff3101e27868d2de47b92c403ce82e15f3239d8923e8ca0c01e3781b5dd6121f57d2238dc3ff8a1bde3e371efd33838c552e43588042b360f55d7ca92f11987630364b263428e18601d7bf23f6432b3a9aa2c500cd9ac5f73cbe309443858a2806956b0cdcfc19904567bb1703641017c6199e768410e03d8ba603eb34249d567370202f39639ae8f6d52d9d5dbfc544c5b85ac8187095c63f1f613fe4af179fc5c837e6e0ccc21e62ac22ac045c4ac3b1ca6a4cbdbe29ea465240fc0aed1f0e086d7580bcf81d4e2a4d55a8e3bc57110e7cf1e1895df07974f0686dd2ea2b12bbfd64e7a9d0c62c662f0370e6ed495eeb2ee5029042147a1f2e5fcd6068b06567be893cb80e2cbb5fbb12847313811c13cf685698d5e2175959579e510279b9e959ac2c3f94fec653c6b521f8909d633ccedbc1109285ecbd52d27cd2891eaf354db2c966d1e3086718848433c12658fe7f6fbfef930b963139a63f6c4caee5a1964d3a038dd0db403c0a251d702c07a0fba4a3576ec6668a78e9e26efc6ad83a670a47608bf4207979bf196b3160c95e7ccc6406d46f529d34676b76d72396262e1448df051130a21484e0e977df1f7f0a259ac762eef9506877498b9998e1286d6294cf60b95352e81c3", 0x2000, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)={0xb0, 0x0, 0x3, [{{0x4, 0x3, 0x7ff, 0x7fffffffffffffff, 0xfff, 0x7ff, {0x3, 0x9, 0x3, 0x6, 0x5, 0x2, 0x2, 0x6, 0x7, 0x8000, 0x0, r2, r3, 0x1, 0x3}}, {0x0, 0x7, 0x1, 0x300, '\x00'}}]}, 0x0, 0x0, 0x0})
getdents64(r4, 0x0, 0x0)

3.976072979s ago: executing program 3 (id=2037):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c8000000020101020000000000000000000000006c00028006000340000400001400"], 0xc8}, 0x1, 0x0, 0x0, 0x4048040}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x8, 0x0)
sendfile(r4, r5, 0x0, 0xc0)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
semctl$SETVAL(0x0, 0x1, 0x8, 0x0)
semctl$SETALL(0x0, 0x0, 0x9, &(0x7f0000000200)=[0x1c, 0x7, 0x9b])

3.565769215s ago: executing program 4 (id=2038):
syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020900102505a1a44000000001010902440001fd00000009040000ff0202ffff052406000005240000000d240f0100000000000000000009e6ed71c02ca9086e090582022000000000090503020815"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, &(0x7f0000000380), &(0x7f0000000480)='GPL\x00', 0x7ff, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0xc, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5da}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006200000050005000a00000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002500)=ANY=[@ANYBLOB="4c0000000906010200000000000000000500ffff240007801800018014000240fe8000000000000000000000000000aa08000a40000000020900020073797a31000000000500010007"], 0x4c}}, 0x4000080)

3.488781341s ago: executing program 2 (id=2040):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001dc0)=@newtfilter={0x48, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x14, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x1, 0xb}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000010}, 0x20040000)

3.273374682s ago: executing program 1 (id=2042):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x7ff, 0x100000000, 0x6eb, 0x5, 0x7, 0x2c0b}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {0x2, 0xb}, {0xffe0, 0xb}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x1, 0xe}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3.256505439s ago: executing program 2 (id=2043):
getpgid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x7, &(0x7f0000006680))
r3 = fsopen(&(0x7f0000000140)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x1000d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3c}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x404, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c0800002c0007012bbd700000000000077c00000c00018006000600843b000009000280040071008c0000000800e400", @ANYRES32, @ANYBLOB="2d0529800c00f800030000000000000004006080fa003b800400df00c1becb03dbe55b6c782cebd6a7bc78a21d1bc9f3c1bd441ada5266780599eaf18965bbfcc07c2037129672275c399e1e03f8a0664d807385cc4d566f230400db800400498096d9641e8b1887b25501b11ecd71313a47df368b078d7b825bff33b9eab3964d7b2394b1950c7aeaba6014fe2cd33c89fd070ce0f1f306494a44adf6609d8ad55a5080b36b05cb0b9a57833b14fcd62c0aba0ac67f03b20e87ba6f3610a5bd1d3369ae014c8036c1e596b800991698810ff706e98871c17ad581b0695476273ac6c33a7a51d4a44a5b95684befe95ef49b03458bce89d87355f35b766b242b9f98b661269bb9255d836fb4e30d0000c72ec5561adf6112ca278273b4af42597e7bfa1f5c228f13161b34517c92bc352c017afac22d14047e6fbdc61536f9e51738ea935cb2a577ec2b788433bc13a9e976cfee267f36d988b766a29632c84c94d4cf31d780ef683293d7eacfc93f248d137affcae7cffa699237ea9c74919850dc164f1483f3f352bf7dd787191705b26936e1d090526b6ac5765df318f160cc84b15b94c662cf92611c9eb0b92bfbd3512bffed96a4150d653e130625b6ae5a78da2c4b9c70c736a224b18d89222095fbc4c61bcad1eb73be9c6efaaae48f871223694999b2a925a37138be8220008180cc20e57a92076b2308003200", @ANYRES32, @ANYBLOB="040044800800c800e00000027a01f380a2b4c1dbd4f221c0a1fd468ca63ae97de147e5bc2d0313377dc17591b491acf18312bee324decf810970090c77ec4ca173b12577aeb13c354245be77050365697b3b4707060c00045e46d612b09c487d7c9c94f778c0a015ecfa70d229085252956142772f9ff5a61a9b7fbc6712f8e64566b7ade87d293b81bd3cd1b2ad2852dc1dbb07d54f5544759f0eb23131b5780de6354f0714b2c5b86323969d0b4f5bd8c4489e0e7471c6a84feb9dead9d156d060a9373c7f80f4f1ec2a87efdeceec8d99c9664ee184f112929fe92da18f26929f98233f18dcbe0c638c040061800400058012fc33716331943112df1a6d89852782e376609e4a38717148d34e9d36191fe607748ad822c89800b204bd5831c55511fc4e85d09c44ef3be8ce710d034d394057d88e12db87eb032cd30fdcb489cd5ac92a44f96b6e463971c730796efaab04ce1b42faea757fc0a50c4feef468c80d7cac7db3bfd67140c04f88892b1d19a91ac5d2bef2af704fed3f92e84f78f98e97b8460000602ca31cc4edb57168863fe0e930a6030e47048c91da29a2c691894cd27b28480642302c6816b308d3eaceb9c1404c696e8a2deb97c278ca9d9b1ea4aa17255b400acdda233dde73b32098f837494e43a67bbb722f105f5ae23d8e4c9586ac0ff8c1c6c330601a9c007659ce63c0387d6692d791abdb14b8b66d6b30e5556865a6e97922f3fddcfd1a7e2cbf30b30479b4f7b824b49b1a8e5cd1ec171c8fd41bc3b14ced446eadedd90178f121d6e4d3ae3031231f39fcad0501455538f57fc305f449144d0e4f1f642ff19c53dea5322d30d680f6efdce4f7310225fa8e8a3035d925f51090e4fa74346825d16d400b9cea013e88ea47db2efbbbe73c3ae0059974efa840d4ee88ae1f85d6ba36caa8df64cbf4c1716de586b6fce1424c8bc3a0218953ea42dc7e83bda5a4319b59d7926fe04553fe79056a397ea85f6255d093a345aaf5f3d91cdce17cc9d38493e7eb952b132dc8f7953706ea7b7ff81e88a2a87f18730ca7f6f16f2c23b85f549a8b0cce6f8f0ec61fa8ba01aa114fbd63373ae3189338aa5f585a6d454733937712eb5a4cbd810c91bf5f19e0a508db8a57bdd8000000960203"], 0x85c}, 0x1, 0x0, 0x0, 0x24048011}, 0xc000)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/comedi1\x00', 0x20200, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000300)={'aio_iiro_16\x00', [0x4f23, 0x7f, 0x1, 0x3, 0x1, 0xdea7, 0xc, 0x3, 0xa, 0xa6, 0xfffffffa, 0xffffffff, 0x401, 0x8000001, 0x6, 0x101, 0xf7fffffe, 0x5, 0x2, 0x40000001, 0x8c, 0xca9f, 0x0, 0x20001e58, 0xb, 0xc3, 0x3, 0x5, 0x800081, 0x0, 0x4]})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r6, 0x8b2a, &(0x7f0000000040))

3.252474968s ago: executing program 0 (id=2044):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB="081500000005110400000000000000000100000554"], 0x1508}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x1, 0x0, &(0x7f0000000900)="92", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
writev(r0, &(0x7f0000000040), 0x2)

3.209508221s ago: executing program 0 (id=2045):
r0 = syz_open_dev$loop(&(0x7f0000000200), 0x5, 0x86100)
r1 = syz_open_dev$loop(&(0x7f0000000300), 0x8f, 0x40240)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000000)={r0, 0x4, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x14, "fee8a2ab78fc179fd1f809000100aca7ca44c6a4b3e00d9683dda1af01000000c0ff12001000000000000000000300", "2809e8dbe1b22d0000b420a1a93c7540f476779e0117613dd4070000ebff08000000000000000000020000000800000000faffffff00", "e746000010200000000240440000002000000000000000000004008bd0b500", [0xe3]}})

3.121736115s ago: executing program 0 (id=2046):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8810}, 0x8000)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@newtfilter={0x34, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x9, 0x4}, {}, {0x7, 0x6}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x20000, 0x0)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x42}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000200)="aac1", 0x2}], 0x1}, 0x4)

2.673763154s ago: executing program 3 (id=2047):
r0 = io_uring_setup(0x667, &(0x7f0000000000)={0x0, 0xa14a, 0x1000, 0x2, 0x235})
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x800000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsopen(0x0, 0x1)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r5 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2)
ftruncate(r5, 0xffff)
fcntl$addseals(r5, 0x409, 0x7)
r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000000)={r5, 0x0, 0x0, 0x8000})
ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086200, &(0x7f00000001c0)=0x1)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r7, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x80800, 0x0, <r8=>0xffffffffffffffff})
dup3(r8, r7, 0x80000)
ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086200, &(0x7f00000000c0)=0x7)

2.672548533s ago: executing program 4 (id=2048):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x7fff, 0x100082)
ioctl$VIDIOC_SUBDEV_S_CROP(r0, 0xc038563c, &(0x7f0000000040)={0x0, 0x0, {0xffffffff, 0xa, 0x2, 0x9}})

2.560639013s ago: executing program 4 (id=2049):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)

2.276527952s ago: executing program 2 (id=2050):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x0, 0x0, 0x0}, 0x94)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x80042, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000cf8bed20d90f25004029000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000580)={0x24, &(0x7f0000000700)={0x28f6c81d26a0207, 0x11, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x5, 0x20010, r0, 0x4934f000)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
prlimit64(0x0, 0xe, &(0x7f0000000480)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r6, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r6, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

2.193072017s ago: executing program 1 (id=2051):
r0 = socket$kcm(0x21, 0x2, 0x2)
accept4(r0, 0x0, 0x0, 0x0)

2.143369408s ago: executing program 1 (id=2052):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, <r3=>0x0], &(0x7f0000000040), 0x3, r2, 0xcccccccc})
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000440)=[r2], &(0x7f0000000200), &(0x7f00000000c0)=[r3], &(0x7f0000000040), 0x0, 0x300})

2.142349108s ago: executing program 4 (id=2053):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001dc0)=@newtfilter={0x48, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x14, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x1, 0xb}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000010}, 0x20040000)

1.854336756s ago: executing program 1 (id=2054):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x30}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=@newtfilter={0x790, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, 0x0, {0x4, 0x10}, {}, {0x7, 0x6}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}, @filter_kind_options=@f_fw={{0x7}, {0x754, 0x2, [@TCA_FW_ACT={0x670, 0x4, [@m_police={0x638, 0x8, 0x0, 0x0, {{0xb}, {0x4}, {0x60b, 0x6, "35f4bad1ede1bdfdb3de3746838ea0b860af2c20e88dfb5f263eabf1c14277d51632d86e2099c79f6a05330349b30701a1d12e7d24526f381034171812eca252dd858c8af7f397cc655dd77c5e1b0905f9937e59bbb3d85bdd3a137f4aa7ec1a62172a79a5b3193f18771da526081dd9026dbf43498cdc82b486e192e93cf3279e5ab42fa836ee5ac5cbb53513809bcd5680a3d1d1799b99c36f53de8611a6b894f097619dea002caa7181fcf9b31b7edff1f99c8a1272e8ee3ea8ca5cd8e747563361e5b337c6acf536f898dcff96d78b6a3e0b368105938e2efb62692f191cb0508634e2982955c55ebeb1c5b36e21a2e8605929d6457d4a75969469e4d4a294c66ea5bd66c2f5334f904f7b91af511659d16693ed7f026e9fec785b10106459817a95dc4f36cd56d3da4ba8bfdd39c195ddf1b0a009a255962135c7d9075257983923ad00145f8c4275be27c53dbe6be805525c630bb5a2fb2b1ec8e162f0c9f78750c0ff295f600719817f870f50233847937d717443604a3344f314e95d6fd0858abec943d9ee974b820313c76c2fb2109c4dca108cfb5dacf0622b99efd7a617f0ea466580c0cf2d37623c6152cf09b6c66d856cf1ef6f0e0d0606a7c3b4b9af8f02dfed58e769344d521094201a29218f430c7aa6cdc44afc075a61d8c037fa195aaef186a5122222d8a2c983b19a43ecb20394bee0d9faec47028612e2b5322981c31795d5498464d4184c9866c788227fc6f2f928667fa78e99a139d05dc2dcda4a3d8b036d72dbe6e03b095db1b3f513feb997014725e9617ded7d27b80fcd6fc2167db65156af78d2f6be02fe2891afcd5270438c22971d12a672b326baf3331961bf94da42afac6999c39ff51870ddbc5f4f9e0cf8dac3f75d2683fca7672c4510df49944e7cf7fa168b2f9d4da9dd2d01540e06af5e6fa665a5f1bb3c0790e49675ead2d90b0c6b30938356ffd2a3c2a143bbd44f78de4e57c46afa835c7a87c485680c14351523dfaa3174fdf81bdf62a1dec8fc1d8a4637327acf58c9c63166407283fa5d7da328b8586308cb93f647b4f6f8f0a9337e5a5e7348fce1d7b2303f2f61d5f3a063806603dc52bd3bf3ac05d47e14e03cbc5fa2ccc7ac3c594673e82f20fe5ca724702da40f68f85ddfddcbbaffcfdb0a00fdeb5ae3e5958e3c547ff5c0f8eb9ccf9e8f66881138a3b43f60f24ce6c0934c758a8470a4e6f771c386bfd3db9e29cc64bdcb848c4de0b21bcf5f80529dbfbdcdf3441a8af5c0148ab6237857a199a0311ebc60ed570836e765766aca1555fe4c6d2368c1fbaaf18d8e9683c5d723ac65d18df70d996b9b99397115f1a2ec6e5cfa8b0ba6c0d2cd22024bd455cfffee9f7bfcb18d00cdefca25cf9b50074aff814e7ab7febbc15eb951382a4bff3052b267e48b6ba593d6be619d1f745d891692005e7053f212f9770884243052e695d12a68290f696743a31fae3e6edcfa48263520b26b549d294c936e08cb66f1d1dc79ccee57ef49d4ed41ad791d05b709fc30649f28c3a74f6682dedd21a77dd483ae859ed0989822fa3458efad40ed23e1814598b193fcbb4a15aa77b1bbd9dfe5db520d9224ade96aebec3f7b6a37cb05341a8e6167971d3e1f3dd15c397efac72ba5f70f9ef479ac8bfe4961b81f871e58d6cb2d5c1a1eb39eb7cd1942e74cbc4e6c4cf970c9fc61d01bb81ae2e9ca1e18f847ea41b2cc5b2e13b3c59e0c8631fbf0a37b847c321dc10e44af18c65c142277a418ba46dece13b91d184802608bb0ecc861dbe9c3b3c757e888baa696f7a3222193fc8a2a4ca833772a80c8baa915565e43f7b5b33c32dcd39c0ea13d593b24eb868af02bc80b2cc3748400daf258a91dab8734ffca2b5b6a2556ac2903574924b71d21af1460c4a7d79aa8dfc155946c6bbbb9ef045c7bce865526d832f7f7817fa74ac8622a952ee34ea36e89e55d9756ec86a8c01e94be57ee773882b2a3fe4aec6b20d29a0cea9c238ea8f8aa438386be4675e9f91f0cac66397be6220f8b8c9ddb49f9a14cf735fd88bd1684e0e804d1115a7fa6eb9d8dad8e5dd741bf1133f1e28d8321a3f65643ae4e87ea9c8495cbf4ce9cbaae6651845bd97976157b993b9806e9403966e648b9f77bd08265fc21f02e44447d84336e464eceae19adc30bcc7752"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x34, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0xb, 0x6, "093d4b88e14ab5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}, @TCA_FW_MASK={0x8, 0x5, 0x8d37}, @TCA_FW_ACT={0xc0, 0x4, [@m_connmark={0x64, 0x1d, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0xffff0000, 0xc24ba5996f978a81, 0x10000, 0x3}, 0x5}}]}, {0x17, 0x6, "bda5d5437d3d49903c5fe5229718e0677fa6fb"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_connmark={0x58, 0x8, 0x0, 0x0, {{0xd}, {0x4}, {0x26, 0x6, "82fdc54105578b90de160f075541cbf91b45474a4bf836c9297311734d725b2d77c7"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_FW_CLASSID={0x8, 0x1, {0xf, 0xffe0}}, @TCA_FW_MASK={0x8, 0x5, 0x100}, @TCA_FW_MASK={0x8, 0x5, 0x6}]}}]}, 0x790}, 0x1, 0x4000000}, 0x0)

1.808877217s ago: executing program 0 (id=2055):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x6, 0xa}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {0x2, 0xb}, {0xffe0, 0xb}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0xb, 0x5, 0xcac, 0xc}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.776695281s ago: executing program 3 (id=2056):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB="081500000005110400000000000000000100000554"], 0x1508}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x1, 0x0, &(0x7f0000000900)="92", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
writev(r0, &(0x7f0000000040), 0x2)

1.752821657s ago: executing program 4 (id=2057):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = syz_usb_connect(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000540)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, 0xffffffffffffffff, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, 0x0)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfc, 0x0}}, 0x1c)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r7, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4000000)
setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, &(0x7f0000000000), 0x4)
r8 = dup3(r5, r7, 0x0)
sendmsg$key(r8, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40400d5)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r9, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}})

1.745539296s ago: executing program 3 (id=2058):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c8000000020101020000000000000000000000006c00028006000340000400001400"], 0xc8}, 0x1, 0x0, 0x0, 0x4048040}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x8, 0x0)
sendfile(r4, r5, 0x0, 0xc0)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
semctl$SETVAL(0x0, 0x1, 0x8, 0x0)
semctl$SETALL(0x0, 0x0, 0x9, &(0x7f0000000200)=[0x1c, 0x7, 0x9b])

945.214491ms ago: executing program 0 (id=2059):
syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020900102505a1a44000000001010902440001fd00000009040000ff0202ffff052406000005240000000d240f0100000000000000000009e6ed71c02ca9086e090582022000000000090503020815"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, &(0x7f0000000380), &(0x7f0000000480)='GPL\x00', 0x7ff, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0xc, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5da}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006200000050005000a00000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002500)=ANY=[@ANYBLOB="4c0000000906010200000000000000000500ffff240007801800018014000240fe8000000000000000000000000000aa08000a40000000020900020073797a31000000000500010007"], 0x4c}}, 0x4000080)

805.484666ms ago: executing program 3 (id=2060):
getpgid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x7, &(0x7f0000006680))
r3 = fsopen(&(0x7f0000000140)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x1000d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3c}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x404, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c0800002c0007012bbd700000000000077c00000c00018006000600843b000009000280040071008c0000000800e400", @ANYRES32, @ANYBLOB="2d0529800c00f800030000000000000004006080fa003b800400df00c1becb03dbe55b6c782cebd6a7bc78a21d1bc9f3c1bd441ada5266780599eaf18965bbfcc07c2037129672275c399e1e03f8a0664d807385cc4d566f230400db800400498096d9641e8b1887b25501b11ecd71313a47df368b078d7b825bff33b9eab3964d7b2394b1950c7aeaba6014fe2cd33c89fd070ce0f1f306494a44adf6609d8ad55a5080b36b05cb0b9a57833b14fcd62c0aba0ac67f03b20e87ba6f3610a5bd1d3369ae014c8036c1e596b800991698810ff706e98871c17ad581b0695476273ac6c33a7a51d4a44a5b95684befe95ef49b03458bce89d87355f35b766b242b9f98b661269bb9255d836fb4e30d0000c72ec5561adf6112ca278273b4af42597e7bfa1f5c228f13161b34517c92bc352c017afac22d14047e6fbdc61536f9e51738ea935cb2a577ec2b788433bc13a9e976cfee267f36d988b766a29632c84c94d4cf31d780ef683293d7eacfc93f248d137affcae7cffa699237ea9c74919850dc164f1483f3f352bf7dd787191705b26936e1d090526b6ac5765df318f160cc84b15b94c662cf92611c9eb0b92bfbd3512bffed96a4150d653e130625b6ae5a78da2c4b9c70c736a224b18d89222095fbc4c61bcad1eb73be9c6efaaae48f871223694999b2a925a37138be8220008180cc20e57a92076b2308003200", @ANYRES32, @ANYBLOB="040044800800c800e00000027a01f380a2b4c1dbd4f221c0a1fd468ca63ae97de147e5bc2d0313377dc17591b491acf18312bee324decf810970090c77ec4ca173b12577aeb13c354245be77050365697b3b4707060c00045e46d612b09c487d7c9c94f778c0a015ecfa70d229085252956142772f9ff5a61a9b7fbc6712f8e64566b7ade87d293b81bd3cd1b2ad2852dc1dbb07d54f5544759f0eb23131b5780de6354f0714b2c5b86323969d0b4f5bd8c4489e0e7471c6a84feb9dead9d156d060a9373c7f80f4f1ec2a87efdeceec8d99c9664ee184f112929fe92da18f26929f98233f18dcbe0c638c040061800400058012fc33716331943112df1a6d89852782e376609e4a38717148d34e9d36191fe607748ad822c89800b204bd5831c55511fc4e85d09c44ef3be8ce710d034d394057d88e12db87eb032cd30fdcb489cd5ac92a44f96b6e463971c730796efaab04ce1b42faea757fc0a50c4feef468c80d7cac7db3bfd67140c04f88892b1d19a91ac5d2bef2af704fed3f92e84f78f98e97b8460000602ca31cc4edb57168863fe0e930a6030e47048c91da29a2c691894cd27b28480642302c6816b308d3eaceb9c1404c696e8a2deb97c278ca9d9b1ea4aa17255b400acdda233dde73b32098f837494e43a67bbb722f105f5ae23d8e4c9586ac0ff8c1c6c330601a9c007659ce63c0387d6692d791abdb14b8b66d6b30e5556865a6e97922f3fddcfd1a7e2cbf30b30479b4f7b824b49b1a8e5cd1ec171c8fd41bc3b14ced446eadedd90178f121d6e4d3ae3031231f39fcad0501455538f57fc305f449144d0e4f1f642ff19c53dea5322d30d680f6efdce4f7310225fa8e8a3035d925f51090e4fa74346825d16d400b9cea013e88ea47db2efbbbe73c3ae0059974efa840d4ee88ae1f85d6ba36caa8df64cbf4c1716de586b6fce1424c8bc3a0218953ea42dc7e83bda5a4319b59d7926fe04553fe79056a397ea85f6255d093a345aaf5f3d91cdce17cc9d38493e7eb952b132dc8f7953706ea7b7ff81e88a2a87f18730ca7f6f16f2c23b85f549a8b0cce6f8f0ec61fa8ba01aa114fbd63373ae3189338aa5f585a6d454733937712eb5a4cbd810c91bf5f19e0a508db8a57bdd8000000960203"], 0x85c}, 0x1, 0x0, 0x0, 0x24048011}, 0xc000)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/comedi1\x00', 0x20200, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000300)={'aio_iiro_16\x00', [0x4f23, 0x7f, 0x1, 0x3, 0x1, 0xdea7, 0xc, 0x3, 0xa, 0xa6, 0xfffffffa, 0xffffffff, 0x401, 0x8000001, 0x6, 0x101, 0xf7fffffe, 0x5, 0x2, 0x40000001, 0x8c, 0xca9f, 0x0, 0x20001e58, 0xb, 0xc3, 0x3, 0x5, 0x800081, 0x0, 0x4]})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r6, 0x8b2a, &(0x7f0000000040))

333.38172ms ago: executing program 1 (id=2061):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x7ff, 0x100000000, 0x6eb, 0x5, 0x7, 0x2c0b}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {0x2, 0xb}, {0xffe0, 0xb}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x1, 0xe}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

225.491181ms ago: executing program 1 (id=2062):
syz_usb_connect(0x5, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000006c055080a115014cb62010203010902120001fe0000000904"], 0x0)

0s ago: executing program 3 (id=2063):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getpid()
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket(0x2b, 0x1, 0x1)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x5)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r3, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

ivered TRANSACTION_ERROR: 29201
[  156.354575][ T7415] binder: 7410:7415 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  156.368217][ T7415] binder: 7415 RLIMIT_NICE not set
[  156.388978][ T7415] binder: 7410:7415 got reply transaction with no transaction stack
[  156.390456][ T7415] binder: 7410:7415 transaction reply to 0:0 failed 276/29201/-71, size 0-0 line 2946
[  156.572324][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.600977][   T22] usb 1-1: USB disconnect, device number 4
[  156.663418][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.666433][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.671594][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.673253][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.675985][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.112045][   T22] binder: undelivered TRANSACTION_ERROR: 29201
[  157.113263][   T22] binder: undelivered TRANSACTION_ERROR: 29201
[  157.139585][ T7443] loop6: detected capacity change from 0 to 7
[  157.141044][ T7443] Dev loop6: unable to read RDB block 7
[  157.147555][ T7443]  loop6: AHDI p1 p2 p3
[  157.148261][ T7443] loop6: partition table partially beyond EOD, truncated
[  157.153954][ T7443] loop6: p1 start 1601398130 is beyond EOD, truncated
[  157.159620][ T7443] loop6: p2 start 1702059890 is beyond EOD, truncated
[  161.532491][   T22] net_ratelimit: 34 callbacks suppressed
[  161.532505][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.534776][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.536121][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.537399][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.773579][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.775166][ T4371] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.775211][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.777903][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.778784][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.780483][  T247] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.732611][   T24] net_ratelimit: 32 callbacks suppressed
[  166.732624][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.734869][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.736249][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.737482][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.893613][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.972354][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.301901][ T7473] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1057'.
[  167.305762][ T7473] device vlan2 entered promiscuous mode
[  167.306676][ T7473] device bond0 entered promiscuous mode
[  167.307543][ T7473] device bond_slave_0 entered promiscuous mode
[  167.308555][ T7473] device bond_slave_1 entered promiscuous mode
[  167.329155][ T7487] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.330540][ T7487] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.331999][ T7487] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.341567][ T7487] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.278621][ T7522] tipc: Started in network mode
[  168.279532][ T7522] tipc: Node identity ba9972c4efb4, cluster identity 4711
[  168.280775][ T7522] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  168.291941][ T7522] device syzkaller0 entered promiscuous mode
[  168.433259][ T7529] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1072'.
[  168.436054][ T7522] tipc: Resetting bearer <eth:syzkaller0>
[  168.437426][ T7537] loop2: detected capacity change from 0 to 7
[  168.441403][ T7537] Dev loop2: unable to read RDB block 7
[  168.445343][ T7537]  loop2: AHDI p2 p3
[  168.445937][ T7537] loop2: partition table partially beyond EOD, truncated
[  168.447255][ T7520] tipc: Resetting bearer <eth:syzkaller0>
[  168.532879][ T7520] tipc: Disabling bearer <eth:syzkaller0>
[  168.540256][ T7539] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  168.541898][ T7539] device syzkaller0 entered promiscuous mode
[  168.588369][ T7539] tipc: Resetting bearer <eth:syzkaller0>
[  168.595853][ T7538] tipc: Resetting bearer <eth:syzkaller0>
[  168.598066][ T7546] binder: 7545:7546 tried to acquire reference to desc 0, got 1 instead
[  168.604284][ T7546] binder: 7545:7546 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  168.606347][ T7546] binder: 7546 RLIMIT_NICE not set
[  168.607064][ T7546] binder: 7546 RLIMIT_NICE not set
[  168.608869][ T7546] binder: release 7545:7546 transaction 288 out, still active
[  168.610072][ T7546] binder: release 7545:7546 transaction 281 in, still active
[  168.611315][ T7546] binder: undelivered TRANSACTION_COMPLETE
[  168.615076][ T7546] binder: 7546 RLIMIT_NICE not set
[  168.616026][ T7546] binder: 7546 RLIMIT_NICE not set
[  168.616919][ T7546] binder: 7546:7545 reply target not found
[  168.617841][ T7546] binder: 7545:7546 transaction reply to 0:0 failed 289/29189/0, size 0-0 line 2975
[  168.619446][ T7546] binder: send failed reply for transaction 288, target dead
[  168.620600][ T7546] binder: send failed reply for transaction 281 to 7545:7546
[  168.628445][  T112] binder: undelivered TRANSACTION_ERROR: 29190
[  168.629413][  T112] binder: undelivered TRANSACTION_ERROR: 29189
[  168.683186][ T7538] tipc: Disabling bearer <eth:syzkaller0>
[  169.256962][ T7562] fuse: Unknown parameter '0x0000000000000003'
[  169.401215][ T7577] binder: 7576:7577 tried to acquire reference to desc 0, got 1 instead
[  169.407708][ T7577] binder: 7576:7577 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  169.409943][ T7577] binder: 7577 RLIMIT_NICE not set
[  169.410921][ T7577] binder: 7577 RLIMIT_NICE not set
[  169.412186][ T7577] binder: release 7576:7577 transaction 301 out, still active
[  169.779388][ T7594] loop2: detected capacity change from 0 to 7
[  169.786243][ T7594] Dev loop2: unable to read RDB block 7
[  169.787110][ T7594]  loop2: AHDI p2 p3
[  169.787701][ T7594] loop2: partition table partially beyond EOD, truncated
[  169.835895][ T7586] tipc: Started in network mode
[  169.836802][ T7586] tipc: Node identity 4af83d7928e4, cluster identity 4711
[  169.837855][ T7586] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  169.839206][ T7589] device syzkaller0 entered promiscuous mode
[  169.868340][ T3936] Dev loop2: unable to read RDB block 7
[  169.869356][ T3936]  loop2: AHDI p2 p3
[  169.869942][ T3936] loop2: partition table partially beyond EOD, truncated
[  169.882202][ T7595] tipc: Resetting bearer <eth:syzkaller0>
[  169.887227][ T7578] tipc: Resetting bearer <eth:syzkaller0>
[  169.925034][ T7578] tipc: Disabling bearer <eth:syzkaller0>
[  170.049404][ T7606] fuse: Unknown parameter '0x0000000000000003'
[  170.199754][ T7617] team0: Port device syz_tun added
[  170.225421][ T7617] team0: Port device syz_tun removed
[  170.226888][ T7617] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  170.229075][ T7617] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  170.230356][ T7617] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  170.232322][ T7617] device bridge_slave_0 left promiscuous mode
[  170.234316][ T7617] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.284331][ T7617] device bridge_slave_1 left promiscuous mode
[  170.286095][ T7617] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.323790][ T7617] bond0: (slave bond_slave_0): Releasing backup interface
[  170.363236][ T7617] device bond_slave_0 left promiscuous mode
[  170.367854][ T7617] bond0: (slave bond_slave_1): Releasing backup interface
[  170.404693][ T7617] device bond_slave_1 left promiscuous mode
[  170.415128][ T7617] team0: Port device team_slave_0 removed
[  170.422525][ T7617] team0: Port device team_slave_1 removed
[  170.423789][ T7617] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  170.424977][ T7617] batman_adv: batadv0: Removing interface: batadv_slave_0
[  170.426800][ T7617] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.427960][ T7617] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.432243][ T7617] bond1: (slave gretap1): Releasing active interface
[  170.488115][ T3936] Dev loop2: unable to read RDB block 7
[  170.489145][ T3936]  loop2: AHDI p2 p3
[  170.489816][ T3936] loop2: partition table partially beyond EOD, truncated
[  170.557694][ T4322] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  170.559417][ T4322] CPU: 1 PID: 4322 Comm: kworker/u5:1 Not tainted syzkaller #0
[  170.560599][ T4322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  170.562163][ T4322] Workqueue: hci3 hci_rx_work
[  170.562909][ T4322] Call trace:
[  170.563469][ T4322]  dump_backtrace+0x1c0/0x1ec
[  170.564260][ T4322]  show_stack+0x2c/0x3c
[  170.564431][ T7624] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1106'.
[  170.564941][ T4322]  __dump_stack+0x30/0x40
[  170.566982][ T4322]  dump_stack_lvl+0xf4/0x15c
[  170.567643][ T4322]  dump_stack+0x1c/0x5c
[  170.568231][ T4322]  sysfs_create_dir_ns+0x244/0x264
[  170.568938][ T4322]  kobject_add_internal+0x598/0xb08
[  170.569639][ T4322]  kobject_add+0x140/0x20c
[  170.570274][ T4322]  device_add+0x3f0/0xf90
[  170.570999][ T4322]  hci_conn_add_sysfs+0xbc/0x1c8
[  170.571832][ T4322]  le_conn_complete_evt+0xcc8/0x1244
[  170.572640][ T4322]  hci_le_conn_complete_evt+0x114/0x3f4
[  170.573532][ T4322]  hci_le_meta_evt+0x2c0/0x4a0
[  170.574337][ T4322]  hci_event_packet+0x6b8/0xf18
[  170.575104][ T4322]  hci_rx_work+0x324/0xa80
[  170.575804][ T4322]  process_one_work+0x7f8/0x13a4
[  170.576531][ T4322]  worker_thread+0x8c4/0xfec
[  170.577261][ T4322]  kthread+0x250/0x2d8
[  170.577971][ T4322]  ret_from_fork+0x10/0x20
[  170.580243][ T4322] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  170.582395][ T4322] Bluetooth: hci3: failed to register connection device
[  171.069845][ T7632] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  171.071397][ T7632] device syzkaller0 entered promiscuous mode
[  171.078059][ T7632] tipc: Resetting bearer <eth:syzkaller0>
[  171.080387][ T7631] tipc: Resetting bearer <eth:syzkaller0>
[  171.142988][ T7631] tipc: Disabling bearer <eth:syzkaller0>
[  171.233462][ T7635] fuse: Unknown parameter '0x0000000000000003'
[  171.357763][ T7644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.359364][ T7644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.508225][ T7648] loop2: detected capacity change from 0 to 7
[  171.511290][ T7485] Dev loop2: unable to read RDB block 7
[  171.512213][ T7485]  loop2: AHDI p2 p3
[  171.513256][ T7485] loop2: partition table partially beyond EOD, truncated
[  171.519795][ T7648] Dev loop2: unable to read RDB block 7
[  171.520788][ T7648]  loop2: AHDI p2 p3
[  171.521582][ T7648] loop2: partition table partially beyond EOD, truncated
[  171.616542][ T7654] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1117'.
[  171.619604][ T7654] device vlan2 entered promiscuous mode
[  171.630682][ T7654] device bond0 entered promiscuous mode
[  171.631639][ T7654] device bond_slave_0 entered promiscuous mode
[  171.638298][ T7654] device bond_slave_1 entered promiscuous mode
[  171.638500][ T3936] Dev loop2: unable to read RDB block 7
[  171.644826][ T3936]  loop2: AHDI p2 p3
[  171.645458][ T3936] loop2: partition table partially beyond EOD, truncated
[  171.694048][ T3936] Dev loop2: unable to read RDB block 7
[  171.694971][ T3936]  loop2: AHDI p2 p3
[  171.695597][ T3936] loop2: partition table partially beyond EOD, truncated
[  171.737978][ T7661] fuse: Unknown parameter '0x0000000000000003'
[  171.753746][ T3936] Dev loop2: unable to read RDB block 7
[  171.754618][ T3936]  loop2: AHDI p2 p3
[  171.755234][ T3936] loop2: partition table partially beyond EOD, truncated
[  171.794616][ T7657] tipc: Started in network mode
[  171.795478][ T7657] tipc: Node identity 020b64dcafc2, cluster identity 4711
[  171.796627][ T7657] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  171.809703][ T7657] device syzkaller0 entered promiscuous mode
[  171.820721][ T7657] tipc: Resetting bearer <eth:syzkaller0>
[  171.821859][ T7669] binder: BINDER_SET_CONTEXT_MGR already set
[  171.823044][ T7669] binder: 7668:7669 ioctl 4018620d 20004a80 returned -16
[  171.829559][ T7656] tipc: Resetting bearer <eth:syzkaller0>
[  171.834469][ T3936] Dev loop2: unable to read RDB block 7
[  171.835782][ T3936]  loop2: AHDI p2 p3
[  171.836370][ T3936] loop2: partition table partially beyond EOD, truncated
[  171.865840][ T4322] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  171.892819][ T7656] tipc: Disabling bearer <eth:syzkaller0>
[  171.932801][ T4372] net_ratelimit: 54 callbacks suppressed
[  171.932813][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.935145][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.936531][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.937940][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.024679][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.024841][ T4371] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.027879][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.029337][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.031135][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.032952][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.248668][ T3936] Dev loop2: unable to read RDB block 7
[  172.249827][ T3936]  loop2: AHDI p2 p3
[  172.250433][ T3936] loop2: partition table partially beyond EOD, truncated
[  172.684969][ T7689] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1132'.
[  172.726055][ T7691] fuse: Unknown parameter 'fd0x0000000000000003'
[  173.003280][ T7704] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.007218][ T7704] device syzkaller0 entered promiscuous mode
[  173.020515][ T7704] tipc: Resetting bearer <eth:syzkaller0>
[  173.025976][ T7703] tipc: Resetting bearer <eth:syzkaller0>
[  173.082822][ T7703] tipc: Disabling bearer <eth:syzkaller0>
[  173.142994][ T7717] binder: BINDER_SET_CONTEXT_MGR already set
[  173.144018][ T7717] binder: 7716:7717 ioctl 4018620d 20004a80 returned -16
[  173.173096][ T7715] loop2: detected capacity change from 0 to 7
[  173.193276][ T7715] Dev loop2: unable to read RDB block 7
[  173.194174][ T7715]  loop2: AHDI p2 p3
[  173.194863][ T7715] loop2: partition table partially beyond EOD, truncated
[  173.216337][ T7720] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.219189][ T7720] device syzkaller0 entered promiscuous mode
[  173.232498][ T7720] tipc: Resetting bearer <eth:syzkaller0>
[  173.237098][ T7718] tipc: Resetting bearer <eth:syzkaller0>
[  173.293428][ T7718] tipc: Disabling bearer <eth:syzkaller0>
[  173.465556][ T7728] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1146'.
[  173.469172][ T7728] device vlan2 entered promiscuous mode
[  173.470294][ T7728] device bond0 entered promiscuous mode
[  173.471147][ T7728] device bond_slave_0 entered promiscuous mode
[  173.474156][ T7728] device bond_slave_1 entered promiscuous mode
[  173.731190][ T3936] Dev loop2: unable to read RDB block 7
[  173.732235][ T3936]  loop2: AHDI p2 p3
[  173.735711][ T3936] loop2: partition table partially beyond EOD, truncated
[  173.755785][ T7733] binder_user_error: 28 callbacks suppressed
[  173.755795][ T7733] binder: tried to use weak ref as strong ref
[  173.757778][ T7733] binder: 7731:7733 Acquire 1 refcount change on invalid ref 0 ret -22
[  173.759272][ T7733] binder: 7731:7733 got transaction to invalid handle, 1
[  173.760389][ T7733] binder_debug: 34 callbacks suppressed
[  173.760394][ T7733] binder: 7733:7731 cannot find target node
[  173.768072][ T7733] binder: 7731:7733 transaction call to 0:0 failed 340/29201/-22, size 72-24 line 3045
[  173.775738][ T7733] binder: 7731:7733 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  173.778070][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  173.816440][ T7739] binder: 7738:7739 IncRefs 0 refcount change on invalid ref 0 ret -22
[  173.819307][ T7739] binder: 7738:7739 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  173.829400][ T7739] binder: 7739 RLIMIT_NICE not set
[  173.871040][ T7742] binder: 7738:7742 got transaction to invalid handle, 3
[  173.872144][ T7742] binder: 7742:7738 cannot find target node
[  173.873570][ T7742] binder: 7738:7742 transaction call to 0:0 failed 342/29201/-22, size 0-0 line 3045
[  173.875252][ T7742] binder: undelivered TRANSACTION_ERROR: 29201
[  173.876250][ T7742] binder: 7738:7742 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  173.878061][ T7742] binder: 7742 RLIMIT_NICE not set
[  173.975328][ T4371] binder: undelivered TRANSACTION_ERROR: 29201
[  173.984425][ T7744] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.986034][ T7744] device syzkaller0 entered promiscuous mode
[  174.000423][ T7744] tipc: Resetting bearer <eth:syzkaller0>
[  174.005275][ T7743] tipc: Resetting bearer <eth:syzkaller0>
[  174.062884][ T7743] tipc: Disabling bearer <eth:syzkaller0>
[  174.520280][ T7763] fuse: Bad value for 'fd'
[  174.678220][ T7782] binder: 7781:7782 ioctl c0306201 0 returned -14
[  174.683954][ T7782] binder: 7782:7781 cannot find target node
[  174.684906][ T7782] binder: 7781:7782 transaction call to 0:0 failed 346/29201/-22, size 72-24 line 3045
[  174.738016][ T7787] binder: 7787:7781 cannot find target node
[  174.832732][ T7784] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  174.837745][ T7784] device syzkaller0 entered promiscuous mode
[  174.917255][ T7783] tipc: Resetting bearer <eth:syzkaller0>
[  175.013651][ T7783] tipc: Disabling bearer <eth:syzkaller0>
[  175.675158][ T7825] kAFS: unable to lookup cell '(,c¾Ì'
[  176.157183][ T7836] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  176.158823][ T7836] device syzkaller0 entered promiscuous mode
[  176.238595][ T7847] fuse: Unknown parameter 'user_id00000000000000000000'
[  176.244141][ T7835] tipc: Resetting bearer <eth:syzkaller0>
[  176.270758][ T7850] binder: 7849:7850 ioctl c0306201 0 returned -14
[  176.325793][ T7835] tipc: Disabling bearer <eth:syzkaller0>
[  176.403871][ T1887] block nbd0: Attempted send on invalid socket
[  176.405015][ T1887] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  176.982569][  T112] net_ratelimit: 75 callbacks suppressed
[  176.982584][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.984954][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.133301][ T4371] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.134769][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.136191][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.137668][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.138913][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.366268][ T7886] fuse: Unknown parameter 'user_id00000000000000000000'
[  177.372323][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.527724][ T7891] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  177.529226][ T7891] device syzkaller0 entered promiscuous mode
[  177.542423][ T4338] Bluetooth: hci3: command 0x0406 tx timeout
[  177.569865][ T7890] tipc: Resetting bearer <eth:syzkaller0>
[  177.577585][ T7902] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1201'.
[  177.632192][ T7906] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1200'.
[  177.653405][ T7890] tipc: Disabling bearer <eth:syzkaller0>
[  177.732840][ T7910] binder: 7909:7910 ioctl c0306201 0 returned -14
[  178.092535][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.172471][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.450532][ T7920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.452715][ T7920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.734912][ T7932] binder: 7931:7932 ioctl 4018620d 0 returned -22
[  178.786109][ T7930] loop2: detected capacity change from 0 to 7
[  178.788011][ T7485] Dev loop2: unable to read RDB block 7
[  178.788871][ T7485]  loop2: AHDI p2 p3
[  178.789482][ T7485] loop2: partition table partially beyond EOD, truncated
[  178.799954][ T7933] binder_user_error: 22 callbacks suppressed
[  178.799962][ T7933] binder: 7931:7933 got transaction to invalid handle, 3
[  178.801965][ T7933] binder_debug: 17 callbacks suppressed
[  178.801977][ T7933] binder: 7933:7931 cannot find target node
[  178.805331][ T7933] binder: 7931:7933 transaction call to 0:0 failed 361/29201/-22, size 0-0 line 3045
[  178.806912][ T7933] binder: undelivered TRANSACTION_ERROR: 29201
[  178.814531][ T7933] binder: 7931:7933 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  178.816370][ T7933] binder: 7933 RLIMIT_NICE not set
[  178.817351][ T7933] binder: 7931:7933 got reply transaction with no transaction stack
[  178.823211][ T7933] binder: 7931:7933 transaction reply to 0:0 failed 362/29201/-71, size 0-0 line 2946
[  179.061137][ T7930] Dev loop2: unable to read RDB block 7
[  179.110633][ T7936] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1211'.
[  179.122558][ T7930]  loop2: AHDI p2 p3
[  179.123211][ T7930] loop2: partition table partially beyond EOD, truncated
[  179.159363][ T7936] bridge1: port 1(bond0) entered blocking state
[  179.160491][ T7936] bridge1: port 1(bond0) entered disabled state
[  179.165282][ T7936] device bond0 entered promiscuous mode
[  179.168262][ T7936] device bond_slave_0 entered promiscuous mode
[  179.169367][ T7936] device bond_slave_1 entered promiscuous mode
[  179.171144][ T7936] bridge1: port 1(bond0) entered blocking state
[  179.172211][ T7936] bridge1: port 1(bond0) entered forwarding state
[  179.250407][ T7938] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1212'.
[  179.329776][ T7940] fuse: Bad value for 'fd'
[  179.582789][ T3898] binder: undelivered TRANSACTION_ERROR: 29201
[  179.583823][ T3898] binder: undelivered TRANSACTION_ERROR: 29201
[  179.679406][ T7952] binder: 7951:7952 got transaction to invalid handle, 1
[  179.684442][ T7952] binder: 7952:7951 cannot find target node
[  179.685361][ T7952] binder: 7951:7952 transaction call to 0:0 failed 366/29201/-22, size 72-24 line 3045
[  179.685688][ T7950] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  179.691120][ T7952] binder: 7951:7952 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  179.696457][ T7952] binder: 7952 RLIMIT_NICE not set
[  179.699973][ T7950] device syzkaller0 entered promiscuous mode
[  179.709498][ T7950] tipc: Resetting bearer <eth:syzkaller0>
[  179.742198][ T7957] binder: 7951:7957 got transaction to invalid handle, 3
[  179.743761][ T7957] binder: 7957:7951 cannot find target node
[  179.744650][ T7957] binder: 7951:7957 transaction call to 0:0 failed 367/29201/-22, size 0-0 line 3045
[  179.746925][ T7957] binder: 7951:7957 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  179.748986][ T7957] binder: 7957 RLIMIT_NICE not set
[  179.784555][ T7949] tipc: Resetting bearer <eth:syzkaller0>
[  179.842885][ T7949] tipc: Disabling bearer <eth:syzkaller0>
[  179.906918][ T7963] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1223'.
[  179.965255][ T7970] binder: 7969:7970 ioctl 4018620d 0 returned -22
[  180.825730][ T7983] device syzkaller0 entered promiscuous mode
[  180.867235][ T7986] loop2: detected capacity change from 0 to 7
[  180.871452][ T7986] Dev loop2: unable to read RDB block 7
[  180.878501][ T7986]  loop2: AHDI p2 p3
[  180.879110][ T7986] loop2: partition table partially beyond EOD, truncated
[  180.929315][ T3936] Dev loop2: unable to read RDB block 7
[  180.930419][ T3936]  loop2: AHDI p2 p3
[  180.930985][ T3936] loop2: partition table partially beyond EOD, truncated
[  181.003436][ T3936] Dev loop2: unable to read RDB block 7
[  181.004412][ T3936]  loop2: AHDI p2 p3
[  181.004975][ T3936] loop2: partition table partially beyond EOD, truncated
[  181.185899][ T8001] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1236'.
[  181.205437][ T3936] Dev loop2: unable to read RDB block 7
[  181.206319][ T3936]  loop2: AHDI p2 p3
[  181.207043][ T3936] loop2: partition table partially beyond EOD, truncated
[  181.540749][ T8018] binder: BINDER_SET_CONTEXT_MGR already set
[  181.541953][ T8018] binder: 8017:8018 ioctl 4018620d 20004a80 returned -16
[  181.581380][ T3936] Dev loop2: unable to read RDB block 7
[  181.582396][ T3936]  loop2: AHDI p2 p3
[  181.582967][ T3936] loop2: partition table partially beyond EOD, truncated
[  182.062981][ T8027] loop2: detected capacity change from 0 to 3
[  182.064842][ T8027] Dev loop2: unable to read RDB block 3
[  182.065834][ T8027]  loop2: AHDI p2 p3
[  182.066377][ T8027] loop2: partition table partially beyond EOD, truncated
[  182.067688][ T8027] loop2: p2 start 1702059890 is beyond EOD, truncated
[  182.100146][ T8029] =======================================================
[  182.100146][ T8029] WARNING: The mand mount option has been deprecated and
[  182.100146][ T8029]          and is ignored by this kernel. Remove the mand
[  182.100146][ T8029]          option from the mount to silence this warning.
[  182.100146][ T8029] =======================================================
[  182.130871][ T8031] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1247'.
[  182.156348][ T8033] device syzkaller0 entered promiscuous mode
[  182.332595][   T22] net_ratelimit: 36 callbacks suppressed
[  182.332608][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.335132][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.336627][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.337956][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.572373][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.575598][ T8056] fuse: Unknown parameter '0x0000000000000003'
[  182.650104][ T8064] loop2: detected capacity change from 0 to 3
[  182.651488][ T8064] Dev loop2: unable to read RDB block 3
[  182.652496][   T22] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  182.653696][ T8064]  loop2: AHDI p2 p3
[  182.655376][ T8064] loop2: partition table partially beyond EOD, truncated
[  182.657186][ T8064] loop2: p2 start 1702059890 is beyond EOD, truncated
[  182.725194][ T8069] loop2: detected capacity change from 0 to 7
[  182.727766][ T8047] Dev loop2: unable to read RDB block 7
[  182.728618][ T8047]  loop2: AHDI p2 p3
[  182.729245][ T8047] loop2: partition table partially beyond EOD, truncated
[  182.738486][ T8069] Dev loop2: unable to read RDB block 7
[  182.739425][ T8069]  loop2: AHDI p2 p3
[  182.740175][ T8069] loop2: partition table partially beyond EOD, truncated
[  182.823738][ T8074] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1259'.
[  182.832323][   T22] usb 1-1: Using ep0 maxpacket: 16
[  182.835012][   T22] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  182.836577][   T22] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  182.839536][   T22] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  182.840949][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.842385][   T22] usb 1-1: Product: syz
[  182.842985][   T22] usb 1-1: Manufacturer: syz
[  182.844392][   T22] usb 1-1: SerialNumber: syz
[  182.848552][   T22] r8152-cfgselector 1-1: config 0 descriptor??
[  182.892498][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.052068][   T22] usbip-host 1-1: 1-1 is not in match_busid table... skip!
[  183.062707][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.064238][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.212529][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.372583][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.523042][ T8081] binder: BINDER_SET_CONTEXT_MGR already set
[  183.524070][ T8081] binder: 8080:8081 ioctl 4018620d 20004a80 returned -16
[  183.677076][ T8086] fuse: Unknown parameter '0x0000000000000003'
[  183.738082][ T8088] device syzkaller0 entered promiscuous mode
[  184.195640][ T8103] loop2: detected capacity change from 0 to 3
[  184.197572][ T8103] Dev loop2: unable to read RDB block 3
[  184.198598][ T8103]  loop2: AHDI p2 p3
[  184.199199][ T8103] loop2: partition table partially beyond EOD, truncated
[  184.200573][ T8103] loop2: p2 start 1702059890 is beyond EOD, truncated
[  184.347702][ T3898] binder_debug: 31 callbacks suppressed
[  184.347716][ T3898] binder: undelivered TRANSACTION_ERROR: 29201
[  184.365132][ T8109] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1270'.
[  184.446155][ T8111] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  184.448153][ T8111] device syzkaller0 entered promiscuous mode
[  184.763235][ T8119] tipc: Resetting bearer <eth:syzkaller0>
[  184.771685][ T8110] tipc: Resetting bearer <eth:syzkaller0>
[  184.807345][ T8120] loop2: detected capacity change from 0 to 7
[  184.809085][ T8047] Dev loop2: unable to read RDB block 7
[  184.810022][ T8047]  loop2: AHDI p2 p3
[  184.810614][ T8047] loop2: partition table partially beyond EOD, truncated
[  184.817391][ T8120] Dev loop2: unable to read RDB block 7
[  184.818317][ T8120]  loop2: AHDI p2 p3
[  184.819297][ T8120] loop2: partition table partially beyond EOD, truncated
[  184.923334][ T8110] tipc: Disabling bearer <eth:syzkaller0>
[  185.058350][ T8124] fuse: Unknown parameter '0x0000000000000003'
[  185.123373][ T8128] device syzkaller0 entered promiscuous mode
[  185.180302][ T3936] Dev loop2: unable to read RDB block 7
[  185.181383][ T3936]  loop2: AHDI p2 p3
[  185.181990][ T3936] loop2: partition table partially beyond EOD, truncated
[  185.281707][ T3936] Dev loop2: unable to read RDB block 7
[  185.282989][ T3936]  loop2: AHDI p2 p3
[  185.283579][ T3936] loop2: partition table partially beyond EOD, truncated
[  185.320149][ T8135] loop2: detected capacity change from 0 to 3
[  185.323688][ T8047] Dev loop2: unable to read RDB block 3
[  185.324626][ T8047]  loop2: AHDI p2 p3
[  185.325269][ T8047] loop2: partition table partially beyond EOD, truncated
[  185.326699][ T8047] loop2: p2 start 1702059890 is beyond EOD, truncated
[  185.336106][ T8135] Dev loop2: unable to read RDB block 3
[  185.337868][ T8135]  loop2: AHDI p2 p3
[  185.338605][ T8135] loop2: partition table partially beyond EOD, truncated
[  185.340198][ T8135] loop2: p2 start 1702059890 is beyond EOD, truncated
[  185.406811][ T3898] usb 1-1: USB disconnect, device number 5
[  185.448526][ T8146] binder: BINDER_SET_CONTEXT_MGR already set
[  185.449654][ T8146] binder: 8145:8146 ioctl 4018620d 20004a80 returned -16
[  185.451693][ T8146] binder_user_error: 28 callbacks suppressed
[  185.451700][ T8146] binder: 8145:8146 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  185.461671][ T8146] binder: 8146 RLIMIT_NICE not set
[  185.469396][ T8140] device syzkaller0 entered promiscuous mode
[  185.503087][ T8147] binder: 8145:8147 got transaction to invalid handle, 3
[  185.504362][ T8147] binder: 8147:8145 cannot find target node
[  185.505193][ T8147] binder: 8145:8147 transaction call to 0:0 failed 390/29201/-22, size 0-0 line 3045
[  185.506748][ T8147] binder: undelivered TRANSACTION_ERROR: 29201
[  185.507832][ T8147] binder: 8145:8147 got reply transaction with no transaction stack
[  185.509022][ T8147] binder: 8145:8147 transaction reply to 0:0 failed 391/29201/-71, size 0-0 line 2946
[  185.565129][ T8149] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1281'.
[  185.618573][ T8155] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.620267][ T8155] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.660774][ T8159] fuse: Unknown parameter '0x0000000000000003'
[  185.752166][ T8165] loop2: detected capacity change from 0 to 3
[  185.762780][ T8165] Dev loop2: unable to read RDB block 3
[  185.763637][ T8165]  loop2: AHDI p2 p3
[  185.764281][ T8165] loop2: partition table partially beyond EOD, truncated
[  185.765458][ T8165] loop2: p2 start 1702059890 is beyond EOD, truncated
[  185.819934][ T8167] loop2: detected capacity change from 0 to 7
[  185.828158][ T8169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.837704][ T8169] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.860948][ T8047] Dev loop2: unable to read RDB block 7
[  185.861931][ T8047]  loop2: AHDI p2 p3
[  185.862769][ T8047] loop2: partition table partially beyond EOD, truncated
[  185.867157][ T8171] device syzkaller0 entered promiscuous mode
[  185.914626][ T8167] Dev loop2: unable to read RDB block 7
[  185.941114][ T8167]  loop2: AHDI p2 p3
[  185.941923][ T8167] loop2: partition table partially beyond EOD, truncated
[  186.288272][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  186.326803][ T8181] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1293'.
[  186.377961][ T8185] device syzkaller0 entered promiscuous mode
[  186.389815][ T8188] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1295'.
[  186.583124][ T8196] fuse: Unknown parameter '0x0000000000000003'
[  187.337950][ T8219] loop2: detected capacity change from 0 to 3
[  187.339644][ T8219] Dev loop2: unable to read RDB block 3
[  187.340593][ T8219]  loop2: AHDI p2 p3
[  187.341214][ T8219] loop2: partition table partially beyond EOD, truncated
[  187.343174][ T8219] loop2: p2 start 1702059890 is beyond EOD, truncated
[  187.372570][   T24] net_ratelimit: 25 callbacks suppressed
[  187.372581][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.379231][  T247] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.381021][ T4371] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.383764][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.383962][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  187.388539][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[  187.532511][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.533992][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.535385][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.536882][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.772316][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.572522][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.876156][ T8224] binder: 8223:8224 tried to acquire reference to desc 0, got 1 instead
[  188.877859][ T8224] binder_alloc: 8223: binder_alloc_buf, no vma
[  188.878801][ T8224] binder: cannot allocate buffer: vma cleared, target dead or dying
[  188.878838][ T8224] binder: 8223:8224 transaction call to 8223:0 failed 396/29189/-3, size 72-24 line 3230
[  188.881801][ T8224] binder: 8223:8224 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  188.885895][   T24] binder: undelivered TRANSACTION_ERROR: 29189
[  188.908561][ T8226] binder: 8225:8226 ioctl c0306201 0 returned -14
[  188.911069][ T8226] binder: 8225:8226 got transaction to invalid handle, 1
[  188.912220][ T8226] binder: 8226:8225 cannot find target node
[  188.914227][ T8226] binder: 8225:8226 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  188.916106][ T8226] binder: 8226 RLIMIT_NICE not set
[  188.965044][ T8227] binder: 8225:8227 got transaction to invalid handle, 3
[  189.741709][   T22] binder_debug: 5 callbacks suppressed
[  189.741724][   T22] binder: undelivered TRANSACTION_ERROR: 29201
[  189.743771][   T22] binder: undelivered TRANSACTION_ERROR: 29201
[  192.493358][  T112] net_ratelimit: 26 callbacks suppressed
[  192.493372][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.496001][ T6381] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.500586][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.506786][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.732560][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.733830][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.734996][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.736330][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.972342][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.302413][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.291881][ T8229] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1304'.
[  197.340720][ T8247] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1307'.
[  197.435417][ T8255] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1308'.
[  197.516883][ T8266] binder_user_error: 3 callbacks suppressed
[  197.516892][ T8266] binder: tried to use weak ref as strong ref
[  197.519571][ T8266] binder: 8265:8266 Acquire 1 refcount change on invalid ref 0 ret -22
[  197.521465][ T8266] binder: 8265:8266 got transaction to invalid handle, 1
[  197.522787][ T8266] binder: 8266:8265 cannot find target node
[  197.523616][ T8266] binder: 8265:8266 transaction call to 0:0 failed 405/29201/-22, size 72-24 line 3045
[  197.559792][ T8268] binder: 8267:8268 ioctl c0306201 0 returned -14
[  197.566769][ T8268] binder: 8267:8268 got transaction to invalid handle, 1
[  197.568029][ T8268] binder: 8268:8267 cannot find target node
[  197.568901][ T8268] binder: 8267:8268 transaction call to 0:0 failed 409/29201/-22, size 72-24 line 3045
[  197.574564][ T8268] binder: 8267:8268 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  197.576761][ T8268] binder: 8268 RLIMIT_NICE not set
[  197.587678][ T8270] binder: 8252:8270 IncRefs 0 refcount change on invalid ref 0 ret -22
[  197.626239][ T8271] binder: 8267:8271 got transaction to invalid handle, 3
[  197.627440][ T8271] binder: 8271:8267 cannot find target node
[  197.628313][ T8271] binder: 8267:8271 transaction call to 0:0 failed 410/29201/-22, size 0-0 line 3045
[  197.632638][ T8271] binder: undelivered TRANSACTION_ERROR: 29201
[  197.635914][ T8271] binder: 8267:8271 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  197.637848][ T8271] binder: 8271 RLIMIT_NICE not set
[  197.641933][ T8271] binder: 8267:8271 transaction reply to 0:0 failed 411/29201/-71, size 0-0 line 2946
[  197.932606][ T4372] net_ratelimit: 25 callbacks suppressed
[  197.932619][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.934822][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.936084][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.937367][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.172376][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.262750][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.264240][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.325648][ T8276] device syzkaller0 entered promiscuous mode
[  198.397732][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[  198.398742][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[  198.572427][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.972581][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.974020][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.132490][ T4372] net_ratelimit: 37 callbacks suppressed
[  203.132505][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.134639][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.135832][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.137204][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.382331][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.172665][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.174033][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.175479][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.176825][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.332424][ T4371] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.332533][   T22] net_ratelimit: 26 callbacks suppressed
[  208.332546][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.334825][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.336119][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.412401][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.492416][ T4371] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.572301][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.164054][ T8279] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1318'.
[  209.304159][ T8332] binder_user_error: 1 callbacks suppressed
[  209.304168][ T8332] binder: tried to use weak ref as strong ref
[  209.306145][ T8332] binder: 8331:8332 Acquire 1 refcount change on invalid ref 0 ret -22
[  209.307798][ T8332] binder: 8331:8332 got transaction to invalid handle, 1
[  209.308854][ T8332] binder: 8332:8331 cannot find target node
[  209.309716][ T8332] binder: 8331:8332 transaction call to 0:0 failed 414/29201/-22, size 72-24 line 3045
[  209.391808][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.393277][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.440792][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.491889][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.680254][ T8336] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1328'.
[  209.704297][ T8346] binder: 8345:8346 ioctl c0306201 0 returned -14
[  209.706923][ T8346] binder: 8345:8346 got transaction to invalid handle, 1
[  209.708137][ T8346] binder: 8346:8345 cannot find target node
[  209.709048][ T8346] binder: 8345:8346 transaction call to 0:0 failed 418/29201/-22, size 72-24 line 3045
[  209.711507][ T8346] binder: 8345:8346 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  209.714373][ T8346] binder: 8346 RLIMIT_NICE not set
[  209.763120][ T8348] binder: 8345:8348 got transaction to invalid handle, 3
[  209.764342][ T8348] binder: 8348:8345 cannot find target node
[  209.765214][ T8348] binder: 8345:8348 transaction call to 0:0 failed 419/29201/-22, size 0-0 line 3045
[  209.767040][ T8348] binder: undelivered TRANSACTION_ERROR: 29201
[  209.768324][ T8348] binder: 8345:8348 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  209.770365][ T8348] binder: 8348 RLIMIT_NICE not set
[  209.771270][ T8348] binder: 8345:8348 got reply transaction with no transaction stack
[  209.773081][ T8348] binder: 8345:8348 transaction reply to 0:0 failed 420/29201/-71, size 0-0 line 2946
[  210.406778][ T8360] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1333'.
[  210.789778][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[  210.790915][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[  210.868481][ T8365] device syzkaller0 entered promiscuous mode
[  210.876157][ T8367] device syzkaller0 entered promiscuous mode
[  211.009000][ T8369] device syzkaller0 entered promiscuous mode
[  213.532484][   T24] net_ratelimit: 32 callbacks suppressed
[  213.532499][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.534818][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.772486][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.773938][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.775239][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.852391][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.102533][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.104060][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.252497][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.572449][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.732444][   T22] net_ratelimit: 24 callbacks suppressed
[  218.732459][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.734602][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.292408][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.293903][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.532306][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.782511][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.783852][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.852436][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.853876][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.855215][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.308962][ T8390] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1341'.
[  222.321021][ T8400] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  222.395103][ T8400] device syzkaller0 entered promiscuous mode
[  222.400417][ T8400] tipc: Resetting bearer <eth:syzkaller0>
[  222.405246][ T8399] tipc: Resetting bearer <eth:syzkaller0>
[  222.474137][ T8399] tipc: Disabling bearer <eth:syzkaller0>
[  222.477107][ T8405] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1346'.
[  222.553539][ T8416] binder: 8413:8416 ioctl 4018620d 0 returned -22
[  222.554764][ T8416] binder_user_error: 4 callbacks suppressed
[  222.554771][ T8416] binder: tried to use weak ref as strong ref
[  222.556627][ T8416] binder: 8413:8416 Acquire 1 refcount change on invalid ref 0 ret -22
[  222.563248][ T8420] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.1352'.
[  222.565697][ T8420] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.1352'.
[  222.569730][ T8416] binder: 8413:8416 got transaction to invalid handle, 1
[  222.573207][ T8416] binder_debug: 2 callbacks suppressed
[  222.573222][ T8416] binder: 8416:8413 cannot find target node
[  222.574910][ T8416] binder: 8413:8416 transaction call to 0:0 failed 426/29201/-22, size 72-24 line 3045
[  222.581572][ T8416] binder: 8413:8416 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  222.590965][ T8416] binder: 8416 RLIMIT_NICE not set
[  222.648476][ T8428] binder: 8408:8428 IncRefs 0 refcount change on invalid ref 0 ret -22
[  222.682574][ T8427] binder: 8413:8427 got transaction to invalid handle, 3
[  222.684635][ T8427] binder: 8427:8413 cannot find target node
[  222.685561][ T8427] binder: 8413:8427 transaction call to 0:0 failed 427/29201/-22, size 0-0 line 3045
[  222.690300][ T8429] binder: 8413:8429 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  222.693558][ T8429] binder: 8429 RLIMIT_NICE not set
[  223.040367][   T24] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  223.558827][ T3898] binder: undelivered TRANSACTION_ERROR: 29201
[  223.559911][ T3898] binder: undelivered TRANSACTION_ERROR: 29201
[  223.566813][   T24] usb 1-1: config 150 has an invalid interface number: 204 but max is 1
[  223.568233][   T24] usb 1-1: config 150 has no interface number 0
[  223.569165][   T24] usb 1-1: config 150 interface 204 has no altsetting 0
[  223.574806][   T24] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  223.576201][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.577491][   T24] usb 1-1: Product: syz
[  223.578146][   T24] usb 1-1: Manufacturer: syz
[  223.578385][ T8438] Illegal XDP return value 51 on prog  (id 10) dev syz_tun, expect packet loss!
[  223.581057][   T24] usb 1-1: SerialNumber: syz
[  223.599887][ T8440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.601437][ T8440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.743622][ T3898] net_ratelimit: 24 callbacks suppressed
[  223.743636][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.179822][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.415794][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.420501][   T24] xr_serial 1-1:150.204: xr_serial converter detected
[  224.426454][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.532026][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.572578][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.822308][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.375615][ T8470] binder: 8469:8470 ioctl 4018620d 0 returned -22
[  225.377108][ T8470] binder: tried to use weak ref as strong ref
[  225.378864][ T8470] binder: 8470:8469 cannot find target node
[  225.380011][ T8470] binder: 8469:8470 transaction call to 0:0 failed 430/29201/-22, size 72-24 line 3045
[  225.415965][   T24] usb 1-1: xr_serial converter now attached to ttyUSB0
[  225.446194][ T8472] binder: 8472:8469 cannot find target node
[  225.447363][ T8472] binder: 8469:8472 transaction call to 0:0 failed 431/29201/-22, size 0-0 line 3045
[  225.476693][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.478162][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.481126][ T8475] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.487708][ T8475] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.553365][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.643463][ T3898] usb 1-1: USB disconnect, device number 6
[  225.648286][ T3898] xr_serial ttyUSB0: xr_serial converter now disconnected from ttyUSB0
[  225.654753][ T3898] xr_serial 1-1:150.204: device disconnected
[  226.293980][ T8487] PKCS7: Unknown OID: [4] 2.19.13055.1334505.0.0.0.0
[  226.295135][ T8487] PKCS7: Only support pkcs7_signedData type
[  227.356578][ T8515] fuse: Bad value for 'fd'
[  227.356754][ T8513] binder: 8512:8513 ioctl 4018620d 0 returned -22
[  227.643666][ T8518] binder_user_error: 13 callbacks suppressed
[  227.643676][ T8518] binder: 8512:8518 got transaction to invalid handle, 3
[  227.645725][ T8518] binder_debug: 4 callbacks suppressed
[  227.645742][ T8518] binder: 8518:8512 cannot find target node
[  227.647523][ T8518] binder: 8512:8518 transaction call to 0:0 failed 435/29201/-22, size 0-0 line 3045
[  227.649902][ T8518] binder: 8512:8518 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  227.652049][ T8518] binder: 8518 RLIMIT_NICE not set
[  227.830829][ T8528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  227.834183][ T8528] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  228.063721][ T8534] binder: 8531:8534 IncRefs 0 refcount change on invalid ref 0 ret -22
[  228.799320][ T3898] binder: undelivered TRANSACTION_ERROR: 29201
[  228.800480][ T3898] binder: undelivered TRANSACTION_ERROR: 29201
[  228.881912][ T8542] fuse: Bad value for 'fd'
[  228.972293][    C1] net_ratelimit: 21 callbacks suppressed
[  228.972305][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.059752][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.061086][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.062446][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.063905][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.238040][ T8567] binder: 8563:8567 ioctl c0306201 0 returned -14
[  229.239275][ T8567] binder: 8563:8567 got transaction to invalid handle, 1
[  229.240384][ T8567] binder: 8567:8563 cannot find target node
[  229.241274][ T8567] binder: 8563:8567 transaction call to 0:0 failed 439/29201/-22, size 72-24 line 3045
[  229.259410][ T8567] binder: 8563:8567 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  229.261310][ T8567] binder: 8567 RLIMIT_NICE not set
[  229.280638][ T8571] fuse: Bad value for 'fd'
[  229.542957][ T8573] binder: 8563:8573 got transaction to invalid handle, 3
[  229.544138][ T8573] binder: 8573:8563 cannot find target node
[  229.545085][ T8573] binder: 8563:8573 transaction call to 0:0 failed 440/29201/-22, size 0-0 line 3045
[  229.546885][ T8573] binder: 8563:8573 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  229.548699][ T8573] binder: 8573 RLIMIT_NICE not set
[  229.609568][ T8579] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.611265][ T8579] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.612943][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.614580][ T8579] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.617845][ T8579] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.554216][ T8586] binder: undelivered TRANSACTION_ERROR: 29201
[  230.557483][ T8586] binder: undelivered TRANSACTION_ERROR: 29201
[  230.587877][ T8588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.592633][ T8588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.931710][ T8603] fuse: Bad value for 'fd'
[  231.184274][ T8624] binder: 8619:8624 ioctl c0306201 0 returned -14
[  231.237947][ T8629] fuse: Bad value for 'fd'
[  232.119826][ T8639] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.122133][ T8639] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.249058][ T8643] binder: 8640:8643 ioctl c0306201 0 returned -14
[  232.250647][ T8643] binder: 8640:8643 ioctl c0306201 200004c0 returned -22
[  234.172302][    C1] net_ratelimit: 35 callbacks suppressed
[  234.172316][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.332449][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.972518][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.973941][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.975341][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.212313][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.372607][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.012533][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.013865][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.015066][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.212470][ T8586] net_ratelimit: 19 callbacks suppressed
[  239.212484][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.372368][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.374505][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.375815][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.377022][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.532400][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.932379][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.172545][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.173887][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.175113][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  243.371346][ T8662] fuse: Bad value for 'fd'
[  243.461396][ T8670] binder: 8669:8670 ioctl c0306201 0 returned -14
[  243.467802][ T8670] binder_user_error: 9 callbacks suppressed
[  243.467809][ T8670] binder: 8669:8670 got transaction to invalid handle, 1
[  243.469757][ T8670] binder_debug: 6 callbacks suppressed
[  243.469768][ T8670] binder: 8670:8669 cannot find target node
[  243.471348][ T8670] binder: 8669:8670 transaction call to 0:0 failed 450/29201/-22, size 72-24 line 3045
[  243.539480][ T8670] binder: 8669:8670 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  243.541510][ T8670] binder: 8670 RLIMIT_NICE not set
[  243.590953][ T8684] binder: 8669:8684 got transaction to invalid handle, 3
[  243.592065][ T8684] binder: 8684:8669 cannot find target node
[  243.597435][ T8684] binder: 8669:8684 transaction call to 0:0 failed 451/29201/-22, size 0-0 line 3045
[  243.606482][ T8684] binder: 8669:8684 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  243.608445][ T8684] binder: 8684 RLIMIT_NICE not set
[  243.643394][ T8690] binder: 8674:8690 IncRefs 0 refcount change on invalid ref 0 ret -22
[  244.062291][ T8586] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  244.256283][ T8586] usb 1-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  244.258002][ T8586] usb 1-1: config 253 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 5384, setting to 64
[  244.259590][ T8586] usb 1-1: config 253 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[  244.269411][ T8586] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  244.270780][ T8586] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  244.271887][ T8586] usb 1-1: SerialNumber: syz
[  244.277809][ T8696] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  244.291086][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  244.293063][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  244.332714][ T4372] net_ratelimit: 25 callbacks suppressed
[  244.332731][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  244.334868][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  244.336064][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  244.572316][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  244.658683][ T8586] rndis_wlan 1-1:253.0: skipping garbage
[  244.661061][ T8586] rndis_host 1-1:253.0: skipping garbage
[  244.678769][ T8725] binder: tried to use weak ref as strong ref
[  244.679803][ T8725] binder: 8724:8725 Acquire 1 refcount change on invalid ref 0 ret -22
[  244.681321][ T8725] binder: 8724:8725 got transaction to invalid handle, 1
[  244.682465][ T8725] binder: 8725:8724 cannot find target node
[  244.683331][ T8725] binder: 8724:8725 transaction call to 0:0 failed 454/29201/-22, size 72-24 line 3045
[  244.701697][ T8725] binder: 8724:8725 transaction reply to 0:0 failed 455/29201/-71, size 0-0 line 2946
[  244.720136][   T22] binder: undelivered TRANSACTION_ERROR: 29201
[  244.722620][ T8586] usb 1-1: USB disconnect, device number 7
[  244.732756][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.372614][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.374236][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.375590][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.430580][ T8742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.432365][ T8742] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.439169][   T22] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  245.463116][   T22] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  245.498608][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.500351][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.549180][ T8750] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.550662][ T8750] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.166934][ T8768] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  246.168403][ T8768] device syzkaller0 entered promiscuous mode
[  246.174287][ T8768] tipc: Resetting bearer <eth:syzkaller0>
[  246.176317][ T8767] tipc: Resetting bearer <eth:syzkaller0>
[  246.216100][ T8767] tipc: Disabling bearer <eth:syzkaller0>
[  246.334587][ T8771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1483'.
[  246.648445][ T8787] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.1490'.
[  246.654003][ T8787] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.1490'.
[  246.868955][ T8797] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  246.873325][ T8797] device syzkaller0 entered promiscuous mode
[  246.919768][ T8797] tipc: Resetting bearer <eth:syzkaller0>
[  246.923196][ T8796] tipc: Resetting bearer <eth:syzkaller0>
[  246.992845][ T8796] tipc: Disabling bearer <eth:syzkaller0>
[  247.043357][ T8807] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1499'.
[  247.087492][ T8811] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1501'.
[  247.089414][ T8811] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1501'.
[  248.136106][ T8835] tipc: Started in network mode
[  248.136931][ T8835] tipc: Node identity 9aca257a27e1, cluster identity 4711
[  248.138020][ T8835] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  248.166179][ T8835] device syzkaller0 entered promiscuous mode
[  248.176614][ T8837] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1511'.
[  248.234661][ T8835] tipc: Resetting bearer <eth:syzkaller0>
[  248.236801][ T8834] tipc: Resetting bearer <eth:syzkaller0>
[  248.259531][ T8844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  248.261739][ T8844] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.304968][ T8834] tipc: Disabling bearer <eth:syzkaller0>
[  248.506219][ T8861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  248.511215][ T8861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.578557][ T8869] binder: 8868:8869 ioctl 4018620d 0 returned -22
[  248.580011][ T8869] binder_user_error: 28 callbacks suppressed
[  248.580017][ T8869] binder: tried to use weak ref as strong ref
[  248.581925][ T8869] binder: 8868:8869 Acquire 1 refcount change on invalid ref 0 ret -22
[  248.589006][ T8869] binder: 8868:8869 got transaction to invalid handle, 1
[  248.590282][ T8869] binder_debug: 24 callbacks suppressed
[  248.590295][ T8869] binder: 8869:8868 cannot find target node
[  248.593372][ T8869] binder: 8868:8869 transaction call to 0:0 failed 481/29201/-22, size 72-24 line 3045
[  248.595748][ T8869] binder: 8868:8869 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  248.597732][ T8869] binder: 8869 RLIMIT_NICE not set
[  248.647184][ T8871] binder: 8868:8871 got transaction to invalid handle, 3
[  248.648312][ T8871] binder: 8871:8868 cannot find target node
[  248.649229][ T8871] binder: 8868:8871 transaction call to 0:0 failed 482/29201/-22, size 0-0 line 3045
[  248.650901][ T8871] binder: undelivered TRANSACTION_ERROR: 29201
[  248.652152][ T8871] binder: 8868:8871 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  248.659169][ T8871] binder: 8871 RLIMIT_NICE not set
[  248.660350][ T8871] binder: 8868:8871 got reply transaction with no transaction stack
[  248.661570][ T8871] binder: 8868:8871 transaction reply to 0:0 failed 483/29201/-71, size 0-0 line 2946
[  248.822922][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  248.824114][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[  249.088659][ T8881] binder: 8878:8881 IncRefs 0 refcount change on invalid ref 0 ret -22
[  249.233227][   T14] binder: undelivered TRANSACTION_ERROR: 29201
[  249.234416][   T14] binder: undelivered TRANSACTION_ERROR: 29201
[  249.264121][ T8883] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  249.303357][ T8883] tipc: Resetting bearer <eth:syzkaller0>
[  249.395075][ T8882] tipc: Disabling bearer <eth:syzkaller0>
[  249.430605][   T14] binder: undelivered TRANSACTION_ERROR: 29201
[  249.431543][   T14] binder: undelivered TRANSACTION_ERROR: 29201
[  249.477081][ T8901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.484904][ T8901] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.702496][ T4372] net_ratelimit: 29 callbacks suppressed
[  249.702510][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.705007][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.706340][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.772308][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.932494][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  250.092492][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  250.155468][ T8920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  250.156870][ T8920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  250.391424][ T8926] binder: 8925:8926 ioctl 4018620d 0 returned -22
[  250.733468][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  250.735169][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  250.736911][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  250.812323][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.278026][ T8937] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.1550'.
[  251.291268][ T8936] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  251.310644][ T8936] tipc: Resetting bearer <eth:syzkaller0>
[  251.442934][ T8932] tipc: Disabling bearer <eth:syzkaller0>
[  251.570276][ T8955] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  251.572193][ T8955] device syzkaller0 entered promiscuous mode
[  251.575409][ T8955] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1558'.
[  251.579876][ T8955] tipc: Resetting bearer <eth:syzkaller0>
[  251.581995][ T8952] tipc: Resetting bearer <eth:syzkaller0>
[  251.640084][ T8952] tipc: Disabling bearer <eth:syzkaller0>
[  251.661014][ T8959] binder: 8958:8959 ioctl c0306201 0 returned -14
[  251.715683][ T8962] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1560'.
[  252.430278][ T8975] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  252.435613][ T8975] tipc: Resetting bearer <eth:syzkaller0>
[  252.513593][ T8973] tipc: Disabling bearer <eth:syzkaller0>
[  252.653951][ T8988] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  252.655711][ T8988] device syzkaller0 entered promiscuous mode
[  252.658679][ T8988] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1571'.
[  252.663703][ T8988] tipc: Resetting bearer <eth:syzkaller0>
[  252.665569][ T8987] tipc: Resetting bearer <eth:syzkaller0>
[  252.709785][ T8987] tipc: Disabling bearer <eth:syzkaller0>
[  252.715255][ T8992] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1572'.
[  252.886212][ T9010] binder: 9009:9010 ioctl c0306201 0 returned -14
[  252.998432][ T9016] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  253.215222][ T9030] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  253.216786][ T9030] device syzkaller0 entered promiscuous mode
[  253.219876][ T9030] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1586'.
[  253.227016][ T9030] tipc: Resetting bearer <eth:syzkaller0>
[  253.229191][ T9029] tipc: Resetting bearer <eth:syzkaller0>
[  253.263049][ T9029] tipc: Disabling bearer <eth:syzkaller0>
[  253.426564][ T9038] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1590'.
[  253.587896][ T9045] binder_user_error: 44 callbacks suppressed
[  253.587907][ T9045] binder: 9043:9045 IncRefs 0 refcount change on invalid ref 0 ret -22
[  253.591438][ T9049] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  253.724471][ T8586] binder_debug: 40 callbacks suppressed
[  253.724484][ T8586] binder: undelivered TRANSACTION_ERROR: 29201
[  253.726626][ T8586] binder: undelivered TRANSACTION_ERROR: 29201
[  253.911043][ T9062] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  253.925352][ T9062] device syzkaller0 entered promiscuous mode
[  253.968034][ T9062] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1597'.
[  253.988658][ T9062] tipc: Resetting bearer <eth:syzkaller0>
[  254.000505][ T9061] tipc: Resetting bearer <eth:syzkaller0>
[  254.008136][ T9066] fuse: Bad value for 'group_id'
[  254.073537][ T9061] tipc: Disabling bearer <eth:syzkaller0>
[  254.221979][ T9075] binder: 9074:9075 tried to acquire reference to desc 0, got 1 instead
[  254.234693][ T9075] binder: 9074:9075 ioctl c0306201 0 returned -14
[  254.238280][ T9076] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1601'.
[  254.247570][ T9075] binder: 9074:9075 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  254.261902][ T9075] binder: 9075 RLIMIT_NICE not set
[  254.314463][ T9080] binder: 9074:9080 got transaction to invalid handle, 3
[  254.315705][ T9080] binder: 9080:9074 cannot find target node
[  254.316634][ T9080] binder: 9074:9080 transaction call to 0:0 failed 520/29201/-22, size 0-0 line 3045
[  254.328162][ T9080] binder: 9074:9080 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  254.334294][ T9080] binder: 9080 RLIMIT_NICE not set
[  254.386646][ T9086] binder: 9085:9086 ioctl c0306201 0 returned -14
[  254.390210][ T9086] binder: 9085:9086 got transaction to invalid handle, 1
[  254.391397][ T9086] binder: 9086:9085 cannot find target node
[  254.392226][ T9086] binder: 9085:9086 transaction call to 0:0 failed 524/29201/-22, size 72-24 line 3045
[  254.395922][ T9086] binder: 9085:9086 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  254.397902][ T9086] binder: 9086 RLIMIT_NICE not set
[  254.430219][ T9089] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  254.446996][ T9092] binder: 9092:9085 cannot find target node
[  254.448189][ T9092] binder: 9085:9092 transaction call to 0:0 failed 525/29201/-22, size 0-0 line 3045
[  254.449914][ T9092] binder: undelivered TRANSACTION_ERROR: 29201
[  254.451166][ T9092] binder: 9085:9092 transaction reply to 0:0 failed 526/29201/-71, size 0-0 line 2946
[  254.624652][ T9102] fuse: Bad value for 'group_id'
[  254.674067][ T9106] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  254.675679][ T9106] device syzkaller0 entered promiscuous mode
[  254.679037][ T9105] tipc: Resetting bearer <eth:syzkaller0>
[  254.713341][ T9105] tipc: Disabling bearer <eth:syzkaller0>
[  254.806718][ T9110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.808865][ T9110] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.972385][    C1] net_ratelimit: 35 callbacks suppressed
[  254.972397][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.235687][ T9117] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1617'.
[  255.321437][ T9123] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  255.536674][ T9135] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.538486][ T9135] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.548800][ T9135] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.557994][ T9133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.565742][ T9133] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.612776][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.650232][ T9137] fuse: Bad value for 'group_id'
[  255.716832][ T9141] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  255.718469][ T9141] device syzkaller0 entered promiscuous mode
[  255.722192][ T9140] tipc: Resetting bearer <eth:syzkaller0>
[  255.828069][ T9145] binder: 9144:9145 ioctl c0306201 0 returned -14
[  255.834139][ T9140] tipc: Disabling bearer <eth:syzkaller0>
[  255.882823][ T8929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.915085][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.916670][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.961788][ T9150] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1628'.
[  256.135074][ T9162] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  256.368757][ T9179] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  256.370593][ T9179] device syzkaller0 entered promiscuous mode
[  256.374683][ T9178] tipc: Resetting bearer <eth:syzkaller0>
[  256.423372][ T9178] tipc: Disabling bearer <eth:syzkaller0>
[  257.105450][ T9191] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1641'.
[  257.433876][ T9200] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  257.581702][ T9214] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  257.584177][ T9214] device syzkaller0 entered promiscuous mode
[  257.628011][ T9214] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1648'.
[  257.631349][ T9213] tipc: Resetting bearer <eth:syzkaller0>
[  257.637421][ T9216] binder: 9215:9216 ioctl c0306201 0 returned -14
[  257.694095][ T9213] tipc: Disabling bearer <eth:syzkaller0>
[  257.897756][ T9224] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1652'.
[  258.090778][ T9237] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  258.277580][ T9249] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  258.279418][ T9249] device syzkaller0 entered promiscuous mode
[  258.313116][ T9249] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1660'.
[  258.315692][ T9248] tipc: Resetting bearer <eth:syzkaller0>
[  258.393813][ T9248] tipc: Disabling bearer <eth:syzkaller0>
[  258.450626][ T9251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  258.453166][ T9251] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  258.537206][ T9256] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1663'.
[  258.879299][ T9268] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  259.001649][ T9281] binder_user_error: 33 callbacks suppressed
[  259.001659][ T9281] binder: 9279:9281 tried to acquire reference to desc 0, got 1 instead
[  259.003771][ T9282] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  259.005638][ T9282] device syzkaller0 entered promiscuous mode
[  259.005878][ T9281] binder: 9279:9281 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  259.008830][ T9281] binder: 9281 RLIMIT_NICE not set
[  259.057210][ T9283] binder: 9279:9283 got transaction to invalid handle, 3
[  259.058527][ T9283] binder_debug: 25 callbacks suppressed
[  259.058537][ T9283] binder: 9283:9279 cannot find target node
[  259.060229][ T9283] binder: 9279:9283 transaction call to 0:0 failed 553/29201/-22, size 0-0 line 3045
[  259.063343][ T9283] binder: 9279:9283 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  259.064108][ T9284] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1671'.
[  259.065303][ T9283] binder: 9283 RLIMIT_NICE not set
[  259.072229][ T9280] tipc: Resetting bearer <eth:syzkaller0>
[  259.143969][ T9280] tipc: Disabling bearer <eth:syzkaller0>
[  259.226653][ T9288] binder: 9287:9288 got transaction to invalid handle, 1
[  259.227970][ T9288] binder: 9288:9287 cannot find target node
[  259.228905][ T9288] binder: 9287:9288 transaction call to 0:0 failed 557/29201/-22, size 72-24 line 3045
[  259.231393][ T9288] binder: 9287:9288 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  259.233870][ T9288] binder: 9288 RLIMIT_NICE not set
[  259.283034][ T9289] binder: 9287:9289 got transaction to invalid handle, 3
[  259.284202][ T9289] binder: 9289:9287 cannot find target node
[  259.285147][ T9289] binder: 9287:9289 transaction call to 0:0 failed 558/29201/-22, size 0-0 line 3045
[  259.286872][ T9289] binder: undelivered TRANSACTION_ERROR: 29201
[  259.288115][ T9289] binder: 9287:9289 transaction reply to 0:0 failed 559/29201/-71, size 0-0 line 2946
[  259.667135][ T9291] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1675'.
[  259.838744][ T8929] binder: undelivered TRANSACTION_ERROR: 29201
[  259.939217][ T9299] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1677'.
[  259.941412][ T9299] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1677'.
[  260.140889][ T8929] binder: undelivered TRANSACTION_ERROR: 29201
[  260.172320][    C1] net_ratelimit: 29 callbacks suppressed
[  260.172334][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.243872][ T9307] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  260.275115][ T9312] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  260.276899][ T9312] device syzkaller0 entered promiscuous mode
[  260.279889][ T9312] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1683'.
[  260.287018][ T9312] tipc: Resetting bearer <eth:syzkaller0>
[  260.289676][ T9311] tipc: Resetting bearer <eth:syzkaller0>
[  260.343056][ T9311] tipc: Disabling bearer <eth:syzkaller0>
[  260.573228][ T8929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.728188][ T8929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.729641][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.731139][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.742664][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.744189][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.745505][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.766743][ T9331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.768356][ T9331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.212403][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  261.310954][ T9345] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  261.338419][ T9348] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  261.444452][ T9359] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  261.445957][ T9359] device syzkaller0 entered promiscuous mode
[  261.454152][ T9359] tipc: Resetting bearer <eth:syzkaller0>
[  261.456433][ T9358] tipc: Resetting bearer <eth:syzkaller0>
[  261.505670][ T9358] tipc: Disabling bearer <eth:syzkaller0>
[  261.507790][ T9361] device bond0 left promiscuous mode
[  261.508663][ T9361] device bond_slave_0 left promiscuous mode
[  261.509677][ T9361] device bond_slave_1 left promiscuous mode
[  261.510771][ T9361] bridge1: port 1(bond0) entered disabled state
[  261.669465][ T9372] fuse: Unknown parameter 'grou00000000000000000000'
[  262.198200][ T9383] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  262.310245][ T9392] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.311749][ T9392] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.784876][ T9398] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  262.786342][ T9398] device syzkaller0 entered promiscuous mode
[  262.789367][ T9398] __nla_validate_parse: 5 callbacks suppressed
[  262.789374][ T9398] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1710'.
[  262.795389][ T9398] tipc: Resetting bearer <eth:syzkaller0>
[  262.797391][ T9397] tipc: Resetting bearer <eth:syzkaller0>
[  262.823477][ T9397] tipc: Disabling bearer <eth:syzkaller0>
[  262.852188][ T9402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.853939][ T9402] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.018743][ T9409] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1715'.
[  263.789490][ T9418] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  264.108025][ T9429] binder_user_error: 31 callbacks suppressed
[  264.108035][ T9429] binder: 9426:9429 IncRefs 0 refcount change on invalid ref 0 ret -22
[  265.166900][ T9449] binder: 9447:9449 tried to acquire reference to desc 0, got 1 instead
[  265.169152][ T9448] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  265.171115][ T9449] binder: 9447:9449 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  265.172539][ T9448] device syzkaller0 entered promiscuous mode
[  265.173638][ T9449] binder: 9449 RLIMIT_NICE not set
[  265.212891][ T9448] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1725'.
[  265.215373][ T9446] tipc: Resetting bearer <eth:syzkaller0>
[  265.223788][ T9450] binder: 9447:9450 got transaction to invalid handle, 3
[  265.224936][ T9450] binder_debug: 23 callbacks suppressed
[  265.224948][ T9450] binder: 9450:9447 cannot find target node
[  265.226761][ T9450] binder: 9447:9450 transaction call to 0:0 failed 586/29201/-22, size 0-0 line 3045
[  265.228472][ T9450] binder: 9447:9450 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  265.230475][ T9450] binder: 9450 RLIMIT_NICE not set
[  265.303300][ T9446] tipc: Disabling bearer <eth:syzkaller0>
[  265.362320][ T9452] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1726'.
[  265.372321][    C1] net_ratelimit: 35 callbacks suppressed
[  265.372332][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  265.441338][ T9456] binder: 9455:9456 got transaction to invalid handle, 1
[  265.445121][ T9456] binder: 9456:9455 cannot find target node
[  265.446017][ T9456] binder: 9455:9456 transaction call to 0:0 failed 590/29201/-22, size 72-24 line 3045
[  265.492227][ T9456] binder: 9455:9456 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  265.494134][ T9456] binder: 9456 RLIMIT_NICE not set
[  265.532544][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  265.533957][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  265.535147][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  265.536561][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  265.542054][ T9459] binder: 9459:9455 cannot find target node
[  265.543276][ T9459] binder: 9455:9459 transaction call to 0:0 failed 591/29201/-22, size 0-0 line 3045
[  265.547405][ T9459] binder: undelivered TRANSACTION_ERROR: 29201
[  265.548983][ T9459] binder: 9455:9459 transaction reply to 0:0 failed 592/29201/-71, size 0-0 line 2946
[  266.001563][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  266.028502][ T9462] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  266.034383][ T9462] tipc: Resetting bearer <eth:syzkaller0>
[  266.112807][ T9461] tipc: Disabling bearer <eth:syzkaller0>
[  266.278170][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  266.367890][ T9473] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.1736'.
[  266.390072][ T9476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.391498][ T9476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.422319][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.486464][ T9477] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1731'.
[  266.487919][ T9477] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1731'.
[  266.771427][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.773300][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.774639][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.775961][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.827820][ T9482] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  266.829242][ T9482] device syzkaller0 entered promiscuous mode
[  266.840867][ T9483] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1739'.
[  266.917400][ T9488] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1738'.
[  266.945886][ T9480] tipc: Resetting bearer <eth:syzkaller0>
[  267.336405][ T9480] tipc: Disabling bearer <eth:syzkaller0>
[  267.570492][ T9497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1743'.
[  267.716596][ T9501] binder: 9500:9501 ioctl c0306201 0 returned -14
[  267.720443][ T9499] device syzkaller0 entered promiscuous mode
[  268.199151][ T9507] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1747'.
[  268.231999][ T9510] netlink: 'syz.4.1748': attribute type 1 has an invalid length.
[  268.432167][ T9516] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1750'.
[  268.433813][ T9516] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1750'.
[  268.739119][ T9521] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1751'.
[  268.833819][ T9522] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1752'.
[  268.835584][ T9522] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1752'.
[  269.264819][ T9530] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1753'.
[  269.266334][ T9530] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1753'.
[  269.609480][ T9538] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1754'.
[  269.698258][ T9541] binder_user_error: 19 callbacks suppressed
[  269.698269][ T9541] binder: 9540:9541 tried to acquire reference to desc 0, got 1 instead
[  269.705675][ T9541] binder: 9540:9541 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  269.710521][ T9541] binder: 9541 RLIMIT_NICE not set
[  269.757712][ T9543] binder: 9540:9543 got transaction to invalid handle, 3
[  269.759193][ T9543] binder: 9540:9543 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  269.761454][ T9543] binder: 9543 RLIMIT_NICE not set
[  269.808528][ T9545] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1759'.
[  269.865883][ T9547] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  269.883879][ T9547] device syzkaller0 entered promiscuous mode
[  269.885565][ T9547] tipc: Resetting bearer <eth:syzkaller0>
[  269.891226][ T9546] tipc: Resetting bearer <eth:syzkaller0>
[  270.091755][ T9553] binder: 9552:9553 tried to acquire reference to desc 0, got 1 instead
[  270.094551][ T9553] binder: 9552:9553 ioctl c0306201 0 returned -14
[  270.097056][ T9553] binder: 9552:9553 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  270.099178][ T9553] binder: 9553 RLIMIT_NICE not set
[  270.148128][ T9555] binder: 9552:9555 got transaction to invalid handle, 3
[  270.522885][ T8586] binder_debug: 15 callbacks suppressed
[  270.522898][ T8586] binder: undelivered TRANSACTION_ERROR: 29201
[  270.572426][    C1] net_ratelimit: 25 callbacks suppressed
[  270.572439][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  270.893048][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  270.931095][ T8586] binder: undelivered TRANSACTION_ERROR: 29201
[  271.484642][ T1514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  271.486171][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  271.488714][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  271.612314][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  271.932480][ T9569] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  272.309021][ T9573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.310581][ T9573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.494693][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  272.496133][ T4374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  272.497323][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.622674][   T22] net_ratelimit: 18 callbacks suppressed
[  275.622688][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.772323][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.783069][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.783548][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.784329][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.785564][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.932452][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.933885][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  276.332501][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  276.652438][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.812469][   T22] net_ratelimit: 28 callbacks suppressed
[  280.812484][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.972378][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.973874][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.975223][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  281.532510][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  281.862383][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  282.012386][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  282.013798][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  282.015039][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  282.023007][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  282.484411][ T9546] tipc: Disabling bearer <eth:syzkaller0>
[  282.489303][ T9558] __nla_validate_parse: 4 callbacks suppressed
[  282.489312][ T9558] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1764'.
[  282.491627][ T4372] tipc: Node number set to 1646017913
[  282.494172][ T9584] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1770'.
[  282.530551][ T9613] binder_user_error: 4 callbacks suppressed
[  282.530561][ T9613] binder: 9612:9613 tried to acquire reference to desc 0, got 1 instead
[  282.534286][ T9613] binder: 9612:9613 got transaction with invalid data ptr
[  282.535458][ T9613] binder: 9612:9613 transaction call to 9612:0 failed 619/29201/-14, size 0-24 line 3333
[  282.537601][ T9613] binder: 9612:9613 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  282.539614][ T9613] binder: 9613 RLIMIT_NICE not set
[  282.563946][ T9615] binder: BINDER_SET_CONTEXT_MGR already set
[  282.564960][ T9615] binder: 9614:9615 ioctl 4018620d 20004a80 returned -16
[  282.566269][ T9615] binder: tried to use weak ref as strong ref
[  282.574900][ T9615] binder: 9614:9615 Acquire 1 refcount change on invalid ref 0 ret -22
[  282.586182][ T9615] binder: 9614:9615 ioctl c0306201 0 returned -14
[  282.588061][ T9615] binder: 9614:9615 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  282.590215][ T9617] binder: 9612:9617 got transaction to invalid handle, 3
[  282.591324][ T9617] binder: 9617:9612 cannot find target node
[  282.596675][ T9617] binder: 9612:9617 transaction call to 0:0 failed 622/29201/-22, size 0-0 line 3045
[  282.598394][ T9615] binder: 9615 RLIMIT_NICE not set
[  282.602751][ T9617] binder: 9612:9617 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  282.639058][ T9622] binder: 9622:9614 cannot find target node
[  282.640100][ T9622] binder: 9614:9622 transaction call to 0:0 failed 623/29201/-22, size 0-0 line 3045
[  282.641752][ T9622] binder: undelivered TRANSACTION_ERROR: 29201
[  282.643336][ T9622] binder: 9614:9622 transaction reply to 0:0 failed 624/29201/-71, size 0-0 line 2946
[  282.762561][ T9626] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1777'.
[  282.764200][ T9626] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1777'.
[  283.508984][ T4368] binder: undelivered TRANSACTION_ERROR: 29201
[  283.519465][ T4368] binder: undelivered TRANSACTION_ERROR: 29201
[  283.520530][ T4368] binder: undelivered TRANSACTION_ERROR: 29201
[  283.786944][ T9637] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1780'.
[  283.788482][ T9637] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1780'.
[  284.123238][ T4368] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  284.762372][ T4368] usb 1-1: Using ep0 maxpacket: 16
[  284.777435][ T4368] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  284.779053][ T4368] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  284.787585][ T4368] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  284.788939][ T4368] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.790235][ T4368] usb 1-1: Product: syz
[  284.790908][ T4368] usb 1-1: Manufacturer: syz
[  284.791592][ T4368] usb 1-1: SerialNumber: syz
[  284.804042][ T4368] r8152-cfgselector 1-1: config 0 descriptor??
[  284.810414][ T9650] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1785'.
[  284.822776][ T9652] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  284.824347][ T9652] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.826570][ T9654] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1788'.
[  284.868853][ T9656] device syzkaller0 entered promiscuous mode
[  284.893287][ T4372] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  284.895366][ T4372] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  285.187717][ T4368] usbip-host 1-1: 1-1 is not in match_busid table... skip!
[  285.223198][ T6363] usb 1-1: config 0 descriptor??
[  286.172390][    C1] net_ratelimit: 26 callbacks suppressed
[  286.172403][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  286.252589][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  286.254045][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  286.255425][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  286.256765][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  286.964890][ T6363] usb 1-1: can't set config #0, error -71
[  286.964933][ T4369] usb 1-1: USB disconnect, device number 8
[  287.052633][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.065737][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.212297][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.383543][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.383554][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.983010][ T9702] binder_user_error: 13 callbacks suppressed
[  287.983032][ T9702] binder: 9695:9702 IncRefs 0 refcount change on invalid ref 0 ret -22
[  291.372335][    C1] net_ratelimit: 22 callbacks suppressed
[  291.372349][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  291.532405][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  291.932415][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  291.933794][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.092491][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.093842][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.095157][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.412375][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.572515][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  293.132508][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  296.732385][ T4369] net_ratelimit: 30 callbacks suppressed
[  296.732401][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  296.812398][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.212302][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.277195][ T9669] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  297.278890][ T9701] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1799'.
[  297.292674][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.294008][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.295256][ T4372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.305907][ T9706] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1800'.
[  297.350359][ T9715] binder: 9712:9715 tried to acquire reference to desc 0, got 1 instead
[  297.351925][ T9715] binder: 9712:9715 got transaction with invalid data ptr
[  297.374188][ T9715] binder_debug: 5 callbacks suppressed
[  297.374202][ T9715] binder: 9712:9715 transaction call to 9712:0 failed 635/29201/-14, size 0-24 line 3333
[  297.389468][ T9715] binder: 9712:9715 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  297.391536][ T9715] binder: 9715 RLIMIT_NICE not set
[  297.441065][ T9729] binder: 9712:9729 got transaction to invalid handle, 3
[  297.442232][ T9729] binder: 9729:9712 cannot find target node
[  297.443649][ T9729] binder: 9712:9729 transaction call to 0:0 failed 636/29201/-22, size 0-0 line 3045
[  297.445339][ T9729] binder: 9712:9729 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  297.447941][ T9729] binder: 9729 RLIMIT_NICE not set
[  297.518544][ T9736] binder: 9734:9736 got transaction to invalid handle, 1
[  297.519616][ T9736] binder: 9736:9734 cannot find target node
[  297.520526][ T9736] binder: 9734:9736 transaction call to 0:0 failed 640/29201/-22, size 72-24 line 3045
[  297.522163][ T9736] binder: 9734:9736 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  297.525723][ T4368] binder: undelivered TRANSACTION_ERROR: 29201
[  297.625796][ T9741] binder: 9731:9741 IncRefs 0 refcount change on invalid ref 0 ret -22
[  297.773003][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.944002][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  298.015681][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  298.252333][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  298.357453][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[  298.358725][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[  298.502148][ T9751] device syzkaller0 entered promiscuous mode
[  298.530791][ T9750] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1815'.
[  299.018804][ T9770] binder: 9770:9768 cannot find target node
[  299.019932][ T9770] binder: 9768:9770 transaction call to 0:0 failed 644/29201/-22, size 72-24 line 3045
[  299.276202][ T9784] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1824'.
[  300.598880][ T9797] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1828'.
[  300.600369][ T9797] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1828'.
[  300.844278][ T9800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.845825][ T9800] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.849371][ T9662] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  300.851595][ T9662] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  301.852426][ T9662] net_ratelimit: 19 callbacks suppressed
[  301.852440][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  301.854889][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  301.856294][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.092456][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.422365][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.492443][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.493844][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.902455][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.903782][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.905052][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  307.052460][   T24] net_ratelimit: 28 callbacks suppressed
[  307.052474][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  307.054826][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  307.056163][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  307.292391][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  307.303438][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  307.612290][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  308.092575][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  308.093891][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  308.095297][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  308.172419][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  310.254370][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  310.255444][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[  310.569441][ T9765] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  310.585301][ T9811] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1830'.
[  310.764410][ T9819] binder_user_error: 2 callbacks suppressed
[  310.764429][ T9819] binder: 9812:9819 IncRefs 0 refcount change on invalid ref 0 ret -22
[  310.827335][ T9820] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1832'.
[  310.828852][ T9820] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1832'.
[  311.589102][ T9826] binder: 9822:9826 tried to acquire reference to desc 0, got 1 instead
[  311.600858][ T9826] binder: 9822:9826 ioctl c0306201 0 returned -14
[  311.602022][ T9826] binder: 9822:9826 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  312.211663][ T9845] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1839'.
[  312.213210][ T9845] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1839'.
[  312.506186][   T24] net_ratelimit: 20 callbacks suppressed
[  312.506202][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  312.508226][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  312.509476][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  312.512471][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  312.595005][ T9849] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.596417][ T9849] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.614794][ T9850] device syzkaller0 entered promiscuous mode
[  312.620671][ T8586] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  312.680660][ T4373] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  312.682148][ T8586] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  312.727220][ T9852] device syzkaller0 entered promiscuous mode
[  312.812340][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  313.112409][ T4373] usb 1-1: Using ep0 maxpacket: 32
[  313.114801][ T4373] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  313.116145][ T4373] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.118599][ T4373] usb 1-1: config 0 descriptor??
[  313.356370][ T4373] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  313.389404][ T4373] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  313.395498][ T4373] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  313.401991][ T4373] usb 1-1: media controller created
[  313.778918][ T9869] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1845'.
[  313.781692][ T9869] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1845'.
[  313.852298][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  313.913705][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  313.973145][ T4373] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  313.983384][ T9874] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1847'.
[  313.988635][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  313.988705][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  313.990093][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  313.995245][  T112] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  313.997128][  T112] hid-generic 0000:0000:0000.0006: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  314.274191][ T9881] binder: 9879:9881 tried to acquire reference to desc 0, got 1 instead
[  314.276039][ T9881] binder: 9879:9881 ioctl c0306201 0 returned -14
[  314.277424][ T9881] binder: 9879:9881 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  314.396875][ T9889] binder: 9880:9889 IncRefs 0 refcount change on invalid ref 0 ret -22
[  315.242411][ T4373] az6027: usb out operation failed. (-71)
[  315.244867][ T4373] az6027: usb out operation failed. (-71)
[  315.246058][ T4373] stb0899_attach: Driver disabled by Kconfig
[  315.247116][ T4373] az6027: no front-end attached
[  315.247116][ T4373] 
[  315.248729][ T4373] az6027: usb out operation failed. (-71)
[  315.249733][ T4373] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  315.261599][ T4373] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input4
[  315.270314][ T4373] dvb-usb: schedule remote query interval to 400 msecs.
[  315.271546][ T4373] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  315.280399][ T4373] usb 1-1: USB disconnect, device number 9
[  315.329287][ T9895] device syzkaller0 entered promiscuous mode
[  315.408587][ T4373] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  315.844567][ T9910] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1857'.
[  315.846117][ T9910] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1857'.
[  316.300697][ T9916] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1859'.
[  316.341900][ T9913] device syzkaller0 entered promiscuous mode
[  316.380352][ T9919] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  316.426202][ T9919] tipc: Resetting bearer <eth:syzkaller0>
[  316.435232][ T9923] binder: 9922:9923 tried to acquire reference to desc 0, got 1 instead
[  316.437587][ T9923] binder: 9922:9923 ioctl c0306201 0 returned -14
[  316.441155][ T9923] binder: 9922:9923 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  316.540356][ T9930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  316.541720][ T9930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  316.555783][   T24] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  316.634261][   T24] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  316.973092][ T9918] tipc: Disabling bearer <eth:syzkaller0>
[  317.000166][ T9939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  317.001804][ T9939] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  317.006384][ T4369] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  317.008803][ T4369] hid-generic 0000:0000:0000.0008: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  317.454884][ T9946] binder: 9942:9946 IncRefs 0 refcount change on invalid ref 0 ret -22
[  317.974962][ T9948] device syzkaller0 entered promiscuous mode
[  318.148750][ T9953] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1869'.
[  318.150462][ T9953] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1869'.
[  318.419424][ T4373] net_ratelimit: 26 callbacks suppressed
[  318.419437][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.422724][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.424059][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.493334][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.494980][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.496324][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.500803][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.732300][ T9964] binder: 9963:9964 tried to acquire reference to desc 0, got 1 instead
[  318.734166][ T9964] binder: 9963:9964 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  319.213504][ T6361] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.361235][ T9985] device syzkaller0 entered promiscuous mode
[  319.451747][ T9986] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1881'.
[  319.453616][ T9986] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1881'.
[  319.652361][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.653755][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.745255][ T9992] binder: 9991:9992 tried to acquire reference to desc 0, got 1 instead
[  319.747012][ T9992] binder: 9991:9992 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  319.936573][T10001] binder: 9993:10001 IncRefs 0 refcount change on invalid ref 0 ret -22
[  320.033677][T10002] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1888'.
[  320.035458][T10002] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1888'.
[  321.011878][T10018] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  321.013490][T10018] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  321.018150][ T4373] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  321.083732][ T4373] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  321.485940][T10025] binder: 10024:10025 tried to acquire reference to desc 0, got 1 instead
[  321.490102][T10025] binder: 10024:10025 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  321.511731][T10027] device syzkaller0 entered promiscuous mode
[  321.944930][T10048] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1901'.
[  321.946570][T10048] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1901'.
[  322.110101][T10050] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1902'.
[  322.111832][T10050] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1902'.
[  322.287188][T10057] binder: 10055:10057 tried to acquire reference to desc 0, got 1 instead
[  322.288850][T10057] binder: 10055:10057 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  322.390409][T10060] binder: 10051:10060 IncRefs 0 refcount change on invalid ref 0 ret -22
[  323.108361][T10062] device syzkaller0 entered promiscuous mode
[  323.153244][T10064] device syzkaller0 entered promiscuous mode
[  323.443424][ T6339] net_ratelimit: 24 callbacks suppressed
[  323.443438][ T6339] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.463484][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.469680][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.644865][T10080] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1916'.
[  323.646568][T10080] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1916'.
[  323.844118][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.849481][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.900087][T10083] binder: 10082:10083 tried to acquire reference to desc 0, got 1 instead
[  323.907626][T10083] binder: 10082:10083 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  323.932529][ T9569] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.935032][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.936473][ T4369] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.937814][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.111628][T10095] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1921'.
[  324.113305][T10095] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1921'.
[  324.348315][T10094] device syzkaller0 entered promiscuous mode
[  324.412306][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.538905][T10108] binder: 10102:10108 IncRefs 0 refcount change on invalid ref 0 ret -22
[  325.562869][T10121] device syzkaller0 entered promiscuous mode
[  325.653639][T10124] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1930'.
[  325.655295][T10124] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1930'.
[  325.935157][T10130] binder: 10127:10130 tried to acquire reference to desc 0, got 1 instead
[  325.939425][T10130] binder: 10127:10130 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  326.020565][T10140] fuse: Bad value for 'rootmode'
[  326.086860][T10142] device syzkaller0 entered promiscuous mode
[  327.052105][T10152] __nla_validate_parse: 2 callbacks suppressed
[  327.052117][T10152] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1941'.
[  327.208131][T10165] binder: 10164:10165 tried to acquire reference to desc 0, got 1 instead
[  327.216849][T10165] binder: 10164:10165 got transaction with invalid data ptr
[  327.218068][T10165] binder_debug: 1 callbacks suppressed
[  327.218075][T10165] binder: 10164:10165 transaction call to 10164:0 failed 685/29201/-14, size 0-24 line 3333
[  327.226712][T10165] binder: 10164:10165 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  327.282707][T10166] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1944'.
[  327.284241][T10166] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1944'.
[  327.691139][T10173] fuse: Bad value for 'rootmode'
[  327.754951][ T9662] binder: undelivered TRANSACTION_ERROR: 29201
[  327.845078][T10186] device syzkaller0 entered promiscuous mode
[  328.386711][T10203] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1958'.
[  328.388266][T10203] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1958'.
[  328.565501][T10204] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1957'.
[  328.567024][T10204] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1957'.
[  328.572420][    C0] net_ratelimit: 28 callbacks suppressed
[  328.572429][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.639115][T10206] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1960'.
[  328.689477][T10208] device syzkaller0 entered promiscuous mode
[  328.703627][T10210] fuse: Unknown parameter 'use00000000000000000000'
[  328.786648][T10222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  328.788636][T10222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  328.791472][ T9569] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  328.794523][ T9569] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  328.858076][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.859663][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.861036][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.862935][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  329.280398][T10236] device syzkaller0 entered promiscuous mode
[  329.429779][T10242] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1970'.
[  329.431518][T10242] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1970'.
[  329.612347][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  329.785255][T10254] fuse: Unknown parameter 'use00000000000000000000'
[  329.911628][T10261] device syzkaller0 entered promiscuous mode
[  329.932922][ T9569] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  329.934417][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  329.935965][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  330.004883][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  330.140393][T10266] netlink: 'syz.0.1982': attribute type 10 has an invalid length.
[  330.258810][T10266] netlink: 'syz.0.1982': attribute type 10 has an invalid length.
[  330.680318][T10280] device syzkaller0 entered promiscuous mode
[  330.784566][T10285] fuse: Unknown parameter 'use00000000000000000000'
[  331.902964][T10322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  331.905934][T10322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.192971][T10322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.194876][T10322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.228678][T10325] device syzkaller0 entered promiscuous mode
[  332.233772][T10327] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  332.236227][T10327] __nla_validate_parse: 18 callbacks suppressed
[  332.236235][T10327] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2005'.
[  332.335126][T10327] tipc: Resetting bearer <eth:syzkaller0>
[  332.392874][T10326] tipc: Disabling bearer <eth:syzkaller0>
[  332.476458][T10333] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2009'.
[  332.733397][T10345] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.741089][T10345] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.745289][ T8586] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  332.806620][ T8586] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  333.359819][T10367] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2016'.
[  333.361478][T10367] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2016'.
[  333.612887][  T112] net_ratelimit: 24 callbacks suppressed
[  333.612902][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  333.656533][T10366] device syzkaller0 entered promiscuous mode
[  333.746259][T10375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  333.747953][T10375] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  333.782328][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.166974][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.168525][ T8586] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.169852][ T3898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.205384][T10379] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2021'.
[  334.252533][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.254197][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.255826][ T9569] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.457714][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.895426][T10395] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  335.009662][T10409] device geneve2 entered promiscuous mode
[  335.026867][T10411] netlink: 5364 bytes leftover after parsing attributes in process `syz.1.2032'.
[  335.030479][T10411] netlink: 5364 bytes leftover after parsing attributes in process `syz.1.2032'.
[  335.076610][T10416] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2034'.
[  335.079273][T10414] device syzkaller0 entered promiscuous mode
[  335.343779][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  335.450773][T10427] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2037'.
[  335.452457][T10427] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2037'.
[  335.709763][T10429] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  335.743612][T10429] tipc: Resetting bearer <eth:syzkaller0>
[  335.757608][T10431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  335.759487][T10431] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  335.883473][T10428] tipc: Disabling bearer <eth:syzkaller0>
[  336.006528][T10444] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  336.611507][T10463] device syzkaller0 entered promiscuous mode
[  336.985124][T10473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.986671][T10473] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.989718][ T4368] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  336.991562][ T4368] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  337.449378][T10488] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  337.453566][T10488] tipc: Resetting bearer <eth:syzkaller0>
[  337.487432][T10491] __nla_validate_parse: 2 callbacks suppressed
[  337.487445][T10491] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.2056'.
[  337.490341][T10491] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.2056'.
[  338.006271][T10501] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2058'.
[  338.007686][T10501] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2058'.
[  338.259455][T10487] tipc: Disabling bearer <eth:syzkaller0>
[  338.792434][ T9662] net_ratelimit: 18 callbacks suppressed
[  338.792449][ T9662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.795059][ T9569] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.796337][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.872374][ T4368] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  338.928649][T10512] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  338.972409][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.031694][T10520] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  339.033519][T10520] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  339.054878][ T4368] usb 1-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  339.056890][ T4368] usb 1-1: config 253 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 5384, setting to 64
[  339.058750][ T4368] usb 1-1: config 253 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[  339.061649][ T4368] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  339.063663][ T4368] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  339.064907][ T4368] usb 1-1: SerialNumber: syz
[  339.068406][T10504] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  339.276982][T10522] 
[  339.277428][T10522] ======================================================
[  339.278564][T10522] WARNING: possible circular locking dependency detected
[  339.279663][T10522] syzkaller #0 Not tainted
[  339.280346][T10522] ------------------------------------------------------
[  339.281501][T10522] syz.3.2063/10522 is trying to acquire lock:
[  339.282417][T10522] ffff0000dde11458 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0xe4/0x1ec
[  339.284181][T10522] 
[  339.284181][T10522] but task is already holding lock:
[  339.285249][T10522] ffff0000dde10130 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x1e8/0x50c
[  339.286577][T10522] 
[  339.286577][T10522] which lock already depends on the new lock.
[  339.286577][T10522] 
[  339.288127][T10522] 
[  339.288127][T10522] the existing dependency chain (in reverse order) is:
[  339.289498][T10522] 
[  339.289498][T10522] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  339.290823][T10522]        lock_sock_nested+0x70/0x130
[  339.291740][T10522]        smc_listen_out+0x114/0x3a4
[  339.292593][T10522]        smc_listen_work+0x490/0xde0
[  339.293447][T10522]        process_one_work+0x7f8/0x13a4
[  339.294304][T10522]        worker_thread+0x8c4/0xfec
[  339.295107][T10522]        kthread+0x250/0x2d8
[  339.295894][T10522]        ret_from_fork+0x10/0x20
[  339.296768][T10522] 
[  339.296768][T10522] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  339.298473][T10522]        __lock_acquire+0x2880/0x6800
[  339.299363][T10522]        lock_acquire+0x20c/0x63c
[  339.300188][T10522]        __flush_work+0x10c/0x1ec
[  339.300957][T10522]        __cancel_work_timer+0x300/0x458
[  339.301901][T10522]        cancel_work_sync+0x24/0x38
[  339.302703][T10522]        smc_clcsock_release+0x64/0xe8
[  339.303642][T10522]        __smc_release+0x568/0x6bc
[  339.304510][T10522]        smc_close_non_accepted+0xd8/0x254
[  339.305463][T10522]        smc_close_active+0x9c4/0xd24
[  339.306318][T10522]        __smc_release+0x48c/0x6bc
[  339.307172][T10522]        smc_release+0x258/0x50c
[  339.307966][T10522]        sock_close+0xb4/0x1f8
[  339.308762][T10522]        __fput+0x1bc/0x7b8
[  339.309484][T10522]        ____fput+0x20/0x30
[  339.310198][T10522]        task_work_run+0x1ec/0x278
[  339.311035][T10522]        do_notify_resume+0x1fa0/0x2aa4
[  339.311903][T10522]        el0_svc+0x98/0x128
[  339.312633][T10522]        el0t_64_sync_handler+0x84/0xf0
[  339.313551][T10522]        el0t_64_sync+0x18c/0x190
[  339.314345][T10522] 
[  339.314345][T10522] other info that might help us debug this:
[  339.314345][T10522] 
[  339.315329][ T4368] rndis_wlan 1-1:253.0: skipping garbage
[  339.315949][T10522]  Possible unsafe locking scenario:
[  339.315949][T10522] 
[  339.317148][ T4368] rndis_host 1-1:253.0: skipping garbage
[  339.318004][T10522]        CPU0                    CPU1
[  339.319904][T10522]        ----                    ----
[  339.320469][ T4368] usb 1-1: USB disconnect, device number 10
[  339.320787][T10522]   lock(sk_lock-AF_SMC/1);
[  339.322391][T10522]                                lock((work_completion)(&new_smc->smc_listen_work));
[  339.324026][T10522]                                lock(sk_lock-AF_SMC/1);
[  339.325168][T10522]   lock((work_completion)(&new_smc->smc_listen_work));
[  339.326295][T10522] 
[  339.326295][T10522]  *** DEADLOCK ***
[  339.326295][T10522] 
[  339.327552][T10522] 2 locks held by syz.3.2063/10522:
[  339.328343][T10522]  #0: ffff0000e2737a10 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: sock_close+0x7c/0x1f8
[  339.329981][T10522]  #1: ffff0000dde10130 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x1e8/0x50c
[  339.331462][T10522] 
[  339.331462][T10522] stack backtrace:
[  339.332390][T10522] CPU: 0 PID: 10522 Comm: syz.3.2063 Not tainted syzkaller #0
[  339.333683][T10522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  339.335282][T10522] Call trace:
[  339.335813][T10522]  dump_backtrace+0x1c0/0x1ec
[  339.336566][T10522]  show_stack+0x2c/0x3c
[  339.337234][T10522]  __dump_stack+0x30/0x40
[  339.337948][T10522]  dump_stack_lvl+0xf4/0x15c
[  339.338740][T10522]  dump_stack+0x1c/0x5c
[  339.339424][T10522]  print_circular_bug+0x148/0x1b0
[  339.340280][T10522]  check_noncircular+0x264/0x2f8
[  339.341045][T10522]  __lock_acquire+0x2880/0x6800
[  339.341860][T10522]  lock_acquire+0x20c/0x63c
[  339.342567][T10522]  __flush_work+0x10c/0x1ec
[  339.343284][T10522]  __cancel_work_timer+0x300/0x458
[  339.344144][T10522]  cancel_work_sync+0x24/0x38
[  339.344903][T10522]  smc_clcsock_release+0x64/0xe8
[  339.345695][T10522]  __smc_release+0x568/0x6bc
[  339.346445][T10522]  smc_close_non_accepted+0xd8/0x254
[  339.347318][T10522]  smc_close_active+0x9c4/0xd24
[  339.348094][T10522]  __smc_release+0x48c/0x6bc
[  339.348860][T10522]  smc_release+0x258/0x50c
[  339.349607][T10522]  sock_close+0xb4/0x1f8
[  339.350359][T10522]  __fput+0x1bc/0x7b8
[  339.351060][T10522]  ____fput+0x20/0x30
[  339.351773][T10522]  task_work_run+0x1ec/0x278
[  339.352550][T10522]  do_notify_resume+0x1fa0/0x2aa4
[  339.353347][T10522]  el0_svc+0x98/0x128
[  339.354082][T10522]  el0t_64_sync_handler+0x84/0xf0
[  339.354915][T10522]  el0t_64_sync+0x18c/0x190
[  339.355690][    C0] vkms_vblank_simulate: vblank timer overrun
[  339.357918][ T9569] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.702381][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.862526][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.864051][ T9569] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.865528][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.012299][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  344.012402][ T4373] net_ratelimit: 29 callbacks suppressed
[  344.012421][ T4373] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  344.022527][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  344.024040][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  344.025501][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  344.172296][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  344.572342][ T9569] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.052472][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.053810][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.055161][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.212348][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  349.212465][ T4368] net_ratelimit: 21 callbacks suppressed
[  349.212479][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  349.214923][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  349.216339][ T4368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog