last executing test programs:

4m16.056387623s ago: executing program 32 (id=18):
statfs(0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000280)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c)
r1 = socket$inet6(0xa, 0x3, 0x100)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x3, 0x3, @local, 0x9}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x44004)

4m15.019250184s ago: executing program 33 (id=26):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x80)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, r2, 0x16, 0x0, @void}, 0x10)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000001c0)=0x4, 0x4)

4m13.659662115s ago: executing program 34 (id=59):
socket(0x10, 0x3, 0x0)
syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x20404a, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1e3, &(0x7f0000000140)="$eJzslr/uEkEQx7+7d96B0ZhY2lhIohYed4cmNibQWFmY+IdYmEDkJMgpCVAIiUGfwCewoLD3BUy09RVMDFrZYGdjc2Zv9+4W5T8ChfNJfvP7Hpmdm5ldZgFBEP8t377+nETIxfoUCrDV59+NzIdr/l9yP158vHWz+vrh20/2xMnPixlF67/fBPChYqCfrp1dXVD/74Kn+h44LitdBYOjdA0c95UOwPBA6Sea7gh/x3ncCgPnUSdsCOEK4wnjC1OSnuU0v+krhoaWH9Py6w2G7XoYBt09ilX9m1Y4bmj56fvlQGbrav3zwOEpXQLDHaWvw056I1ui1X/OzOIbS+u3sO+OiFQ2WHX29MKtsgCEZWyRBsCSgCfeYKdy8FId2X2eoQXCkLUnO/qPIhsHqkIc9BU+MA/eVbZbM7fZi/dyWKXnMBrJ59jnjFCf/w4YjdZ8haW+IGyjI5rNp2jMcDGbT0yNpPiq4TZQ7A2GV1pP682gGTzz/Rrcq657zS/Gg0jaJfMvH8+nk1n82TtpnEmLWXhe7/e7nrTpsy/tvInL4/nHcemCfBapW3/kkNM0U38mTKhC2+8WZk8QBHE8zoP9ihRmItRtAu237u0j5kgQBEEQBEEQBEEQxG78DgAA///p0kGp")
ioctl$TIOCCONS(0xffffffffffffffff, 0x541d)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001a00), 0xffffffffffffffff)

4m13.214822578s ago: executing program 35 (id=66):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000)
r0 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x158}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_ublk_add_dev(r0, r1, r2, r3, &(0x7f0000000340)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000440)=@new_dev={0x1, 0x3d9, 0x0, 0x0, 0x1000, 0xffffffff, 0x0, 0x0, 0xc0}}}, &(0x7f0000000300)=<r4=>0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
personality(0x5c00005)
syz_ublk_setup_queues(r6, r4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x257}, &(0x7f0000000800)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x800000, 0x100, 0x1000000, 0x4}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x1000, 0x0, 0x146, 0x0, r0}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1f70, 0x80}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x2, 0x1, 0xfffffffd}}], 0x1, 0x0, 0x0)

4m9.455714941s ago: executing program 36 (id=172):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000001c0)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x1, 0x0, 0x2}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_virt_wifi\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, &(0x7f00000000c0)='C', 0x5dc, 0x30048841, &(0x7f00000002c0)={0x11, 0x88a8, r2, 0x1, 0xe, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}}, 0x14)

4m5.236184237s ago: executing program 37 (id=235):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e23, 0xa4e4, @remote, 0x3}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
r2 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x158}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_ublk_add_dev(r2, r3, r4, r5, &(0x7f0000000200)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000440)=@new_dev={0x4, 0x3c9, 0x0, 0x0, 0x1000, 0xffffffff, 0x0, 0x0, 0x40}}}, &(0x7f0000000300)=<r6=>0x0)
syz_ublk_setup_queues(r1, r6, &(0x7f0000000540)={0x0, 0x0, 0x0, 0xfffffffe, 0x20000}, &(0x7f0000000a80)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x1, 0x0, 0x4}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x0, 0xfffffffd, 0x69, 0x0, r2}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xfffffffe, 0x800}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x6253, 0x10, 0x3}}], 0x1, &(0x7f00000003c0)={0x2e, 0x4c, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, '\x00', {0x0, 0xdbd, 0x0, 0x0}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1a, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x4}, 0x94)

4m1.134770991s ago: executing program 2 (id=312):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, &(0x7f00000003c0)="0f20d835200000000f22d848b80a000000000000000f23c00f21f835020005000f23f8c423795cf85e66baf80cb8d51dd485ef66bafc0cb02deef3420f6f9a04000000b9800000c00f3235000800000f30b979000000b8c5000000ba000000000f300f01f1f2362e670f238fd9f5", 0x6e}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@textreal={0x8, 0x0}], 0x1, 0x9, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4m1.006918404s ago: executing program 2 (id=317):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000300)={[{@grpquota}, {@quota}, {@quota}, {@stripe={'stripe', 0x3d, 0x3}}, {@jqfmt_vfsold}]}, 0xff, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = open(&(0x7f0000000280)='./file1\x00', 0x1cd142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8ffff)
sendfile(r0, r0, 0x0, 0x800000020)

4m0.842932249s ago: executing program 2 (id=319):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000dc0)=[{{&(0x7f00000002c0)={0x2, 0xce22, @remote}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="77f0930829b94d5ef14b64c65a1c62458969c7b6b62334e2c7bd8571ec5ff7ed5bba0b5757", 0x15}, {&(0x7f0000000740)="a4b62fba1f58bcb4d0b4aae25c320682186545c88af176f02befab01266f04034d523f09c769c859a8dd4fd7599ed87966dd14c1ef3d6cb1892ccc564eabe75bdd3ae131e08c9c2090", 0xff85}, {&(0x7f0000000680)='\x00\x002', 0x3}], 0x3}}], 0x2, 0x2400c8a0)
pipe2(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
splice(r1, 0x0, r4, 0x0, 0x38f9, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7fffffffffffefff, 0x0)
write(r0, &(0x7f0000000040), 0xffffff4a)

3m59.958806866s ago: executing program 2 (id=326):
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00'}, 0x18)
unlink(&(0x7f00000000c0)='./file0/../file0\x00')
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x9, 0x8010, 0xffffffffffffffff, 0xebe3e000)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x3)
write$P9_RCREATE(0xffffffffffffffff, 0x0, 0x0)
r0 = io_uring_setup(0x7cea, &(0x7f0000000200)={0x0, 0x9bc5, 0x2, 0x1, 0x32e})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000280)=[0xa6a0, 0x400], 0x2)

3m59.919765637s ago: executing program 2 (id=327):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000005c0), 0x2204010, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x800)
mkdir(&(0x7f0000000040)='./file0\x00', 0x65)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000480), 0x82, 0x0)

3m59.648313095s ago: executing program 2 (id=330):
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x141842, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1c1281, 0x15)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, 0x0, 0x21)

3m57.799095221s ago: executing program 38 (id=353):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x20132, 0xffffffffffffffff, 0xb299b000)
r0 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x8, r0)
r1 = syz_pidfd_open(r0, 0x0)
process_mrelease(r1, 0x700000000000000)
process_vm_writev(r0, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/227, 0xe3}], 0x1, &(0x7f0000000700)=[{&(0x7f0000000440)=""/135, 0x87}], 0x1, 0x0)

3m52.220734588s ago: executing program 39 (id=423):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000080), &(0x7f0000000280)=r1}, 0x20)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r1, r3}, 0x14)
syz_emit_ethernet(0x7a, &(0x7f0000000380)={@remote, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "bc4a06", 0x44, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x14}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x2, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x9}, 0x2, {0x3, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0)

3m48.781510061s ago: executing program 40 (id=461):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40040)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x709)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x0)

3m45.797345141s ago: executing program 41 (id=511):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f00000000c0)={[{@lazytime}, {@errors_remount}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x4)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x20000003}}, 0x2e)
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001300))

3m44.515763219s ago: executing program 42 (id=330):
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x141842, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1c1281, 0x15)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, 0x0, 0x21)

3m37.904950178s ago: executing program 3 (id=687):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x40080d4)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@rand_addr=0x64010102, 0x0, 0x5, 0x0, 0x3, 0x2, 0x20, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xac, 0xfff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x7fffffff, 0x10000}, {0x2, 0xa04, 0x40800000000000, 0x800000000000000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, [@tmpl={0x44, 0x5, [{{@in=@empty, 0x4d2, 0x3c}, 0xa, @in=@broadcast, 0x0, 0x0, 0x3, 0x8, 0x49}]}]}, 0xfc}}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000064010100000000000000000000000000fc01000000000000000000000000000000000000000000000a0000"], 0xfc}}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x3, @empty, 0xffffff0e}, 0x1c)

3m37.884391048s ago: executing program 3 (id=688):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x80})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

3m37.404155173s ago: executing program 3 (id=699):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',version=9p2000,msi:e=0x0000000000mmap,access=client,nodevmap'])

3m37.293067656s ago: executing program 3 (id=707):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
unshare(0x22020400)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x80000, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000003c0)={0x2020}, 0x2020)

3m37.253628148s ago: executing program 3 (id=708):
r0 = syz_usb_connect$uac3(0x0, 0x80, &(0x7f0000000100)=ANY=[@ANYBLOB="1201010200000040b421810040000102030109026e0003017f0006080b0002012230230904000000010130000a2401100a00090000000904014cbcda4430000904010101010230000905010960"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_usb_control_io$uac3(r0, 0x0, &(0x7f00000002c0)={0x44, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac3(r0, 0x0, &(0x7f00000007c0)={0x44, &(0x7f0000000040)={0x40}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac3(r0, 0x0, &(0x7f0000000880)={0x44, &(0x7f0000001580)={0x20, 0xc, 0x4, "198d65a0"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, &(0x7f0000000480)={0x14, &(0x7f0000000340)={0x0, 0x6, 0xbc, {0xbc, 0x30, "b026ec2c6eb480e2da31235404808cbd518df3fc3f2282449f57d69d08c0383c51f379935656d982f56caf0380787e1b0a7edb125d48ea04df1ea8728d8bbe97a0cd704b131b0c9a31a5c6f3c9fdc73a6382d7304f67ee6ed145b814b30d2735109056bd71ce113246b39ac39df90310d4d8ebd2ac333dd78a75418954b3ab0498d575ed5ddf3ce41ba3bcb4d15d6d666983bf678e25929b96aa6f659812b266aca1f318f5a579bcfdec4d0e3800ffbb3c36b07a0099e295f09a"}}, 0x0}, 0x0)

3m37.16995695s ago: executing program 3 (id=709):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000b00)={@desc={0x1, 0x0, @desc3}, 0x40, 0x0, '\x00', @b})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x9)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000040)=@v1={0x0, @adiantum, 0x4, @desc3})
chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x129042, 0x15)
pwrite64(r2, &(0x7f0000000200)='\x00', 0x1, 0x1)

3m37.115269072s ago: executing program 43 (id=709):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000b00)={@desc={0x1, 0x0, @desc3}, 0x40, 0x0, '\x00', @b})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x9)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000040)=@v1={0x0, @adiantum, 0x4, @desc3})
chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x129042, 0x15)
pwrite64(r2, &(0x7f0000000200)='\x00', 0x1, 0x1)

3m29.651487405s ago: executing program 6 (id=831):
mknod(&(0x7f0000000040)='./file0\x00', 0x1000, 0x1)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x82)
fchdir(r1)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
rename(&(0x7f0000000100)='./bus/file0\x00', &(0x7f0000000180)='./mnt\x00')

3m29.614351117s ago: executing program 6 (id=835):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xd41, &(0x7f00000042c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x17}, @val={@val={0x88a8, 0x1, 0x1, 0x3}, {0x8100, 0x0, 0x1, 0x4}}, {@llc={0x4, {@llc={0x6, 0x0, "b2", "14f5e4712cbc8200cae5b6dbf74b14b2bc7b2ab818491304ecd0413ac30e13ccebe3770f13865025769a1ada2f6d2bbeca1b853f90fd36b58cd0bc3550b58185bba743cb8b84c11208d3292012a8edaf64a1f8394e2ad5dd94732ab60e0b3d9441e0fd4721675111dde3394498822dd4880ec74e93dfc8f4195a7622ab135c6aae8c5289b764aaddc6dcf0a0b73dd96d2bed4cb25fa3ea0ff5d9c6ce418739ca515f4b4dbbce09c39ba73cee7450b32ab45207ca2bcae21137fa2186dcce3f06b457e52723492003765ef0a443cb67e863f2540a785415baff074cedbe972f0c26ba359e9b634ab5b6760cb6b82a2476d56f7ad51413420d98d65f182dcaf5e27a10dcf98ea146a153ea6e0e1ce67f687ac92218ed7c0d26e685e91f7716e50a4db2ab1890217c7867712ce2f43ef43ef450d1708068cfad143fedc106369eda9ebada3bdcc5561983150e4ece542ca3772c3182fae9b1662b442e8cd5fcbfffdd85c955db3e1bce003ef7721c1485c7a1d422f49f0e311e77809e1f14d652dd8fc2d430d9791007e5becdb2cda95167802c1c127a45adf86d65c6ec6cf8e8b16a5cb7ae36b68fa5ce99d27f7c4597b239c413d4b11048da0e14e07e66d7874cbefc49d70719a34278c1045445a6ce6a1a2ccd9371a500e86eaab27b27ffac94d417a20482dcac1891e412bff1f90829b206fda2c13790fd61a07475e85a6677c4eba06f2f7587ec1849acc0f2cae453fe02031ef37117dd332d24fe76d58d7e67776f2a04ec6331366d5f1aa764877441038db526a5d41a21fe7cbf555fc9891ed82cbd6c28647ff23fad2761f9bd865d132b974048a25e8319b0c031ec4f40985c9e5e3e7dea7c4be12026d8e9ae7c7a083ee29eef43079e4179bb802fe171ab18e4357af033a7b8915bcd8c40951cf81501652e102f9dd8a2f41d684f2e0d0fc4f7a8973b57b6cc9785d9955aa74d53639505d90b932419f94fe18bbadad892360c343c022125be4759790094ab0f5b854bddb7d00ebc9deee4b068a1117df66db685f71c82c7c45e4b6ab8016cd88120ca02a86deba1f257b253472ac45a88fe53b971cbfb2ca59d8ee9c59b851acaccb6cb3a1187bee739cf898e31d198aae329276714758d3b24d267cadebef071bb82e87f19a66339825a1eb2d670ae2e76a22818705b8b902eb534e97ad69ef898ae40d1ae36fd555258daf157dc38973a0dba3986eaf648f227cca7b155c90aba748bdb4ca4d0013501983dbdf4fc2e2520cf031b67aa78cb246dfa746ed5c27c88649e499e48e7a55261042a1a33d6d350dd2a852ab2b2e6f1c27294f2a63a4047f19248a282fafa245ad5545985d21cb97144f4da9363116b6cf611827badb42aab426d2199a65c666d5052713bd12fb62556c8d7f47b6aa1b259b90992a9137f30caa514f02c8b4bb762a1b2d73439cf00b93712ba3bc5d62f99dedcfd1f9bd304c9b9a50a40861cf5c14ce8441713a4bde5dd530080ec8e152f5d9cebc578779bcc68fde337ee9ff9677672920814c004c42b3238484c424c17bbff23b42c196360a96ebc2b05a39d8f50f29b8a9808ddb6589b4e4602134ba5d5aadb3a9a58012b50631d246df09da2342fbd4179e578773f7eda3d6150a8fcc5313500bcdb4675d73589a8f58a79cdc3fd8cadee3af58c03c9918894cdb45bc2b17847026b9025cde3adcb63a722afc1d58b02d89f866f7cc5ee641b21fc4484d0d38d11ff586087fc79d5dccceb9bd7822d9392eaa49c7615d92b0229f3aee56f6950d294e4358565b0966f88090188c71856a1bb166c215be188b264e0110aee053bca3ea80c4d5b2bb38aa762e973b76f332bcf1007ebdf645199ff1c896d5c43c962f15b8ef49af0ee649cf6b741db93587bfe6fb74f30c242825958fad34ef4b3d2166971b0cc258ffaa08a77db15872208e58a2e5cd5135abaef6938156bbc68406442ef3d178288168ba17d766e55bf64c2c015a0de9f41f6d5ba7b6025a079c36164921ea2b85d987f037f6d7360aca2e4f3b7d062c6b75d2973f4a462f6255b2f0ba4c3001fe3e06fbe0b37fa48b254bda41710c32ca0f3304ed3058bdf4576647bd3134cc72465b45eba3880fff9aee00273c8317544f94ac76009ac45aa1cf689ee3abefd7f7e632d1ec918463da1afbf6a5f3817968732fa9df42f01599d934d5f0fa456dcac0d3a346b8fc022f43c829de6e1be3c1ef79d736cef64235ed7117e288585c0b807506ffaa82d737f87472366e8155b9017f6b0c0d385a7d7acc814cc3f5d4d8d3abbf9adaa832d82d2d0a1846a08ea6629396854d83422f50caf43d466159976afb0b6215982d00cfe4a20423d976e162bbbff196133ce36ff8e281284168ee0ef3c31eef22db439c82590c456ea04a0e596be7e91288cc506459d258d8ecc5bfbb8c4e63fec8f2d39e5643f114721f62b1594b61234e30b56e8f57b2de7999091d28303c2cd592befdcba51ee8a28750eb024eb6d80bbd4f556daa951da6ace73188a5e965a33e511838cb7cb47924c33beefd0426049a932d58c4d0d037b3eaae2bb738032daf82402ca24fe0971fda951be053e1dd2224d9c09995fb79b090a9274f69982f60e0373889402b187eaacb535df64f9000764bdcd88167e85e399197f77d8292663ee19ea70adc80fb26e4cc6e7b3e54e6c2bdf1dfdb01d9292c813ad1fc30c5ff205149b2239b8af9993381d126423e5c1688c3eba332cfc0b0ce3fcdaadbaaecca5b7dd58d4c698e739ea0f80e3a500cba339d65de9e6e5a42a5c72d406b330724f35a17239e848bbc534cd2fa2a82df36f28237bc29a5dad98a98b020bd199a5cb6b89d41b6edd6e4b0d32a9a43b90bb8f81fb5d094b23a7798d1e974c1923a0c8ac263d6f0938944267bcec54bbb663f1b6478dd7af27010b3ef6ea19f4b5064e4ae54f79adf7ab8c7de74753c5a93e73f71516ec236f255c638a3f0538cbb224c0643b0fa4b0e6d16b9c213b449fed97f1ae4791812feb18ca7f4e26a19ab0c7ce1d05a0ac06b8de370eae7831c7b9b14d288fc689751deca2b756a8d5da8aeec8c5febcec3c8a2f3c7f9c84e76a3604843c20a8f971b7e90332c63fd7a26d098bf226d08fbd1302bca3cf6054915b94ba841db62254d2a33297ba031128d29b44bd4065d44c0fde93b14b0829a83d21920a0788d25ef76c7b5527b172b42b3d906b611330b0896897c3ed36d9089934f37e0deaaa4fcdab7dfc25d7597559e1204652480eec083e370cafc0d8df29e565d2b4cb3c64334d074efcd9e3e8ef4855f558d5f8a55317a0f5091efc000bef43c51337133e887e1081a914acf0981a2d4803a014987dd6804ef7bfc00cc009ff6ab616797324fe5bc9327b6f29b17124a97a8e23ce63aa089ac1ae6f4acd86531c2a091bebb09a9aaa8ee15229ecbb7b72279837871e6faba8f5737af82727f86225b557f6461ca433191f7bf66daa8c183ed22fe41d6c1ee296bf40df072ad71408a55673562d81347bf986b880747f2a32e6c5d4c21f6a194aa0527d53b1b9416d5df86615238cb37457681bae52bcb443bf386bf22f8a8dba4a97341db77b4a9e8d103cbd6c647270a7e5a5ae50124c53d4829188b7bbfddfcbd7251892b77d2f382db31765b00c1262f14b2e5e86d80b9c14f72a681b36f0a406d758176bd1b8f333a63efda2a300dab8a2cb767817e18115828a95b0b926e5a567801a158b524fc3bc120bf4189b11e260d56d303dd9bf4f0db68cbb481eed32d21b67b8b18029b625daa2a0f2b4b6637698176ca395d800c6772e81e1fd538a919de3d1915f4a075de381f9eaad2d3f2d1de88c3471ca663dc7b2b8c56f5dbe698d5f59d3a9c0011bfce8ec6c08385af0a6d548dcb4b5ab0e518e3b30acacc13f69ce9c0ef0bc5be3c165d6c0c1207bdc6c1b77b7fe5a9a829652a329375cc29f1f328edd5d3c30ef55f56250cd91ed043ea9aaa21b2e4a243e7a1034d3c539403a68d52f0275285535bb4e7501f0f3aac15d50f7e304853d91aa16fb143b0b2e6cc1698e61defb0c64a5bd42e863593114e882cce5e8a3bc0ed6c090d9d9e251d6bef585028bd1e22d0791d690805bfe48a16067d3613cccfa4917a3d874f10c453b40e4091524825bbddab72101d6211b715d118679cf0a3c7a97a911b0b66e65dcdc7fdba917894488b02bf5aa4422abcb2cd43274e3853464d0f1aa6d3aff361c52424bea3d8b3c237beb41df876fdab108d362cd8f65c50483ad1b78832777faf273e6d0a05ca8ec39c911ffd6adfbe441c4a6284379526c0dcc333c18a203657d9d6d5551e09f3b86bc48b352304aac4acdaf8c204e5c74d8f8100d71f42f15bdb34772a1a151bfae8b2d597db9b4b9930715c84aeb749fd59816536e465c7a9fbe55dc6a9b601e5d8b537d56ba802976ac4e994aed3bee33778c7f9876e99033215af524612973483037be7f91a2e80b4859851d5a99e80471a168a57490ff1f8fa001145332ab552906c9bf1f6bcc134c811d0d4eea76f3cb5b28d92f3986421504ba1f0d07df1d9784c95381e5ddf4be01f02ba11ef541d6109a11c53cc1567f24f630f590287d6b038dce0f6d66592c029af8f417f76c99d974b2a2d7926389fd18f2690766f737647eee1c3ee39e874be797188a2acd361d9b917390cc76a00eae8627fa4c57bbfa7269358a8f9aef67d49319935700f51a071ce08fa37ff48eb1a81d3648e0e1316bfe18ca77f27269f380"}}}}}, 0x0)

3m29.539723029s ago: executing program 6 (id=836):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000001b40), 0x202, 0x0)
r0 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x0, 0x158}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_ublk_add_dev(0xffffffffffffffff, r1, r2, r3, &(0x7f0000000200)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, <r4=>0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000440)=@new_dev={0x4, 0x3c9, 0x0, 0x0, 0x1000, 0xffffffff, 0x0, 0x0, 0x40}}}, &(0x7f00000000c0)=<r5=>0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = dup(r6)
syz_ublk_setup_queues(r7, r5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x257, 0x0, r7}, &(0x7f0000000800)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7ffffe, 0x100, 0x1000000, 0x10000004}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xfffffffa, 0x2, 0x0, 0x146, 0x0, r0}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1f70, 0x2, 0x1}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x8000, 0x1, 0xffffffff}}], 0x1, &(0x7f0000000340)={0x2e, 0x44, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {}, 0x0, r4, '\x00', {0xfff9, 0x5, 0x0, 0x0}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000"], 0x50)

3m28.613436357s ago: executing program 6 (id=857):
r0 = socket(0x11, 0x3, 0xff)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={<r1=>0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000000140)=0xc)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000240)='./file1\x00', 0x2000084c, &(0x7f0000000300)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r2, @ANYRES64=r1, @ANYRES8=r3, @ANYRES16=r1, @ANYRES64=r1, @ANYBLOB="2c6469736361726459ad809e1eb82c00fb278330ab3b4884d36adf6908d11f5783dc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x81, 0x14fc, &(0x7f0000002a80)="$eJzs3AuUjlXbOPB97b1vxjTpaZLDsK993TxpsE2S5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDR5pUmSkJCw/0vv+356v97v6/3W2/+z1jfXb629Zl9zP9f1XPdcs+a572eteb7rOapei/q1mxGR+LfAX7+kCCFihBDDhBDXCSECIUSl+Erxl48XUJDy7z0J+3M9nH61O2BXE88/b+P55208/7yN55+38fzzNp5/3sbzz9t4/ozlZdvnFLueV95d/P5/Xsav//+H5Jaf/NXG8jf2+h+k8PzzNp5/3sbzz9t4/nkbzz9v4/n/31frvznG88/beP6M5WVX+/1nXld3Xe3fP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjecM5f4UWQvx9f7X7YowxxhhjjDHG2J/H57/aHTDGGGOMMcYYY+z/PxBSKKFFIPKJ/CJGFBCx4hoRJ64VBcV1IiKuF/HiBlFI3CgKiyKiqCgmEkRxUUIYgcIKEqEoKUqJqLhJlBY3i0RRRpQV5YQT5UWSuEVUELeKiuI2UUncLiqLO0QVUVVUE9XFnaKGuEvUFLVEbXG3qCPqinqivrhHNBD3iobiPtFI3C8aiwdEE/GgaCoeEs3Ew6K5eES0EI+KluIx0Uq0Fm1EW9Hut/l98/+L+S+JvuJl0U/0FyligBgoXhGDxGAxRAwVw8SrYrh4TYwQr4tUMVKMEm+I0eJNMUa8JcaKcWK8eFtMEBPFJDFZTBFTRZp4R0wT74rp4j0xQ8wUs8RskS7miLnifTFPzBcLxAdiofhQLBKLxRKxVGSIj0SmWCayxMdiufhEZIsVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLT8UOsVPsErvFHrFX7BOfif3ic3FAfCFyxJf/w/yz/ym/FwgQIEGCBg35IB/EQAzEQizEQRwUhIIQgQjEQzwUgkJQGApDUSgKCZAAJaAEICAQEJSEkhCFKJSG0pAIiVAWyoIDB0mQBBXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCyZAMXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB1SYSSMgjfgDXgTxsAZGAvjYDyMhxpyIkyCyUByKqRBGkyDaTAdpsMMmAkzYTakwxyYC3NhHsyH+fABLIQP4UNYDIthKWRABmTCMsiCLFgOZyEbVsBKWAWrYQ2shnWwHtbBRtgEG2ELbIFtsA0+hU9hJ+yE3bAb9sJe+Aw+g8/hc0iFHMiBg3AQDsEhOAyHIRdy4QgcgaNwFI7BMTgOx+EEnIRTcBJOw2k4A2fhHJyD83AeLsALCd8031tmQ6qQl2mpZT6ZT8bIGBkrY2WcjJMFZUEZkREZL+NlIVlIFpaFZVFZVCbIBFlClpAoUZIMZUlZUkZlVJaWpWWiTJRlZVnppJNJMklWkBVkRVlRVpK3y8ryDllFVpUdXXVZXdaQnVxNWUvWlrVlHVlX1pP1ZX3ZQDaQDWVD2Ug2ko1lY9lEPiibygEwBB6WlyfTQo6ElnIUtJKtZRvZVr4Jj8v2cgx0kB1lJ/mkHAdjoYts75LlM7KrnATd5HNyMjwve8ip0FO+KHvJ3rKPfEn2lR1cP9lfzoABcqCcDYPkYDlEDpXzoK68PLF68nWZKkfKUfINuRTelGPkW3KsHCfHy7flBDlRTpKT5RQ5VabJd+Q0+a6cLt+TM+RMOUvOlulyjpwr35fz5Hy5QH4gF8oP5SK5WC6RS2WG/EhmymUyS34sl8tPZLZcIVfKVXK1XCPXynVyvdwgN8pNcrPcIrfKbXK7/FTukDvlLrlb7pF75T75mdwvP5cH5BcyR34pD8q/yEPyK3lYfi1z5TfyiPxWHpXfyWPye3lc/iBPyJPylPxRnpY/yTPyrDwnf5bn5S/ygrwoL0kvhQIllVJaBSqfyq9iVAEVq65RcepaVVBdpyLqehWvblCF1I2qsCqiiqpiKkEVVyWUUaisIhWqkqqUiqqbVGl1s0pUZVRZVU45VV4lqVtUBXWrqqhuU5XU7aqyukNVUVVVNVVd3alqqLtUTVVL1VZ3qzqqrqqn6qt7VAN1r2qo7lON1P2qsXpANVEPqqbqIdVMPayaq0dUC/WoaqkeU61Ua9VGtVXt1OOqvXpCdVAdVSf1pOqsnlJd1NMqWT2juqpnVTf1nOqunlc91Auqp3pR9VK9VR91UV1SXvVT/VWKGqAGqlfUIDVYDVFD1TD1qhquXlMj1OsqVY1Uo9QbarR6U41Rb6mxapwar95WE9RENUlNVlPUVJWm3lHT1LtqunpPzVAz1Sw1W6WrOWrI3yot+Bfy3/0n+SN+ffZtarv6VO1QO9UutVvtUXvVPrVP7Vf71QF1QOWoHHVQHVSH1CF1WB1WuSpXHVFH1FF1VB1Tx9RxdVydUCfVz+pHdVr9pM6os+qs+lmdV+fVhb/9DIQGLbXSWgc6n86vY3QBHauv0XH6Wl1QX6cj+nodr2/QhfSNurAuoovqYjpBF9cltNGorSYd6pK6lI7qm3RpfbNO1GV0WV1OO11eJ+lb/u38P+qvnW6n2+v2uoPuoDvpTrqz7qy76C46WSfrrrqr7qa76e66u+6he+ieuqfupXvpPrqP7qv76n66n07RKXqgfkUP0oP1ED1UD9Ov6uF6uB6hR+hUnapH6VF6tB6tx+gxeqweq8fr8XqCnqAn6Ul6ip6i03Sanqan6el6up6hZ+hZepZO1+l6rp6r5+l5eoFeoBfqhXqRXqSX6CU6Q2foTJ2ps3SWXq6X62y9Qq/Qq/QqvUav0ev0Or1Bb9Cb9Ca9RW/R2Xq73q536B16l96l9+g9ep/ep/fr/fqAPqBzdI4+qA/qQ/qQPqwP61ydq4/oI/qoPqqP6WP6uD6uT+gT+pQ+pU/r0/qMPqPP6XP6vD6vL+gL+pK+dPmyL5CBDHSgg3xBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEYAIMbEBBGJQMSgXR4KagdHBzkBiUCcoG5QIXlA+SgluCCsGtQcXgtqBScHtQObgjqBJUDaoF1YM7gxrBXUHNoFZQO7g7qBPUDeoF9YN7ggbBvUHD4L6gUXB/0Dh4IGgSPBg0DR4KmgUPB82DR4IWwaNBy+CxoFXQOmgTtA3a/an1vT9T5AnXz/Q3KWaAGWheMYPMYDPEDDXDzKtmuHnNjDCvm1Qz0owyb5jR5k0zxrxlxppxZrx520wwE80kM9lMMVNNmnnHTDPvmunmPTPDzDSzzGyTbuaYueZ9M8/MNwvMB2ah+dAsMovNErPUZJiPTKZZZrLMx2a5+cRkmxVmpVllVps1Zq1ZZ9abDWaj2WQ2my1mq9lmtptPzQ6z0+wyu80es9fsM5+Z/eZzc8B8YXLMl+ag+Ys5ZL4yh83XJtd8Y46Yb81R8505Zr43x80P5oQ5aU6ZH81p85M5Y86ac+Znc978Yi6Yi+aS8Zcv7i+/vKNGjfkwH8ZgDMZiLMZhHBbEghjBCMZjPBbCQlgYC2NRLIoJmIAlsAReRkhYEktiFKNYGktjIiZiWSyLDh0mYRJWwApYEStiJayElbEyVsEqWA2r4Z14J96Fd2EtrIV3491YF+tifayPDbABNsSG2AgbYWNsjE2wCTbFptgMm2FzbI4tsAW2xJbYClthG2yD7bAdtsf22AE7YCfshJ2xM3bBLpiMydgVu2I37IbdsTv2wB7YE3tiL+yFfbAP9sW+2A/7YQqm4EAciINwEA7BITgMh+FwHI4jcASmYiqOwlE4GkfjGByDY3Ecjse3cQJOxEk4GafgVEzDNJyG03A6TscZOANn4SxMx3Sci3NxHs7DBbgAF+JCXISLcAkuwQzMwEzMxCzMwuW4HLMxG1fiSlyNq3EtrsX1uB434kbcjJtxK27F7bgdd+AO3IW7cA/uwX24D/fjfjyABzAHc/AgHsRDeAgP42HMxVw8gkfwKB7FY3gMj+NxPIEn8BSewtN4Gs/gGTyH5/A8/oIX8CJeQo8xVopYe42Ns9fagvY6G2ML2N/GRW0xm2CL2xLW2MK2yD/EaK1NtGVsWVvOOlveJtlbfhdXsVVtNVvd3mlr2Ltszd/FDey9tqG9zzay99v69p5/iBvbB2wT+6htah+zzWxr29y2tS3so7alfcy2sq1tG9vWdrZP2S72aZtsn7Fd7bO/izPtMrvebrAb7Sa7335uz9mf7VH7nT1vf7H9bH87zL5qh9vX7Aj7uk21I38Xj7dv2wl2op1kJ9spdurv4ll2tk23c+xc+76dZ+f/Ls6wH9mFNssusovtErv01/hyT1n2Y7vcfmKz7Qq70q6yq+0au9au+49eV9ktdqvdZvfZz+wOu9PusrvtHrv31/jyeRywX9gc+6U9Yr+1h+xX9rA9ZnPtN7/Gl8/vmP3eHrc/2BP2pD1lf7Sn7U/2jD376/lfPvcf7UV7yXorCEiSIk0B5aP8FEMFKJauoTi6lgrSdRSh6ymebqBCdCMVpiJUlIpRAhWnEmQIyRJRSCWpFEXpJipNN1MilaGyVI4clackuoUq0K1UkW6jSnQ7VaY7qApVpWpUne6kGnQX1aRaVJvupjpUl+pRfbqHGtC91JDuo0Z0PzWmB6gJPUhN6SFqRg9Tc3qEWtCj1JIeo1bUmtpQW2pHj1N7eoI6UEfqRE9SZ3qKutDTlEzPUFd6lrrRc9Sdnqce9AL1pBepF/WmPvQS9aWXqR/1pxQaQAPpFRpEg2kIDaVh9CoNp9doBL1OqTSSRtEbNJrepDH0Fo2lcTSe3qYJNJEm0WSaQlMpjd6hafQuTaf3aAbNpFk0m9JpDs2l92kezacF9AEtpA9pES2mJbSUMugjyqRllEUf03L6hLJpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpG2+lT2kE7aRftpj20l/bRZ7SfPqcD9AXl0Jd0kP5Ch+grOkxfUy59Q0foWzpK39Ex+p6O0w90gk7SKfqRTtNPdIbO0jn6mc7TL3SBLtIl8iRCCGWoQh0GYb4wfxgTFghjw2vCuPDasGB4XRgJrw/jwxvCQuGNYeGwSFg0LBYmhMXDEqEJMbQhhWFYMiwVRsObwtLhzWFiWCYsG5YLXVg+TApvCSuEt4YVw9vCSuHtYeXwjrBKWDV89P7q4Z1hjfCusGZYK6wd3h3WCeuG9cL64T1hg/DesGF4X9govD+sGD4QNgkfDJuGD4XNwofD5uEjYYvw0bBl+FjYKmwdtgnbhu3Cx8P24RNhh7Bj2Cl8MuwcPhV2CZ8Ok8Nnwq7hs394PCUcEA4MXwlfCb2/Ty2JLo1mRD+KZkaXRbOiH0eXRz+JZkdXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W9r59fOHDSKadd4PK5/C7GFXCx7hoX5651Bd11LuKud/HuBlfI3egKuyKuqCvmElxxV8IZh846cqEr6Uq5qLvJlXY3u0RXxpV15Zxz5V2Sa+vauXauvXvCdXAdXSf3pHvSPeWeck+7p90zrqt71nVzz7nu7nnXw73gXnAvul6ut+vjXnJ93cuun+vvUlyKG+gGukFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7GW6Gm+VmuXSX7ua6uW6em+cWuAVuYeJCt8gtckvcEpfhMlymy3RZLsstd8tdtst2K91Kt9qtdmvdWrferXcb3Ua32W12W91Wt91tdzvcDrfL7XJ73B63z+1z+91+d8AdcDkuxx10B90hd8gddl+7XPeNO+K+dUfdd+6Y+94ddz+4E+6kO+V+dKfdT+6MO+vOuZ/defeLu+AuukvOu7TIO5FpkXcj0yPvRWZEZkZmRWZH0iNzInMj70fmReZHFkQ+iCyMfBhZFFkcWRJZGsmIfBTJjCyLZEU+jiyPfBLJjqyIrIysiqyOrIl4X3xH6Ev6Uj7qb/Kl/c0+0ZfxZX0573x5n+Rv8RX8rb6iv81X8rf7yv4OX8VX9dX8Y76Vb+3b+La+nX/ct/dP+A6+o+/kn/Sd/VO+i3/aJ/tnfFf/rO/mn/Pd/fO+h3/B9/Qv+l6+t+/jX/J9/cu+n+/vU/wAP9C/4gf5wX6IH+qH+Vf9cP+aH+Ff96l+pB/l3/Cj/Zt+jH/Lj/Xj/Hj/tp/gJ/pJfrKf4qf6NP+On+bf9dP9e36Gn+ln+dk+3c/xc/37fp6f7xf4D/xC/6Ff5Bf7JX6pz/Af+Uy/zGf5j/1y/4nP9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/ef+h1+p9/ld/s9fq/f5z/z+/3n/oD/wuf4L/1B/xd/yH/lD/uvfa7/xh/x3/qj/jt/zH/vj/sf/Al/0p/yP/rT/id/xp/15/zP/rz/xV/wF/0l/p81xhhjjLF/ifqD4wP+yffk39ZlA4UQ1+4slvufa24u/Nf9YJnQOSKEeKZ/z4f/vurUSdn698dmKxGUWiyEiFzJzyeuxCtEJ/GUSBYdRYV/2t9g2fs8/b5+Sspv6kdvFyL2Nzkx4kp8pf6t/0X9x58cn1k5PBf/39RfLERiqSs5BcSV+Er9iv9F/SLt/6D/Al+lCdHhNzlx4kp8pX6SeEI8K5L/4ZGMMcYYY4wxxthfDZbVuv/R/fPl+/MEfSUnv7gS/9H9OWOMMcYYY4wxxq6+53v3efrx5OSO3XnDG97w5j82V/svE2OMMcYYY+zPduWi/2p3whhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5V3/Gx8ndrXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/l8AAAD//zG6PD0=")
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)

3m28.448602901s ago: executing program 6 (id=858):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@delchain={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x4, 0xffff}, {0x7, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008051}, 0x0)

3m28.345938755s ago: executing program 6 (id=859):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xf4e)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x102)

3m28.292575776s ago: executing program 44 (id=859):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xf4e)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x102)

3m13.304004655s ago: executing program 5 (id=1223):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r1 = socket(0x400000000010, 0x3, 0x0)
write(r1, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030011000500e1000c0400070080000f00", 0x33a)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd70000000000005000000060005004e20000008000300ac"], 0x38}}, 0x4c8c0)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f00000000c0)=@arm64)
syz_usb_connect$uac3(0x5, 0xa4, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x1235, 0x2, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x92, 0x3, 0x1, 0xf, 0x10, 0xfa, {0x8, 0xb, 0x0, 0x2, 0x1, 0x1, 0x30, 0x3}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x4, 0x2e, 0x1b}, [@processing_unit={0x11, 0x24, 0x9, 0x1, 0x1, [0x0, 0x1, 0x3]}, @output_terminal={0x13, 0x24, 0x3, 0x2, 0x303, 0x5, 0x1, 0x5, 0x2, 0x3, 0x7fff, 0x10}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x6, 0x80, 0x1, {0xa, 0x25, 0x25, 0x2, 0x7, 0x1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x1, 0x4, 0x9, {0xa, 0x25, 0x25, 0x2, 0x3, 0x4}}}}}}}}]}}, 0x0)

3m12.020693774s ago: executing program 5 (id=1261):
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r1, 0x406, r1)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0x20000001})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000580)={0xa0002008})
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0x10})

3m11.973934895s ago: executing program 5 (id=1263):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x67da, 0x4)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0x6)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r1=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r1, 0x0}])
recvmmsg(r0, &(0x7f0000003200)=[{{0x0, 0x30, 0x0}, 0x1000007}], 0x1, 0x10020, 0x0)
sendmmsg$inet(r0, &(0x7f0000000340)=[{{&(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000400)='\b\x00\x00\x00(\x00\x00\x00', 0x8}], 0x1}}], 0x1, 0x4044800)

3m11.864706198s ago: executing program 5 (id=1269):
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./bus\x00', 0x3010052, &(0x7f0000000600)=ANY=[], 0x41, 0x14fe, &(0x7f0000000700)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
creat(&(0x7f0000000580)='./bus\x00', 0x9e)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1084, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000000a00)="c7", 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x2)

3m11.751742452s ago: executing program 5 (id=1275):
r0 = io_uring_setup(0x4822, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x3, 0xfb})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000380)='g', 0x1, 0x8812, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000e00)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f00000002c0)=""/131, 0x83}], 0x1}, 0x2}], 0x1, 0x10122, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3m11.628113485s ago: executing program 5 (id=1278):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv4_deladdr={0x18, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}}, 0x18}}, 0x0)

3m11.627927505s ago: executing program 45 (id=1278):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv4_deladdr={0x18, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}}, 0x18}}, 0x0)

3m3.922786899s ago: executing program 1 (id=1460):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m3.787730163s ago: executing program 1 (id=1463):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r1, r3}, 0x10)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x10040)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x67, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

3m3.701866215s ago: executing program 1 (id=1465):
syz_emit_ethernet(0x4a, 0x0, 0x0)
r0 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000ac0)=@raw={'raw\x00', 0x3c1, 0x1a6cc7, 0x2a8, 0xf0, 0x5802, 0x294, 0xf0, 0x294, 0x1d8, 0x378, 0x378, 0x1d8, 0x378, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @private0, [], [], 'macvtap0\x00', 'vlan1\x00', {}, {}, 0x0, 0x0, 0x9}, 0x0, 0xa8, 0xf0, 0x52020000}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', {0x3}}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x3, 0x0, 0x6536, 0xdfc, 0x25676d1d, 0x1000, 0x1ff, 0x81]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16=0x0], 0x1, 0x2c2, &(0x7f00000006c0)="$eJzs3T+LI2UYAPBndpNJ7iySwkoEB7SwOm6vtckiOThMpaRQC128O5AkCHew4CkGK1sbSz+BINj5JWwEP4DgB7DzioNXJpkh2btJsoHLrX9+vyL77Lzv877POzPZPyzz7sevziZ3i7j/9Ze/R7ebxdEgBvE4i34cRS2llGJl8G0AAP9mj1OKP9PSJVMG5UsWEd3DlgYAHMje3/9/OnhJAMCBvff+B++cjkbDd4uiG7dn35yPy9/sy4/L9tP78WlM417cjF48Wf4toP5poXy9nVKat4pSP96Yzc/HZebso1+q8U/riU6iF/1FdDH/zmh4Uiyt5c/LOq5X8w/K+W9FL15umP/OaHirIT/Gebz5+lr9N6IXv34Sn8U07i6KWOV/dVIUb6fv/vriw7K8Mj+bn487i34r6fjFXRUAAAAAAAAAAAAAAAAAAAAAAP7rblR753RisX9Peajaf+f4SflJO4pa/+L+PMv8rB7oqf2B5im+T6nTihgNbxZFkaqOq/xWvNKK1tWsGgAAAAAAAAAAAAAAAAAAAP5ZHn7+aHI2nd570BD8dj1iQ9OGoN4NoH6sf0fW8aamwdqR1+LR5KyzecC1pqMq3DJpHNd9soity4lWux65v9dJ2D+4tqnmH37cd8Du7j7tbefn+QT13TU5y6KxTyfqI936mv683iePS86Vb2pKu2+/tSBvbOrtvfb8pUUw39Insm2FvfXH8sxVR7KnV5EvzmpjenttN47me6P5Wmx6pzwjW7yt8+f3xQcAAAAAAAAAAAAAAAAAALhg9dDvM03XdqQepc7BygIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAF2r1///3COZV8iU65/Hg4RUvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BvwMAAP//QSRWPA==")
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)

3m3.577618318s ago: executing program 1 (id=1473):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x802, &(0x7f0000000500)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=', @ANYRESDEC=0x0])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r0, 0x8008976)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

3m3.4849139s ago: executing program 1 (id=1475):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000bfd000/0x400000)=nil, &(0x7f0000bd1000/0x2000)=nil, 0x400000, 0x2})

3m3.20591757s ago: executing program 1 (id=1481):
ioctl$KDSKBSENT(0xffffffffffffffff, 0x4b49, &(0x7f0000000000)={0x0, "9c36db0361f2a3a65ab6f4489734074a6583c31f74d8b8e7bbf198aa3271d16573409a3e4b75da749bedf71505b787bf00bcdb254508f8278efdb84ebd46840b209bfef2583f0c17f92258a00dba102bbfe1863c044ec4dbc85caba0349b2d345720db06e9766f4dc2a28fa864c962eaa7bdd660772be89540133b192d32e5a2a544f077ad333fade504915acd7101a552b028358ff84370b850f45674dae027bc54b8a2cca4eb1df21b69c7c1d4e8eaab658edfa71b932e8b4d20907e95d017a55588c2afe737e2320f9a1f7266a0d384185854d22e243d82c11c76f8e7cd06d582767dd7ec72c8500f838c562bcfccb1b864e7e342081893ee13e4c938ebae5115c51f82bbd2d8714d94058bf2485804a01141cd8f31a07ca20c489cc2dcae71275b5d299c5efb9a2010aaaacf65b20e02d3eb91ae9b9e96c5d863bc9b267aaca1fc059f5b038f5e64965205fc969165688662eb592215ca9e8eb53a6d9435281f48f42099e0c9d7008d3eb1e03b93042ca5923a3be4952220c9788721e1c0b373c0066ed2ee8b8845c885551c71d281356022885764c4303f5aaf7794d868e9a022aa8d3d70470bc3031048bcc832d4bcc6819e72f0e29fdd031f0b009486bfbf6bb421e5597d99be63797f9d921ffb082a42d85dfd92f172e1e7d94846a6783bb774e014a5e60c6f2f137722ae89878516321cfab3847f92f2c50fd25e67"})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fsopen(&(0x7f0000000240)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup=<r3=>r2, 0x6, 0x0, 0x50d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x40)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbc)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000440)={r5, r3, 0x15, 0x0, @val=@netkit={@void, @value, @void, @void, r4}}, 0x1c)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x11000, 0x0, 0x0}, &(0x7f0000000080)=0x40)

3m3.20578992s ago: executing program 46 (id=1481):
ioctl$KDSKBSENT(0xffffffffffffffff, 0x4b49, &(0x7f0000000000)={0x0, "9c36db0361f2a3a65ab6f4489734074a6583c31f74d8b8e7bbf198aa3271d16573409a3e4b75da749bedf71505b787bf00bcdb254508f8278efdb84ebd46840b209bfef2583f0c17f92258a00dba102bbfe1863c044ec4dbc85caba0349b2d345720db06e9766f4dc2a28fa864c962eaa7bdd660772be89540133b192d32e5a2a544f077ad333fade504915acd7101a552b028358ff84370b850f45674dae027bc54b8a2cca4eb1df21b69c7c1d4e8eaab658edfa71b932e8b4d20907e95d017a55588c2afe737e2320f9a1f7266a0d384185854d22e243d82c11c76f8e7cd06d582767dd7ec72c8500f838c562bcfccb1b864e7e342081893ee13e4c938ebae5115c51f82bbd2d8714d94058bf2485804a01141cd8f31a07ca20c489cc2dcae71275b5d299c5efb9a2010aaaacf65b20e02d3eb91ae9b9e96c5d863bc9b267aaca1fc059f5b038f5e64965205fc969165688662eb592215ca9e8eb53a6d9435281f48f42099e0c9d7008d3eb1e03b93042ca5923a3be4952220c9788721e1c0b373c0066ed2ee8b8845c885551c71d281356022885764c4303f5aaf7794d868e9a022aa8d3d70470bc3031048bcc832d4bcc6819e72f0e29fdd031f0b009486bfbf6bb421e5597d99be63797f9d921ffb082a42d85dfd92f172e1e7d94846a6783bb774e014a5e60c6f2f137722ae89878516321cfab3847f92f2c50fd25e67"})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fsopen(&(0x7f0000000240)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup=<r3=>r2, 0x6, 0x0, 0x50d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x40)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbc)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000440)={r5, r3, 0x15, 0x0, @val=@netkit={@void, @value, @void, @void, r4}}, 0x1c)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x11000, 0x0, 0x0}, &(0x7f0000000080)=0x40)

6.761758559s ago: executing program 9 (id=3444):
creat(0x0, 0xd931d3864d39dcca)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r0, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
flock(r1, 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x10a)
flock(r2, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

5.238042776s ago: executing program 9 (id=3451):
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x9, 0x0, 0x2, 0x180, 0x5, 0x4, 0xf1, 0x50, 0x12, 0x2, 0x0, 0x29, 0x0, 0x6, 0x0, 0x8000000bdb], 0xd000, 0x43102})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, 0x0)
poll(&(0x7f00000000c0)=[{r0, 0x4000}], 0x1, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x4, 0x1000000000, 0x0, 0x10043, 0x2000001, 0x3, 0x2004cb, 0x0, 0x1000007, 0xd2, 0x2, 0x9, 0x4000000000003, 0x0, 0x7], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x60000, 0xeeee0000, 0xb, 0x8, 0xb, 0xe4, 0x40, 0x0, 0x40, 0x2e, 0x80}, {0x5000, 0x4000, 0x3, 0x0, 0x42, 0x5, 0x5, 0x6, 0x5, 0x5, 0x2, 0x89}, {0xfec00000, 0x1, 0xe, 0x5, 0x3, 0x7, 0x0, 0x7, 0x3, 0x5, 0x5, 0x5}, {0x1, 0xf000, 0xd, 0x5, 0x4, 0x42, 0xb, 0xff, 0x2, 0x7, 0xe}, {0xdddd1000, 0xdddd1000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0xfd, 0x3, 0xf7, 0x83}, {0x1000, 0xc000, 0x9, 0xa0, 0xb1, 0x8, 0x2, 0xa0, 0x82, 0xf, 0x5, 0x7}, {0xeeef0000, 0xeeef0000, 0x4, 0x5, 0x7, 0xd1, 0x7, 0x3, 0x9, 0x81, 0x40, 0x56}, {0x200000, 0x4000, 0x14, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0x9, 0xb0, 0x9}, {0xffff2000, 0x30}, {0x8000000, 0x7}, 0x80000028, 0x0, 0x0, 0x2024, 0x0, 0xf401, 0x3000, [0x9, 0x100000000000204, 0x5b, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.626658986s ago: executing program 0 (id=3453):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe(&(0x7f0000000140))
close(0x3)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x7ffffffe, {0x3, 0xffffffffffffffff, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)

4.098705142s ago: executing program 9 (id=3457):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000969e574b2d07b3a800000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)
write$bt_hci(r0, &(0x7f0000000280)=ANY=[@ANYRES16=r0, @ANYRES32=r0, @ANYBLOB="e1ea89dcfdaa0055f0372a8f4971c62bc8c7150f416bf64d7d7aebd070e2a3becf431e7fff1879d6d9f9d4cc97c73ded91aa0e0fcbed34d3983fb2f85935392fa3a1e73850134a40a875631cecea77bf40c74cf39f16c28dfcecef595f87d0462b25e5f4abd69d85f99337ffb30d6267f9ca1e1c781f95bc0fa6bb141cc75deee5e7442626fdca997c1199682c72d6a3189b840799d4c00620d326c058bec83871afbb1a929f3b88e5"], 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x5, 0x0)
listen(r4, 0x10000)
socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x403, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x52001}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_AF_SPEC={0x4}, @IFLA_MTU={0x8, 0x4, 0x3}]}, 0x44}}, 0x440088c4)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x24}, 0x1, 0x0, 0x0, 0x4000811}, 0x8000)

4.095569902s ago: executing program 0 (id=3458):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000004c0)='j\x95\'\x8aC\x16\xca\\', &(0x7f0000000c40)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000140)='{:\'@-\x00', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='\x00', &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000480)='\x00', &(0x7f0000000540)="82", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b80)='\xe0\"\xef\xb1\xea\xe6\x9c\xe6\xc8M\xdb\x86\xb3\x8b\xbe\xd5\xbdB\x92\xa0\x19-+a\x13qQ\xd5f39hSr\xafbB\xe2\xe8\xcd\x1bf\x18\x7f\xf27E#\"\xab\x99\xec\x88\x8d\xd8C\x0f\x95\xff\xfeG\xf9t\xb1 \xcc\xc5\xbb\x88\xb6\xd2\xf2Jwq\xf8oG<v\xb8\x18\x80\xe1Kf\xf8R\xdd\x06\xe8\xfbl\v\xb0\xdd\x05\x05\xd8\xdb\xfd`\xf9\xf8\x915\b\x8c\xad\xc8\x9d=\xfeN\x8b\x1eR\x1e\xf8\x9dn\x19H\xd2aE\xa0\x06\xb0Yv\xf9^\x8c\x8f\xc3\xa5\x985\x85U\x8cZ/\'\xbd\xe2\xdc\xe3\xb9\x8e$Z\xef\xa8\xe5(Mt\xd3\xd9\xf6X\x1a\x9b\t$N\xd0U\xe2z\xeb\x01\x80!0\xe8\xc3\xce\xf8\x03\xde\x92s\xf9', &(0x7f0000000ac0)='fuseblk\x00M\x13k\x92#\x05z)\xe0c\\35\xdf%\xa3\xac!zoO\xf8\xcex\xb3\f\xad@\x853o\x0f0\x1a\xc0\"\xf7\x11Z\x01\xc1\xd9\x9fbJ7\xd1\xad\xe1\xed\x87\xae\x11-s\xb4\xbd\x1e\x9a\xd7\xc1crt\x88%\x92\x8fL\x8d\xb3-\xb60O \xc5\xd1q\xcc\x97\xe0\xe8\xb0\n\v\xa9V\xfa\xeb\x1e|M\x98W\x81\xa2@{_\xba^\xa2\x82k\x10G\xfc\xd4\x99Pl\xfa\xe8\x7f\xc9 h\xd0\xfd\x04\x95\x8c\xb1\xe7', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000a40)='^,/\x00', &(0x7f0000000a80)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\x1c@\\\x00', &(0x7f00000002c0)='\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', &(0x7f0000000d00)='\x00', 0x1)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000300)='(\xed\xef(.(\\-]\x00', &(0x7f0000000340)="0f", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='^](*\r\\!\x00', &(0x7f0000000100)='\b\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000240)='fuseblk\x00', 0x0, r0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000001c0)='\x01', &(0x7f0000000440)='!', 0x1)
read(r0, 0x0, 0xfffffea1)
close(r0)

4.023634844s ago: executing program 9 (id=3459):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x8, 0x9}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x4a0, 0x0, 0x6affffff, 0x3403000b, 0x330, 0x7, 0x408, 0x230, 0x230, 0x408, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00', {}, {}, 0x6}, 0x0, 0x2e8, 0x330, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xff}]}}, @common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x500)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x3)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000080), 0xfaa, 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000049ffe840e5130100534e0000000109021b000100000000090400000101", @ANYRES8], 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101201)
ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x2fc, 0xffff, 0x39, 0x0, 0x0})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
read$FUSE(r0, &(0x7f00000034c0)={0x2020}, 0x2020)

4.013647745s ago: executing program 0 (id=3460):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x7, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/80, 0x50}}], 0x1, 0x2, 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
read$char_usb(r2, 0x0, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000400)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x1, 0x5c, 0x0, 0x0, 0x5, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "4bd5ffa8e842cdd19baeb25d342579f7e63d2d1e5317517e", "b1fe94141226cc71e718e86db665dd4fbd49b20523893e8724968b868600ac13"}}}}}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010800040000040000000b00000008000300", @ANYRES32=r5, @ANYBLOB="0a000600080211000001000030005080110001004abee33908f8eef16f162471f4000000080007000000000005000200020000000800030005ac0f"], 0x58}}, 0x0)

3.877659989s ago: executing program 4 (id=3462):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0x90000005})
epoll_pwait(r3, &(0x7f0000000580)=[{}], 0x1, 0xfffeffff, 0x0, 0x0)
epoll_pwait(r3, &(0x7f00000000c0)=[{}], 0x1, 0x101, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
close(r1)

3.781665842s ago: executing program 8 (id=3463):
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x9, 0x0, 0x2, 0x180, 0x5, 0x4, 0xf1, 0x50, 0x12, 0x2, 0x0, 0x29, 0x0, 0x6, 0x0, 0x8000000bdb], 0xd000, 0x43102})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, 0x0)
poll(&(0x7f00000000c0)=[{r0, 0x4000}], 0x1, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x4, 0x1000000000, 0x0, 0x10043, 0x2000001, 0x3, 0x2004cb, 0x0, 0x1000007, 0xd2, 0x2, 0x9, 0x4000000000003, 0x0, 0x7], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x60000, 0xeeee0000, 0xb, 0x8, 0xb, 0xe4, 0x40, 0x0, 0x40, 0x2e, 0x80}, {0x5000, 0x4000, 0x3, 0x0, 0x42, 0x5, 0x5, 0x6, 0x5, 0x5, 0x2, 0x89}, {0xfec00000, 0x1, 0xe, 0x5, 0x3, 0x7, 0x0, 0x7, 0x3, 0x5, 0x5, 0x5}, {0x1, 0xf000, 0xd, 0x5, 0x4, 0x42, 0xb, 0xff, 0x2, 0x7, 0xe}, {0xdddd1000, 0xdddd1000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0xfd, 0x3, 0xf7, 0x83}, {0x1000, 0xc000, 0x9, 0xa0, 0xb1, 0x8, 0x2, 0xa0, 0x82, 0xf, 0x5, 0x7}, {0xeeef0000, 0xeeef0000, 0x4, 0x5, 0x7, 0xd1, 0x7, 0x3, 0x9, 0x81, 0x40, 0x56}, {0x200000, 0x4000, 0x14, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0x9, 0xb0, 0x9}, {0xffff2000, 0x30}, {0x8000000, 0x7}, 0x80000028, 0x0, 0x0, 0x2024, 0x0, 0xf401, 0x3000, [0x9, 0x100000000000204, 0x5b, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.781275802s ago: executing program 8 (id=3464):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000180), 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0500", @ANYRES64=0x0], 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.662439236s ago: executing program 4 (id=3466):
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(0xffffffffffffffff, 0x0, 0x804)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)
close(0x3)
sendmsg$netlink(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)=ANY=[], 0x20}], 0x1}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000480)})
close_range(r5, 0xffffffffffffffff, 0x0)

3.345718565s ago: executing program 4 (id=3467):
mount(0x0, 0x0, 0x0, 0x262, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6d71b000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x4000087, 0x2, 0x0)
unshare(0x62020600)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000120021030000000000bc61682a00968008001d001d"], 0x1c}], 0x1}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000240)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)

3.318472156s ago: executing program 8 (id=3468):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0xd0)
getpgrp(0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
pipe(0x0)
getpriority(0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000280)='./file0\x00')
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="1f0000"], 0x24, 0x0)
read$ptp(0xffffffffffffffff, &(0x7f0000000200)=""/26, 0x1a)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000080)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hiddev(0x0, 0x0, 0x0)

2.152042423s ago: executing program 4 (id=3469):
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000500)=[{r1, 0x2004}, {r2, 0x300}], 0x2, 0x0, 0x0, 0x0)
unshare(0x22020400)
close(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x100)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

2.097715774s ago: executing program 7 (id=3470):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000969e574b2d07b3a800000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)
write$bt_hci(r0, &(0x7f0000000280)=ANY=[@ANYRES16=r0, @ANYRES32=r0, @ANYBLOB="e1ea89dcfdaa0055f0372a8f4971c62bc8c7150f416bf64d7d7aebd070e2a3becf431e7fff1879d6d9f9d4cc97c73ded91aa0e0fcbed34d3983fb2f85935392fa3a1e73850134a40a875631cecea77bf40c74cf39f16c28dfcecef595f87d0462b25e5f4abd69d85f99337ffb30d6267f9ca1e1c781f95bc0fa6bb141cc75deee5e7442626fdca997c1199682c72d6a3189b840799d4c00620d326c058bec83871afbb1a929f3b88e5"], 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x5, 0x0)
listen(r4, 0x10000)
socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x403, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x52001}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_AF_SPEC={0x4}, @IFLA_MTU={0x8, 0x4, 0x3}]}, 0x44}}, 0x440088c4)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x24}, 0x1, 0x0, 0x0, 0x4000811}, 0x8000)

2.077908345s ago: executing program 7 (id=3471):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$KDGETMODE(r0, 0x4b3b, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newqdisc={0x4c, 0x14, 0xf0b, 0x70bd25, 0x0, {0x2, 0x0, 0x0, 0x0, {0x10, 0x4}, {0x0, 0x8}, {0x1, 0xffe0}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa, 0xc4, 0x10, 0x88, 0x2, 0x0, 0x3, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0)

1.330898549s ago: executing program 9 (id=3472):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x180048a, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@errors_continue}, {@noinit_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}]}, 0x1, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x60, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="020000000000000002000000e0"], 0x190)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="020000000000000002000000e001"], 0x190)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0xfff2}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

1.083834186s ago: executing program 8 (id=3473):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$unix(r0, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
fsopen(0x0, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1.020015378s ago: executing program 7 (id=3474):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000004300)={0x2020}, 0x2020)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
close_range(r0, 0xffffffffffffffff, 0x0)

1.003748818s ago: executing program 0 (id=3475):
socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x321000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c5602117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c10000000224e224e0000", 0x58}], 0x1)

883.889062ms ago: executing program 7 (id=3476):
r0 = socket(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000)
ioctl$sock_SIOCETHTOOL(r1, 0x89f1, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f0000000f00)=@ethtool_per_queue_op={0x4b, 0xf, [0xf68f, 0x8, 0x9, 0x1ff, 0x0, 0x4, 0xe97, 0x4, 0x6, 0xecbf, 0xff, 0x101, 0x7, 0x200, 0x3d, 0x5e, 0x1000, 0xffff, 0xf557, 0x2, 0x5, 0x7c, 0xce, 0x2, 0xffffff6b, 0xe52c, 0xaa8, 0x7ffffffc, 0xd, 0xe9c4, 0xcd8, 0x6e, 0x200006, 0x7, 0xd, 0x8a, 0x3, 0x6, 0x3, 0x3, 0x3, 0xfffffffc, 0xfd2, 0x6, 0x8, 0x401, 0xeffff801, 0x2b, 0xa, 0x0, 0x7, 0x8, 0x5, 0x3, 0x6, 0x8, 0x23, 0x2, 0x3, 0x10, 0x3, 0xffffffff, 0x6, 0x5fffffd, 0xd1, 0xf, 0x4, 0xa, 0xfffffffe, 0x400, 0x80000000, 0x8000, 0x3, 0x5, 0x2, 0x0, 0x2, 0x1, 0x80, 0x4, 0x2, 0x0, 0xd, 0x2000006, 0x4, 0x8, 0x0, 0x1, 0xfffffffc, 0x0, 0x7ff, 0x7, 0x2, 0xbde, 0x37, 0x3, 0x4, 0x1, 0xa, 0x6, 0x7fff, 0x1, 0x704, 0x33e3, 0x9, 0x6, 0x7fff, 0x6, 0x100, 0x3, 0xfffffffd, 0x2, 0x6, 0x8, 0x6, 0x7, 0x200, 0x9, 0xe, 0x81, 0x0, 0x4, 0x5, 0x5, 0x8, 0x3, 0x1, 0xfffffffa]}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x5, 0xff, 0x0, @mcast1, @empty, 0xb6, 0x20, 0x100009, 0x45}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000002c0)={'syztnl1\x00', 0x0})

617.913051ms ago: executing program 7 (id=3477):
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x14b040, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c0000006800090300000000fdffffff0a000000000000000400040010000880"], 0x2c}, 0x1, 0x0, 0x0, 0x821}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xb8}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f0000000400)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r2=>0x0})
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00005cf000/0x400000)=nil)
bind$can_raw(r1, &(0x7f0000000480)={0x1d, r2}, 0x10)
bind$can_raw(r1, &(0x7f00000007c0), 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)

545.639283ms ago: executing program 4 (id=3478):
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000500)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000002500)={&(0x7f00000001c0)=@abs, 0x6e, 0x0}, 0x12041)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x3, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x6b7, 0x80, 0x800, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x800)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f00000000c0)={0x0, 0x0, 0xf4})
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x0)

254.420202ms ago: executing program 8 (id=3479):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x11, r0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x11, r0)
ptrace(0x10, r1)
ptrace(0x11, r1)
ptrace(0x10, r0)
ptrace(0x11, r0)
ptrace(0x10, r1)
ptrace(0x11, r1)
ptrace(0xffffffffffffffff, 0x0)

163.708745ms ago: executing program 8 (id=3480):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2182, 0x0)
ioctl$FIGETBSZ(r3, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
creat(0x0, 0x108)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

97.371247ms ago: executing program 0 (id=3481):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8923, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x1c, 0x68, 0x1, 0xfcfd, 0x25dfdbfb, {0x2}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001440)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2}, 0x50)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20940, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r4, 0xae80, 0x0)

68.169348ms ago: executing program 0 (id=3482):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r2, 0x2)
flock(r1, 0x2)
r3 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
flock(r3, 0x1)
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x2}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)

9.89286ms ago: executing program 4 (id=3483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40008)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r3)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010329bd700000dcdf2524"], 0x2c}, 0x1, 0x0, 0x0, 0x44}, 0x0)

9.7375ms ago: executing program 7 (id=3484):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x0, 0x0})
sched_rr_get_interval(0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r1, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0xb6bc})
fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x92, 0x5, r0})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

0s ago: executing program 9 (id=3485):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x12, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x14737}]}, &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x9}, 0x94)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000300)=""/57, 0x96)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup3(0xffffffffffffffff, r5, 0x0)
finit_module(r6, 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x67a, 0x6, 0xf3b8, 0x0, 0x1000, 0x800000400, 0x4002004c4, 0x1000, 0x1, 0x97, 0x10, 0x0, 0x3, 0x2, 0x1, 0x8], 0xeeee7ffb, 0x400})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r7, 0x0, 0x42, &(0x7f0000000080)={'icmp\x00'}, &(0x7f00000000c0)=0x1e)
r8 = syz_btf_id_by_name$bpf_lsm(&(0x7f00000001c0)='bpf_lsm_task_kill\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@alu={0x4, 0x1, 0x7, 0xa, 0xa, 0x40, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='GPL\x00', 0x80, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000180)={0x5, 0xf, 0x7f, 0x4}, 0x10, r8, r0, 0x4, 0x0, &(0x7f0000000200)=[{0x5, 0x1, 0x2, 0xb}, {0x2, 0x1, 0x7, 0xc}, {0x4, 0x4, 0xa, 0xb}, {0x1, 0x1, 0x2, 0x8}], 0x10, 0x3}, 0x94)

kernel console output (not intermixed with test programs):

][ T7690] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.113207][ T7690] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  162.131675][ T7690] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.2671: bg 0: block 384: padding at end of block bitmap is not set
[  162.146935][ T7690] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6180: Corrupt filesystem
[  162.155787][ T7690] EXT4-fs error (device loop9): ext4_clear_blocks:883: inode #11: comm syz.9.2671: attempt to clear invalid blocks 983260 len 1
[  162.169248][ T7690] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.2671: invalid indirect mapped block 1 (level 1)
[  162.216726][ T7690] EXT4-fs error (device loop9): __ext4_get_inode_loc:4522: comm syz.9.2671: Invalid inode table block 0 in block_group 0
[  162.229755][ T3179] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  162.231125][ T7690] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5954: Corrupt filesystem
[  162.248900][ T7690] EXT4-fs error (device loop9) in ext4_orphan_del:303: Corrupt filesystem
[  162.257628][ T7690] EXT4-fs error (device loop9): __ext4_get_inode_loc:4522: comm syz.9.2671: Invalid inode table block 0 in block_group 0
[  163.362226][ T7692] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2672'.
[  163.371876][ T7690] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5954: Corrupt filesystem
[  163.390509][ T7690] EXT4-fs error (device loop9): ext4_truncate:4327: inode #11: comm syz.9.2671: mark_inode_dirty error
[  163.404594][ T7690] EXT4-fs error (device loop9) in ext4_process_orphan:345: Corrupt filesystem
[  163.420581][ T7690] EXT4-fs (loop9): 1 truncate cleaned up
[  163.428825][ T7690] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  163.478297][ T6173] EXT4-fs (loop9): unmounting filesystem.
[  163.520010][ T7729] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2686'.
[  163.549388][ T7734] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2688'.
[  163.599991][ T7739] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2688'.
[  165.545443][   T29] INFO: task syz-executor:941 blocked for more than 124 seconds.
[  165.566751][   T29]       Not tainted syzkaller #0
[  165.571764][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  165.580487][   T29] task:syz-executor    state:D stack:22880 pid:941   ppid:1      flags:0x00004002
[  165.589732][   T29] Call Trace:
[  165.593005][   T29]  <TASK>
[  165.595929][   T29]  __schedule+0xba6/0x1500
[  165.600370][   T29]  ? release_firmware_map_entry+0x190/0x190
[  165.606259][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  165.611306][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  165.616855][   T29]  schedule+0xbd/0x170
[  165.620934][   T29]  rwsem_down_write_slowpath+0x5e7/0x1c50
[  165.626643][   T29]  ? avc_has_perm_noaudit+0x391/0x490
[  165.632027][   T29]  ? rwsem_down_read_slowpath+0x1580/0x1580
[  165.637978][   T29]  ? __cfi_selinux_inode_permission+0x10/0x10
[  165.644039][   T29]  ? avc_has_perm+0x163/0x250
[  165.648819][   T29]  ? rwsem_write_trylock+0x136/0x300
[  165.654102][   T29]  ? clear_nonspinnable+0x60/0x60
[  165.659136][   T29]  ? may_delete+0x583/0x710
[  165.663636][   T29]  down_write+0x21/0x30
[  165.667805][   T29]  vfs_rmdir+0xfc/0x500
[  165.671954][   T29]  dir_rmdir+0x236/0x320
[  165.676189][   T29]  ? __cfi_dir_rmdir+0x10/0x10
[  165.680964][   T29]  ? selinux_inode_rmdir+0x22/0x30
[  165.686066][   T29]  ? security_inode_rmdir+0xe5/0x130
[  165.691360][   T29]  vfs_rmdir+0x393/0x500
[  165.695598][   T29]  incfs_kill_sb+0x198/0x220
[  165.700497][   T29]  deactivate_locked_super+0xb5/0x120
[  165.705870][   T29]  deactivate_super+0xaf/0xe0
[  165.710564][   T29]  cleanup_mnt+0x474/0x500
[  165.714973][   T29]  ? __kasan_slab_free+0x11/0x20
[  165.719919][   T29]  __cleanup_mnt+0x19/0x20
[  165.724322][   T29]  task_work_run+0x1e1/0x250
[  165.728929][   T29]  ? __cfi_task_work_run+0x10/0x10
[  165.734054][   T29]  ? free_nsproxy+0x21f/0x270
[  165.738761][   T29]  do_exit+0xa35/0x2660
[  165.742920][   T29]  ? __cfi_do_exit+0x10/0x10
[  165.747507][   T29]  ? __kasan_check_write+0x14/0x20
[  165.752631][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  165.757659][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  165.763196][   T29]  ? ksys_write+0x1e4/0x250
[  165.767702][   T29]  ? zap_other_threads+0x2c1/0x2f0
[  165.772810][   T29]  do_group_exit+0x225/0x2e0
[  165.777397][   T29]  __x64_sys_exit_group+0x3f/0x40
[  165.782507][   T29]  x64_sys_call+0x7b4/0x9a0
[  165.787019][   T29]  do_syscall_64+0x4c/0xa0
[  165.791456][   T29]  ? clear_bhb_loop+0x30/0x80
[  165.796126][   T29]  ? clear_bhb_loop+0x30/0x80
[  165.800802][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  165.806691][   T29] RIP: 0033:0x7f65e739ce59
[  165.811107][   T29] RSP: 002b:00007fff5d077688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  165.819520][   T29] RAX: ffffffffffffffda RBX: 00007f65e743223c RCX: 00007f65e739ce59
[  165.827486][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  165.835469][   T29] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007f65e74321ca
[  165.843551][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff5d078940
[  165.851547][   T29] R13: 00007f65e74321ca R14: 0000555573bdb4e8 R15: 00007fff5d079a10
[  165.859551][   T29]  </TASK>
[  165.868501][   T29] NMI backtrace for cpu 0
[  165.872870][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  165.875704][   T28] audit: type=1400 audit(1781232591.851:23303): avc:  denied  { create } for  pid=7758 comm="syz.0.2695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  165.880065][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  165.880076][   T29] Call Trace:
[  165.880080][   T29]  <TASK>
[  165.880086][   T29]  __dump_stack+0x21/0x24
[  165.904732][ T7759] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2695'.
[  165.909549][   T29]  dump_stack_lvl+0x110/0x170
[  165.909579][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  165.938576][   T29]  dump_stack+0x15/0x24
[  165.942746][   T29]  nmi_cpu_backtrace+0x2af/0x2c0
[  165.947698][   T29]  ? rcu_read_unlock_special+0xb2/0x440
[  165.953252][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  165.958809][   T29]  ? nmi_trigger_cpumask_backtrace+0xf6/0x3a0
[  165.964888][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  165.970879][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  165.976870][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  165.982864][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  165.988753][   T29]  watchdog+0xd68/0xeb0
[  165.992900][   T29]  ? __cfi_watchdog+0x10/0x10
[  165.997562][   T29]  ? __kasan_check_read+0x11/0x20
[  166.002573][   T29]  ? __kthread_parkme+0x142/0x180
[  166.007578][   T29]  kthread+0x281/0x320
[  166.011629][   T29]  ? __cfi_watchdog+0x10/0x10
[  166.016287][   T29]  ? __cfi_kthread+0x10/0x10
[  166.020862][   T29]  ret_from_fork+0x1f/0x30
[  166.025268][   T29]  </TASK>
[  166.028365][   T29] Sending NMI from CPU 0 to CPUs 1:
[  166.034044][    C1] NMI backtrace for cpu 1
[  166.034056][    C1] CPU: 1 PID: 3179 Comm: udevd Not tainted syzkaller #0
[  166.034073][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  166.034083][    C1] RIP: 0033:0x7fd1ad779704
[  166.034097][    C1] Code: e0 14 3d 00 00 00 f8 0f 87 29 03 00 00 c5 fe 6f 07 c5 fd 74 0e c5 85 74 d0 c5 ed df c9 c5 fd d7 c9 ff c1 74 61 90 f3 0f bc c9 <0f> b6 04 0f 0f b6 0c 0e 29 c8 0f 01 d6 75 04 c5 f8 77 c3 c5 fc 77
[  166.034111][    C1] RSP: 002b:00007ffd6874eea8 EFLAGS: 00000202
[  166.034127][    C1] RAX: 00000000fffff950 RBX: 0000000000000003 RCX: 0000000000000007
[  166.034138][    C1] RDX: 0000000000000000 RSI: 0000564a067ed7f0 RDI: 0000564a068108d0
[  166.034150][    C1] RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
[  166.034159][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000003
[  166.034168][    C1] R13: 0000564a06805d80 R14: 0000564a068108d0 R15: 0000564a061dfbcc
[  166.034180][    C1] FS:  00007fd1add67880 GS:  0000000000000000
[  166.218507][   T28] audit: type=1400 audit(1781232592.201:23304): avc:  denied  { map } for  pid=7768 comm="syz.7.2699" path="socket:[57332]" dev="sockfs" ino=57332 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  167.445916][ T7793] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2708'.
[  167.465524][ T7793] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7793 comm=syz.0.2708
[  167.937573][  T660] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  168.443130][   T28] audit: type=1400 audit(1781232594.421:23305): avc:  denied  { sys_module } for  pid=7830 comm="syz.8.2724" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  168.603750][   T28] audit: type=1400 audit(1781232594.581:23306): avc:  denied  { read } for  pid=6371 comm="kworker/0:10" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=58416 scontext=system_u:system_r:kernel_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  170.333303][ T7860] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  170.368105][ T7860] device veth0_vlan left promiscuous mode
[  170.374118][ T7860] device veth0_vlan entered promiscuous mode
[  170.398954][ T7860] device veth1_macvtap left promiscuous mode
[  170.415939][ T7860] device veth1_macvtap entered promiscuous mode
[  170.463637][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready
[  170.472245][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  170.507924][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  170.527768][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  170.535896][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  170.574281][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  170.593963][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  170.617272][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  170.817732][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  170.881670][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  170.898104][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  170.916449][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  170.943482][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  170.970642][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  170.994922][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  171.013917][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  171.042514][   T28] audit: type=1326 audit(1781232597.021:23307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7856 comm="syz.9.2734" exe="/root/ci2-android-6-1/syz-executor" sig=9 arch=c000003e syscall=39 compat=0 ip=0x7f6954996bd7 code=0x0
[  171.046208][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  171.105835][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  171.123461][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  171.138103][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  171.157849][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  171.172680][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  171.193200][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  171.201858][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  171.210508][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  171.218759][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  171.226825][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  171.234699][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  171.242453][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  171.259896][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  171.268273][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  171.276111][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  171.286421][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  171.294044][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[  171.302013][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[  171.309633][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth7: link becomes ready
[  171.317282][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[  171.325094][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[  171.332752][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[  171.348178][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth11: link becomes ready
[  171.355920][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[  171.475881][ T7883] netlink: 'syz.9.2743': attribute type 4 has an invalid length.
[  171.491301][ T7883] netlink: 'syz.9.2743': attribute type 4 has an invalid length.
[  171.744494][ T7897] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2748'.
[  172.077632][  T371] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  172.267621][  T371] usb 10-1: Using ep0 maxpacket: 16
[  172.275852][  T371] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  172.289706][  T371] usb 10-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00
[  172.299552][  T371] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.311107][  T371] usb 10-1: config 0 descriptor??
[  172.333184][   T28] audit: type=1326 audit(1781232598.311:23308): auid=4294967295 uid=1852405247 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7917 comm="syz.4.2755" exe="/root/ci2-android-6-1/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x0
[  172.719223][  T371] input: HID 28bd:0934 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:28BD:0934.0008/input/input12
[  172.752005][  T371] uclogic 0003:28BD:0934.0008: input,hidraw0: USB HID v0.81 Mouse [HID 28bd:0934] on usb-dummy_hcd.9-1/input0
[  172.926333][  T371] usb 10-1: USB disconnect, device number 6
[  174.265115][ T7946] loop9: detected capacity change from 0 to 256
[  174.323973][ T7950] binder: 7949:7950 ioctl c0306201 200000000240 returned -14
[  177.467573][ T6371] usb 10-1: new full-speed USB device number 7 using dummy_hcd
[  177.575137][ T8000] loop4: detected capacity change from 0 to 16
[  177.614231][ T8000] erofs: (device loop4): mounted with root inode @ nid 36.
[  177.658644][ T6371] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  177.679867][ T6371] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  177.708382][ T6371] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  177.719787][ T6371] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  177.728386][ T6371] usb 10-1: SerialNumber: syz
[  177.742440][ T6371] usb 10-1: bad CDC descriptors
[  177.747486][ T6371] usb-storage 10-1:1.0: USB Mass Storage device detected
[  177.775327][ T6371] usb-storage 10-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  177.800421][ T6371] scsi host1: usb-storage 10-1:1.0
[  179.116011][   T28] audit: type=1400 audit(1781232605.091:23309): avc:  denied  { watch } for  pid=8023 comm="syz.8.2790" path="/" dev="ramfs" ino=59891 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  179.267302][ T8035] netlink: 'syz.0.2796': attribute type 11 has an invalid length.
[  179.354382][   T28] audit: type=1326 audit(1781232605.331:23310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8036 comm="syz.8.2797" exe="/root/ci2-android-6-1/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1f9339ce59 code=0x0
[  179.863372][   T28] audit: type=1400 audit(1781232605.841:23311): avc:  denied  { getopt } for  pid=8054 comm="syz.9.2804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  180.037872][ T6368] usb 10-1: USB disconnect, device number 7
[  180.305256][ T8069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2810'.
[  180.339951][ T8072] loop4: detected capacity change from 0 to 128
[  180.369856][ T8075] device vlan1 entered promiscuous mode
[  182.002998][   T28] audit: type=1400 audit(1781232607.981:23312): avc:  denied  { create } for  pid=8117 comm="syz.9.2825" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  182.040443][ T8127] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2829'.
[  182.055193][ T8127] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8127 comm=syz.9.2829
[  183.009778][   T28] audit: type=1400 audit(1781232608.991:23313): avc:  denied  { append } for  pid=8147 comm="syz.9.2834" name="ptp0" dev="devtmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  183.238871][ T8155] netlink: 'syz.9.2838': attribute type 12 has an invalid length.
[  183.249563][ T8155] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  183.516820][ T8165] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2842'.
[  183.724600][ T8175] loop9: detected capacity change from 0 to 512
[  183.749276][ T8175] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  183.758322][ T8175] ext4 filesystem being mounted at /131/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  183.779707][ T6173] EXT4-fs (loop9): unmounting filesystem.
[  184.149801][ T8192] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2853'.
[  184.177008][ T8192] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2853'.
[  184.186083][ T8192] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2853'.
[  184.223034][ T8197] netlink: 48 bytes leftover after parsing attributes in process `syz.8.2855'.
[  184.244784][ T8199] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2856'.
[  184.376659][ T8203] loop9: detected capacity change from 0 to 512
[  184.392825][ T8205] netlink: 27 bytes leftover after parsing attributes in process `syz.8.2859'.
[  184.418507][ T8203] EXT4-fs error (device loop9): ext4_orphan_get:1405: inode #15: comm syz.9.2858: iget: bad i_size value: 38620345925642
[  184.439229][ T8203] EXT4-fs error (device loop9): ext4_orphan_get:1410: comm syz.9.2858: couldn't read orphan inode 15 (err -117)
[  184.470922][   T28] audit: type=1326 audit(1781232610.451:23314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.495989][ T8203] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  184.516957][   T28] audit: type=1326 audit(1781232610.451:23315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.542156][   T28] audit: type=1326 audit(1781232610.451:23316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.567049][   T28] audit: type=1326 audit(1781232610.451:23317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.587885][ T8216] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm syz.9.2858: bg 0: block 5: invalid block bitmap
[  184.592165][   T28] audit: type=1326 audit(1781232610.451:23318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.628779][ T8216] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  184.633693][   T28] audit: type=1326 audit(1781232610.451:23319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.661444][ T8216] EXT4-fs (loop9): This should not happen!! Data will be lost
[  184.661444][ T8216] 
[  184.676041][   T28] audit: type=1326 audit(1781232610.451:23320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.696157][ T8216] EXT4-fs (loop9): Total free blocks count 0
[  184.701282][   T28] audit: type=1326 audit(1781232610.451:23321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.727632][ T8216] EXT4-fs (loop9): Free/Dirty block details
[  184.732096][   T28] audit: type=1326 audit(1781232610.451:23322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.758136][ T8216] EXT4-fs (loop9): free_blocks=0
[  184.763077][   T28] audit: type=1326 audit(1781232610.451:23323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8209 comm="syz.4.2862" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ec2d9ce59 code=0x7ffc0000
[  184.787820][ T8216] EXT4-fs (loop9): dirty_blocks=1
[  184.797944][ T8216] EXT4-fs (loop9): Block reservation details
[  184.807513][ T8216] EXT4-fs (loop9): i_reserved_data_blocks=1
[  184.879007][ T6173] EXT4-fs (loop9): unmounting filesystem.
[  184.929422][ T8218] loop9: detected capacity change from 0 to 512
[  184.953784][ T8218] EXT4-fs: Ignoring removed nomblk_io_submit option
[  184.975521][ T8218] EXT4-fs (loop9): can't mount with data=, fs mounted w/o journal
[  185.012501][ T8222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2865'.
[  185.399098][ T8218] device bridge0 left promiscuous mode
[  185.411412][ T8218] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  185.471127][ T8218] device veth1_macvtap left promiscuous mode
[  185.484255][ T8218] device veth1_macvtap entered promiscuous mode
[  185.491588][ T8218] device bridge0 entered promiscuous mode
[  185.500285][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  185.509923][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  185.523519][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  185.537622][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  185.549243][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  185.559512][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  185.568993][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  185.577276][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  185.586096][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  185.594795][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  185.602963][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  185.611179][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  185.619434][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  185.627670][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  185.635750][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  185.644124][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  185.652672][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  185.660832][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  185.668396][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  185.675834][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[  185.683559][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[  185.724260][ T8238] device ip6gretap1 left promiscuous mode
[  185.857606][ T6372] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  185.948861][ T8252] __nla_validate_parse: 2 callbacks suppressed
[  185.948876][ T8252] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2876'.
[  186.069151][ T6372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.080720][ T6372] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  186.090581][ T6372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.101773][ T6372] usb 5-1: config 0 descriptor??
[  186.178084][   T29] INFO: task syz-executor:941 blocked for more than 144 seconds.
[  186.206163][   T29]       Not tainted syzkaller #0
[  186.241055][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  186.300062][   T29] task:syz-executor    state:D stack:22880 pid:941   ppid:1      flags:0x00004002
[  186.317131][ T6372] usbhid 5-1:0.0: can't add hid device: -71
[  186.341665][ T6372] usbhid: probe of 5-1:0.0 failed with error -71
[  186.424200][ T6372] usb 5-1: USB disconnect, device number 9
[  186.452707][   T29] Call Trace:
[  186.477807][   T29]  <TASK>
[  186.525988][   T29]  __schedule+0xba6/0x1500
[  186.639150][   T29]  ? release_firmware_map_entry+0x190/0x190
[  186.677617][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  186.682790][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  186.688516][   T29]  schedule+0xbd/0x170
[  186.692683][   T29]  rwsem_down_write_slowpath+0x5e7/0x1c50
[  186.698528][   T29]  ? avc_has_perm_noaudit+0x391/0x490
[  186.703983][   T29]  ? rwsem_down_read_slowpath+0x1580/0x1580
[  186.709966][   T29]  ? __cfi_selinux_inode_permission+0x10/0x10
[  186.716116][   T29]  ? avc_has_perm+0x163/0x250
[  186.720930][   T29]  ? rwsem_write_trylock+0x136/0x300
[  186.726303][   T29]  ? clear_nonspinnable+0x60/0x60
[  186.731420][   T29]  ? may_delete+0x583/0x710
[  186.736027][   T29]  down_write+0x21/0x30
[  186.740335][   T29]  vfs_rmdir+0xfc/0x500
[  186.822030][   T29]  dir_rmdir+0x236/0x320
[  186.826333][   T29]  ? __cfi_dir_rmdir+0x10/0x10
[  186.831149][   T29]  ? selinux_inode_rmdir+0x22/0x30
[  186.836281][   T29]  ? security_inode_rmdir+0xe5/0x130
[  186.841625][   T29]  vfs_rmdir+0x393/0x500
[  186.845887][   T29]  incfs_kill_sb+0x198/0x220
[  186.850520][   T29]  deactivate_locked_super+0xb5/0x120
[  186.855909][   T29]  deactivate_super+0xaf/0xe0
[  186.860628][   T29]  cleanup_mnt+0x474/0x500
[  186.865057][   T29]  ? __kasan_slab_free+0x11/0x20
[  186.870095][   T29]  __cleanup_mnt+0x19/0x20
[  186.874637][   T29]  task_work_run+0x1e1/0x250
[  186.879265][   T29]  ? __cfi_task_work_run+0x10/0x10
[  186.884385][   T29]  ? free_nsproxy+0x21f/0x270
[  186.889081][   T29]  do_exit+0xa35/0x2660
[  186.893238][   T29]  ? __cfi_do_exit+0x10/0x10
[  186.897894][   T29]  ? __kasan_check_write+0x14/0x20
[  186.903013][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  186.908062][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  186.913603][   T29]  ? ksys_write+0x1e4/0x250
[  186.918111][   T29]  ? zap_other_threads+0x2c1/0x2f0
[  186.923218][   T29]  do_group_exit+0x225/0x2e0
[  186.927825][   T29]  __x64_sys_exit_group+0x3f/0x40
[  186.932842][   T29]  x64_sys_call+0x7b4/0x9a0
[  186.937337][   T29]  do_syscall_64+0x4c/0xa0
[  186.941757][   T29]  ? clear_bhb_loop+0x30/0x80
[  186.946422][   T29]  ? clear_bhb_loop+0x30/0x80
[  186.951097][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  186.956986][   T29] RIP: 0033:0x7f65e739ce59
[  186.961412][   T29] RSP: 002b:00007fff5d077688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  186.969823][   T29] RAX: ffffffffffffffda RBX: 00007f65e743223c RCX: 00007f65e739ce59
[  186.977799][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  186.985759][   T29] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007f65e74321ca
[  186.993765][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff5d078940
[  187.001754][   T29] R13: 00007f65e74321ca R14: 0000555573bdb4e8 R15: 00007fff5d079a10
[  187.009737][   T29]  </TASK>
[  187.018692][   T29] NMI backtrace for cpu 1
[  187.023057][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  187.030255][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  187.040315][   T29] Call Trace:
[  187.043592][   T29]  <TASK>
[  187.046512][   T29]  __dump_stack+0x21/0x24
[  187.050830][   T29]  dump_stack_lvl+0x110/0x170
[  187.055493][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  187.060508][   T29]  dump_stack+0x15/0x24
[  187.064650][   T29]  nmi_cpu_backtrace+0x2af/0x2c0
[  187.069577][   T29]  ? rcu_read_unlock_special+0xb2/0x440
[  187.075112][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  187.080591][   T29]  ? nmi_trigger_cpumask_backtrace+0xf6/0x3a0
[  187.086662][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  187.092628][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  187.098600][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  187.104568][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  187.110448][   T29]  watchdog+0xd68/0xeb0
[  187.114588][   T29]  ? __cfi_watchdog+0x10/0x10
[  187.119248][   T29]  ? __kasan_check_read+0x11/0x20
[  187.124275][   T29]  ? __kthread_parkme+0x142/0x180
[  187.129282][   T29]  kthread+0x281/0x320
[  187.133335][   T29]  ? __cfi_watchdog+0x10/0x10
[  187.137995][   T29]  ? __cfi_kthread+0x10/0x10
[  187.142570][   T29]  ret_from_fork+0x1f/0x30
[  187.146973][   T29]  </TASK>
[  187.150070][   T29] Sending NMI from CPU 1 to CPUs 0:
[  187.155278][    C0] NMI backtrace for cpu 0
[  187.155292][    C0] CPU: 0 PID: 8261 Comm: syz.7.2879 Not tainted syzkaller #0
[  187.155309][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  187.155319][    C0] RIP: 0010:handle_mm_fault+0xd5/0x26c0
[  187.155340][    C0] Code: 29 18 f3 f3 f3 f3 e8 da 8c c5 ff 4c 8d 73 10 4c 89 f0 48 c1 e8 03 48 89 44 24 20 42 80 3c 28 00 74 08 4c 89 f7 e8 eb 31 0b 00 <4c> 89 74 24 18 49 8b 06 48 89 84 24 88 00 00 00 65 4c 8b 25 e3 7c
[  187.155354][    C0] RSP: 0000:ffffc9000e4efc80 EFLAGS: 00000246
[  187.155368][    C0] RAX: 1ffff11028af0c44 RBX: ffff888145786210 RCX: ffff88814231bcc0
[  187.155381][    C0] RDX: 0000000000000000 RSI: 000000110c30611d RDI: ffff888145786210
[  187.155392][    C0] RBP: ffffc9000e4efe50 R08: ffff88812f4ca06f R09: 1ffff11025e9940d
[  187.155405][    C0] R10: dffffc0000000000 R11: ffffed1025e9940e R12: 0000000000000000
[  187.155416][    C0] R13: dffffc0000000000 R14: ffff888145786220 R15: ffff888145786230
[  187.155429][    C0] FS:  000055558b8d2500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  187.155444][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  187.155455][    C0] CR2: 000000110c30611d CR3: 000000011387e000 CR4: 00000000003506b0
[  187.155470][    C0] Call Trace:
[  187.155475][    C0]  <TASK>
[  187.155480][    C0]  ? __cfi_down_read_trylock+0x10/0x10
[  187.155508][    C0]  ? __cfi_handle_mm_fault+0x10/0x10
[  187.155522][    C0]  ? lock_vma_under_rcu+0x400/0x4f0
[  187.155538][    C0]  ? __cfi_lock_vma_under_rcu+0x10/0x10
[  187.155556][    C0]  do_user_addr_fault+0x905/0x1050
[  187.155580][    C0]  exc_page_fault+0x51/0xb0
[  187.155595][    C0]  asm_exc_page_fault+0x27/0x30
[  187.155617][    C0] RIP: 0033:0x7f065bc71756
[  187.155630][    C0] Code: ff 48 83 e8 01 48 89 de bf 01 00 00 00 48 c1 e0 0e 48 c1 ee 06 48 01 c8 48 89 d9 81 e6 ff 3f 00 00 48 c1 e9 03 83 e1 07 d3 e7 <40> 84 bc 06 20 20 00 00 0f 85 20 fe ff ff e9 d4 fd ff ff 0f 1f 80
[  187.155643][    C0] RSP: 002b:00007ffd3ed2b600 EFLAGS: 00010202
[  187.155656][    C0] RAX: 000000110c304000 RBX: ffffffff82903f63 RCX: 0000000000000004
[  187.155667][    C0] RDX: 0000000000001f63 RSI: 00000000000000fd RDI: 0000000000000010
[  187.155677][    C0] RBP: 0000000000000000 R08: 00007f065c000000 R09: 00007f065c002000
[  187.155688][    C0] R10: 0000000082903f67 R11: 0000000000000002 R12: 00007f065c016038
[  187.155699][    C0] R13: 00000000000000be R14: ffffffff82903193 R15: 00007f065cb45720
[  187.155710][    C0]  ? ref_tracker_alloc+0x93/0x4a0
[  187.155730][    C0]  ? asn1_ber_decoder+0xb3/0x1e20
[  187.155751][    C0]  </TASK>
[  187.298193][ T6372] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  187.808676][ T6372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.819714][ T6372] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.40
[  187.828945][ T6372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.840384][ T6372] usb 5-1: config 0 descriptor??
[  188.070668][ T8276] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  188.469048][ T8112] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  188.514065][ T8289] tipc: Failed to remove unknown binding: 66,0,0/2401397547:1263676535/1263676536
[  188.667586][ T8112] usb 10-1: Using ep0 maxpacket: 32
[  188.814844][ T8112] usb 10-1: config index 0 descriptor too short (expected 29220, got 36)
[  188.824411][ T8112] usb 10-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  188.873288][ T8112] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 81
[  188.906139][ T6372] aiptek 5-1:0.0: Aiptek using 400 ms programming speed
[  188.939885][ T8112] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  189.728804][ T6372] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input13
[  189.737941][ T8112] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  189.757744][ T8112] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  189.762789][ T8306] 9pnet_fd: p9_fd_create_tcp (8306): problem connecting socket to 127.0.0.1
[  189.771932][ T8112] usb 10-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  189.789100][ T8112] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.801444][ T8112] usb 10-1: config 0 descriptor??
[  189.808260][ T8306] 9pnet_fd: p9_fd_create_tcp (8306): problem connecting socket to 127.0.0.1
[  189.819021][ T8306] 9pnet_fd: p9_fd_create_tcp (8306): problem connecting socket to 127.0.0.1
[  190.203628][ T8115] usb 5-1: USB disconnect, device number 10
[  190.203730][    C0] aiptek 5-1:0.0: aiptek_irq - usb_submit_urb failed with result -19
[  190.957829][ T8112] usblp 10-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  191.002194][ T8318] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.009340][ T8318] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.070512][ T8315] loop4: detected capacity change from 0 to 40427
[  191.085408][ T8315] F2FS-fs (loop4): fault_injection options not supported
[  191.106816][ T8315] F2FS-fs (loop4): Image doesn't support compression
[  191.113782][ T8315] F2FS-fs (loop4): Image doesn't support compression
[  191.125001][ T8315] F2FS-fs (loop4): fault_type options not supported
[  191.132112][ T8315] F2FS-fs (loop4): invalid crc value
[  191.142493][ T8315] F2FS-fs (loop4): Found nat_bits in checkpoint
[  191.197898][ T8315] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  191.211847][    C1] usblp0: nonzero read bulk status received: -71
[  191.224981][ T8115] usb 10-1: USB disconnect, device number 8
[  191.231113][ T8321] device bridge0 left promiscuous mode
[  191.245785][ T8321] device veth0_vlan left promiscuous mode
[  191.252818][ T8321] device veth0_vlan entered promiscuous mode
[  191.252914][ T8272] usblp0: error -71 reading from printer
[  191.259940][ T8321] device veth1_macvtap left promiscuous mode
[  191.271661][ T8321] device veth1_macvtap entered promiscuous mode
[  191.287851][ T8321] device bridge0 entered promiscuous mode
[  191.299125][ T8272] usblp0: removed
[  191.314604][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  191.328541][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  191.346636][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  191.355104][ T3214] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.362196][ T3214] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.379825][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  191.418007][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  191.447761][ T3214] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.454855][ T3214] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.470488][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  191.487922][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  191.496996][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  191.518003][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  191.527918][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  191.547815][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  191.564532][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  191.573287][ T4392] syz-executor: attempt to access beyond end of device
[  191.573287][ T4392] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  191.573796][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  191.597858][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  191.608735][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  191.620342][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  191.631978][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  191.643861][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  191.655727][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  191.668262][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  191.676456][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  191.687201][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  191.696173][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  191.704736][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  191.713141][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  191.720830][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  191.728583][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  191.737046][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  191.745543][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  191.753649][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  191.761315][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  191.769190][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[  191.776762][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[  191.784803][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth7: link becomes ready
[  191.792419][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[  191.800261][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[  191.808270][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[  191.816166][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth11: link becomes ready
[  191.823884][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[  191.831556][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  191.842327][ T3214] IPv6: ADDRCONF(NETDEV_CHANGE): macsec1: link becomes ready
[  191.990148][ T8353] netlink: 277 bytes leftover after parsing attributes in process `syz.8.2911'.
[  192.105516][ T8355] loop4: detected capacity change from 0 to 256
[  193.384695][   T28] kauditd_printk_skb: 624 callbacks suppressed
[  193.384713][   T28] audit: type=1326 audit(1781232618.821:23948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.8.2912" exe="/root/ci2-android-6-1/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f9339ce59 code=0x0
[  193.563227][ T8370] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  193.595029][ T8370] device veth1_macvtap left promiscuous mode
[  193.606534][ T8370] device veth1_macvtap entered promiscuous mode
[  193.635568][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready
[  193.653302][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  193.667763][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  193.675334][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  193.697812][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  193.706269][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  193.719336][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  193.728041][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  193.736191][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  193.744534][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  193.752983][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  193.761727][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  193.770165][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  193.778651][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  193.786800][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  193.795232][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  193.803794][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  193.812555][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  193.821095][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  193.829710][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  193.837989][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  193.846128][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  193.854759][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  193.863524][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  193.872117][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  193.880361][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  193.888242][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  193.895953][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  193.904428][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  193.912976][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  193.921329][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  193.929178][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  193.936698][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[  193.944639][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[  193.952663][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth7: link becomes ready
[  193.960648][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[  193.968458][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[  193.976010][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[  193.983987][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth11: link becomes ready
[  193.991960][ T7137] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[  194.188968][ T8397] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2926'.
[  194.293000][ T8398] device bridge1 left promiscuous mode
[  194.321958][ T8398] device bridge6 left promiscuous mode
[  194.880440][ T8405] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2929'.
[  195.220431][ T8420] loop4: detected capacity change from 0 to 512
[  195.260793][ T8420] EXT4-fs: Ignoring removed nomblk_io_submit option
[  195.272620][ T8422] device syzkaller0 entered promiscuous mode
[  195.280331][ T8420] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  195.353678][ T8420] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  195.407012][ T8420] device veth1_macvtap left promiscuous mode
[  195.421213][ T8420] device veth1_macvtap entered promiscuous mode
[  195.455273][ T8426] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8426 comm=syz.9.2936
[  195.478106][ T8112] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  195.494820][ T8424] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2936'.
[  195.547500][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  195.564506][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  195.586787][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  195.610985][ T7133] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.618089][ T7133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  195.636976][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  195.650206][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  195.663148][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  195.673760][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  195.683994][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  195.692125][ T6372] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  195.716452][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  195.734045][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  195.753435][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  195.767963][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  195.777157][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  195.786120][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  195.794833][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  195.803163][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  195.811583][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  195.840861][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  195.862791][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  195.883910][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  195.905147][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  195.927291][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  195.944027][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  195.965761][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  195.987280][ T7133] bridge0: port 3(vlan2) entered blocking state
[  195.993622][ T7133] bridge0: port 3(vlan2) entered forwarding state
[  196.017587][   T28] audit: type=1400 audit(1781232621.991:23949): avc:  denied  { nlmsg_read } for  pid=8432 comm="syz.8.2938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  196.048163][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  196.055806][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  196.064286][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  196.073408][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  196.081176][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  196.088791][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  196.096798][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  196.106739][ T8112] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  196.138726][ T8437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2940'.
[  196.256197][ T8450] netlink: 'syz.4.2941': attribute type 4 has an invalid length.
[  196.264402][ T8450] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.2941'.
[  197.308082][   T19] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  197.315947][   T19] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  197.467637][   T19] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  197.616299][ T8480] loop9: detected capacity change from 0 to 40427
[  197.676157][ T8490] netlink: 52 bytes leftover after parsing attributes in process `syz.9.2953'.
[  197.690818][ T8490] netlink: 52 bytes leftover after parsing attributes in process `syz.9.2953'.
[  197.822265][ T8493] x_tables: duplicate underflow at hook 3
[  197.854003][ T8498] loop9: detected capacity change from 0 to 16
[  198.404931][ T8527] device bridge0 left promiscuous mode
[  198.422671][ T8527] device veth1_macvtap left promiscuous mode
[  198.430075][ T8527] device veth1_macvtap entered promiscuous mode
[  198.438236][ T8527] device bridge0 entered promiscuous mode
[  198.445399][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  198.463008][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  198.482712][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  198.499919][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  198.512124][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready
[  198.519740][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  198.528421][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  198.809952][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  198.904043][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  199.046727][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  199.130798][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  201.217670][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  201.538261][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  201.556796][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  201.565504][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  201.573925][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  201.582265][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  201.590738][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  201.599330][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  201.608089][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  201.616438][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  201.625181][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  201.631639][ T8551] loop4: detected capacity change from 0 to 128
[  201.633312][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  201.647323][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  201.651371][ T8551] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  201.655705][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  201.672148][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  201.677878][ T8551] ext4 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  201.680814][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  201.720775][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  201.729111][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  201.737312][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  201.744906][ T7133] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  201.768371][ T8543] netlink: 'syz.0.2970': attribute type 12 has an invalid length.
[  201.799551][ T4392] EXT4-fs (loop4): unmounting filesystem.
[  201.877603][  T319] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  201.947989][ T8578] loop4: detected capacity change from 0 to 512
[  201.992533][ T8578] EXT4-fs: Ignoring removed i_version option
[  201.998932][ T8578] EXT4-fs: Ignoring removed bh option
[  202.019308][ T8578] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  202.040387][ T8587] netlink: 'syz.7.2987': attribute type 2 has an invalid length.
[  202.048685][ T8584] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2985'.
[  202.067091][ T8578] ext4 filesystem being mounted at /236/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  202.078056][  T319] usb 10-1: Using ep0 maxpacket: 32
[  202.084604][  T319] usb 10-1: config 0 has no interfaces?
[  202.099474][  T319] usb 10-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  202.129788][ T8590] device veth1_to_bond entered promiscuous mode
[  202.143320][  T319] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.180085][ T8578] EXT4-fs error (device loop4): ext4_resize_begin:62: comm syz.4.2984: resize_inode disabled but reserved GDT blocks non-zero
[  202.198996][ T5112] device bridge_slave_1 left promiscuous mode
[  202.207139][ T5112] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.219939][  T319] usb 10-1: config 0 descriptor??
[  202.230002][ T5112] device bridge_slave_0 left promiscuous mode
[  202.241609][ T5112] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.253350][ T5112] device veth1_macvtap left promiscuous mode
[  202.259937][ T5112] device veth0_vlan left promiscuous mode
[  202.435283][ T8596] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2984'.
[  202.438459][ T8112] usb 10-1: USB disconnect, device number 9
[  202.464270][ T4392] EXT4-fs (loop4): unmounting filesystem.
[  202.761551][ T8623] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  202.768895][ T8623] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  202.787852][  T370] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  202.788708][ T8625] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  203.458347][  T370] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  203.987617][ T8112] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  204.098479][ T8654] xt_time: invalid argument - start or stop time greater than 23:59:59
[  205.013827][ T8657] 9pnet_fd: p9_fd_create_tcp (8657): problem connecting socket to 127.0.0.1
[  205.023370][ T8657] 9pnet_fd: p9_fd_create_tcp (8657): problem connecting socket to 127.0.0.1
[  205.037769][ T8112] usb 10-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  205.049804][ T8657] 9pnet_fd: p9_fd_create_tcp (8657): problem connecting socket to 127.0.0.1
[  205.072032][ T8112] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.144460][ T8665] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3016'.
[  205.154032][ T8112] usb 10-1: config 0 descriptor??
[  205.185372][ T8665] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3016'.
[  205.766345][ T8635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.858092][ T8635] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.219876][ T8691] xt_connbytes: Forcing CT accounting to be enabled
[  206.263489][ T8635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.592042][ T8635] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.109108][ T8635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.144706][ T8635] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.597622][ T8713] loop4: detected capacity change from 0 to 256
[  207.610687][ T8112] usb 10-1: Cannot set autoneg
[  207.616091][ T8112] MOSCHIP usb-ethernet driver: probe of 10-1:0.0 failed with error -71
[  207.624901][ T8713] exfat: Deprecated parameter 'namecase'
[  207.636465][ T8713] exfat: Deprecated parameter 'namecase'
[  207.647435][ T8112] usb 10-1: USB disconnect, device number 10
[  207.655602][ T8713] exfat: Unknown parameter 'zero_size_dir'
[  207.784731][ T8716] xt_hashlimit: size too large, truncated to 1048576
[  207.937895][   T29] INFO: task syz-executor:941 blocked for more than 166 seconds.
[  207.945648][   T29]       Not tainted syzkaller #0
[  207.951468][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  207.960312][   T29] task:syz-executor    state:D stack:22880 pid:941   ppid:1      flags:0x00004002
[  207.969822][   T29] Call Trace:
[  207.973109][   T29]  <TASK>
[  207.976035][   T29]  __schedule+0xba6/0x1500
[  207.985274][   T29]  ? release_firmware_map_entry+0x190/0x190
[  207.992532][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  207.998476][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  208.004128][   T29]  schedule+0xbd/0x170
[  208.008578][   T29]  rwsem_down_write_slowpath+0x5e7/0x1c50
[  208.014349][   T29]  ? avc_has_perm_noaudit+0x391/0x490
[  208.019960][   T29]  ? rwsem_down_read_slowpath+0x1580/0x1580
[  208.025972][   T29]  ? __cfi_selinux_inode_permission+0x10/0x10
[  208.032320][   T29]  ? avc_has_perm+0x163/0x250
[  208.037073][   T29]  ? rwsem_write_trylock+0x136/0x300
[  208.042586][   T29]  ? clear_nonspinnable+0x60/0x60
[  208.048008][   T29]  ? may_delete+0x583/0x710
[  208.052574][   T29]  down_write+0x21/0x30
[  208.062598][   T29]  vfs_rmdir+0xfc/0x500
[  208.066780][   T29]  dir_rmdir+0x236/0x320
[  208.072468][   T29]  ? __cfi_dir_rmdir+0x10/0x10
[  208.077258][   T29]  ? selinux_inode_rmdir+0x22/0x30
[  208.101370][   T29]  ? security_inode_rmdir+0xe5/0x130
[  208.109418][   T29]  vfs_rmdir+0x393/0x500
[  208.122402][   T29]  incfs_kill_sb+0x198/0x220
[  208.127035][   T29]  deactivate_locked_super+0xb5/0x120
[  208.132511][   T29]  deactivate_super+0xaf/0xe0
[  208.137203][   T29]  cleanup_mnt+0x474/0x500
[  208.141642][   T29]  ? __kasan_slab_free+0x11/0x20
[  208.146580][   T29]  __cleanup_mnt+0x19/0x20
[  208.151016][   T29]  task_work_run+0x1e1/0x250
[  208.155615][   T29]  ? __cfi_task_work_run+0x10/0x10
[  208.160747][   T29]  ? free_nsproxy+0x21f/0x270
[  208.165433][   T29]  do_exit+0xa35/0x2660
[  208.169600][   T29]  ? __cfi_do_exit+0x10/0x10
[  208.174189][   T29]  ? __kasan_check_write+0x14/0x20
[  208.179311][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  208.184328][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  208.189878][   T29]  ? ksys_write+0x1e4/0x250
[  208.194376][   T29]  ? zap_other_threads+0x2c1/0x2f0
[  208.199516][   T29]  do_group_exit+0x225/0x2e0
[  208.204100][   T29]  __x64_sys_exit_group+0x3f/0x40
[  208.209135][   T29]  x64_sys_call+0x7b4/0x9a0
[  208.213630][   T29]  do_syscall_64+0x4c/0xa0
[  208.218567][   T29]  ? clear_bhb_loop+0x30/0x80
[  208.223240][   T29]  ? clear_bhb_loop+0x30/0x80
[  208.227944][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  208.233846][   T29] RIP: 0033:0x7f65e739ce59
[  208.238280][   T29] RSP: 002b:00007fff5d077688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  208.246684][   T29] RAX: ffffffffffffffda RBX: 00007f65e743223c RCX: 00007f65e739ce59
[  208.254668][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  208.262664][   T29] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007f65e74321ca
[  208.270660][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff5d078940
[  208.278636][   T29] R13: 00007f65e74321ca R14: 0000555573bdb4e8 R15: 00007fff5d079a10
[  208.286604][   T29]  </TASK>
[  208.290375][  T370] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  208.303524][   T29] NMI backtrace for cpu 1
[  208.307876][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  208.315247][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  208.325307][   T29] Call Trace:
[  208.328585][   T29]  <TASK>
[  208.331509][   T29]  __dump_stack+0x21/0x24
[  208.335844][   T29]  dump_stack_lvl+0x110/0x170
[  208.340516][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  208.345545][   T29]  dump_stack+0x15/0x24
[  208.349712][   T29]  nmi_cpu_backtrace+0x2af/0x2c0
[  208.354655][   T29]  ? rcu_read_unlock_special+0xb2/0x440
[  208.360212][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  208.365675][   T29]  ? nmi_trigger_cpumask_backtrace+0xf6/0x3a0
[  208.371750][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  208.377756][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  208.383750][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  208.389741][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  208.395638][   T29]  watchdog+0xd68/0xeb0
[  208.399795][   T29]  ? __cfi_watchdog+0x10/0x10
[  208.404479][   T29]  ? __kasan_check_read+0x11/0x20
[  208.409503][   T29]  ? __kthread_parkme+0x142/0x180
[  208.414527][   T29]  kthread+0x281/0x320
[  208.418596][   T29]  ? __cfi_watchdog+0x10/0x10
[  208.423273][   T29]  ? __cfi_kthread+0x10/0x10
[  208.427881][   T29]  ret_from_fork+0x1f/0x30
[  208.432306][   T29]  </TASK>
[  208.435460][   T29] Sending NMI from CPU 1 to CPUs 0:
[  208.440684][    C0] NMI backtrace for cpu 0
[  208.440695][    C0] CPU: 0 PID: 8738 Comm: syz.8.3042 Not tainted syzkaller #0
[  208.440711][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  208.440721][    C0] RIP: 0010:filter_irq_stacks+0x1/0x90
[  208.440748][    C0] Code: 89 f7 e8 42 01 55 00 e9 5b ff ff ff e8 38 90 99 03 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 83 3b c4 c5 55 <48> 89 e5 41 57 41 56 41 55 41 54 53 85 f6 74 70 49 89 fe 41 89 f4
[  208.440762][    C0] RSP: 0018:ffffc90000f56c70 EFLAGS: 00000282
[  208.440777][    C0] RAX: 08a7c86193ffc900 RBX: 0000000000140cca RCX: 0000000000140cca
[  208.440789][    C0] RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffffc90000f56d40
[  208.440800][    C0] RBP: ffffc90000f56ce0 R08: 0000000000000001 R09: ffffc90000f56c88
[  208.440812][    C0] R10: 000000000000000f R11: fffff520001ead85 R12: 0000000000000001
[  208.440822][    C0] R13: 0000000000000000 R14: ffffc90000f56d40 R15: 1ffff920001eada4
[  208.440834][    C0] FS:  00007f1f9419b6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  208.440847][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  208.440859][    C0] CR2: 00007f67b544f156 CR3: 000000012a2c1000 CR4: 00000000003506b0
[  208.440874][    C0] Call Trace:
[  208.440879][    C0]  <TASK>
[  208.440884][    C0]  ? __stack_depot_save+0x36/0x480
[  208.440907][    C0]  stack_depot_save+0x13/0x20
[  208.440925][    C0]  save_stack+0x12f/0x230
[  208.440942][    C0]  ? __reset_page_owner+0x190/0x190
[  208.440957][    C0]  ? post_alloc_hook+0x1f5/0x210
[  208.440978][    C0]  ? prep_new_page+0x1c/0x110
[  208.440998][    C0]  ? get_page_from_freelist+0x2d12/0x2d80
[  208.441021][    C0]  ? __alloc_pages+0x1fa/0x610
[  208.441041][    C0]  ? __folio_alloc+0x12/0x40
[  208.441062][    C0]  ? shmem_alloc_and_acct_folio+0x6dd/0x8c0
[  208.441084][    C0]  ? shmem_get_folio_gfp+0x119f/0x2230
[  208.441103][    C0]  ? shmem_fault+0x1ab/0x670
[  208.441122][    C0]  ? do_fault+0x1b52/0x1ee0
[  208.441137][    C0]  ? handle_mm_fault+0x133a/0x26c0
[  208.441151][    C0]  ? __get_user_pages+0x34b/0xdb0
[  208.441168][    C0]  ? __mm_populate+0x2ea/0x430
[  208.441184][    C0]  ? vm_mmap_pgoff+0x293/0x410
[  208.441198][    C0]  ? ksys_mmap_pgoff+0xf6/0x1d0
[  208.441219][    C0]  ? __x64_sys_mmap+0xfa/0x110
[  208.441234][    C0]  ? x64_sys_call+0x8fd/0x9a0
[  208.441253][    C0]  ? __kasan_check_write+0x14/0x20
[  208.441273][    C0]  ? __set_page_owner_handle+0x3c7/0x410
[  208.441291][    C0]  __set_page_owner+0x1f/0x60
[  208.441306][    C0]  post_alloc_hook+0x1f5/0x210
[  208.441327][    C0]  prep_new_page+0x1c/0x110
[  208.441360][    C0]  get_page_from_freelist+0x2d12/0x2d80
[  208.441384][    C0]  ? __stack_depot_save+0x36/0x480
[  208.441404][    C0]  ? __cfi_gfp_zone+0x10/0x10
[  208.441421][    C0]  ? shmem_get_folio_gfp+0x132f/0x2230
[  208.441444][    C0]  ? shmem_fault+0x1ab/0x670
[  208.441465][    C0]  ? __alloc_pages+0x610/0x610
[  208.441486][    C0]  ? __cfi_gfp_zone+0x10/0x10
[  208.441506][    C0]  ? propagate_protected_usage+0xd8/0x230
[  208.441530][    C0]  __alloc_pages+0x1fa/0x610
[  208.441551][    C0]  ? __cfi___alloc_pages+0x10/0x10
[  208.441572][    C0]  ? try_charge_memcg+0x269/0x1610
[  208.441595][    C0]  __folio_alloc+0x12/0x40
[  208.441615][    C0]  shmem_alloc_and_acct_folio+0x6dd/0x8c0
[  208.441637][    C0]  ? shmem_replace_folio+0x640/0x640
[  208.441661][    C0]  ? xas_load+0x39e/0x3b0
[  208.441684][    C0]  ? __filemap_get_folio+0x838/0xa60
[  208.441701][    C0]  ? __cfi___filemap_get_folio+0x10/0x10
[  208.441719][    C0]  shmem_get_folio_gfp+0x119f/0x2230
[  208.441738][    C0]  ? xas_load+0x39e/0x3b0
[  208.441763][    C0]  shmem_fault+0x1ab/0x670
[  208.441783][    C0]  ? do_set_pte+0x455/0x560
[  208.441797][    C0]  ? __cfi_shmem_fault+0x10/0x10
[  208.441817][    C0]  ? vma_data_pages+0xb5/0x150
[  208.441837][    C0]  do_fault+0x1b52/0x1ee0
[  208.441853][    C0]  ? pte_marker_clear+0x220/0x220
[  208.441869][    C0]  ? __this_cpu_preempt_check+0x11/0x20
[  208.441885][    C0]  ? memcg_rstat_updated+0x56/0x110
[  208.441910][    C0]  handle_mm_fault+0x133a/0x26c0
[  208.441927][    C0]  ? __cfi_handle_mm_fault+0x10/0x10
[  208.441945][    C0]  __get_user_pages+0x34b/0xdb0
[  208.441964][    C0]  ? populate_vma_page_range+0x120/0x120
[  208.441981][    C0]  ? userfaultfd_unmap_complete+0x29b/0x310
[  208.441999][    C0]  __mm_populate+0x2ea/0x430
[  208.442017][    C0]  ? __cfi___mm_populate+0x10/0x10
[  208.442034][    C0]  vm_mmap_pgoff+0x293/0x410
[  208.442050][    C0]  ? __cfi_vm_mmap_pgoff+0x10/0x10
[  208.442066][    C0]  ? xfd_validate_state+0x70/0x150
[  208.442087][    C0]  ksys_mmap_pgoff+0xf6/0x1d0
[  208.442107][    C0]  ? __kasan_check_write+0x14/0x20
[  208.442123][    C0]  __x64_sys_mmap+0xfa/0x110
[  208.442138][    C0]  x64_sys_call+0x8fd/0x9a0
[  208.442156][    C0]  do_syscall_64+0x4c/0xa0
[  208.442175][    C0]  ? clear_bhb_loop+0x30/0x80
[  208.442189][    C0]  ? clear_bhb_loop+0x30/0x80
[  208.442209][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  208.442232][    C0] RIP: 0033:0x7f1f9339ce59
[  208.442245][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  208.442257][    C0] RSP: 002b:00007f1f9419b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  208.442273][    C0] RAX: ffffffffffffffda RBX: 00007f1f93616090 RCX: 00007f1f9339ce59
[  208.442285][    C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000
[  208.442296][    C0] RBP: 00007f1f93432d6f R08: ffffffffffffffff R09: 0000000000000000
[  208.442307][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  208.442317][    C0] R13: 00007f1f93616128 R14: 00007f1f93616090 R15: 00007ffeee289908
[  208.442331][    C0]  </TASK>
[  208.601358][   T28] audit: type=1326 audit(1781232634.581:23950): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8739 comm="syz.0.3043" exe="/root/ci2-android-6-1/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f67b539ce59 code=0x0
[  209.017060][  T370] usb 5-1: Using ep0 maxpacket: 16
[  209.023478][  T370] usb 5-1: config 0 has an invalid descriptor of length 64, skipping remainder of the config
[  209.033780][  T370] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  209.043885][  T370] usb 5-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00
[  209.053103][  T370] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.062705][  T370] usb 5-1: config 0 descriptor??
[  209.068083][ T8755] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3048'.
[  209.217743][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  209.894102][ T8787] loop9: detected capacity change from 0 to 40427
[  209.903546][ T8787] F2FS-fs (loop9): invalid crc value
[  209.909809][ T8787] F2FS-fs (loop9): Found nat_bits in checkpoint
[  209.934127][ T8787] F2FS-fs (loop9): Start checkpoint disabled!
[  209.941006][ T8787] F2FS-fs (loop9): f2fs_disable_checkpoint() finish, err:0
[  209.948443][ T8787] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  209.986041][ T8787] F2FS-fs (loop9): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  210.093275][ T8787] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3058'.
[  210.115552][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.115552][ T1841] loop9: rw=1, sector=77824, nr_sectors = 8 limit=40427
[  210.129557][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.129557][ T1841] loop9: rw=1, sector=77856, nr_sectors = 8 limit=40427
[  210.143426][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.143426][ T1841] loop9: rw=1, sector=77864, nr_sectors = 8 limit=40427
[  210.157541][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.157541][ T1841] loop9: rw=1, sector=77872, nr_sectors = 8 limit=40427
[  210.171475][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.171475][ T1841] loop9: rw=1, sector=77880, nr_sectors = 8 limit=40427
[  210.185517][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.185517][ T1841] loop9: rw=1, sector=77912, nr_sectors = 8 limit=40427
[  210.199496][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.199496][ T1841] loop9: rw=1, sector=77936, nr_sectors = 8 limit=40427
[  210.213470][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.213470][ T1841] loop9: rw=1, sector=77944, nr_sectors = 8 limit=40427
[  210.227501][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.227501][ T1841] loop9: rw=1, sector=77968, nr_sectors = 8 limit=40427
[  210.241625][ T1841] kworker/u4:20: attempt to access beyond end of device
[  210.241625][ T1841] loop9: rw=1, sector=77976, nr_sectors = 8 limit=40427
[  210.372566][ T8797] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3063'.
[  210.381530][ T8797] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3063'.
[  210.390553][ T8797] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3063'.
[  210.399620][ T8797] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3063'.
[  210.430770][   T28] audit: type=1400 audit(1781232636.411:23951): avc:  denied  { create } for  pid=8800 comm="syz.7.3064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  210.737724][ T8805] netlink: 68 bytes leftover after parsing attributes in process `syz.9.3066'.
[  210.819728][ T8809] syz.9.3067[8809] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  210.819850][ T8809] syz.9.3067[8809] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  210.897560][  T370] usb 5-1: USB disconnect, device number 11
[  210.950347][   T28] audit: type=1400 audit(1781232636.931:23952): avc:  denied  { associate } for  pid=8821 comm="syz.4.3073" name="3" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  211.499449][ T8841] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3078'.
[  211.576353][ T8844] lo: Caught tx_queue_len zero misconfig
[  211.582148][ T8844] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  212.788827][ T8861] team_slave_1: Caught tx_queue_len zero misconfig
[  213.137591][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.147079][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.157495][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.166943][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.176388][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.186084][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.195527][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.204913][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.214409][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.223787][    C0] icmp: detected local route for 172.20.20.14 during ICMP sending, src 172.20.20.0
[  213.968813][ T8888] tipc: Enabled bearer <udp:syz2>, priority 10
[  213.977060][ T8888] netlink: 104 bytes leftover after parsing attributes in process `syz.9.3095'.
[  213.988874][ T8888] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  214.217614][   T28] audit: type=1400 audit(1781232640.191:23953): avc:  denied  { create } for  pid=8900 comm="syz.0.3101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  214.996382][ T8926] loop9: detected capacity change from 0 to 256
[  215.007873][ T8926] exfat: Deprecated parameter 'namecase'
[  215.013632][ T8926] exfat: Deprecated parameter 'namecase'
[  215.026215][ T8926] exfat: Bad value for 'gid'
[  216.547684][   T28] audit: type=1400 audit(1781232642.521:23954): avc:  denied  { map } for  pid=8947 comm="syz.9.3119" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  217.116512][ T8959] cgroup: Unknown subsys name 'subj_role'
[  219.332236][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3141'.
[  220.058107][ T9057] loop9: detected capacity change from 0 to 128
[  220.122509][ T9057] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  220.131929][ T9057] ext4 filesystem being mounted at /179/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  220.283399][ T6173] EXT4-fs (loop9): unmounting filesystem.
[  220.409238][ T9072] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3159'.
[  220.420432][ T9072] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3159'.
[  220.454933][ T9075] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3161'.
[  220.465671][ T9075] device vlan0 entered promiscuous mode
[  220.471679][ T9075] device ip6gretap0 entered promiscuous mode
[  220.485673][ T9078] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3162'.
[  220.549435][ T9086] loop9: detected capacity change from 0 to 1024
[  220.557310][ T9086] journal_path: Lookup failure for './file1'
[  220.563739][ T9086] EXT4-fs: error: could not find journal device path
[  221.437057][ T9105] loop9: detected capacity change from 0 to 256
[  221.450687][ T9105] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  221.462020][ T9105] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  221.472442][ T9105] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  222.078032][ T9109] exFAT-fs (loop9): error, invalid access to FAT (entry 0x00000005) bogus content (0xc7c7c7c7)
[  222.457948][ T9109] exFAT-fs (loop9): Filesystem has been set read-only
[  222.467699][ T9105] exFAT-fs (loop9): error, invalid access to FAT (entry 0x00000005) bogus content (0xc7c7c7c7)
[  222.551364][ T6173] exFAT-fs (loop9): error, invalid access to FAT (entry 0x00000005) bogus content (0xc7c7c7c7)
[  222.553759][ T9118] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3175'.
[  222.563634][ T6173] exFAT-fs (loop9): error, invalid access to FAT (entry 0x00000005) bogus content (0xc7c7c7c7)
[  222.585972][ T9119] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2 sclass=netlink_route_socket pid=9119 comm=syz.8.3176
[  224.137892][ T9148] syz.4.3185[9148] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  224.138013][ T9148] syz.4.3185[9148] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  224.308720][ T9150] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.328011][ T9150] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.336327][ T9150] device bridge_slave_0 entered promiscuous mode
[  224.344225][ T9158] netlink: 'syz.4.3189': attribute type 3 has an invalid length.
[  224.352489][ T9158] netlink: 'syz.4.3189': attribute type 3 has an invalid length.
[  224.361409][ T9150] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.402341][ T9150] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.411873][ T9150] device bridge_slave_1 entered promiscuous mode
[  224.839060][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  224.864114][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  224.912734][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  224.922527][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  224.932215][ T7099] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.939285][ T7099] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.948832][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  224.971882][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  224.985461][ T7099] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.992566][ T7099] bridge0: port 2(bridge_slave_1) entered forwarding state
[  225.031439][ T9186] netlink: 'syz.0.3206': attribute type 1 has an invalid length.
[  225.217694][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  226.158373][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  226.166365][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  226.174634][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  226.184222][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  226.192819][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  226.201943][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  226.230892][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  226.351757][ T9150] device veth0_vlan entered promiscuous mode
[  226.372153][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  226.532288][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  228.149184][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  228.184161][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  228.242503][ T9150] device veth1_macvtap entered promiscuous mode
[  228.266364][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  228.281916][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  228.311216][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  228.342410][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  228.367204][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  228.395364][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  228.427923][ T7099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  228.501784][ T9214] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3186'.
[  228.539518][ T9217] xt_hashlimit: size too large, truncated to 1048576
[  229.058395][   T29] INFO: task syz-executor:941 blocked for more than 187 seconds.
[  229.067316][   T29]       Not tainted syzkaller #0
[  229.073284][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  229.097374][   T29] task:syz-executor    state:D stack:22880 pid:941   ppid:1      flags:0x00004002
[  229.115435][   T29] Call Trace:
[  229.128993][   T29]  <TASK>
[  229.160474][ T9231] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3212'.
[  229.170787][   T29]  __schedule+0xba6/0x1500
[  229.178652][   T29]  ? release_firmware_map_entry+0x190/0x190
[  229.184611][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  229.189955][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  229.195558][   T29]  schedule+0xbd/0x170
[  229.204400][   T29]  rwsem_down_write_slowpath+0x5e7/0x1c50
[  229.211114][   T29]  ? avc_has_perm_noaudit+0x391/0x490
[  229.216571][   T29]  ? rwsem_down_read_slowpath+0x1580/0x1580
[  229.222631][   T29]  ? __cfi_selinux_inode_permission+0x10/0x10
[  229.230300][   T29]  ? avc_has_perm+0x163/0x250
[  229.235086][   T29]  ? rwsem_write_trylock+0x136/0x300
[  229.240729][   T29]  ? clear_nonspinnable+0x60/0x60
[  229.246081][   T29]  ? may_delete+0x583/0x710
[  229.250825][   T29]  down_write+0x21/0x30
[  229.255066][   T29]  vfs_rmdir+0xfc/0x500
[  229.259290][   T29]  dir_rmdir+0x236/0x320
[  229.263627][   T29]  ? __cfi_dir_rmdir+0x10/0x10
[  229.268502][   T29]  ? selinux_inode_rmdir+0x22/0x30
[  229.273827][   T29]  ? security_inode_rmdir+0xe5/0x130
[  229.279273][   T29]  vfs_rmdir+0x393/0x500
[  229.327273][   T29]  incfs_kill_sb+0x198/0x220
[  229.332444][   T29]  deactivate_locked_super+0xb5/0x120
[  229.338209][   T29]  deactivate_super+0xaf/0xe0
[  229.343251][   T29]  cleanup_mnt+0x474/0x500
[  229.348130][   T29]  ? __kasan_slab_free+0x11/0x20
[  229.353387][   T29]  __cleanup_mnt+0x19/0x20
[  229.358137][   T29]  task_work_run+0x1e1/0x250
[  229.363064][   T29]  ? __cfi_task_work_run+0x10/0x10
[  229.368521][   T29]  ? free_nsproxy+0x21f/0x270
[  229.373485][   T29]  do_exit+0xa35/0x2660
[  229.378003][   T29]  ? __cfi_do_exit+0x10/0x10
[  229.383046][   T29]  ? __kasan_check_write+0x14/0x20
[  229.388502][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  229.393773][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  229.399587][   T29]  ? ksys_write+0x1e4/0x250
[  229.404379][   T29]  ? zap_other_threads+0x2c1/0x2f0
[  229.409765][   T29]  do_group_exit+0x225/0x2e0
[  229.414575][   T29]  __x64_sys_exit_group+0x3f/0x40
[  229.419946][   T29]  x64_sys_call+0x7b4/0x9a0
[  229.424673][   T29]  do_syscall_64+0x4c/0xa0
[  229.429279][   T29]  ? clear_bhb_loop+0x30/0x80
[  229.434176][   T29]  ? clear_bhb_loop+0x30/0x80
[  229.439190][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  229.445461][   T29] RIP: 0033:0x7f65e739ce59
[  229.450135][   T29] RSP: 002b:00007fff5d077688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  229.459198][   T29] RAX: ffffffffffffffda RBX: 00007f65e743223c RCX: 00007f65e739ce59
[  229.467688][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  229.476211][   T29] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007f65e74321ca
[  229.484438][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff5d078940
[  229.492871][   T29] R13: 00007f65e74321ca R14: 0000555573bdb4e8 R15: 00007fff5d079a10
[  229.501266][   T29]  </TASK>
[  229.575651][ T9231] bridge6: port 1(veth15) entered blocking state
[  229.603372][   T29] NMI backtrace for cpu 1
[  229.607732][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  229.614930][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  229.624978][   T29] Call Trace:
[  229.628251][   T29]  <TASK>
[  229.631175][   T29]  __dump_stack+0x21/0x24
[  229.635504][   T29]  dump_stack_lvl+0x110/0x170
[  229.640180][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  229.645204][   T29]  ? preempt_schedule_irq+0xca/0x120
[  229.650490][   T29]  dump_stack+0x15/0x24
[  229.654643][   T29]  nmi_cpu_backtrace+0x2af/0x2c0
[  229.659586][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  229.665049][   T29]  ? nmi_trigger_cpumask_backtrace+0xf6/0x3a0
[  229.671115][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  229.677092][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  229.683067][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  229.689051][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  229.694944][   T29]  watchdog+0xd68/0xeb0
[  229.699100][   T29]  ? __cfi_watchdog+0x10/0x10
[  229.703772][   T29]  ? __kasan_check_read+0x11/0x20
[  229.708796][   T29]  ? __kthread_parkme+0x142/0x180
[  229.713814][   T29]  kthread+0x281/0x320
[  229.717878][   T29]  ? __cfi_watchdog+0x10/0x10
[  229.722551][   T29]  ? __cfi_kthread+0x10/0x10
[  229.727134][   T29]  ret_from_fork+0x1f/0x30
[  229.731551][   T29]  </TASK>
[  229.734830][   T29] Sending NMI from CPU 1 to CPUs 0:
[  229.740108][    C0] NMI backtrace for cpu 0
[  229.740118][    C0] CPU: 0 PID: 9234 Comm: syz.9.3211 Not tainted syzkaller #0
[  229.740135][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  229.740144][    C0] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x36/0x90
[  229.740180][    C0] Code: 10 ec 90 7e 65 8b 0d 11 ec 90 7e 81 e1 00 01 ff 00 74 11 81 f9 00 01 00 00 75 5b 83 ba 6c 0b 00 00 00 74 52 8b 8a 48 0b 00 00 <83> f9 03 75 47 48 8b 8a 50 0b 00 00 44 8b 8a 4c 0b 00 00 49 c1 e1
[  229.740193][    C0] RSP: 0018:ffffc90000faf980 EFLAGS: 00000246
[  229.740207][    C0] RAX: ffffffff8268385f RBX: 0000000000000000 RCX: 0000000000000002
[  229.740218][    C0] RDX: ffff88813b0a6540 RSI: 0000000000000000 RDI: 0000000000000002
[  229.740229][    C0] RBP: ffffc90000faf980 R08: 0000000000000000 R09: ffffc90000fafd10
[  229.740240][    C0] R10: dffffc0000000000 R11: fffff520001f5fac R12: ffffc90000fafb20
[  229.740253][    C0] R13: 0000000000000000 R14: ffffc90000fafbc0 R15: dffffc0000000000
[  229.740265][    C0] FS:  00007fc3136c26c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  229.740279][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  229.740291][    C0] CR2: 0000200000f55030 CR3: 0000000123339000 CR4: 00000000003506b0
[  229.740305][    C0] Call Trace:
[  229.740310][    C0]  <TASK>
[  229.740317][    C0]  __import_iovec+0x26f/0x470
[  229.740335][    C0]  import_iovec+0x7c/0xb0
[  229.740350][    C0]  ___sys_recvmsg+0x4b6/0x590
[  229.740371][    C0]  ? __sys_recvmsg+0x280/0x280
[  229.740392][    C0]  ? cgroup_rstat_updated+0xf5/0x360
[  229.740410][    C0]  ? asm_common_interrupt+0x27/0x40
[  229.740434][    C0]  ? do_recvmmsg+0x57a/0x840
[  229.740455][    C0]  do_recvmmsg+0x393/0x840
[  229.740477][    C0]  ? __sys_recvmmsg+0x290/0x290
[  229.740496][    C0]  ? cgroup_freezing+0x86/0xb0
[  229.740517][    C0]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  229.740537][    C0]  ? __set_current_blocked+0x204/0x230
[  229.740561][    C0]  ? __fget_files+0x2d5/0x330
[  229.740579][    C0]  __x64_sys_recvmmsg+0x195/0x250
[  229.740599][    C0]  ? __kasan_check_write+0x14/0x20
[  229.740616][    C0]  ? __cfi___x64_sys_recvmmsg+0x10/0x10
[  229.740637][    C0]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  229.740656][    C0]  x64_sys_call+0x3e7/0x9a0
[  229.740675][    C0]  do_syscall_64+0x4c/0xa0
[  229.740694][    C0]  ? clear_bhb_loop+0x30/0x80
[  229.740707][    C0]  ? clear_bhb_loop+0x30/0x80
[  229.740721][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  229.740743][    C0] RIP: 0033:0x7fc31279ce59
[  229.740757][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  229.740770][    C0] RSP: 002b:00007fc3136c2028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  229.740785][    C0] RAX: ffffffffffffffda RBX: 00007fc312a16090 RCX: 00007fc31279ce59
[  229.740796][    C0] RDX: 0000000004000087 RSI: 00002000000000c0 RDI: 0000000000000003
[  229.740807][    C0] RBP: 00007fc312832d6f R08: 0000000000000000 R09: 0000000000000000
[  229.740817][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  229.740827][    C0] R13: 00007fc312a16128 R14: 00007fc312a16090 R15: 00007ffdbd519558
[  229.740842][    C0]  </TASK>
[  229.763818][ T9231] bridge6: port 1(veth15) entered disabled state
[  229.808020][ T9237] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9237 comm=syz.8.3213
[  229.844044][ T9231] device veth15 entered promiscuous mode
[  230.145244][ T9259] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3218'.
[  232.915497][   T28] audit: type=1326 audit(1781232658.891:23955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.005349][   T28] audit: type=1326 audit(1781232658.891:23956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.038567][   T28] audit: type=1326 audit(1781232658.921:23957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.065084][   T28] audit: type=1326 audit(1781232658.921:23958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.102474][   T28] audit: type=1326 audit(1781232658.921:23959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.188194][   T28] audit: type=1326 audit(1781232658.921:23960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.242391][   T28] audit: type=1326 audit(1781232658.921:23961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.296033][   T28] audit: type=1326 audit(1781232658.921:23962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.366785][   T28] audit: type=1326 audit(1781232658.921:23963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  233.421738][   T28] audit: type=1326 audit(1781232658.921:23964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9356 comm="syz.7.3255" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065bd9ce59 code=0x7ffc0000
[  234.050700][ T9384] loop9: detected capacity change from 0 to 4096
[  234.063176][ T9384] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  234.079580][ T9384] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  235.241350][ T9150] EXT4-fs (loop9): unmounting filesystem.
[  235.331980][ T9419] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  235.388995][ T9419] kvm: pic: non byte read
[  235.405924][ T9419] kvm: pic: level sensitive irq not supported
[  235.406028][ T9419] kvm: pic: non byte read
[  235.462815][ T9419] kvm: pic: level sensitive irq not supported
[  235.462890][ T9419] kvm: pic: non byte read
[  235.498062][ T9419] kvm: pic: level sensitive irq not supported
[  235.501438][ T9419] kvm: pic: non byte read
[  235.539881][ T9419] kvm: pic: level sensitive irq not supported
[  235.540104][ T9419] kvm: pic: non byte read
[  235.625441][ T9419] kvm: pic: level sensitive irq not supported
[  235.625526][ T9419] kvm: pic: non byte read
[  235.637008][ T9419] kvm: pic: level sensitive irq not supported
[  235.637092][ T9419] kvm: pic: non byte read
[  235.657464][ T9419] kvm: pic: level sensitive irq not supported
[  235.657865][ T9419] kvm: pic: non byte read
[  235.675237][ T9419] kvm: pic: level sensitive irq not supported
[  235.675635][ T9419] kvm: pic: non byte read
[  235.693420][ T9419] kvm: pic: level sensitive irq not supported
[  235.693801][ T9419] kvm: pic: non byte read
[  235.753466][ T9419] kvm: pic: level sensitive irq not supported
[  244.390012][ T9556] xt_CT: No such helper "netbios-ns"
[  244.829448][ T9562] ip6tnl0: Caught tx_queue_len zero misconfig
[  244.839679][ T9566] loop9: detected capacity change from 0 to 16
[  244.864373][ T9566] erofs: (device loop9): mounted with root inode @ nid 36.
[  244.923115][ T9569] xt_TCPMSS: Only works on TCP SYN packets
[  245.152782][ T9574] loop9: detected capacity change from 0 to 4096
[  245.164680][ T9574] EXT4-fs (loop9): Test dummy encryption mode enabled
[  245.194777][ T9574] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  245.259835][ T9150] EXT4-fs (loop9): unmounting filesystem.
[  245.953780][ T9590] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3327'.
[  246.425860][ T9616] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3336'.
[  246.482799][ T9616] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9616 comm=syz.9.3336
[  251.073848][   T29] INFO: task syz-executor:941 blocked for more than 209 seconds.
[  251.112389][   T29]       Not tainted syzkaller #0
[  251.128159][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  251.161161][   T29] task:syz-executor    state:D stack:22880 pid:941   ppid:1      flags:0x00004002
[  251.170458][   T29] Call Trace:
[  251.173737][   T29]  <TASK>
[  251.176671][   T29]  __schedule+0xba6/0x1500
[  251.181139][   T29]  ? release_firmware_map_entry+0x190/0x190
[  251.187035][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  251.192095][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  251.198436][   T29]  schedule+0xbd/0x170
[  251.202498][   T29]  rwsem_down_write_slowpath+0x5e7/0x1c50
[  251.208218][   T29]  ? avc_has_perm_noaudit+0x391/0x490
[  251.213589][   T29]  ? rwsem_down_read_slowpath+0x1580/0x1580
[  251.219491][   T29]  ? __cfi_selinux_inode_permission+0x10/0x10
[  251.226000][   T29]  ? avc_has_perm+0x163/0x250
[  251.230681][   T29]  ? rwsem_write_trylock+0x136/0x300
[  251.235963][   T29]  ? clear_nonspinnable+0x60/0x60
[  251.240995][   T29]  ? may_delete+0x583/0x710
[  251.245493][   T29]  down_write+0x21/0x30
[  251.249645][   T29]  vfs_rmdir+0xfc/0x500
[  251.253790][   T29]  dir_rmdir+0x236/0x320
[  251.258034][   T29]  ? __cfi_dir_rmdir+0x10/0x10
[  251.262789][   T29]  ? selinux_inode_rmdir+0x22/0x30
[  251.267899][   T29]  ? security_inode_rmdir+0xe5/0x130
[  251.273177][   T29]  vfs_rmdir+0x393/0x500
[  251.277789][   T29]  incfs_kill_sb+0x198/0x220
[  251.282382][   T29]  deactivate_locked_super+0xb5/0x120
[  251.287777][   T29]  deactivate_super+0xaf/0xe0
[  251.292468][   T29]  cleanup_mnt+0x474/0x500
[  251.296892][   T29]  ? __kasan_slab_free+0x11/0x20
[  251.301957][   T29]  __cleanup_mnt+0x19/0x20
[  251.306367][   T29]  task_work_run+0x1e1/0x250
[  251.310963][   T29]  ? __cfi_task_work_run+0x10/0x10
[  251.316163][   T29]  ? free_nsproxy+0x21f/0x270
[  251.320865][   T29]  do_exit+0xa35/0x2660
[  251.325029][   T29]  ? __cfi_do_exit+0x10/0x10
[  251.329631][   T29]  ? __kasan_check_write+0x14/0x20
[  251.334736][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  251.339776][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  251.345312][   T29]  ? ksys_write+0x1e4/0x250
[  251.349817][   T29]  ? zap_other_threads+0x2c1/0x2f0
[  251.354934][   T29]  do_group_exit+0x225/0x2e0
[  251.359563][   T29]  __x64_sys_exit_group+0x3f/0x40
[  251.364586][   T29]  x64_sys_call+0x7b4/0x9a0
[  251.369126][   T29]  do_syscall_64+0x4c/0xa0
[  251.373539][   T29]  ? clear_bhb_loop+0x30/0x80
[  251.378221][   T29]  ? clear_bhb_loop+0x30/0x80
[  251.382884][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  251.388782][   T29] RIP: 0033:0x7f65e739ce59
[  251.393187][   T29] RSP: 002b:00007fff5d077688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  251.401622][   T29] RAX: ffffffffffffffda RBX: 00007f65e743223c RCX: 00007f65e739ce59
[  251.409596][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  251.417578][   T29] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007f65e74321ca
[  251.425553][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff5d078940
[  251.433543][   T29] R13: 00007f65e74321ca R14: 0000555573bdb4e8 R15: 00007fff5d079a10
[  251.441528][   T29]  </TASK>
[  251.445233][   T29] NMI backtrace for cpu 1
[  251.449565][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  251.456759][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  251.466818][   T29] Call Trace:
[  251.470102][   T29]  <TASK>
[  251.473041][   T29]  __dump_stack+0x21/0x24
[  251.477376][   T29]  dump_stack_lvl+0x110/0x170
[  251.482054][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  251.487083][   T29]  dump_stack+0x15/0x24
[  251.491240][   T29]  nmi_cpu_backtrace+0x2af/0x2c0
[  251.496183][   T29]  ? rcu_read_unlock_special+0xb2/0x440
[  251.501735][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  251.507199][   T29]  ? nmi_trigger_cpumask_backtrace+0xf6/0x3a0
[  251.513273][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  251.519254][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  251.525240][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  251.531225][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  251.537121][   T29]  watchdog+0xd68/0xeb0
[  251.541275][   T29]  ? __cfi_watchdog+0x10/0x10
[  251.545953][   T29]  ? __kasan_check_read+0x11/0x20
[  251.550987][   T29]  ? __kthread_parkme+0x142/0x180
[  251.556030][   T29]  kthread+0x281/0x320
[  251.560104][   T29]  ? __cfi_watchdog+0x10/0x10
[  251.564783][   T29]  ? __cfi_kthread+0x10/0x10
[  251.569373][   T29]  ret_from_fork+0x1f/0x30
[  251.573800][   T29]  </TASK>
[  251.577157][   T29] Sending NMI from CPU 1 to CPUs 0:
[  251.583559][    C0] NMI backtrace for cpu 0
[  251.583571][    C0] CPU: 0 PID: 473 Comm: syz-executor Not tainted syzkaller #0
[  251.583588][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  251.583598][    C0] RIP: 0010:update_stack_state+0x1a6/0x480
[  251.583622][    C0] Code: 3c 28 00 74 08 4c 89 f7 e8 b7 6f 81 00 4d 8b 3e 48 8b 85 48 ff ff ff 42 80 3c 28 00 74 0c 48 8b bd 70 ff ff ff e8 9a 6f 81 00 <4c> 8b 73 10 48 8b 45 b8 42 0f b6 04 28 84 c0 0f 85 8c 00 00 00 49
[  251.583644][    C0] RSP: 0018:ffffc900007576f8 EFLAGS: 00000246
[  251.583660][    C0] RAX: 1ffff920000eaf0b RBX: ffffc90000757848 RCX: 1ffff920000eaf0b
[  251.583673][    C0] RDX: 1ffff920000eaf0c RSI: 1ffff920000eaf0a RDI: ffffc900007578a0
[  251.583685][    C0] RBP: ffffc900007577b8 R08: ffffc90000757910 R09: ffffc90000757908
[  251.583698][    C0] R10: 0000000000000000 R11: fffff520000eaf15 R12: 0000000000000000
[  251.583709][    C0] R13: dffffc0000000000 R14: ffffc90000757850 R15: ffffc90000750000
[  251.583721][    C0] FS:  000055558b8d2500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  251.583736][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  251.583747][    C0] CR2: 000055558b8ed908 CR3: 0000000129d0e000 CR4: 00000000003506b0
[  251.583760][    C0] DR0: ffffffffffffffff DR1: 8000000000000000 DR2: 00000000000003ff
[  251.583772][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  251.583782][    C0] Call Trace:
[  251.583787][    C0]  <TASK>
[  251.583796][    C0]  unwind_next_frame+0x3d5/0x700
[  251.583815][    C0]  ? __kernel_text_address+0xd/0x30
[  251.583836][    C0]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  251.583857][    C0]  arch_stack_walk+0x124/0x150
[  251.583881][    C0]  ? kasan_set_track+0x4b/0x70
[  251.583901][    C0]  stack_trace_save+0xa6/0xf0
[  251.583920][    C0]  ? __cfi_stack_trace_save+0x10/0x10
[  251.583941][    C0]  ? memset+0x35/0x40
[  251.583956][    C0]  kasan_set_track+0x4b/0x70
[  251.583973][    C0]  ? kasan_set_track+0x4b/0x70
[  251.583999][    C0]  kasan_save_alloc_info+0x25/0x30
[  251.584014][    C0]  __kasan_slab_alloc+0x72/0x80
[  251.584033][    C0]  slab_post_alloc_hook+0x4f/0x2d0
[  251.584054][    C0]  ? __alloc_file+0x28/0x2a0
[  251.584074][    C0]  ? __alloc_file+0x28/0x2a0
[  251.584091][    C0]  kmem_cache_alloc+0x16e/0x330
[  251.584111][    C0]  ? __alloc_file+0x28/0x2a0
[  251.584130][    C0]  __alloc_file+0x28/0x2a0
[  251.584148][    C0]  alloc_empty_file+0x97/0x180
[  251.584165][    C0]  alloc_file+0x59/0x640
[  251.584184][    C0]  alloc_file_pseudo+0x180/0x200
[  251.584203][    C0]  ? __cfi_alloc_file_pseudo+0x10/0x10
[  251.584223][    C0]  ? _raw_spin_unlock+0x4c/0x70
[  251.584242][    C0]  ? alloc_fd+0x4e6/0x590
[  251.584258][    C0]  sock_alloc_file+0xba/0x270
[  251.584273][    C0]  __sys_socket+0x135/0x1a0
[  251.584289][    C0]  __x64_sys_socket+0x7a/0x90
[  251.584304][    C0]  x64_sys_call+0x449/0x9a0
[  251.584323][    C0]  do_syscall_64+0x4c/0xa0
[  251.584341][    C0]  ? clear_bhb_loop+0x30/0x80
[  251.584355][    C0]  ? clear_bhb_loop+0x30/0x80
[  251.584370][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  251.584392][    C0] RIP: 0033:0x7f065bd9e6c7
[  251.584404][    C0] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  251.584417][    C0] RSP: 002b:00007ffd3ed2b228 EFLAGS: 00000206 ORIG_RAX: 0000000000000029
[  251.584433][    C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f065bd9e6c7
[  251.584444][    C0] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002
[  251.584454][    C0] RBP: 00007ffd3ed2b95c R08: 0000000000000000 R09: 0000000000000000
[  251.584464][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f065bfeafc0
[  251.584475][    C0] R13: 00000000000927c0 R14: 000000000003d6b0 R15: 00007f065bfed180
[  251.584489][    C0]  </TASK>
[  251.727554][  T319] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  252.557531][  T319] usb 10-1: device not accepting address 11, error -71
[  253.865073][ T9705] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready
[  253.891425][ T9714] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3367'.
[  253.900460][   T28] kauditd_printk_skb: 2353 callbacks suppressed
[  253.900476][   T28] audit: type=1400 audit(2000000020.260:26318): avc:  denied  { accept } for  pid=9710 comm="syz.8.3366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  255.502905][ T9739] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3376'.
[  255.517044][ T9739] device bridge_slave_1 left promiscuous mode
[  255.524163][ T9739] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.532049][ T9739] device bridge_slave_0 left promiscuous mode
[  255.538734][ T9739] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.836881][ T9744] netlink: 'syz.4.3377': attribute type 4 has an invalid length.
[  255.856177][ T9744] netlink: 'syz.4.3377': attribute type 4 has an invalid length.
[  257.156964][ T9744] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3377'.
[  257.166350][ T9744] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3377'.
[  257.176047][ T9744] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3377'.
[  257.217775][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  257.571926][ T9777] overlayfs: failed to clone upperpath
[  258.010498][ T9783] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  263.026067][ T9810] netlink: 'syz.4.3399': attribute type 11 has an invalid length.
[  263.042411][ T9815] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3401'.
[  263.505947][   T28] audit: type=1400 audit(2000000029.870:26319): avc:  denied  { ioctl } for  pid=9821 comm="syz.0.3403" path="socket:[68028]" dev="sockfs" ino=68028 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  263.558860][ T9832] netlink: 'syz.9.3406': attribute type 4 has an invalid length.
[  263.591034][ T9832] netlink: 'syz.9.3406': attribute type 4 has an invalid length.
[  263.662197][ T9837] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3407'.
[  263.721381][ T9837] device team_slave_1 entered promiscuous mode
[  263.728869][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  263.755988][ T6989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  264.093942][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  264.152099][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  264.161351][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  264.168857][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  264.177383][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  264.185706][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  264.197303][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  264.207031][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  264.216273][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  264.223988][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  264.233063][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  264.241228][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  264.250416][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  264.258626][ T9850] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  264.317571][ T9859] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3415'.
[  267.519426][ T9903] tipc: Failed to remove unknown binding: 66,0,0/2401397547:1809355260/1809355261
[  267.528794][ T9905] tipc: Failed to remove unknown binding: 66,0,0/2401397547:3966337395/3966337397
[  267.557601][ T9903] tipc: Failed to remove unknown binding: 66,0,0/2401397547:1809355260/1809355261
[  267.612244][   T28] audit: type=1400 audit(2000000033.980:26320): avc:  denied  { bind } for  pid=9907 comm="syz.9.3426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  267.638499][ T9913] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  267.668447][ T9913] device bridge_slave_0 left promiscuous mode
[  267.675417][   T28] audit: type=1326 audit(2000000034.010:26321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9911 comm="syz.7.3428" exe="/root/ci2-android-6-1/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f065bd9ce59 code=0x0
[  267.684259][ T9913] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.711141][ T9913] device bridge_slave_1 left promiscuous mode
[  267.717710][ T9913] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.898048][   T28] audit: type=1400 audit(2000000037.270:26322): avc:  denied  { watch } for  pid=9967 comm="syz.0.3446" path="/file0" dev="cgroup2" ino=316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  270.899202][ T9968] incfs: Can't find or create .index dir in ./file0
[  270.920465][   T28] audit: type=1400 audit(2000000037.270:26323): avc:  denied  { mounton } for  pid=9967 comm="syz.0.3446" path="/bus" dev="cgroup2" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  270.933873][ T9968] incfs: mount failed -22
[  271.937576][   T29] INFO: task syz-executor:941 blocked for more than 230 seconds.
[  271.959399][   T29]       Not tainted syzkaller #0
[  271.964413][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  272.037533][   T29] task:syz-executor    state:D stack:22880 pid:941   ppid:1      flags:0x00004002
[  272.083817][   T29] Call Trace:
[  272.087135][   T29]  <TASK>
[  272.097535][   T29]  __schedule+0xba6/0x1500
[  272.102090][   T29]  ? release_firmware_map_entry+0x190/0x190
[  272.377588][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  272.382706][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  272.388462][   T29]  schedule+0xbd/0x170
[  272.392566][   T29]  rwsem_down_write_slowpath+0x5e7/0x1c50
[  272.412082][   T29]  ? avc_has_perm_noaudit+0x391/0x490
[  272.417589][   T29]  ? rwsem_down_read_slowpath+0x1580/0x1580
[  272.423560][   T29]  ? __cfi_selinux_inode_permission+0x10/0x10
[  272.429677][   T29]  ? avc_has_perm+0x163/0x250
[  272.434369][   T29]  ? rwsem_write_trylock+0x136/0x300
[  272.439703][   T29]  ? clear_nonspinnable+0x60/0x60
[  272.444763][   T29]  ? may_delete+0x583/0x710
[  272.449273][   T29]  down_write+0x21/0x30
[  272.453422][   T29]  vfs_rmdir+0xfc/0x500
[  272.457582][   T29]  dir_rmdir+0x236/0x320
[  272.461824][   T29]  ? __cfi_dir_rmdir+0x10/0x10
[  272.466586][   T29]  ? selinux_inode_rmdir+0x22/0x30
[  272.471713][   T29]  ? security_inode_rmdir+0xe5/0x130
[  272.476990][   T29]  vfs_rmdir+0x393/0x500
[  272.481237][   T29]  incfs_kill_sb+0x198/0x220
[  272.485819][   T29]  deactivate_locked_super+0xb5/0x120
[  272.491195][   T29]  deactivate_super+0xaf/0xe0
[  272.495871][   T29]  cleanup_mnt+0x474/0x500
[  272.500285][   T29]  ? __kasan_slab_free+0x11/0x20
[  272.505217][   T29]  __cleanup_mnt+0x19/0x20
[  272.509630][   T29]  task_work_run+0x1e1/0x250
[  272.514214][   T29]  ? __cfi_task_work_run+0x10/0x10
[  272.519324][   T29]  ? free_nsproxy+0x21f/0x270
[  272.523998][   T29]  do_exit+0xa35/0x2660
[  272.528169][   T29]  ? __cfi_do_exit+0x10/0x10
[  272.532754][   T29]  ? __kasan_check_write+0x14/0x20
[  272.537880][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  272.542899][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  272.548478][   T29]  ? ksys_write+0x1e4/0x250
[  272.552984][   T29]  ? zap_other_threads+0x2c1/0x2f0
[  272.558097][   T29]  do_group_exit+0x225/0x2e0
[  272.562682][   T29]  __x64_sys_exit_group+0x3f/0x40
[  272.567713][   T29]  x64_sys_call+0x7b4/0x9a0
[  272.572208][   T29]  do_syscall_64+0x4c/0xa0
[  272.576616][   T29]  ? clear_bhb_loop+0x30/0x80
[  272.581345][   T29]  ? clear_bhb_loop+0x30/0x80
[  272.586015][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  272.591921][   T29] RIP: 0033:0x7f65e739ce59
[  272.596329][   T29] RSP: 002b:00007fff5d077688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  272.604740][   T29] RAX: ffffffffffffffda RBX: 00007f65e743223c RCX: 00007f65e739ce59
[  272.612712][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  272.620682][   T29] RBP: 0000000000000010 R08: 0000000000000000 R09: 00007f65e74321ca
[  272.628650][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff5d078940
[  272.636610][   T29] R13: 00007f65e74321ca R14: 0000555573bdb4e8 R15: 00007fff5d079a10
[  272.644594][   T29]  </TASK>
[  272.659097][   T29] NMI backtrace for cpu 0
[  272.663457][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  272.670660][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  272.680708][   T29] Call Trace:
[  272.683984][   T29]  <TASK>
[  272.686909][   T29]  __dump_stack+0x21/0x24
[  272.691227][   T29]  dump_stack_lvl+0x110/0x170
[  272.695891][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  272.700927][   T29]  dump_stack+0x15/0x24
[  272.705068][   T29]  nmi_cpu_backtrace+0x2af/0x2c0
[  272.709989][   T29]  ? rcu_read_unlock_special+0xb2/0x440
[  272.715519][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  272.720962][   T29]  ? nmi_trigger_cpumask_backtrace+0xf6/0x3a0
[  272.727017][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  272.732979][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  272.738948][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  272.744917][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  272.750801][   T29]  watchdog+0xd68/0xeb0
[  272.754940][   T29]  ? __cfi_watchdog+0x10/0x10
[  272.759599][   T29]  ? __kasan_check_read+0x11/0x20
[  272.764609][   T29]  ? __kthread_parkme+0x142/0x180
[  272.769626][   T29]  kthread+0x281/0x320
[  272.773678][   T29]  ? __cfi_watchdog+0x10/0x10
[  272.778338][   T29]  ? __cfi_kthread+0x10/0x10
[  272.782913][   T29]  ret_from_fork+0x1f/0x30
[  272.787315][   T29]  </TASK>
[  272.790433][   T29] Sending NMI from CPU 0 to CPUs 1:
[  272.795653][    C1] NMI backtrace for cpu 1
[  272.795668][    C1] CPU: 1 PID: 9948 Comm: syz.8.3441 Not tainted syzkaller #0
[  272.795686][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  272.795696][    C1] RIP: 0033:0x7f1f9326d33f
[  272.795710][    C1] Code: 48 39 f2 73 13 66 0f 1f 44 00 00 48 8b 70 f8 48 83 e8 08 48 39 f2 72 f3 48 39 c3 73 3e 48 89 33 48 89 c6 48 83 c3 08 48 89 08 <48> 8b 0b 48 8b 55 00 eb c0 48 39 f2 72 a4 48 39 f0 0f 83 c0 00 00
[  272.795725][    C1] RSP: 002b:00007ffeee289800 EFLAGS: 00000202
[  272.795739][    C1] RAX: 00007f1f92ad15d0 RBX: 00007f1f92ad15a8 RCX: ffffffff8145fe52
[  272.795751][    C1] RDX: ffffffff8145fe52 RSI: 00007f1f92ad15d0 RDI: 00007f1f92ad15b8
[  272.795763][    C1] RBP: 00007f1f92ad1568 R08: 00007f1f93600000 R09: 00007f1f93616128
[  272.795775][    C1] R10: 0000000000000001 R11: 000000000000000a R12: 00007f1f92ad1608
[  272.795786][    C1] R13: 0000000000000015 R14: 0000000000000014 R15: 0000000000000001
[  272.795796][    C1] FS:  000055558ab2a500 GS:  0000000000000000
[  272.813905][   T28] audit: type=1326 audit(2000000039.170:26324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9987 comm="syz.9.3451" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc31279ce59 code=0x7ffc0000
[  272.963576][   T28] audit: type=1326 audit(2000000039.170:26325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9987 comm="syz.9.3451" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc31279ce59 code=0x7ffc0000
[  272.996541][   T28] audit: type=1326 audit(2000000039.200:26326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9987 comm="syz.9.3451" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc31279ce59 code=0x7ffc0000
[  273.063008][   T28] audit: type=1326 audit(2000000039.200:26327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9987 comm="syz.9.3451" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc31279ce59 code=0x7ffc0000
[  273.093220][   T28] audit: type=1326 audit(2000000039.250:26328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9987 comm="syz.9.3451" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc31279ce59 code=0x7ffc0000
[  273.329190][T10005] mmap: syz.7.3456 (10005): VmData 167616512 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  273.344435][   T28] audit: type=1326 audit(2000000039.250:26329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9987 comm="syz.9.3451" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc31279ce59 code=0x7ffc0000
[  273.424726][   T28] audit: type=1326 audit(2000000039.250:26330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9987 comm="syz.9.3451" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc31279ce59 code=0x7ffc0000
[  273.468493][   T28] audit: type=1326 audit(2000000039.250:26331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9987 comm="syz.9.3451" exe="/root/ci2-android-6-1/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc31279ce59 code=0x7ffc0000
[  273.566020][T10008] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready
[  273.644247][T10015] xt_CT: You must specify a L4 protocol and not use inversions on it
[  273.927552][   T19] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  274.119281][   T19] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  274.167188][   T19] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  274.303026][   T19] usb 10-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[  274.312769][   T19] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.339727][   T19] usb 10-1: config 0 descriptor??
[  275.447111][T10043] overlayfs: failed to clone upperpath
[  275.497821][   T19] usb 10-1: USB disconnect, device number 13
[  275.536625][T10038] syz.7.3465 (10038) used greatest stack depth: 19632 bytes left
[  275.557372][T10053] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready
[  276.787307][T10073] loop9: detected capacity change from 0 to 512
[  276.823942][T10073] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2
[  276.835815][T10073] EXT4-fs (loop9): 1 truncate cleaned up
[  276.842562][T10073] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  276.948985][T10073] device lo entered promiscuous mode
[  277.040152][T10073] device tunl0 entered promiscuous mode
[  277.060071][T10073] device gre0 entered promiscuous mode
[  277.090575][T10073] device gretap0 entered promiscuous mode
[  277.107838][T10073] device erspan0 entered promiscuous mode
[  277.116504][T10073] device ip_vti0 entered promiscuous mode
[  277.154952][T10073] device ip6_vti0 entered promiscuous mode
[  277.165030][T10073] device sit0 entered promiscuous mode
[  277.181103][T10073] device ip6tnl0 entered promiscuous mode
[  277.194669][T10073] device ip6gre0 entered promiscuous mode
[  277.202737][T10073] device ip6gretap0 entered promiscuous mode
[  277.212231][T10073] device bridge0 entered promiscuous mode
[  277.221432][T10073] device vcan0 entered promiscuous mode
[  277.227980][T10073] device dummy0 entered promiscuous mode
[  277.236215][T10073] device veth0 entered promiscuous mode
[  277.243091][T10073] device veth1 entered promiscuous mode
[  277.251225][T10073] device wg0 entered promiscuous mode
[  277.258439][T10073] device wg1 entered promiscuous mode
[  277.267192][T10073] device wg2 entered promiscuous mode
[  277.274918][T10073] device veth0_to_bridge entered promiscuous mode
[  277.288864][T10073] device bridge_slave_0 entered promiscuous mode
[  277.301399][T10073] device veth1_to_bridge entered promiscuous mode
[  277.311659][T10073] device bridge_slave_1 entered promiscuous mode
[  277.320338][T10073] device veth0_to_bond entered promiscuous mode
[  277.328812][T10073] device bond_slave_0 entered promiscuous mode
[  277.335271][T10073] device veth1_to_bond entered promiscuous mode
[  277.342330][T10073] device bond_slave_1 entered promiscuous mode
[  277.348903][T10073] device veth0_to_team entered promiscuous mode
[  277.357384][T10073] device team_slave_0 entered promiscuous mode
[  277.363945][T10073] device veth1_to_team entered promiscuous mode
[  277.372768][T10073] device veth0_to_batadv entered promiscuous mode
[  277.380311][T10073] device batadv_slave_0 entered promiscuous mode
[  277.392234][T10073] device veth1_to_batadv entered promiscuous mode
[  277.405957][T10073] device batadv_slave_1 entered promiscuous mode
[  277.415692][T10073] device xfrm0 entered promiscuous mode
[  277.421709][T10073] device veth0_to_hsr entered promiscuous mode
[  277.437213][T10073] device hsr_slave_0 entered promiscuous mode
[  277.444828][T10073] device veth1_to_hsr entered promiscuous mode
[  277.453751][T10073] device hsr_slave_1 entered promiscuous mode
[  277.461965][T10073] device veth1_virt_wifi entered promiscuous mode
[  277.471112][T10073] device veth0_virt_wifi entered promiscuous mode
[  277.478601][T10073] device veth1_vlan entered promiscuous mode
[  277.523488][T10073] device vlan0 entered promiscuous mode
[  277.529270][T10073] device vlan1 entered promiscuous mode
[  277.535775][T10073] device veth0_macvtap entered promiscuous mode
[  277.544215][T10073] device macsec0 entered promiscuous mode
[  277.553710][T10073] device veth2 entered promiscuous mode
[  277.559504][T10073] device veth3 entered promiscuous mode
[  277.565513][T10073] device wireguard0 entered promiscuous mode
[  277.649026][ T9150] EXT4-fs (loop9): unmounting filesystem.
[  326.338456][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  377.767441][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  377.774548][    C1] 	(detected by 1, t=10002 jiffies, g=42937, q=376 ncpus=2)
[  377.781837][    C1] rcu: All QSes seen, last rcu_preempt kthread activity 10003 (4294975000-4294964997), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  377.795201][    C1] rcu: rcu_preempt kthread starved for 10004 jiffies! g42937 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  377.806406][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  377.816376][    C1] rcu: RCU grace-period kthread stack dump:
[  377.822267][    C1] task:rcu_preempt     state:R  running task     stack:28288 pid:14    ppid:2      flags:0x00004000
[  377.833047][    C1] Call Trace:
[  377.836326][    C1]  <TASK>
[  377.839255][    C1]  __schedule+0xba6/0x1500
[  377.843940][    C1]  ? release_firmware_map_entry+0x190/0x190
[  377.849849][    C1]  schedule+0xbd/0x170
[  377.853924][    C1]  schedule_timeout+0x159/0x340
[  377.858774][    C1]  ? __cfi_schedule_timeout+0x10/0x10
[  377.864144][    C1]  ? __cfi_process_timeout+0x10/0x10
[  377.869550][    C1]  ? prepare_to_swait_event+0x308/0x320
[  377.875189][    C1]  rcu_gp_fqs_loop+0x2e9/0x10c0
[  377.880099][    C1]  ? _raw_spin_unlock_irq+0x4d/0x70
[  377.885347][    C1]  ? rcu_gp_init+0xf30/0xf30
[  377.889937][    C1]  rcu_gp_kthread+0x99/0x390
[  377.894526][    C1]  ? __cfi_rcu_gp_kthread+0x10/0x10
[  377.899723][    C1]  ? __kasan_check_read+0x11/0x20
[  377.904859][    C1]  ? __kthread_parkme+0x142/0x180
[  377.909943][    C1]  kthread+0x281/0x320
[  377.914014][    C1]  ? __cfi_rcu_gp_kthread+0x10/0x10
[  377.919210][    C1]  ? __cfi_kthread+0x10/0x10
[  377.923804][    C1]  ret_from_fork+0x1f/0x30
[  377.928313][    C1]  </TASK>
[  377.931327][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  377.937639][    C1] Sending NMI from CPU 1 to CPUs 0:
[  377.942906][    C0] NMI backtrace for cpu 0
[  377.942920][    C0] CPU: 0 PID: 10106 Comm: syz.7.3484 Not tainted syzkaller #0
[  377.942936][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  377.942944][    C0] RIP: 0010:lapic_next_event+0x70/0x80
[  377.943049][    C0] Code: 42 80 3c 38 00 74 08 4c 89 f7 e8 0b 9c 83 00 bf 80 03 00 00 89 de 4d 8b 1e 41 ba 83 b8 d0 98 45 03 53 fc 74 02 0f 0b 41 ff d3 <31> c0 5b 41 5e 41 5f 5d c3 0f 1f 80 00 00 00 00 90 90 90 90 90 90
[  377.943062][    C0] RSP: 0018:ffffc9000602f950 EFLAGS: 00000046
[  377.943103][    C0] RAX: 0000000000000381 RBX: 0000000000000381 RCX: 0000000000000838
[  377.943114][    C0] RDX: 0000000000000000 RSI: 0000000000000381 RDI: 0000000000000838
[  377.943123][    C0] RBP: ffffc9000602f968 R08: ffff888113905100 R09: 0000000000000002
[  377.943135][    C0] R10: 0000000000000000 R11: ffffffff8134c070 R12: 0000000000000020
[  377.943145][    C0] R13: dffffc0000000000 R14: ffffffff866d8b60 R15: dffffc0000000000
[  377.943157][    C0] FS:  00007f065ccf56c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  377.943172][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  377.943183][    C0] CR2: 00007f065bdea540 CR3: 00000001257b7000 CR4: 00000000003526b0
[  377.943197][    C0] DR0: ffffffffffffffff DR1: 8000000000000000 DR2: 00000000000003ff
[  377.943208][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  377.943218][    C0] Call Trace:
[  377.943223][    C0]  <TASK>
[  377.943229][    C0]  clockevents_program_event+0x1d9/0x330
[  377.943287][    C0]  tick_program_event+0xa3/0x120
[  377.943329][    C0]  hrtimer_reprogram+0x388/0x430
[  377.943352][    C0]  hrtimer_start_range_ns+0xa8a/0xc10
[  377.943376][    C0]  common_hrtimer_rearm+0x107/0x110
[  377.943417][    C0]  posixtimer_rearm+0x14e/0x340
[  377.943432][    C0]  dequeue_signal+0x1bb/0x4d0
[  377.943497][    C0]  get_signal+0x522/0x1520
[  377.943521][    C0]  arch_do_signal_or_restart+0xd1/0x1140
[  377.943590][    C0]  ? __cfi___x64_sys_rt_sigreturn+0x10/0x10
[  377.943609][    C0]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  377.943631][    C0]  ? security_file_fcntl+0x95/0xc0
[  377.943722][    C0]  exit_to_user_mode_loop+0x7a/0xb0
[  377.943769][    C0]  exit_to_user_mode_prepare+0x87/0xd0
[  377.943786][    C0]  syscall_exit_to_user_mode+0x1a/0x30
[  377.943843][    C0]  do_syscall_64+0x58/0xa0
[  377.943885][    C0]  ? clear_bhb_loop+0x30/0x80
[  377.943900][    C0]  ? clear_bhb_loop+0x30/0x80
[  377.943914][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.943937][    C0] RIP: 0033:0x7f065bd9ce57
[  377.943949][    C0] Code: 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89
[  377.943962][    C0] RSP: 002b:00007f065ccf5028 EFLAGS: 00000246
[  377.943974][    C0] RAX: 0000000000000048 RBX: 00007f065c015fa0 RCX: 00007f065bd9ce59
[  377.943985][    C0] RDX: 0000200000000280 RSI: 0000000000000026 RDI: 0000000000000003
[  377.943995][    C0] RBP: 00007f065be32d6f R08: 0000000000000000 R09: 0000000000000000
[  377.944005][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  377.944014][    C0] R13: 00007f065c016038 R14: 00007f065c015fa0 R15: 00007ffd3ed2b5b8
[  377.944029][    C0]  </TASK>
[  464.577626][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  572.097454][    C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 294s!
[  572.106419][    C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=-20 stuck for 288s!
[  572.115489][    C0] Showing busy workqueues and worker pools:
[  572.121394][    C0] workqueue events: flags=0x0
[  572.126063][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=14/256 refcnt=15
[  572.126106][    C0]     pending: psi_avgs_work, kfree_rcu_monitor, rht_deferred_worker, key_garbage_collector, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker
[  572.126539][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=8/256 refcnt=9
[  572.126573][    C0]     pending: kvmclock_update_fn, vmstat_shepherd, kfree_rcu_monitor, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker
[  572.126810][    C0] workqueue events_long: flags=0x0
[  572.192944][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=20/256 refcnt=21
[  572.192995][    C0]     pending: br_multicast_gc_work, br_multicast_gc_work, br_multicast_gc_work, br_fdb_cleanup, br_multicast_gc_work, br_multicast_gc_work, br_multicast_gc_work, br_multicast_gc_work, br_multicast_gc_work, br_multicast_gc_work, br_multicast_gc_work, br_multicast_gc_work, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup
[  572.193495][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=19/256 refcnt=20
[  572.193530][    C0]     pending: br_multicast_gc_work, br_multicast_gc_work, br_fdb_cleanup, br_multicast_gc_work, br_multicast_gc_work, br_multicast_gc_work, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup
[  572.193870][    C0] workqueue events_unbound: flags=0x2
[  572.283913][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/512 refcnt=4
[  572.283955][    C0]     pending: flush_memcg_stats_dwork, toggle_allocation_gate
[  572.284119][    C0] workqueue events_power_efficient: flags=0x80
[  572.305048][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=6/256 refcnt=7
[  572.305095][    C0]     pending: wg_ratelimiter_gc_entries, neigh_managed_work, neigh_managed_work, neigh_periodic_work, neigh_periodic_work, gc_worker
[  572.305465][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.305503][    C0]     pending: check_lifetime
[  572.305573][    C0] workqueue netns: flags=0xe000a
[  572.344159][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=3
[  572.344206][    C0]     pending: cleanup_net
[  572.344336][    C0] workqueue mm_percpu_wq: flags=0x8
[  572.360984][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.361028][    C0]     pending: vmstat_update
[  572.361065][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.361099][    C0]     pending: vmstat_update
[  572.361131][    C0] workqueue writeback: flags=0x4a
[  572.390558][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=4/256 refcnt=6
[  572.390598][    C0]     pending: wb_update_bandwidth_workfn, wb_update_bandwidth_workfn, wb_workfn, wb_workfn
[  572.390758][    C0] workqueue kblockd: flags=0x18
[  572.412863][    C0]   pwq 3: cpus=1 node=0 flags=0x0 nice=-20 active=1/256 refcnt=2
[  572.412914][    C0]     pending: blk_mq_timeout_work
[  572.413072][    C0] workqueue dm_bufio_cache: flags=0x8
[  572.431367][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.431411][    C0]     pending: work_fn
[  572.431530][    C0] workqueue ipv6_addrconf: flags=0x40008
[  572.448850][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/1 refcnt=4
[  572.448894][    C0]     pending: addrconf_verify_work
[  572.449004][    C0]     inactive: addrconf_verify_work, addrconf_verify_work
[  572.449038][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/1 refcnt=7
[  572.449072][    C0]     pending: addrconf_verify_work
[  572.449097][    C0]     inactive: addrconf_verify_work, addrconf_verify_work, addrconf_verify_work, addrconf_verify_work, addrconf_verify_work
[  572.449175][    C0] workqueue wg-kex-wg0: flags=0x6
[  572.499583][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.499625][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.499757][    C0] workqueue wg-kex-wg2: flags=0x6
[  572.520983][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.521024][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.521085][    C0] workqueue wg-crypt-wg0: flags=0x28
[  572.542567][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.542612][    C0]     pending: wg_packet_encrypt_worker
[  572.542651][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.542684][    C0]     pending: wg_packet_encrypt_worker
[  572.542715][    C0] workqueue wg-kex-wg1: flags=0x6
[  572.574072][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  572.574115][    C0]     pending: wg_packet_handshake_send_worker
[  572.574151][    C0] workqueue wg-crypt-wg1: flags=0x28
[  572.592758][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.592802][    C0]     pending: wg_packet_encrypt_worker
[  572.592842][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.592875][    C0]     pending: wg_packet_encrypt_worker
[  572.592914][    C0] workqueue wg-kex-wg2: flags=0x6
[  572.624243][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  572.624286][    C0]     pending: wg_packet_handshake_send_worker
[  572.624322][    C0] workqueue wg-crypt-wg2: flags=0x28
[  572.642934][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.642976][    C0]     pending: wg_packet_encrypt_worker
[  572.643015][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.643050][    C0]     pending: wg_packet_encrypt_worker
[  572.643082][    C0] workqueue wg-kex-wg0: flags=0x6
[  572.674410][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.674451][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.674509][    C0] workqueue wg-kex-wg1: flags=0x6
[  572.695724][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.695779][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.695837][    C0] workqueue wg-kex-wg2: flags=0x6
[  572.717048][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.717089][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.717145][    C0] workqueue wg-kex-wg0: flags=0x6
[  572.738375][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.738413][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.738470][    C0] workqueue wg-kex-wg1: flags=0x6
[  572.759693][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.759735][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.759792][    C0] workqueue wg-kex-wg2: flags=0x6
[  572.781006][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.781045][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.781107][    C0] workqueue wg-kex-wg0: flags=0x6
[  572.802326][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.802364][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.802422][    C0] workqueue wg-kex-wg1: flags=0x6
[  572.823660][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.823701][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker
[  572.823760][    C0] workqueue wg-kex-wg2: flags=0x6
[  572.844987][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4
[  572.845026][    C0]     pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker