last executing test programs:

7.525500596s ago: executing program 2 (id=409):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x4}, @IFLA_BOND_UPDELAY={0x8, 0x4, 0x5}]}}}]}, 0x44}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r0, 0x40082102, &(0x7f0000000140)=r5)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x13, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008010}, 0x84)

7.344047645s ago: executing program 2 (id=412):
syz_open_dev$sndctrl(&(0x7f0000000040), 0x6, 0x8800)
r0 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000002f00)={0x0, 0x12, r1, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r0, 0xc01864d0, &(0x7f00000000c0)={r2, 0x2, 0xfffffffd, 0x0, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wg1\x00'})
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r5})
ioctl$DRM_IOCTL_MODE_CURSOR2(0xffffffffffffffff, 0xc02464bb, &(0x7f0000000300)={0x0, r5, 0xfffffff7, 0x6, 0x248b, 0x4, 0x10, 0x400, 0x1})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="210227bd7000fedbdf2505000000080002007017"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x800)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r8, 0xc0945662, &(0x7f0000000440)={0x8, 0x0, '\x00', {0x0, @reserved}})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'dummy0\x00', <r9=>0x0})
socket$netlink(0x10, 0x3, 0x12)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
r11 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_EDID(r11, 0xc0285628, &(0x7f00000002c0)={0x0, 0xc, 0x6, '\x00', &(0x7f0000000240)=0x2})
r12 = accept4(r10, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r12)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)
r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)='\x00', 0x0}, 0x50)
setsockopt$inet6_icmp_ICMP_FILTER(r12, 0x1, 0x1, &(0x7f0000000180)={0xdc}, 0x4)

2.574070387s ago: executing program 0 (id=456):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r2, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r2, 0x0, 0x20000000}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r2, &(0x7f0000000080)="e8bb495154873d1b1da6a3da45fa1fd0b604c8643837302a45e0", &(0x7f0000000540)=""/211}, 0x20)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x48, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'H.245\x00'}}]}, 0x48}}, 0x0)

2.499499819s ago: executing program 1 (id=458):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x40, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_vs_stats_percpu\x00')
read(r4, &(0x7f0000001a00)=""/177, 0xb1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000800)={@map=r2, 0x20, 0x0, 0xfffffff9, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)={@cgroup=r6, r5, 0x32, 0x0, 0x0, @void, @value=r1, @void, @void, r7}, 0x20)
r8 = add_key$user(&(0x7f0000000240), &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
r9 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000740)="69bf", 0x2, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r8, r9, r9}, 0x0, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r10 = socket(0x11, 0x3, 0x0)
r11 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r11, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000000766c616e30000000000000010001000000000068307b746f5f7465616d000000aaaaaaaaaabb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e0069df4e5100000000000000000000079ba31300000000000000000008000000000001010000000000000700636f6e6e6c6162656c0000000000000000000000000000000000000020000000080000000000000000000000000000004e46515445554500000000000000000000000000000000000000000000000000080000000000000000000000000000040000000000000000000000004b5d0000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000004000000000000000000000000000000000000000000000000000001000000feffffff010000000b000000000000000000626f6e643000000000000000000000007465616d300000000000000000000000626f6e64300000000000006c73c387735cc18268315f746f5f62726964676500aaaaaaaaaabb000000000000ffffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d41524b0000000000827900000000000000000000000000000800"/560]}, 0x2a8)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x7, 0x4, 0x700, 0x700, 0x2c, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r13=>0x0})
bind$packet(r10, &(0x7f0000000180)={0x11, 0x0, r13, 0x1, 0x0, 0x6, @remote}, 0x14)
setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x9, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @volatile={0x0, 0x0, 0x0, 0x9, 0x3}, @func={0x7}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e]}}, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$netlink(r10, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}, {&(0x7f0000000440)=ANY=[], 0x10}], 0x2}, 0x20040051)

2.333017213s ago: executing program 3 (id=459):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000180)="566a5a8ec253e57889ba328c65a1a001", 0x10}], 0x1, &(0x7f0000001600)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x24008090}, 0x8044)
recvmmsg(r2, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f00000026c0)=""/4103, 0x1007}], 0x1}}], 0x1, 0x41, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=@bridge_delneigh={0x1c, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x3, 0xc6}}, 0x1c}}, 0x0)
r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r4)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
unshare(0x6020400)
r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r5, 0x12, 0x3, &(0x7f0000000080)=0x18, 0x4)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2c, 0x1, 0x0, 0x0, "", [@nested={0x103, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c"]}]}, 0x114}], 0x1}, 0x0)

2.332647882s ago: executing program 0 (id=460):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000200001000000200000008003fe67a000000080061"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)=ANY=[@ANYBLOB="1e000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x6c00}, 0x0)
syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x12000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x40, 0xb, 0x6, 0x3, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_NAME={0x9, 0x12, 'syz1\x00'}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x7}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x44080}, 0x4000002)
ioctl$sock_bt_hci(r5, 0x400448cb, &(0x7f00000002c0)="af2cfa12df4ef67bf2530a2e9a11bed636efde81c379e39a017edc881ae4ace1ce8002b23cc874cd9559c5e70e3c63e4f657db9b6e50724989755ad2d4511493d682fa75af842f474cd279763434660bb859768f92210bb7faa19c0fa31cac0ef2f9ef71449ef9c2693ed563e87451e0163c63ee308da06818a61c51fd1c5943da1576186bfd57")
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000000206010100000000140000000000000005000100070000000900020073797a30000000000c00078008001240000a0000050005000a000000050004000000000012000300686173683a6e65742c706f7274"], 0x58}}, 0x0)

2.298084397s ago: executing program 0 (id=461):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0xa, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp_addr={0x44, 0x14, 0x38, 0x1, 0x4, [{@rand_addr=0x64010102, 0xf}, {@loopback, 0x4}]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x14, 0xa, 0xaf31)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @dev, 0x2}, @in={0x2, 0x0, @empty}], 0x2c)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000600)=0x1ff, 0x4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'veth1_vlan\x00', <r6=>0x0})
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r2, 0xc080661a, &(0x7f00000003c0)={@desc={0x1, 0x0, @desc1}})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r6}}, 0x20}}, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r7 = dup(r1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$VIDIOC_S_FREQUENCY(r7, 0x402c5639, &(0x7f00000000c0)={0x80, 0x3, 0xcd0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
write(0xffffffffffffffff, &(0x7f0000000000)="240000001e00ff3bd90ea6000008000f00160400"/30, 0x1e)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

2.137943242s ago: executing program 1 (id=462):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="c4000000190001000000000000000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ddff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00100001"], 0xc4}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newtaction={0x48, 0x30, 0x1, 0x0, 0x0, {}, [{0x34, 0x1, [@m_ctinfo={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4, 0x2, 0x0, 0x0}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001000000000000000003935c62000100000000000000d849c40fa7e1a50b94935a1fa075acc202d3d9da7a0e676226c84682"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000140)='./file0\x00')
creat(&(0x7f00000003c0)='./bus\x00', 0x0)
r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0)
r4 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0)
mlockall(0x2)
ftruncate(r4, 0x2008002)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmmsg$alg(r6, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c2b30982dfc67b46cc9a5a07c33fc", 0xff6d}, {&(0x7f0000000100)="3a10bd003aba0c7026336b", 0xb}], 0x2, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a00000000180000000000000017010000040000000602000000400000180000000000000017010000030000000100000000000079240809000000ac87448793609bd8299d6dfc465829b711ce28eb8f568438917ebd0699be96bd1485f6aaa8486e00000000e301f2e09aebda6eeb1c61f96b6d3f91c0f8c1ffbb85cfdd5b8b437a3720ba4cdfb681516c3a240207b6bbdfb37747cc7411886fdba55bcbfa68226644556e8117f9f9fc5be3b7095b2ab7c19b0c6fada03a7f9b9172f0cc960ee263e82e3232edea82b9736d65309e0ad2922ecbb7cde9ce78555fabb941d114e83b37255d6b43b2927696e4f4cf3b23086021fe4e33d049de5318ef3803ceacddc02734c96a9765486a9bf8d65791b000000000000000000000000000000000000000009d97cea3f950d55b265e480ff02c27bda4848c64ca7dcbcd060b9c0dea483c6069d2cdc473cfacc9052cc2c9e3ee037042fd329173c5e7c9ef8800a51332df5a08602a72a553035711cb9159757303a5e7d389786df44441dc82a9d32c56db8a8b3578cd0faabfa23fb46e22b45a464e35315d8c2dd3fae8b530cf8eb0d8dcb682772bed766be5208e61eab965c6c9a217a4e13f0085626c0408f381205251c18a8f6a44"], 0x60}], 0x1, 0x8001)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x70bd26}, 0x34}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtaction={0x60, 0x30, 0xcac229faa96ee7df, 0x70bd26, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x3, 0xf, 0x1, 0x1000, 0xd}, 0x1}}]}, {0x4}, {0xc, 0x4, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000050}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

2.137464634s ago: executing program 3 (id=463):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10) (async)
r1 = socket$tipc(0x1e, 0x5, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x50009404, &(0x7f0000000480)) (async)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) (async)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x18) (async)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000240)=@id={0x1e, 0x3, 0x0, {0x4e24, 0x4}}, 0x10) (async)
syz_80211_inject_frame(&(0x7f0000000200)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="788d050079e395a667c8080211000000080211000001390002014441080211000001ffffffffffff9c0092704e50312f4cb91850d9bea4eb3d570375ff190caa017bb65a52ee23a6b6be115e11717bdf567908e4ca79339d8f5e0b454b557eb4e779889a5315852bf09e42eaca328d6e149b4087d5b575710bff8b8cb531bfb5e681cf4fd7af2abe2cd443302085ffec1b915d6e1697a9438e9318e8cec27bde13efa1dca0fca47105ccf555bbbb734f3ff57b660580a945d04a4f2166e14d679c186a2abfd70000080211000000080211000001ec008a4fdbee10eb67b01ab61759b1fb60650912eb24d4f39cc50ae914238048a9de656cd62b1be64ca3d40d466326c7ea1f1f18b522ee5b363a08afc9321177ff10c359b3c946339c5c5d14b1c6eb37e3d601d5c738c4b1879623e76ded76b98af50f530bad0f9d6adfd7d8a9026704951e7ab01169ca7fc2ce1cd5f4e3331c066680f20d5d5d1907efebcb3ed5b0b6314242b71d557a391311538f9472036c44b8fdcaea8d8132b3999e055cc6ddec9d47ca6029fb4f0e50eeb60b15d82ade0e1e8c0f6b59b2b28697b9bda0301bb061931183b379f1944143957d95178933212946915bbccc67ac5cc67ed19d0000"], 0x1c4)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x3}}, 0x10) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
r3 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0)
landlock_restrict_self(r3, 0x0) (async)
landlock_restrict_self(r3, 0x0) (async)
landlock_restrict_self(r3, 0x0) (async)
landlock_restrict_self(r3, 0x0) (async)
landlock_restrict_self(r3, 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0)
landlock_restrict_self(r4, 0x0) (async)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r3, 0x0) (async)
landlock_restrict_self(r4, 0x0) (async)
landlock_restrict_self(r4, 0x0) (async)
landlock_restrict_self(r4, 0x0) (async)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r4, 0x0)

2.062629812s ago: executing program 3 (id=464):
syz_emit_ethernet(0xc6, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffff0000000000000800450000b800000000001190780000000000000000442c330000000002000000ffffffffff0000000400000008000007ff000000000000000300000006000002004414f1730a010100000000017f000001000007ff00001b59006490780200000000000000000000000002000000753904030405a024f0dd00000000000000000000000000000000009384bbeb3018ad591b661fe808b21b77694c9d5dfb1be5d2a005c4ac43661564a329d3a11bd5b6cc6a9471314a1d8c69"], 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioprio_get$pid(0x1, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x54, 0x0, 0x1, {0x8, 0x1}, {0x53, 0xfffe}, @period={0x5d, 0x8e, 0x5, 0x9, 0x101, {0x2, 0x9201, 0x5}, 0x0, 0x0}})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_create(0x0, 0x0, &(0x7f0000000240)=<r0=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000a000085000000ad0000009500000000000000b3cd91115eb8e652f2de1652464abeffe45ea5d02a47dd0af49d3cbdb819ac0afe07341685ca0461afbead16a3e9cb460665223ffb26b9fd6339402d71f59771e951e6ffa0e9"], &(0x7f0000000340)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
timer_settime(r0, 0x0, &(0x7f0000000340)={{0x77359400}, {0x0, 0x989680}}, 0x0)
unshare(0x8040080)
syz_clone3(&(0x7f0000000340)={0x40000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x20040500)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x12d8)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
ioctl$VIDIOC_CROPCAP(r2, 0xc02c563a, &(0x7f0000000100)={0x9, {0x9, 0x2, 0x74b, 0x8001}, {0x5, 0x0, 0x2b8, 0x5}, {0xdc, 0x2}})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000380)=ANY=[@ANYBLOB="bbad4a0455138948d474517fb0c13c9f5835ab5f19124f3e9020168629944b25d46b5ce86c72c2bdb720ae73420d75752fd3cdfddd8cb9b4cbb2beb907871bab33152ccc4c74efe5230c386d01ff27ac319bfd91f30131b44aec489a0f3fefca1d49a42bd431950f4afbecfd45151e7860de32a033523a31037f4322608b120983004bd3b29db0786857cfe754bf29c71d787d90a462ebd8b37ca7437bb66cd88eaa2092a1be31ce7d8667e7b129dae4f1453364c88506ae1bf8ab3f98974612cc6ee8273d37d4ea47e94bc1b0a08ee17a43d435cf76cdb70daf9b8c3ded49fa305f48fad856dc28f3b306deb52436ab22cce0743f12f0173fe213", @ANYRES32, @ANYBLOB='+\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00', @ANYRESHEX, @ANYBLOB="06452cd639c08516b87443b65623fe2101387df2e7fbac06f29a22d86725459e75eff9f6826223fa5f3a186ab88cfbedbb353559285ef17250040e4069a704d07b8b8eb4df8f41fea829f1170e145e0201311c42576bc4d10e653cfbbb254779aaf28ccca7b7bb26f8", @ANYRES64=0x0], 0x10)

2.061557421s ago: executing program 2 (id=465):
r0 = socket$inet6(0xa, 0x40000080806, 0xce)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0xa)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x13)
r2 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TCXONC(r2, 0x540a, 0x3)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0x69, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r4, 0x4020aeb2, &(0x7f0000000140)={0x0, r5})
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x490000, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000340)="71e67a15", 0x4)
r7 = accept4$alg(r6, 0x0, 0x0, 0x0)
io_setup(0xff, &(0x7f0000000380)=<r8=>0x0)
sendmsg$alg(r7, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
io_submit(r8, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r7, &(0x7f0000000340), 0xfdef}])
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x80, 0x0, @mcast1, 0x25}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev}, 0x1c)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1}, 0x8)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r11 = dup3(r10, r9, 0x0)
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f0000000180)={0x50, 0x0, &(0x7f0000000400)=[@register_looper, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x60, 0x18, &(0x7f00000002c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/60, 0x3c, 0x0, 0x27}, @fda={0x66646185, 0x1, 0x2, 0x2e}, @flat=@weak_handle={0x77682a85, 0x1000, 0x3}}, &(0x7f00000003c0)={0x0, 0x28, 0x48}}, 0x400}], 0x0, 0x0, 0x0})
write$binfmt_misc(r11, &(0x7f0000000180), 0x0)
r12 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r12, &(0x7f0000000100)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
close(r0)

1.421782068s ago: executing program 1 (id=466):
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket$netlink(0x10, 0x3, 0x10) (async)
r0 = syz_io_uring_setup(0x6165, &(0x7f0000000300)={0x0, 0xd191, 0x10100, 0x0, 0xa4}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='9'], 0x38}}, 0x4000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118) (async)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r7=>0x0})
sendmsg$nl_xfrm(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=@updsa={0x144, 0x10, 0x1, 0x0, 0x0, {{@in6=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@private1, 0x0, 0x32}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @offload={0xc, 0x1c, {r7, 0x7}}]}, 0x144}}, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) (async)
mkdirat(r4, &(0x7f00000000c0)='./file0\x00', 0x18)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000002140)) (async)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
socket(0x40000000015, 0x5, 0x0) (async)
mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0) (async)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x402}}) (async)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

1.421452168s ago: executing program 2 (id=467):
r0 = syz_io_uring_setup(0x11e, &(0x7f0000000140), &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001040)={0x7, {"a2e3ad21ed0d52f91b38330987f70e06d038e7ff7fc6e5539b0d47078b089b34073b68090890e0878f0e1ac6e7049b334a959b669a240d5d67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07670936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70fe98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf1a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a97370614060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69b15c9f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaab1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106d26658b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c110000a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3f3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51090840517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4e004a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6ce1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c817e9177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d543902113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafcc009fc074bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5dc4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9f07b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e3ebb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4cddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)
getpid()
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000380)="851666ce20db", 0x0, 0xc, 0x39, 0x0, 0x0})

1.367620236s ago: executing program 1 (id=468):
r0 = socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300) (async)
r1 = socket$packet(0x11, 0x2, 0x300)
semget$private(0x0, 0x207, 0x480) (async)
r2 = semget$private(0x0, 0x207, 0x480)
semctl$IPC_RMID(r2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00', <r3=>0x0})
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
sendto$inet(r4, &(0x7f0000000100)="62a3e0068fd1d0bf30d960f5d7bced44202df03c679dc404538956479a33e76d1151d0b774cffa0e09926c9c2abdeae07b759899d90bb0d1458b3280dbb55a82f59073011068d04d37f0d9009ffad051d54f6a8f7e3c2fb223be61", 0x5b, 0x40, &(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ALPHA={0x8}]}}]}, 0x3c}}, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0)

1.282726277s ago: executing program 0 (id=469):
mknod(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x4a700, 0x0)
r1 = open(&(0x7f00000002c0)='./bus\x00', 0x42202, 0x0)
splice(r0, 0x0, r1, 0x0, 0x114, 0x0)
r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x101000, 0x118)
fcntl$setpipe(r2, 0x407, 0x1000000)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x481, 0x0)
vmsplice(r3, &(0x7f0000000240)=[{&(0x7f0000000300)="10", 0x1}], 0x1, 0x0)

1.069248533s ago: executing program 3 (id=470):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) (async)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x5c, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x0, 0x81, 0x3, 0xb1, 0x7, 0x0, 0xfff4, 0x20000000, [{0x0, 0x6, 0x5, 0x1ff}, {0x2, 0x2, 0xe, 0x88}, {0x101, 0x18000000, 0x9, 0x7b000000}]}}, @TCA_U32_INDEV={0x14, 0x8, 'macvtap0\x00'}]}}]}, 0x88}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x5c, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x0, 0x81, 0x3, 0xb1, 0x7, 0x0, 0xfff4, 0x20000000, [{0x0, 0x6, 0x5, 0x1ff}, {0x2, 0x2, 0xe, 0x88}, {0x101, 0x18000000, 0x9, 0x7b000000}]}}, @TCA_U32_INDEV={0x14, 0x8, 'macvtap0\x00'}]}}]}, 0x88}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000000)={0x2f}, 0x8)

1.004280479s ago: executing program 3 (id=471):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$vimc1(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000000c0)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xb, 0x3, 0xec})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)=@x86={0x3, 0x78, 0x1d, 0x0, 0x7f, 0xb, 0x4, 0xfc, 0xff, 0x1, 0x9, 0xf8, 0x0, 0x72a, 0x8, 0x3, 0x2c, 0x7, 0x0, '\x00', 0x4})

1.002919058s ago: executing program 2 (id=472):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x24)
setxattr$trusted_overlay_upper(&(0x7f0000000340)='./bus\x00', 0x0, 0x0, 0x0, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="600000000206010200000000000000000000000005000100070000000900020073797a300000000005000500020000001400078005001500020000000800124000000000050004000000000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0)
mkdir(&(0x7f0000000140)='./file1\x00', 0xec9ad2fd408a4202)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=ANY=[@ANYRES8=r0, @ANYRES8, @ANYRES64, @ANYRES32=r0, @ANYRES16])
chdir(0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x4}}}}]}]}, 0x70}}, 0x20040000)
r2 = syz_socket_connect_nvme_tcp()
copy_file_range(r0, &(0x7f0000000000)=0x7, r2, 0x0, 0x10001, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000002, 0x59032, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
set_mempolicy(0x2, &(0x7f0000000140)=0x8001, 0x2)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r5, r4, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})

1.001759415s ago: executing program 0 (id=473):
r0 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}, 0x1c)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) (async)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r2, @ANYRES16=r1, @ANYBLOB="01000000000000000000210000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c195f64726f70730000000008008e0000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) (async)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000800)=ANY=[@ANYBLOB='\x00-'], 0x170) (async)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000800)=ANY=[@ANYBLOB='\x00-'], 0x170)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) (async)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x34, r4, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffe}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x34}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x274, r4, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x400}]}, @TIPC_NLA_BEARER={0x124, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xa3, @empty, 0x4}}, {0x14, 0x2, @in={0x2, 0x4e24, @local}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xffffffff, @local, 0x2f9e}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0xf}, 0x3}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc6ab}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x2, @loopback, 0x5}}}}]}, @TIPC_NLA_NODE={0x60, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "c9b1a2b180bb8d59e8980c96710ec63f08f05c0468ee02b203fbfe3e8f177b43f804"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}]}, @TIPC_NLA_SOCK={0xa8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x400}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x100}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xa8e}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1ef5b02c}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x1451}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}]}]}, 0x274}, 0x1, 0x0, 0x0, 0x4050}, 0x40000) (async)
sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x274, r4, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x400}]}, @TIPC_NLA_BEARER={0x124, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xa3, @empty, 0x4}}, {0x14, 0x2, @in={0x2, 0x4e24, @local}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xffffffff, @local, 0x2f9e}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0xf}, 0x3}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc6ab}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x2, @loopback, 0x5}}}}]}, @TIPC_NLA_NODE={0x60, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "c9b1a2b180bb8d59e8980c96710ec63f08f05c0468ee02b203fbfe3e8f177b43f804"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}]}, @TIPC_NLA_SOCK={0xa8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x400}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x100}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xa8e}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1ef5b02c}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x1451}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}]}]}, 0x274}, 0x1, 0x0, 0x0, 0x4050}, 0x40000)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (async)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @any, 0x4}, 0xe) (async)
bind$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @any, 0x4}, 0xe)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed, 0x7ff}, 0xe)
setsockopt$bt_BT_SECURITY(r5, 0x112, 0x4, &(0x7f0000000000)={0x2}, 0x2)
r6 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x20000)
ioctl$VIDIOC_LOG_STATUS(r7, 0x5646, 0x0)
ioctl$CDROMREADAUDIO(r6, 0x31e, &(0x7f0000002140)={@msf={0xc5}, 0x0, 0x0, 0x0})

1.001531516s ago: executing program 1 (id=474):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 64)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) (async, rerun: 64)
r2 = gettid() (rerun: 64)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r2, r1, 0x0, 0x14, &(0x7f0000000300)='percpu_alloc_percpu\x00'}, 0x30)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x1000000, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) (async, rerun: 32)
chdir(&(0x7f0000000280)='./file0\x00') (async, rerun: 32)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
write$FUSE_INIT(r3, &(0x7f0000000440)={0xffffffffffffff45, 0x0, 0x0, {0x7, 0x29, 0x0, 0x0, 0x2}}, 0x50) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

844.623131ms ago: executing program 1 (id=475):
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs\x00', &(0x7f0000001e00), 0x8000, &(0x7f0000000000)={[{@max={'max', 0x3d, 0x8380}}]})
r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x9, 0x701800)
syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000000)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = landlock_create_ruleset(&(0x7f0000000080)={0x8000}, 0x10, 0x0)
landlock_restrict_self(r3, 0x0)
r4 = fsopen(&(0x7f0000000000)='pstore\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000100)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}, 0x3}, 0x0, 0x0, 0x1})
close_range(r0, r5, 0x2)

586.754428ms ago: executing program 3 (id=476):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000007b0110000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000000))

470.335761ms ago: executing program 2 (id=477):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x172f, 0x34, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x60, 0x1, [{{0x9, 0x4, 0x0, 0x35, 0x1, 0x3, 0x1, 0x3, 0x6, {0x9, 0x21, 0x6, 0x4, 0x1, {0x22, 0xc6a}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x4, 0x7c, 0x8}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0xe}}]}}}]}}]}}, &(0x7f0000000800)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x310, 0x1, 0x1, 0x0, 0xff, 0x9}, 0x120, &(0x7f0000000380)={0x5, 0xf, 0x120, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x4, "863ed6458eff9e23c84825bc7a8d02c9"}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "f266247dbb02465e2d23f0fc4c24a653"}, @generic={0xe9, 0x10, 0xa, "81dc9fa1fc8ca872f4bb1d2f60474b24c4015db86427953fc9da2689fd264163ea7a22c9e47bcc46f749507d594b02035a1171963d52880622f8e79150a0a24a86bd90d79c2ffa25f920517a71e1db9fdeed8c513e7d6bfcdbdd25858769786f53053f24c9b1d050d242094a8d84a9ca307cd9b3acb89d2ac8742484f760988de200d81d4fb396713e70a56c60a3ece463896b3eff5a00e788d4f13a42f8d393094f39cc3a138b9e7dc4ce5cf1a3a742f220cd7f59c049ea275b13f67138f782e0d15e79ca6f71b7fca152bbbfd833a124d77c47d21a217eb056401d6feb93130a0a0c26a394"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x6, 0x5, 0x3, 0xfff6}]}, 0x8, [{0xfe, &(0x7f00000004c0)=@string={0xfe, 0x3, "9aa12de409fe5babdcc50a790099cce703c6d74b332ff1353b4d8923b97684184920319e14bb242880262167c5ee32d344f52a8ec73bb3d2d6b598c9c4718147eb6a5218750e336077bf5dd0ccd0b5b6df111cddfbfabcc7e3e1913f97a4c6a6d6358fe658fbf40f912f515ba736b1cbcff58f97700db9c1d89b55f1395b227132bb5b31fd59d307ba348dd2f6cc9cee5a46457d278b9c5bc59627053383bac2b9400b3b8ade3b8783f1a43a24d64192c2f1adfaeb47d3eed692c1618368783ba03da1b98d89e983e68940683203d0a46265f7bb3ffa510a19a31342dfcfcf0537da0e3ba79049b16f7181a49e6a137f7c26f842f7dfde4a29607faa"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x44d}}, {0xe7, &(0x7f00000005c0)=@string={0xe7, 0x3, "ecee6bfad5dda31710907ee0c54383fde1e9b20a98789fbd942f298251d835f9f173e5f7233e17f2777f6d9eeda05b19524c70236e8c6c423ae306b2e292c9ea35ae765794556de475020899b260c033f762d578c1f8610f7e91059b19043d5da74205ab75ba64eabeef26b3e8325bff4f2002c68fae303dd3c4b686e0371258407e6973f12033801c918335cd12d8f9b1f44686cb4f61c978cc7fcbcde6a0fbf06005bbf1b703d38c04c28a99bf33a96c045ca550f2c1000907e675a45a84d4b5efafb010151ad9b6ab46aa025d796e4c0d51c73fc333eb5978549f3ab3138e5a59536f4d"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x2009}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x443}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4}}, {0xe7, &(0x7f00000006c0)=@string={0xe7, 0x3, "901d697bee62bf1b87d9491a4121f269626dc7bb0690a8c36bb3cdf0fe21c767d19c50b1d79607ecf6d9ae2d1b2ff6a69bd9d5ea11de40cc693394452aafed2e2eb72717397a6d89553b792c0c2742a3c9ac6dcc8286286e0011cec09e2a7e1730eda2b1bb6b10bc6c4e795bc44813446850ce49f57399f4cb2864ec3f7d34de20c4c8a457847f75426a8b7de00382c8ef454d1bebe52ff616323863a17a6c86e39baadc453970715117529b0418a88ae85cc7c7a368ded2f14452967ea9a9c294a9e394b4423b9b55b84c87a38dcfff977ee6b21445ad5145a0e96c378b0b710777a75b31"}}, {0x4, &(0x7f00000007c0)=@lang_id={0x4, 0x3, 0x1c09}}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SREG={0x8}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}}, 0x0)
write(r0, &(0x7f0000000040)="09000000010000", 0x7)

0s ago: executing program 0 (id=478):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
bind$bt_hci(r2, 0x0, 0x0) (async)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0x1a, 0x0, 0x0) (async)
write(r0, &(0x7f0000000000)="240000001a005f0400f9f4070009040180202000000000000000000008001e0040000000", 0x24)

kernel console output (not intermixed with test programs):

led with error -71
[   68.894640][ T6354] usb 5-1: USB disconnect, device number 6
[   69.067578][ T7281] netlink: 'syz.0.339': attribute type 2 has an invalid length.
[   69.072606][ T7281] batadv0: entered promiscuous mode
[   69.096302][ T7281] team0: entered promiscuous mode
[   69.097733][ T7281] team_slave_0: entered promiscuous mode
[   69.099513][ T7281] team_slave_1: entered promiscuous mode
[   69.107499][ T7281] hsr1: entered promiscuous mode
[   69.108878][ T7281] hsr1: entered allmulticast mode
[   69.110250][ T7281] batadv0: entered allmulticast mode
[   69.111676][ T7281] team0: entered allmulticast mode
[   69.113037][ T7281] team_slave_0: entered allmulticast mode
[   69.114578][ T7281] team_slave_1: entered allmulticast mode
[   69.172870][   T40] kauditd_printk_skb: 13 callbacks suppressed
[   69.172880][   T40] audit: type=1400 audit(1732606542.021:456): avc:  denied  { append } for  pid=7287 comm="syz.0.341" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   69.459122][   T40] audit: type=1400 audit(1732606542.274:457): avc:  denied  { read } for  pid=7299 comm="syz.1.342" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   69.465807][   T40] audit: type=1400 audit(1732606542.274:458): avc:  denied  { open } for  pid=7299 comm="syz.1.342" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   69.475283][   T40] audit: type=1400 audit(1732606542.283:459): avc:  denied  { map } for  pid=7299 comm="syz.1.342" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   69.492730][ T5989] usb 8-1: USB disconnect, device number 8
[   69.492871][    C2] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[   69.497071][    C2] dummy_hcd dummy_hcd.3: timer fired with no URBs pending?
[   69.497138][ T5989] xpad 8-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   69.656354][   T40] audit: type=1400 audit(1732606542.470:460): avc:  denied  { bind } for  pid=7311 comm="syz.0.345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   69.669792][   T40] audit: type=1400 audit(1732606542.480:461): avc:  denied  { accept } for  pid=7308 comm="syz.1.344" lport=48163 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   69.694230][   T40] audit: type=1400 audit(1732606542.480:462): avc:  denied  { write } for  pid=7308 comm="syz.1.344" lport=48163 faddr=fc02:: scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   69.830538][   T40] audit: type=1400 audit(1732606542.629:463): avc:  denied  { name_bind } for  pid=7318 comm="syz.0.346" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   69.972545][ T7332] netlink: 8 bytes leftover after parsing attributes in process `syz.3.350'.
[   69.977857][ T7271] syz.2.335 (7271) used greatest stack depth: 19792 bytes left
[   69.984415][ T7332] bridge0: port 3(macvlan2) entered blocking state
[   69.987392][ T7332] bridge0: port 3(macvlan2) entered disabled state
[   69.990542][ T7332] macvlan2: entered allmulticast mode
[   69.994535][ T7332] bridge0: entered allmulticast mode
[   69.998914][ T7332] macvlan2: left allmulticast mode
[   70.002006][ T7332] bridge0: left allmulticast mode
[   70.069378][   T40] audit: type=1400 audit(1732606542.863:464): avc:  denied  { write } for  pid=7336 comm="syz.0.352" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   70.221235][ T7344] xt_CT: You must specify a L4 protocol and not use inversions on it
[   70.265004][ T7346] xt_hashlimit: size too large, truncated to 1048576
[   70.327784][   T40] audit: type=1400 audit(1732606543.097:465): avc:  denied  { relabelfrom } for  pid=7345 comm="syz.0.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   70.558270][ T7352] netlink: 4 bytes leftover after parsing attributes in process `syz.1.356'.
[   70.911952][ T7362] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   71.312795][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.365'.
[   71.319348][  T829] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   71.511613][  T829] usb 5-1: Using ep0 maxpacket: 32
[   71.514736][  T829] usb 5-1: config 4 has an invalid interface number: 8 but max is 0
[   71.517267][  T829] usb 5-1: config 4 has no interface number 0
[   71.519017][  T829] usb 5-1: config 4 interface 8 has no altsetting 0
[   71.523026][  T829] usb 5-1: New USB device found, idVendor=065a, idProduct=0009, bcdDevice=60.65
[   71.525524][  T829] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.527691][  T829] usb 5-1: Product: syz
[   71.528902][  T829] usb 5-1: Manufacturer: syz
[   71.530089][  T829] usb 5-1: SerialNumber: syz
[   71.616433][ T7397] syzkaller1: entered promiscuous mode
[   71.618182][ T7397] syzkaller1: entered allmulticast mode
[   71.752256][  T829] opticon 5-1:4.8: opticon converter detected
[   71.762831][  T829] usb 5-1: opticon converter now attached to ttyUSB0
[   71.774879][  T829] usb 5-1: USB disconnect, device number 7
[   71.787001][  T829] opticon ttyUSB0: opticon converter now disconnected from ttyUSB0
[   71.790509][  T829] opticon 5-1:4.8: device disconnected
[   72.972396][ T7440] netlink: 'syz.2.348': attribute type 10 has an invalid length.
[   73.001487][ T7440] 8021q: adding VLAN 0 to HW filter on device team0
[   73.016721][ T7440] bond0: (slave team0): Enslaving as an active interface with an up link
[   73.381422][ T7446] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.380'.
[   73.408842][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[   73.410904][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[   73.469764][ T7440] syz.2.348 (7440) used greatest stack depth: 18080 bytes left
[   73.548523][ T7454] (syz.1.383,7454,3):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   73.552181][ T7454] (syz.1.383,7454,3):ocfs2_fill_super:1178 ERROR: status = -22
[   73.556472][ T7456] veth1_macvtap: left promiscuous mode
[   73.558259][ T7456] macsec0: entered promiscuous mode
[   73.559691][ T7456] macsec0: entered allmulticast mode
[   73.580670][ T7456] macsec0: left allmulticast mode
[   73.584018][ T7454] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 40
[   73.587753][ T7454] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.383'.
[   73.598865][ T7454] xt_l2tp: invalid flags combination: c
[   73.674617][ T7460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.677494][ T7460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.680418][ T7460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.686044][ T7460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.688756][ T7460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.691513][ T7460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.769381][ T7469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   73.795633][ T7471] cgroup: fork rejected by pids controller in /syz1
[   73.827485][ T7469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   73.889920][ T7469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   73.903097][ T7478] could not allocate digest TFM handle sha3-256-ce
[   73.970538][ T6354] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[   74.173136][ T6354] usb 8-1: device descriptor read/64, error -71
[   74.187212][ T5921] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   74.190991][ T5921] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   74.193768][ T5921] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   74.197596][ T5921] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   74.201747][ T5921] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   74.205998][ T5921] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   74.216378][ T5931] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   74.223859][ T5931] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   74.226505][ T5931] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   74.231654][ T5931] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   74.233680][ T5931] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   74.235609][ T5931] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   74.335695][ T7486] chnl_net:caif_netlink_parms(): no params data found
[   74.417404][ T7264] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   74.423174][ T7264] CPU: 2 UID: 0 PID: 7264 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   74.425863][ T7264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.428686][ T7264] Call Trace:
[   74.429594][ T7264]  <TASK>
[   74.430384][ T7264]  dump_stack_lvl+0x16c/0x1f0
[   74.431637][ T7264]  dump_header+0x101/0x900
[   74.432837][ T7264]  oom_kill_process+0x270/0xa60
[   74.434125][ T7264]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   74.435605][ T7264]  out_of_memory+0x351/0x1700
[   74.436837][ T7264]  ? __pfx_out_of_memory+0x10/0x10
[   74.438171][ T7264]  ? rcu_read_unlock+0x17/0x60
[   74.439432][ T7264]  ? find_held_lock+0x2d/0x110
[   74.440688][ T7264]  mem_cgroup_out_of_memory+0x207/0x270
[   74.442184][ T7264]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   74.443789][ T7264]  ? do_raw_spin_unlock+0x172/0x230
[   74.445175][ T7264]  try_charge_memcg+0x53f/0xaf0
[   74.446454][ T7264]  ? __pfx_try_charge_memcg+0x10/0x10
[   74.447867][ T7264]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   74.449292][ T7264]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   74.450726][ T7264]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   74.452203][ T7264]  __mem_cgroup_charge+0x9b/0x280
[   74.453530][ T7264]  shmem_alloc_and_add_folio+0x507/0xc00
[   74.455010][ T7264]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   74.456562][ T7264]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   74.458176][ T7264]  ? shmem_huge_global_enabled+0x176/0x250
[   74.459704][ T7264]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   74.461253][ T7264]  shmem_get_folio_gfp+0x689/0x1530
[   74.462692][ T7264]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   74.464154][ T7264]  ? find_held_lock+0x2d/0x110
[   74.465417][ T7264]  shmem_write_begin+0x161/0x300
[   74.466733][ T7264]  ? __pfx_shmem_write_begin+0x10/0x10
[   74.468222][ T7264]  ? timestamp_truncate+0x21f/0x2e0
[   74.469677][ T7264]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   74.471593][ T7264]  generic_perform_write+0x2ba/0x920
[   74.473008][ T7264]  ? __pfx_generic_perform_write+0x10/0x10
[   74.474464][ T7264]  ? inode_needs_update_time.part.0+0x191/0x270
[   74.476090][ T7264]  shmem_file_write_iter+0x10e/0x140
[   74.477476][ T7264]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   74.479004][ T7264]  __kernel_write_iter+0x318/0xa80
[   74.480338][ T7264]  ? __pfx___kernel_write_iter+0x10/0x10
[   74.481789][ T7264]  ? get_dump_page+0x15b/0x230
[   74.483088][ T7264]  ? __pfx___might_resched+0x10/0x10
[   74.484462][ T7264]  ? copy_mc_enhanced_fast_string+0xa/0x13
[   74.485990][ T7264]  dump_user_range+0x389/0x8c0
[   74.487253][ T7264]  ? __pfx_dump_user_range+0x10/0x10
[   74.488615][ T7264]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   74.490206][ T7264]  ? __pfx_writenote+0x10/0x10
[   74.491464][ T7264]  elf_core_dump+0x287c/0x3a50
[   74.492757][ T7264]  ? __pfx_elf_core_dump+0x10/0x10
[   74.494082][ T7264]  ? kasan_save_stack+0x33/0x60
[   74.495346][ T7264]  ? kasan_save_track+0x14/0x30
[   74.496637][ T7264]  ? __kasan_kmalloc+0xaa/0xb0
[   74.497923][ T7264]  ? __kmalloc_node_noprof+0x21f/0x510
[   74.499396][ T7264]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   74.500860][ T7264]  ? get_signal+0x230b/0x26c0
[   74.502184][ T7264]  ? arch_do_signal_or_restart+0x90/0x7e0
[   74.503662][ T7264]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   74.505226][ T7264]  ? rcu_is_watching+0x12/0xc0
[   74.506481][ T7264]  ? trace_lock_acquire+0x146/0x1e0
[   74.507841][ T7264]  ? __pfx_sort+0x10/0x10
[   74.508979][ T7264]  ? get_signal+0x230b/0x26c0
[   74.510216][ T7264]  ? do_coredump+0x3ad7/0x49e0
[   74.511468][ T7264]  do_coredump+0x3ad7/0x49e0
[   74.512710][ T7264]  ? __pfx_do_coredump+0x10/0x10
[   74.514000][ T7264]  ? stack_trace_save+0x95/0xd0
[   74.515284][ T7264]  ? __pfx_stack_trace_save+0x10/0x10
[   74.516675][ T7264]  ? hlock_class+0x4e/0x130
[   74.517859][ T7264]  ? stack_depot_save_flags+0x28/0x8f0
[   74.519282][ T7264]  ? kmem_cache_free+0x152/0x4c0
[   74.520766][ T7264]  ? __sigqueue_free+0xba/0x2a0
[   74.522064][ T7264]  ? get_signal+0xcbc/0x26c0
[   74.523292][ T7264]  ? arch_do_signal_or_restart+0x90/0x7e0
[   74.524788][ T7264]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   74.526431][ T7264]  ? find_held_lock+0x2d/0x110
[   74.527701][ T7264]  ? proc_coredump_connector+0x2d2/0x4f0
[   74.529162][ T7264]  ? __pfx_proc_coredump_connector+0x10/0x10
[   74.530739][ T7264]  get_signal+0x230b/0x26c0
[   74.531977][ T7264]  ? force_sig_fault+0xc5/0x110
[   74.533653][ T7264]  ? __pfx_get_signal+0x10/0x10
[   74.534951][ T7264]  arch_do_signal_or_restart+0x90/0x7e0
[   74.536399][ T7264]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   74.538003][ T7264]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   74.539577][ T7264]  ? __bad_area_nosemaphore+0x334/0x6a0
[   74.540984][ T7264]  ? do_user_addr_fault+0x920/0x13f0
[   74.542450][ T7264]  irqentry_exit_to_user_mode+0x13f/0x280
[   74.543937][ T7264]  asm_exc_page_fault+0x26/0x30
[   74.545225][ T7264] RIP: 0033:0x0
[   74.546202][ T7264] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   74.548107][ T7264] RSP: 002b:00000000200002be EFLAGS: 00010217
[   74.549675][ T7264] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   74.551831][ T7264] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   74.553943][ T7264] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   74.556008][ T7264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.558069][ T7264] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   74.560115][ T7264]  </TASK>
[   74.561465][ T6354] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[   74.566187][ T7264] memory: usage 307200kB, limit 307200kB, failcnt 15078
[   74.568420][ T7264] memory+swap: usage 432196kB, limit 9007199254740988kB, failcnt 0
[   74.570857][ T7264] kmem: usage 6556kB, limit 9007199254740988kB, failcnt 0
[   74.573494][ T7264] Memory cgroup stats for /syz2:
[   74.573664][ T7264] cache 306974720
[   74.575931][ T7264] rss 860160
[   74.576832][ T7264] rss_huge 0
[   74.577948][ T7264] shmem 306970624
[   74.579327][ T7264] mapped_file 0
[   74.583530][ T7264] dirty 0
[   74.584433][ T7264] writeback 0
[   74.585422][ T7264] workingset_refault_anon 0
[   74.586952][ T7264] workingset_refault_file 35
[   74.588550][ T7264] swap 127995904
[   74.591787][ T7264] swapcached 0
[   74.593007][ T7264] pgpgin 113665
[   74.593994][ T7264] pgpgout 38509
[   74.595526][ T7264] pgfault 15371
[   74.596548][ T7264] pgmajfault 6
[   74.597481][ T7264] inactive_anon 300605440
[   74.598676][ T7264] active_anon 7225344
[   74.599785][ T7264] inactive_file 4096
[   74.600885][ T7264] active_file 0
[   74.602256][ T7264] unevictable 0
[   74.603446][ T7264] hierarchical_memory_limit 314572800
[   74.604679][ T7486] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.605031][ T7264] hierarchical_memsw_limit 9223372036854771712
[   74.606907][ T7486] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.606970][ T7486] bridge_slave_0: entered allmulticast mode
[   74.607412][ T7486] bridge_slave_0: entered promiscuous mode
[   74.609160][ T7264] total_cache 306974720
[   74.615620][ T7486] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.618434][ T7264] total_rss 860160
[   74.620368][ T7486] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.620475][ T7486] bridge_slave_1: entered allmulticast mode
[   74.621596][ T7264] total_rss_huge 0
[   74.624162][ T7486] bridge_slave_1: entered promiscuous mode
[   74.625167][ T7264] total_shmem 306970624
[   74.628944][ T7264] total_mapped_file 0
[   74.630121][ T7264] total_dirty 0
[   74.631113][ T7264] total_writeback 0
[   74.632174][ T7264] total_workingset_refault_anon 0
[   74.634047][ T7264] total_workingset_refault_file 35
[   74.638179][ T7264] total_swap 127995904
[   74.639370][ T7264] total_swapcached 0
[   74.640479][ T7264] total_pgpgin 113665
[   74.641560][ T7264] total_pgpgout 38509
[   74.642612][ T7264] total_pgfault 15371
[   74.643670][ T7264] total_pgmajfault 6
[   74.647181][ T7264] total_inactive_anon 300605440
[   74.648977][ T7264] total_active_anon 7225344
[   74.650274][ T7264] total_inactive_file 4096
[   74.651533][ T7264] total_active_file 0
[   74.652630][ T7264] total_unevictable 0
[   74.653679][ T7264] anon_cost 0
[   74.654627][ T7264] file_cost 0
[   74.655558][ T7264] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7247,uid=0
[   74.660829][ T7264] Memory cgroup out of memory: Killed process 7247 (syz.2.335) total-vm:97620kB, anon-rss:628kB, file-rss:30736kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[   74.664077][ T7486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.671086][ T7486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.708146][ T6354] usb 8-1: device descriptor read/64, error -71
[   74.825858][ T6354] usb usb8-port1: attempt power cycle
[   74.946371][ T7486] team0: Port device team_slave_0 added
[   74.949102][ T7486] team0: Port device team_slave_1 added
[   75.035606][ T7255] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   75.038234][ T7255] CPU: 3 UID: 0 PID: 7255 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   75.041025][ T7255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.044097][ T7255] Call Trace:
[   75.044995][ T7255]  <TASK>
[   75.045777][ T7255]  dump_stack_lvl+0x16c/0x1f0
[   75.047343][ T7255]  dump_header+0x101/0x900
[   75.048692][ T7255]  oom_kill_process+0x270/0xa60
[   75.049974][ T7255]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   75.051468][ T7255]  out_of_memory+0x351/0x1700
[   75.052723][ T7255]  ? __pfx_out_of_memory+0x10/0x10
[   75.054072][ T7255]  ? rcu_read_unlock+0x17/0x60
[   75.055397][ T7255]  ? find_held_lock+0x2d/0x110
[   75.057071][ T7255]  mem_cgroup_out_of_memory+0x207/0x270
[   75.058676][ T7255]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   75.060517][ T7255]  ? do_raw_spin_unlock+0x172/0x230
[   75.061962][ T7255]  try_charge_memcg+0x53f/0xaf0
[   75.063267][ T7255]  ? __pfx_try_charge_memcg+0x10/0x10
[   75.064958][ T7255]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   75.066769][ T7255]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   75.068630][ T7255]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   75.070177][ T7255]  __mem_cgroup_charge+0x9b/0x280
[   75.071508][ T7255]  shmem_alloc_and_add_folio+0x507/0xc00
[   75.072974][ T7255]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   75.074515][ T7255]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   75.076132][ T7255]  ? shmem_huge_global_enabled+0x176/0x250
[   75.078111][ T7255]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   75.079991][ T7255]  shmem_get_folio_gfp+0x689/0x1530
[   75.081501][ T7255]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   75.083510][ T7255]  ? find_held_lock+0x2d/0x110
[   75.085220][ T7255]  shmem_write_begin+0x161/0x300
[   75.086534][ T7255]  ? __pfx_shmem_write_begin+0x10/0x10
[   75.087970][ T7255]  ? timestamp_truncate+0x21f/0x2e0
[   75.089392][ T7255]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   75.091624][ T7255]  generic_perform_write+0x2ba/0x920
[   75.093040][ T7255]  ? __pfx_generic_perform_write+0x10/0x10
[   75.094580][ T7255]  ? inode_needs_update_time.part.0+0x191/0x270
[   75.096214][ T7255]  shmem_file_write_iter+0x10e/0x140
[   75.097605][ T7255]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   75.099481][ T7255]  __kernel_write_iter+0x318/0xa80
[   75.101224][ T7255]  ? __pfx___kernel_write_iter+0x10/0x10
[   75.103149][ T7255]  ? get_dump_page+0x15b/0x230
[   75.104463][ T7255]  ? __pfx___might_resched+0x10/0x10
[   75.106035][ T7255]  ? dump_user_range+0x399/0x8c0
[   75.107661][ T7255]  ? dump_user_range+0x70a/0x8c0
[   75.109276][ T7255]  dump_user_range+0x389/0x8c0
[   75.110731][ T7255]  ? __pfx_dump_user_range+0x10/0x10
[   75.112213][ T7255]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   75.113908][ T7255]  ? __pfx_writenote+0x10/0x10
[   75.115184][ T7255]  elf_core_dump+0x287c/0x3a50
[   75.116454][ T7255]  ? __pfx_elf_core_dump+0x10/0x10
[   75.117800][ T7255]  ? kasan_save_stack+0x33/0x60
[   75.119085][ T7255]  ? kasan_save_track+0x14/0x30
[   75.120473][ T7255]  ? __kasan_kmalloc+0xaa/0xb0
[   75.121979][ T7255]  ? __kmalloc_node_noprof+0x21f/0x510
[   75.123418][ T7255]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   75.124837][ T7255]  ? get_signal+0x230b/0x26c0
[   75.126084][ T7255]  ? arch_do_signal_or_restart+0x90/0x7e0
[   75.127572][ T7255]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   75.129189][ T7255]  ? rcu_is_watching+0x12/0xc0
[   75.130820][ T7255]  ? trace_lock_acquire+0x146/0x1e0
[   75.132550][ T7255]  ? __pfx_sort+0x10/0x10
[   75.133772][ T7255]  ? get_signal+0x230b/0x26c0
[   75.135112][ T7255]  ? do_coredump+0x3ad7/0x49e0
[   75.136435][ T7255]  do_coredump+0x3ad7/0x49e0
[   75.137683][ T7255]  ? __pfx_do_coredump+0x10/0x10
[   75.138988][ T7255]  ? stack_trace_save+0x95/0xd0
[   75.140265][ T7255]  ? __pfx_stack_trace_save+0x10/0x10
[   75.141665][ T7255]  ? hlock_class+0x4e/0x130
[   75.142872][ T7255]  ? stack_depot_save_flags+0x28/0x8f0
[   75.144303][ T7255]  ? kmem_cache_free+0x152/0x4c0
[   75.145607][ T7255]  ? __sigqueue_free+0xba/0x2a0
[   75.146895][ T7255]  ? get_signal+0xcbc/0x26c0
[   75.148102][ T7255]  ? arch_do_signal_or_restart+0x90/0x7e0
[   75.149582][ T7255]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   75.151219][ T7255]  ? find_held_lock+0x2d/0x110
[   75.152756][ T7255]  ? proc_coredump_connector+0x2d2/0x4f0
[   75.154323][ T7255]  ? __pfx_proc_coredump_connector+0x10/0x10
[   75.155909][ T7255]  get_signal+0x230b/0x26c0
[   75.157110][ T7255]  ? force_sig_fault+0xc5/0x110
[   75.158387][ T7255]  ? __pfx_get_signal+0x10/0x10
[   75.159848][ T7255]  arch_do_signal_or_restart+0x90/0x7e0
[   75.161562][ T7255]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   75.163261][ T7255]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   75.164975][ T7255]  ? __bad_area_nosemaphore+0x334/0x6a0
[   75.166683][ T7255]  ? do_user_addr_fault+0x920/0x13f0
[   75.168507][ T7255]  irqentry_exit_to_user_mode+0x13f/0x280
[   75.170370][ T7255]  asm_exc_page_fault+0x26/0x30
[   75.171668][ T7255] RIP: 0033:0x0
[   75.172587][ T7255] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   75.174827][ T7255] RSP: 002b:00000000200002be EFLAGS: 00010217
[   75.176883][ T7255] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   75.179339][ T7255] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   75.181403][ T7255] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   75.183673][ T7255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.185974][ T7255] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   75.188330][ T7255]  </TASK>
[   75.192713][ T7486] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.192931][ T7255] memory: usage 306580kB, limit 307200kB, failcnt 16478
[   75.195713][ T7486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.198113][ T7255] memory+swap: usage 429736kB, limit 9007199254740988kB, failcnt 0
[   75.207258][ T6354] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[   75.207596][ T7486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.210742][ T7255] kmem: usage 6524kB, limit 9007199254740988kB, failcnt 0
[   75.217803][ T7486] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.220690][ T7255] Memory cgroup stats for /syz2:
[   75.223991][ T7255] cache 305840128
[   75.225252][ T6354] usb 8-1: device descriptor read/8, error -71
[   75.225357][ T7255] rss 815104
[   75.225365][ T7255] rss_huge 0
[   75.228371][ T7486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.228785][ T7255] shmem 305840128
[   75.229869][ T7486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.241929][ T7255] mapped_file 0
[   75.243249][ T7255] dirty 0
[   75.244190][ T7255] writeback 0
[   75.245225][ T7255] workingset_refault_anon 0
[   75.247982][ T7255] workingset_refault_file 38
[   75.251191][ T7255] swap 125796352
[   75.252455][ T7255] swapcached 65536
[   75.255086][ T7255] pgpgin 113695
[   75.256166][ T7255] pgpgout 38812
[   75.257168][ T7255] pgfault 15373
[   75.258099][ T7255] pgmajfault 7
[   75.259105][ T7255] inactive_anon 295174144
[   75.260224][ T7255] active_anon 9310208
[   75.261253][ T7255] inactive_file 0
[   75.262202][ T7255] active_file 0
[   75.263138][ T7255] unevictable 0
[   75.264203][ T7255] hierarchical_memory_limit 314572800
[   75.265799][ T7255] hierarchical_memsw_limit 9223372036854771712
[   75.267618][ T7255] total_cache 305840128
[   75.268818][ T7255] total_rss 815104
[   75.269970][ T7255] total_rss_huge 0
[   75.271059][ T7255] total_shmem 305840128
[   75.272152][ T7255] total_mapped_file 0
[   75.273356][ T7255] total_dirty 0
[   75.274252][ T7486] hsr_slave_0: entered promiscuous mode
[   75.274518][ T7255] total_writeback 0
[   75.277531][ T7255] total_workingset_refault_anon 0
[   75.278488][ T7486] hsr_slave_1: entered promiscuous mode
[   75.279349][ T7255] total_workingset_refault_file 38
[   75.282940][ T7255] total_swap 125796352
[   75.284200][ T7486] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.284404][ T7255] total_swapcached 65536
[   75.288929][ T7255] total_pgpgin 113695
[   75.289378][ T7486] Cannot create hsr debugfs directory
[   75.291149][ T7255] total_pgpgout 38812
[   75.293876][ T7255] total_pgfault 15373
[   75.295391][ T7255] total_pgmajfault 7
[   75.297609][ T7255] total_inactive_anon 295174144
[   75.299092][ T7255] total_active_anon 9310208
[   75.300423][ T7255] total_inactive_file 0
[   75.301610][ T7255] total_active_file 0
[   75.305262][ T7255] total_unevictable 0
[   75.306326][ T7255] anon_cost 0
[   75.313410][ T7255] file_cost 0
[   75.314308][ T7255] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7249,uid=0
[   75.319013][ T7255] Memory cgroup out of memory: Killed process 7249 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:30096kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[   75.433739][ T7486] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.510183][ T6354] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[   75.530493][ T7486] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.534132][ T6354] usb 8-1: device descriptor read/8, error -71
[   75.604167][ T7500] program syz.0.396 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   75.633662][ T7486] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.660681][ T6354] usb usb8-port1: unable to enumerate USB device
[   75.707280][ T7498] syz.2.394: attempt to access beyond end of device
[   75.707280][ T7498] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0
[   75.722271][ T7498] MINIX-fs: unable to read superblock
[   75.739411][ T7486] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.746703][ T7506] xfrm0: entered allmulticast mode
[   75.918775][ T7511] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   76.012511][   T40] kauditd_printk_skb: 17 callbacks suppressed
[   76.012522][   T40] audit: type=1400 audit(1732606548.420:483): avc:  denied  { read } for  pid=7516 comm="syz.0.401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   76.057697][ T7486] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   76.098136][ T7486] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   76.167542][ T7486] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   76.273700][ T7486] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   76.397893][ T5921] Bluetooth: hci1: command tx timeout
[   76.403617][ T7520] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   76.478024][ T7486] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.490836][ T7486] 8021q: adding VLAN 0 to HW filter on device team0
[   76.495901][ T7028] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.497778][ T7028] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.506787][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.508629][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.606373][ T7486] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.635095][ T7486] veth0_vlan: entered promiscuous mode
[   76.639994][ T7486] veth1_vlan: entered promiscuous mode
[   76.654072][ T7486] veth0_macvtap: entered promiscuous mode
[   76.657898][ T7486] veth1_macvtap: entered promiscuous mode
[   76.665849][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.668716][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.671465][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.674161][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.676760][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.679370][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.681804][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.684612][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.688383][ T7486] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.693707][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.696451][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.699046][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.701737][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.704368][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.708934][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.713080][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.716696][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.721686][ T7486] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.728701][ T7486] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.731213][ T7486] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.733883][ T7486] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.736205][ T7486] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.934488][   T40] audit: type=1400 audit(1732606549.280:484): avc:  denied  { append } for  pid=7529 comm="syz.0.405" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   76.952963][ T7531] netlink: 'syz.0.405': attribute type 11 has an invalid length.
[   76.955354][ T7531] netlink: 20 bytes leftover after parsing attributes in process `syz.0.405'.
[   76.970839][ T7027] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.973043][ T7027] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.992069][ T7028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.995154][ T7028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.033450][   T40] audit: type=1400 audit(1732606549.374:485): avc:  denied  { mounton } for  pid=7486 comm="syz-executor" path="/syzkaller.ZqDsTK/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   77.161155][ T7270] syz.2.335 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   77.185894][ T7270] CPU: 1 UID: 0 PID: 7270 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   77.188324][ T7270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.190780][ T7270] Call Trace:
[   77.191556][ T7270]  <TASK>
[   77.192238][ T7270]  dump_stack_lvl+0x16c/0x1f0
[   77.193323][ T7270]  dump_header+0x101/0x900
[   77.194353][ T7270]  oom_kill_process+0x270/0xa60
[   77.195471][ T7270]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   77.196836][ T7270]  out_of_memory+0x351/0x1700
[   77.197937][ T7270]  ? __pfx_out_of_memory+0x10/0x10
[   77.199122][ T7270]  ? rcu_read_unlock+0x17/0x60
[   77.200599][ T7270]  ? find_held_lock+0x2d/0x110
[   77.202167][ T7270]  mem_cgroup_out_of_memory+0x207/0x270
[   77.203882][ T7270]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   77.205452][ T7270]  ? do_raw_spin_unlock+0x172/0x230
[   77.206685][ T7270]  try_charge_memcg+0x53f/0xaf0
[   77.207804][ T7270]  ? __pfx_try_charge_memcg+0x10/0x10
[   77.209017][ T7270]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   77.210300][ T7270]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   77.211582][ T7270]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   77.212874][ T7270]  __mem_cgroup_charge+0x9b/0x280
[   77.214020][ T7270]  filemap_add_folio+0x89/0x220
[   77.215153][ T7270]  ? __pfx_filemap_add_folio+0x10/0x10
[   77.216435][ T7270]  __filemap_get_folio+0x468/0xaf0
[   77.217692][ T7270]  filemap_fault+0x670/0x2820
[   77.218877][ T7270]  ? __pfx_filemap_fault+0x10/0x10
[   77.220138][ T7270]  ? do_pte_missing+0xddc/0x3e70
[   77.221372][ T7270]  ? __pfx_lock_release+0x10/0x10
[   77.222628][ T7270]  __do_fault+0x10a/0x490
[   77.223683][ T7270]  do_pte_missing+0xec2/0x3e70
[   77.224802][ T7270]  __handle_mm_fault+0x103c/0x2a40
[   77.225978][ T7270]  ? find_held_lock+0x2d/0x110
[   77.227128][ T7270]  ? __pfx___handle_mm_fault+0x10/0x10
[   77.228361][ T7270]  ? follow_page_pte+0x3c3/0x1b20
[   77.229488][ T7270]  ? __pfx_lock_release+0x10/0x10
[   77.230678][ T7270]  ? follow_page_pte+0x3f7/0x1b20
[   77.231831][ T7270]  handle_mm_fault+0x3fa/0xaa0
[   77.232947][ T7270]  __get_user_pages+0x8d9/0x3b50
[   77.234091][ T7270]  ? __pfx___get_user_pages+0x10/0x10
[   77.235326][ T7270]  ? down_read_killable+0xcc/0x380
[   77.236523][ T7270]  ? __pfx_down_read_killable+0x10/0x10
[   77.237791][ T7270]  ? shmem_file_write_iter+0xcf/0x140
[   77.239051][ T7270]  get_dump_page+0xff/0x230
[   77.240117][ T7270]  ? __pfx_get_dump_page+0x10/0x10
[   77.241291][ T7270]  ? __pfx___might_resched+0x10/0x10
[   77.242514][ T7270]  ? copy_mc_enhanced_fast_string+0xa/0x13
[   77.243885][ T7270]  dump_user_range+0x135/0x8c0
[   77.245044][ T7270]  ? __pfx_dump_user_range+0x10/0x10
[   77.246314][ T7270]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   77.247789][ T7270]  ? __pfx_writenote+0x10/0x10
[   77.248984][ T7270]  elf_core_dump+0x287c/0x3a50
[   77.250180][ T7270]  ? __pfx_elf_core_dump+0x10/0x10
[   77.251447][ T7270]  ? kasan_save_stack+0x33/0x60
[   77.252637][ T7270]  ? kasan_save_track+0x14/0x30
[   77.253790][ T7270]  ? __kasan_kmalloc+0xaa/0xb0
[   77.254938][ T7270]  ? __kmalloc_node_noprof+0x21f/0x510
[   77.256225][ T7270]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   77.257514][ T7270]  ? get_signal+0x230b/0x26c0
[   77.258647][ T7270]  ? arch_do_signal_or_restart+0x90/0x7e0
[   77.259992][ T7270]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   77.261409][ T7270]  ? rcu_is_watching+0x12/0xc0
[   77.262549][ T7270]  ? trace_lock_acquire+0x146/0x1e0
[   77.263742][ T7270]  ? __pfx_sort+0x10/0x10
[   77.264752][ T7270]  ? get_signal+0x230b/0x26c0
[   77.265890][ T7270]  ? do_coredump+0x3ad7/0x49e0
[   77.267111][ T7270]  do_coredump+0x3ad7/0x49e0
[   77.268291][ T7270]  ? __pfx_do_coredump+0x10/0x10
[   77.269568][ T7270]  ? stack_trace_save+0x95/0xd0
[   77.270800][ T7270]  ? __pfx_stack_trace_save+0x10/0x10
[   77.272104][ T7270]  ? hlock_class+0x4e/0x130
[   77.273156][ T7270]  ? stack_depot_save_flags+0x28/0x8f0
[   77.274416][ T7270]  ? kmem_cache_free+0x152/0x4c0
[   77.275553][ T7270]  ? __sigqueue_free+0xba/0x2a0
[   77.276685][ T7270]  ? get_signal+0xcbc/0x26c0
[   77.277741][ T7270]  ? arch_do_signal_or_restart+0x90/0x7e0
[   77.279023][ T7270]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   77.280402][ T7270]  ? find_held_lock+0x2d/0x110
[   77.281504][ T7270]  ? proc_coredump_connector+0x2d2/0x4f0
[   77.282822][ T7270]  ? __pfx_proc_coredump_connector+0x10/0x10
[   77.284194][ T7270]  get_signal+0x230b/0x26c0
[   77.285240][ T7270]  ? force_sig_fault+0xc5/0x110
[   77.286379][ T7270]  ? __pfx_get_signal+0x10/0x10
[   77.287426][ T7270]  arch_do_signal_or_restart+0x90/0x7e0
[   77.288541][ T7270]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   77.289839][ T7270]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   77.291276][ T7270]  ? __bad_area_nosemaphore+0x334/0x6a0
[   77.292605][ T7270]  ? do_user_addr_fault+0x920/0x13f0
[   77.293884][ T7270]  irqentry_exit_to_user_mode+0x13f/0x280
[   77.295256][ T7270]  asm_exc_page_fault+0x26/0x30
[   77.296409][ T7270] RIP: 0033:0x0
[   77.297207][ T7270] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   77.298860][ T7270] RSP: 002b:00000000200002be EFLAGS: 00010217
[   77.300207][ T7270] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   77.302000][ T7270] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   77.303831][ T7270] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   77.305649][ T7270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   77.307502][ T7270] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   77.309872][ T7270]  </TASK>
[   77.310685][    C1] vkms_vblank_simulate: vblank timer overrun
[   77.321759][ T7270] memory: usage 306456kB, limit 307200kB, failcnt 21091
[   77.326461][ T7270] memory+swap: usage 429456kB, limit 9007199254740988kB, failcnt 0
[   77.328500][ T7270] kmem: usage 6096kB, limit 9007199254740988kB, failcnt 0
[   77.330108][ T7270] Memory cgroup stats for /syz2:
[   77.330250][ T7270] cache 307351552
[   77.334776][ T7270] rss 225280
[   77.338204][ T7270] rss_huge 0
[   77.339002][ T7270] shmem 307351552
[   77.339851][ T7270] mapped_file 0
[   77.340683][ T7270] dirty 0
[   77.341401][ T7270] writeback 0
[   77.355111][ T7270] workingset_refault_anon 10
[   77.356222][ T7270] workingset_refault_file 410
[   77.356815][   T40] audit: type=1400 audit(1732606549.673:486): avc:  denied  { setopt } for  pid=7543 comm="syz.1.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   77.357452][ T7270] swap 125444096
[   77.379269][ T7270] swapcached 86016
[   77.380423][ T7270] pgpgin 123913
[   77.381806][ T7270] pgpgout 48804
[   77.382676][ T7270] pgfault 15641
[   77.383497][ T7270] pgmajfault 22
[   77.384489][ T7270] inactive_anon 252264448
[   77.385549][ T7270] active_anon 53100544
[   77.386557][ T7270] inactive_file 0
[   77.398847][ T7270] active_file 0
[   77.399785][ T7270] unevictable 0
[   77.400922][ T7270] hierarchical_memory_limit 314572800
[   77.402734][ T7270] hierarchical_memsw_limit 9223372036854771712
[   77.404373][ T7270] total_cache 307351552
[   77.405431][ T7270] total_rss 225280
[   77.406322][ T7270] total_rss_huge 0
[   77.407218][ T7270] total_shmem 307351552
[   77.408231][ T7270] total_mapped_file 0
[   77.423099][ T7270] total_dirty 0
[   77.433994][ T7270] total_writeback 0
[   77.435108][ T7270] total_workingset_refault_anon 10
[   77.436375][ T7270] total_workingset_refault_file 410
[   77.437603][ T7270] total_swap 125444096
[   77.438593][ T7270] total_swapcached 86016
[   77.439614][ T7270] total_pgpgin 123913
[   77.451315][ T7270] total_pgpgout 48804
[   77.452388][ T7270] total_pgfault 15641
[   77.453427][ T7270] total_pgmajfault 22
[   77.454469][ T7270] total_inactive_anon 252264448
[   77.461916][ T7270] total_active_anon 53100544
[   77.463021][ T7270] total_inactive_file 0
[   77.463998][ T7270] total_active_file 0
[   77.464957][ T7270] total_unevictable 0
[   77.465973][ T7270] anon_cost 0
[   77.477699][ T7270] file_cost 0
[   77.479338][ T7270] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7255,uid=0
[   77.486972][ T7270] Memory cgroup out of memory: Killed process 7255 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:25032kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   77.605272][  T944] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   77.664462][ T7548] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms
[   77.671819][ T7548] netlink: 'syz.2.409': attribute type 10 has an invalid length.
[   77.681072][ T7548] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.693433][ T7548] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.696374][ T7548] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.705634][ T7548] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   77.708153][ T7530] orangefs_mount: mount request failed with -4
[   77.746336][ T1253] bond0: (slave bridge0): link status definitely up, 0 Mbps full duplex
[   77.765845][  T944] usb 6-1: Using ep0 maxpacket: 32
[   77.769806][  T944] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[   77.772330][  T944] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   77.775648][  T944] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   77.780337][  T944] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   77.784878][  T944] usb 6-1: config 0 interface 0 has no altsetting 0
[   77.790149][  T944] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   77.793581][  T944] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   77.796356][  T944] usb 6-1: Product: syz
[   77.797959][  T944] usb 6-1: Manufacturer: syz
[   77.799334][  T944] usb 6-1: SerialNumber: syz
[   77.802416][  T944] usb 6-1: config 0 descriptor??
[   77.805665][  T944] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   77.810951][  T944] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   78.241678][   T40] audit: type=1400 audit(1732606550.496:487): avc:  denied  { write } for  pid=7564 comm="syz.3.416" name="kcm" dev="proc" ino=4026533145 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   78.401636][ T7568] ldusb 6-1:0.0: Write buffer overflow, 1 bytes dropped
[   78.577757][ T7575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.417'.
[   78.621475][ T5921] Bluetooth: hci1: command tx timeout
[   78.881400][   T25] cfg80211: failed to load regulatory.db
[   79.489655][   T70] usb 6-1: USB disconnect, device number 9
[   79.492615][   T70] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[   79.660770][   T42] oom_reaper: reaped process 7255 (syz.2.335), now anon-rss:132kB, file-rss:22528kB, shmem-rss:0kB
[   79.674914][ T7261] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   79.677520][ T7261] CPU: 2 UID: 0 PID: 7261 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   79.680287][ T7261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.683205][ T7261] Call Trace:
[   79.684163][ T7261]  <TASK>
[   79.685201][ T7261]  dump_stack_lvl+0x16c/0x1f0
[   79.686638][ T7261]  dump_header+0x101/0x900
[   79.687987][ T7261]  oom_kill_process+0x270/0xa60
[   79.689443][ T7261]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   79.691110][ T7261]  out_of_memory+0x351/0x1700
[   79.692378][ T7261]  ? __pfx_out_of_memory+0x10/0x10
[   79.693750][ T7261]  ? rcu_read_unlock+0x17/0x60
[   79.695333][ T7261]  ? find_held_lock+0x2d/0x110
[   79.696642][ T7261]  mem_cgroup_out_of_memory+0x207/0x270
[   79.698117][ T7261]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   79.700180][ T7261]  ? do_raw_spin_unlock+0x172/0x230
[   79.701912][ T7261]  try_charge_memcg+0x53f/0xaf0
[   79.703664][ T7261]  ? __pfx_try_charge_memcg+0x10/0x10
[   79.705489][ T7261]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   79.707387][ T7261]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   79.709313][ T7261]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   79.711383][ T7261]  __mem_cgroup_charge+0x9b/0x280
[   79.713379][ T7261]  shmem_alloc_and_add_folio+0x507/0xc00
[   79.715809][ T7261]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   79.717981][ T7261]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   79.719665][ T7261]  ? shmem_huge_global_enabled+0x176/0x250
[   79.721208][ T7261]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   79.722768][ T7261]  shmem_get_folio_gfp+0x689/0x1530
[   79.724138][ T7261]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   79.726099][ T7261]  ? mark_held_locks+0x9f/0xe0
[   79.727820][ T7261]  ? timestamp_truncate+0x21f/0x2e0
[   79.729671][ T7261]  shmem_write_begin+0x161/0x300
[   79.731446][ T7261]  ? __pfx_shmem_write_begin+0x10/0x10
[   79.733348][ T7261]  ? inode_set_ctime_current+0x2a7/0x900
[   79.734885][ T7261]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   79.736706][ T7261]  ? __pfx_inode_set_ctime_current+0x10/0x10
[   79.738741][ T7261]  generic_perform_write+0x2ba/0x920
[   79.740673][ T7261]  ? __pfx_generic_perform_write+0x10/0x10
[   79.742833][ T7261]  ? __mark_inode_dirty+0x2af/0xe60
[   79.744922][ T7261]  ? generic_update_time+0xcf/0xf0
[   79.746691][ T7261]  ? mnt_put_write_access_file+0x45/0xf0
[   79.748351][ T7261]  shmem_file_write_iter+0x10e/0x140
[   79.749786][ T7261]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   79.751501][ T7261]  __kernel_write_iter+0x318/0xa80
[   79.752829][ T7261]  ? __pfx___kernel_write_iter+0x10/0x10
[   79.754334][ T7261]  ? get_dump_page+0x15b/0x230
[   79.755706][ T7261]  ? __pfx___might_resched+0x10/0x10
[   79.757534][ T7261]  ? __kasan_check_write+0x8/0x20
[   79.758899][ T7261]  dump_user_range+0x389/0x8c0
[   79.760158][ T7261]  ? __pfx_dump_user_range+0x10/0x10
[   79.761829][ T7261]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   79.764008][ T7261]  ? __pfx_writenote+0x10/0x10
[   79.765977][ T7261]  elf_core_dump+0x287c/0x3a50
[   79.767872][ T7261]  ? __pfx_elf_core_dump+0x10/0x10
[   79.769704][ T7261]  ? kasan_save_stack+0x33/0x60
[   79.771615][ T7261]  ? kasan_save_track+0x14/0x30
[   79.773526][ T7261]  ? __kasan_kmalloc+0xaa/0xb0
[   79.775477][ T7261]  ? __kmalloc_node_noprof+0x21f/0x510
[   79.777422][ T7261]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   79.779276][ T7261]  ? get_signal+0x230b/0x26c0
[   79.780974][ T7261]  ? arch_do_signal_or_restart+0x90/0x7e0
[   79.782936][ T7261]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   79.785114][ T7261]  ? rcu_is_watching+0x12/0xc0
[   79.786829][ T7261]  ? trace_lock_acquire+0x146/0x1e0
[   79.788521][ T7261]  ? __pfx_sort+0x10/0x10
[   79.790062][ T7261]  ? get_signal+0x230b/0x26c0
[   79.791728][ T7261]  ? do_coredump+0x3ad7/0x49e0
[   79.793465][ T7261]  do_coredump+0x3ad7/0x49e0
[   79.795172][ T7261]  ? __pfx_do_coredump+0x10/0x10
[   79.797020][ T7261]  ? stack_trace_save+0x95/0xd0
[   79.798822][ T7261]  ? __pfx_stack_trace_save+0x10/0x10
[   79.800693][ T7261]  ? hlock_class+0x4e/0x130
[   79.801891][ T7261]  ? stack_depot_save_flags+0x28/0x8f0
[   79.803356][ T7261]  ? kmem_cache_free+0x152/0x4c0
[   79.804858][ T7261]  ? __sigqueue_free+0xba/0x2a0
[   79.806279][ T7261]  ? get_signal+0xcbc/0x26c0
[   79.807513][ T7261]  ? arch_do_signal_or_restart+0x90/0x7e0
[   79.809121][ T7261]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   79.810738][ T7261]  ? find_held_lock+0x2d/0x110
[   79.811995][ T7261]  ? proc_coredump_connector+0x2d2/0x4f0
[   79.813548][ T7261]  ? __pfx_proc_coredump_connector+0x10/0x10
[   79.815664][ T7261]  get_signal+0x230b/0x26c0
[   79.817381][ T7261]  ? force_sig_fault+0xc5/0x110
[   79.819079][ T7261]  ? __pfx_get_signal+0x10/0x10
[   79.820820][ T7261]  arch_do_signal_or_restart+0x90/0x7e0
[   79.822712][ T7261]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   79.824432][ T7261]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   79.826565][ T7261]  ? __bad_area_nosemaphore+0x334/0x6a0
[   79.828407][ T7261]  ? do_user_addr_fault+0x920/0x13f0
[   79.830198][ T7261]  irqentry_exit_to_user_mode+0x13f/0x280
[   79.832154][ T7261]  asm_exc_page_fault+0x26/0x30
[   79.833489][ T7261] RIP: 0033:0x0
[   79.834692][ T7261] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   79.837242][ T7261] RSP: 002b:00000000200002be EFLAGS: 00010217
[   79.839432][ T7261] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   79.841546][ T7261] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   79.843698][ T7261] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   79.846277][ T7261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   79.848811][ T7261] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   79.851111][ T7261]  </TASK>
[   79.859554][ T7261] memory: usage 307200kB, limit 307200kB, failcnt 32337
[   79.862875][ T7261] memory+swap: usage 432196kB, limit 9007199254740988kB, failcnt 0
[   79.865015][ T7261] kmem: usage 6096kB, limit 9007199254740988kB, failcnt 0
[   79.866877][ T7261] Memory cgroup stats for /syz2:
[   79.866972][ T7261] cache 308129792
[   79.869229][ T7261] rss 200704
[   79.870126][ T7261] rss_huge 0
[   79.871071][ T7261] shmem 308129792
[   79.873282][ T7261] mapped_file 0
[   79.874236][ T7261] dirty 0
[   79.875036][ T7261] writeback 0
[   79.875887][ T7261] workingset_refault_anon 19
[   79.877071][ T7261] workingset_refault_file 1198
[   79.878296][ T7261] swap 127995904
[   79.879234][ T7261] swapcached 0
[   79.880133][ T7261] pgpgin 132794
[   79.881051][ T7261] pgpgout 57518
[   79.881985][ T7261] pgfault 16132
[   79.883951][ T7261] pgmajfault 44
[   79.885253][ T7261] inactive_anon 187904000
[   79.886693][ T7261] active_anon 120233984
[   79.893260][ T7261] inactive_file 0
[   79.894401][ T7261] active_file 0
[   79.895331][ T7261] unevictable 0
[   79.896238][ T7261] hierarchical_memory_limit 314572800
[   79.897703][ T7261] hierarchical_memsw_limit 9223372036854771712
[   79.899287][ T7261] total_cache 308129792
[   79.900351][ T7261] total_rss 200704
[   79.901316][ T7261] total_rss_huge 0
[   79.902953][ T7261] total_shmem 308129792
[   79.903063][   T40] audit: type=1400 audit(1732606552.049:488): avc:  denied  { accept } for  pid=7625 comm="syz.3.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   79.909394][ T7261] total_mapped_file 0
[   79.909405][ T7261] total_dirty 0
[   79.909410][ T7261] total_writeback 0
[   79.909415][ T7261] total_workingset_refault_anon 19
[   79.909421][ T7261] total_workingset_refault_file 1198
[   79.909426][ T7261] total_swap 127995904
[   79.909432][ T7261] total_swapcached 0
[   79.909437][ T7261] total_pgpgin 132794
[   79.909442][ T7261] total_pgpgout 57518
[   79.909447][ T7261] total_pgfault 16132
[   79.909451][ T7261] total_pgmajfault 44
[   79.909456][ T7261] total_inactive_anon 187904000
[   79.909462][ T7261] total_active_anon 120233984
[   79.909467][ T7261] total_inactive_file 0
[   79.909472][ T7261] total_active_file 0
[   79.909477][ T7261] total_unevictable 0
[   79.909482][ T7261] anon_cost 0
[   79.909487][ T7261] file_cost 0
[   79.909493][ T7261] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7269,uid=0
[   79.910048][ T7261] Memory cgroup out of memory: Killed process 7269 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:28360kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[   79.915300][   T40] audit: type=1400 audit(1732606552.058:489): avc:  denied  { accept } for  pid=7625 comm="syz.3.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   79.950899][ T7628] loop1: detected capacity change from 0 to 6
[   79.958206][ T7628] Dev loop1: unable to read RDB block 6
[   79.959789][ T7628]  loop1: unable to read partition table
[   79.967941][ T7628] loop1: partition table beyond EOD, truncated
[   79.969683][ T7628] loop_reread_partitions: partition scan of loop1 (�被x������ڬ��dƤ����ݡ�����
[   79.969683][ T7628] ) failed (rc=-5)
[   80.012364][ T7258] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   80.016056][ T7258] CPU: 3 UID: 0 PID: 7258 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   80.018566][ T7258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.021218][ T7258] Call Trace:
[   80.022076][ T7258]  <TASK>
[   80.022831][ T7258]  dump_stack_lvl+0x16c/0x1f0
[   80.023970][ T7258]  dump_header+0x101/0x900
[   80.025089][ T7258]  oom_kill_process+0x270/0xa60
[   80.026296][ T7258]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   80.027721][ T7258]  out_of_memory+0x351/0x1700
[   80.028913][ T7258]  ? __pfx_out_of_memory+0x10/0x10
[   80.030232][ T7258]  ? rcu_read_unlock+0x17/0x60
[   80.031525][ T7258]  ? find_held_lock+0x2d/0x110
[   80.032798][ T7258]  mem_cgroup_out_of_memory+0x207/0x270
[   80.034227][ T7258]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   80.035727][ T7258]  ? do_raw_spin_unlock+0x172/0x230
[   80.037081][ T7258]  try_charge_memcg+0x53f/0xaf0
[   80.038320][ T7258]  ? __pfx_try_charge_memcg+0x10/0x10
[   80.039829][ T7258]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   80.041215][ T7258]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   80.042627][ T7258]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   80.044118][ T7258]  __mem_cgroup_charge+0x9b/0x280
[   80.045525][ T7258]  shmem_alloc_and_add_folio+0x507/0xc00
[   80.047110][ T7258]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   80.048830][ T7258]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   80.050574][ T7258]  ? shmem_huge_global_enabled+0x176/0x250
[   80.052142][ T7258]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   80.053760][ T7258]  shmem_get_folio_gfp+0x689/0x1530
[   80.055176][ T7258]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   80.056621][ T7258]  ? find_held_lock+0x2d/0x110
[   80.057827][ T7258]  shmem_write_begin+0x161/0x300
[   80.059069][ T7258]  ? __pfx_shmem_write_begin+0x10/0x10
[   80.060455][ T7258]  ? timestamp_truncate+0x21f/0x2e0
[   80.061780][ T7258]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   80.063525][ T7258]  generic_perform_write+0x2ba/0x920
[   80.065100][ T7258]  ? __pfx_generic_perform_write+0x10/0x10
[   80.066756][ T7258]  ? inode_needs_update_time.part.0+0x191/0x270
[   80.068350][ T7258]  shmem_file_write_iter+0x10e/0x140
[   80.069795][ T7258]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   80.071416][ T7258]  __kernel_write_iter+0x318/0xa80
[   80.072846][ T7258]  ? __pfx___kernel_write_iter+0x10/0x10
[   80.074369][ T7258]  ? get_dump_page+0x15b/0x230
[   80.075667][ T7258]  ? __pfx___might_resched+0x10/0x10
[   80.077071][ T7258]  ? copy_mc_enhanced_fast_string+0xa/0x13
[   80.078542][ T7258]  dump_user_range+0x389/0x8c0
[   80.079763][ T7258]  ? __pfx_dump_user_range+0x10/0x10
[   80.081084][ T7258]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   80.082621][ T7258]  ? __pfx_writenote+0x10/0x10
[   80.083811][ T7258]  elf_core_dump+0x287c/0x3a50
[   80.085058][ T7258]  ? __pfx_elf_core_dump+0x10/0x10
[   80.086347][ T7258]  ? kasan_save_stack+0x33/0x60
[   80.087601][ T7258]  ? kasan_save_track+0x14/0x30
[   80.088802][ T7258]  ? __kasan_kmalloc+0xaa/0xb0
[   80.090043][ T7258]  ? __kmalloc_node_noprof+0x21f/0x510
[   80.091448][ T7258]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   80.092837][ T7258]  ? get_signal+0x230b/0x26c0
[   80.094029][ T7258]  ? arch_do_signal_or_restart+0x90/0x7e0
[   80.095460][ T7258]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   80.096951][ T7258]  ? rcu_is_watching+0x12/0xc0
[   80.098173][ T7258]  ? trace_lock_acquire+0x146/0x1e0
[   80.099492][ T7258]  ? __pfx_sort+0x10/0x10
[   80.100587][ T7258]  ? get_signal+0x230b/0x26c0
[   80.101777][ T7258]  ? do_coredump+0x3ad7/0x49e0
[   80.102992][ T7258]  do_coredump+0x3ad7/0x49e0
[   80.104171][ T7258]  ? __pfx_do_coredump+0x10/0x10
[   80.105427][ T7258]  ? stack_trace_save+0x95/0xd0
[   80.106659][ T7258]  ? __pfx_stack_trace_save+0x10/0x10
[   80.107995][ T7258]  ? hlock_class+0x4e/0x130
[   80.109217][ T7258]  ? stack_depot_save_flags+0x28/0x8f0
[   80.110643][ T7258]  ? kmem_cache_free+0x152/0x4c0
[   80.111980][ T7258]  ? __sigqueue_free+0xba/0x2a0
[   80.113331][ T7258]  ? get_signal+0xcbc/0x26c0
[   80.114604][ T7258]  ? arch_do_signal_or_restart+0x90/0x7e0
[   80.116079][ T7258]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   80.117550][ T7258]  ? find_held_lock+0x2d/0x110
[   80.118765][ T7258]  ? proc_coredump_connector+0x2d2/0x4f0
[   80.120178][ T7258]  ? __pfx_proc_coredump_connector+0x10/0x10
[   80.121705][ T7258]  get_signal+0x230b/0x26c0
[   80.122909][ T7258]  ? force_sig_fault+0xc5/0x110
[   80.124168][ T7258]  ? __pfx_get_signal+0x10/0x10
[   80.125407][ T7258]  arch_do_signal_or_restart+0x90/0x7e0
[   80.126803][ T7258]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   80.128323][ T7258]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   80.129911][ T7258]  ? __bad_area_nosemaphore+0x334/0x6a0
[   80.131406][ T7258]  ? do_user_addr_fault+0x920/0x13f0
[   80.132857][ T7258]  irqentry_exit_to_user_mode+0x13f/0x280
[   80.134266][ T7258]  asm_exc_page_fault+0x26/0x30
[   80.135494][ T7258] RIP: 0033:0x0
[   80.136444][ T7258] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   80.138256][ T7258] RSP: 002b:00000000200002be EFLAGS: 00010217
[   80.139764][ T7258] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   80.141744][ T7258] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   80.143787][ T7258] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   80.145918][ T7258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   80.148134][ T7258] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   80.150271][ T7258]  </TASK>
[   80.152942][ T7258] memory: usage 272164kB, limit 307200kB, failcnt 32550
[   80.154642][ T5988] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   80.155350][ T7258] memory+swap: usage 382008kB, limit 9007199254740988kB, failcnt 0
[   80.159187][ T7258] kmem: usage 5760kB, limit 9007199254740988kB, failcnt 0
[   80.161416][ T7258] Memory cgroup stats for /syz2:
[   80.161699][ T7258] cache 272613376
[   80.163910][ T7258] rss 196608
[   80.164928][ T7258] rss_huge 0
[   80.165770][ T7258] shmem 269352960
[   80.166721][ T7258] mapped_file 3211264
[   80.167746][ T7258] dirty 0
[   80.168796][ T7258] writeback 0
[   80.169646][ T7258] workingset_refault_anon 19
[   80.170846][ T7258] workingset_refault_file 1994
[   80.172117][ T7258] swap 112222208
[   80.173014][ T7258] swapcached 4096
[   80.173957][ T7258] pgpgin 135953
[   80.174989][ T7258] pgpgout 69207
[   80.175869][ T7258] pgfault 16237
[   80.176838][ T7258] pgmajfault 45
[   80.177724][ T7258] inactive_anon 146915328
[   80.178817][ T7258] active_anon 121679872
[   80.180334][ T7258] inactive_file 0
[   80.181441][ T7258] active_file 3260416
[   80.190315][ T7258] unevictable 0
[   80.214628][ T7258] hierarchical_memory_limit 314572800
[   80.216652][ T7258] hierarchical_memsw_limit 9223372036854771712
[   80.219049][ T7258] total_cache 272613376
[   80.220607][ T7258] total_rss 196608
[   80.221952][ T7258] total_rss_huge 0
[   80.223333][ T7258] total_shmem 269352960
[   80.254371][ T7258] total_mapped_file 3211264
[   80.255903][ T7258] total_dirty 0
[   80.272585][ T7258] total_writeback 0
[   80.273751][ T7258] total_workingset_refault_anon 19
[   80.275416][ T7258] total_workingset_refault_file 1994
[   80.276998][ T7258] total_swap 112222208
[   80.280774][ T7258] total_swapcached 4096
[   80.280967][ T7637] 9pnet_virtio: no channels available for device syz
[   80.281883][   T40] audit: type=1400 audit(1732606552.414:490): avc:  denied  { mounton } for  pid=7636 comm="syz.1.431" path="/2/file0" dev="9p" ino=37617765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.291808][ T7258] total_pgpgin 135953
[   80.293479][ T7258] total_pgpgout 69207
[   80.294977][ T7258] total_pgfault 16237
[   80.296474][ T7258] total_pgmajfault 45
[   80.298009][ T7258] total_inactive_anon 146915328
[   80.304463][   T40] audit: type=1400 audit(1732606552.432:491): avc:  denied  { write } for  pid=7636 comm="syz.1.431" name="/" dev="9p" ino=37617765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.310133][ T5988] usb 5-1: Using ep0 maxpacket: 8
[   80.312249][   T40] audit: type=1400 audit(1732606552.432:492): avc:  denied  { add_name } for  pid=7636 comm="syz.1.431" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.314581][ T5988] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   80.331381][ T7258] total_active_anon 121679872
[   80.331474][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   80.333200][ T7258] total_inactive_file 0
[   80.335999][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   80.336019][ T5988] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   80.336050][ T5988] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   80.336062][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.337552][ T7258] total_active_file 3260416
[   80.377783][ T7258] total_unevictable 0
[   80.379228][ T7258] anon_cost 0
[   80.380415][ T7258] file_cost 0
[   80.381576][ T7258] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7252,uid=0
[   80.401965][ T7258] Memory cgroup out of memory: Killed process 7252 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:30808kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[   80.580558][ T5988] usb 5-1: GET_CAPABILITIES returned 0
[   80.581994][ T5988] usbtmc 5-1:16.0: can't read capabilities
[   80.603583][ T7652] netlink: 44 bytes leftover after parsing attributes in process `syz.1.437'.
[   80.683222][ T7656] netlink: 52 bytes leftover after parsing attributes in process `syz.3.439'.
[   80.707843][ T7658] netlink: 8 bytes leftover after parsing attributes in process `syz.1.440'.
[   80.756607][ T7662] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   80.760403][ T7662] overlayfs: missing 'lowerdir'
[   80.797029][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.800109][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.802595][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.804900][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.807103][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.809294][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.811503][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.813735][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.815924][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.818122][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.820383][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.822794][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.825603][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.827947][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.830276][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.832615][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   80.839411][   T70] usb 5-1: USB disconnect, device number 8
[   80.845283][ T5921] Bluetooth: hci1: command tx timeout
[   81.026493][ T5988] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[   81.094308][ T7671] libceph: resolve '40' (ret=-3): failed
[   81.164845][ T7673] ip6t_REJECT: TCP_RESET illegal for non-tcp
[   81.168020][ T7673] overlayfs: failed to resolve './file0': -2
[   81.186600][ T5988] usb 8-1: Using ep0 maxpacket: 16
[   81.190547][ T5988] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[   81.196123][ T5988] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[   81.198756][ T5988] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.200794][ T5988] usb 8-1: Product: syz
[   81.201873][ T5988] usb 8-1: Manufacturer: syz
[   81.203082][ T5988] usb 8-1: SerialNumber: syz
[   81.205390][ T5988] usb 8-1: config 0 descriptor??
[   81.208260][ T5988] hub 8-1:0.0: bad descriptor, ignoring hub
[   81.209845][ T5988] hub 8-1:0.0: probe with driver hub failed with error -5
[   81.212803][ T5988] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input7
[   81.363239][ T7266] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   81.365818][ T7266] CPU: 3 UID: 0 PID: 7266 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   81.368434][ T7266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.371073][ T7266] Call Trace:
[   81.371904][ T7266]  <TASK>
[   81.372677][ T7266]  dump_stack_lvl+0x16c/0x1f0
[   81.373863][ T7266]  dump_header+0x101/0x900
[   81.374982][ T7266]  oom_kill_process+0x270/0xa60
[   81.376272][ T7266]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   81.377631][ T7266]  out_of_memory+0x351/0x1700
[   81.378775][ T7266]  ? __pfx_out_of_memory+0x10/0x10
[   81.380072][ T7266]  ? rcu_read_unlock+0x17/0x60
[   81.381275][ T7266]  ? find_held_lock+0x2d/0x110
[   81.382475][ T7266]  mem_cgroup_out_of_memory+0x207/0x270
[   81.383890][ T7266]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   81.385432][ T7266]  ? do_raw_spin_unlock+0x172/0x230
[   81.386725][ T7266]  try_charge_memcg+0x53f/0xaf0
[   81.387929][ T7266]  ? __pfx_try_charge_memcg+0x10/0x10
[   81.389261][ T7266]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   81.390673][ T7266]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   81.392057][ T7266]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   81.393443][ T7266]  __mem_cgroup_charge+0x9b/0x280
[   81.394667][ T7266]  shmem_alloc_and_add_folio+0x507/0xc00
[   81.396182][ T7266]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   81.397670][ T7266]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   81.399316][ T7266]  ? shmem_huge_global_enabled+0x176/0x250
[   81.400813][ T7266]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   81.402242][ T7680] sctp: [Deprecated]: syz.0.449 (pid 7680) Use of int in maxseg socket option.
[   81.402242][ T7680] Use struct sctp_assoc_value instead
[   81.402321][ T7266]  shmem_get_folio_gfp+0x689/0x1530
[   81.402344][ T7266]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   81.409108][ T7266]  ? mark_held_locks+0x9f/0xe0
[   81.410303][ T7266]  ? timestamp_truncate+0x21f/0x2e0
[   81.411720][ T7266]  shmem_write_begin+0x161/0x300
[   81.413286][ T7266]  ? __pfx_shmem_write_begin+0x10/0x10
[   81.414722][ T7266]  ? inode_set_ctime_current+0x2a7/0x900
[   81.416262][ T7266]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   81.418093][ T7266]  ? __pfx_inode_set_ctime_current+0x10/0x10
[   81.419652][ T7266]  generic_perform_write+0x2ba/0x920
[   81.421039][ T7266]  ? __pfx_generic_perform_write+0x10/0x10
[   81.422560][ T7266]  ? __mark_inode_dirty+0x2af/0xe60
[   81.423923][ T7266]  ? generic_update_time+0xcf/0xf0
[   81.425273][ T7266]  ? mnt_put_write_access_file+0x45/0xf0
[   81.426737][ T7266]  shmem_file_write_iter+0x10e/0x140
[   81.428119][ T7266]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   81.429660][ T7266]  __kernel_write_iter+0x318/0xa80
[   81.431105][ T7266]  ? __pfx___kernel_write_iter+0x10/0x10
[   81.432633][ T7266]  ? get_dump_page+0x15b/0x230
[   81.433984][ T7266]  ? __pfx___might_resched+0x10/0x10
[   81.435352][ T7266]  ? copy_mc_enhanced_fast_string+0xa/0x13
[   81.436839][ T7266]  dump_user_range+0x389/0x8c0
[   81.438074][ T7266]  ? __pfx_dump_user_range+0x10/0x10
[   81.439439][ T7266]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   81.441021][ T7266]  ? __pfx_writenote+0x10/0x10
[   81.442258][ T7266]  elf_core_dump+0x287c/0x3a50
[   81.443498][ T7266]  ? __pfx_elf_core_dump+0x10/0x10
[   81.444837][ T7266]  ? kasan_save_stack+0x33/0x60
[   81.446169][ T7266]  ? kasan_save_track+0x14/0x30
[   81.447499][ T7266]  ? __kasan_kmalloc+0xaa/0xb0
[   81.448861][ T7266]  ? __kmalloc_node_noprof+0x21f/0x510
[   81.450345][ T7266]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   81.451737][ T7266]  ? get_signal+0x230b/0x26c0
[   81.452944][ T7266]  ? arch_do_signal_or_restart+0x90/0x7e0
[   81.454392][ T7266]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   81.455920][ T7266]  ? rcu_is_watching+0x12/0xc0
[   81.457154][ T7266]  ? trace_lock_acquire+0x146/0x1e0
[   81.458484][ T7266]  ? __pfx_sort+0x10/0x10
[   81.459609][ T7266]  ? get_signal+0x230b/0x26c0
[   81.460821][ T7266]  ? do_coredump+0x3ad7/0x49e0
[   81.462052][ T7266]  do_coredump+0x3ad7/0x49e0
[   81.463249][ T7266]  ? __pfx_do_coredump+0x10/0x10
[   81.464517][ T7266]  ? stack_trace_save+0x95/0xd0
[   81.465766][ T7266]  ? __pfx_stack_trace_save+0x10/0x10
[   81.467172][ T7266]  ? hlock_class+0x4e/0x130
[   81.468360][ T7266]  ? stack_depot_save_flags+0x28/0x8f0
[   81.469775][ T7266]  ? kmem_cache_free+0x152/0x4c0
[   81.471063][ T7266]  ? __sigqueue_free+0xba/0x2a0
[   81.472340][ T7266]  ? get_signal+0xcbc/0x26c0
[   81.473519][ T7266]  ? arch_do_signal_or_restart+0x90/0x7e0
[   81.475221][ T7266]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   81.476789][ T7266]  ? find_held_lock+0x2d/0x110
[   81.478065][ T7266]  ? proc_coredump_connector+0x2d2/0x4f0
[   81.479769][ T7266]  ? __pfx_proc_coredump_connector+0x10/0x10
[   81.481326][ T7266]  get_signal+0x230b/0x26c0
[   81.482518][ T7266]  ? force_sig_fault+0xc5/0x110
[   81.483758][ T7266]  ? __pfx_get_signal+0x10/0x10
[   81.485009][ T7266]  arch_do_signal_or_restart+0x90/0x7e0
[   81.486414][ T7266]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   81.487974][ T7266]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   81.489551][ T7266]  ? __bad_area_nosemaphore+0x334/0x6a0
[   81.490960][ T7266]  ? do_user_addr_fault+0x920/0x13f0
[   81.491839][   T40] kauditd_printk_skb: 9 callbacks suppressed
[   81.491851][   T40] audit: type=1400 audit(1732606553.518:502): avc:  denied  { listen } for  pid=7683 comm="syz.0.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   81.492321][ T7266]  irqentry_exit_to_user_mode+0x13f/0x280
[   81.500114][ T7266]  asm_exc_page_fault+0x26/0x30
[   81.501393][ T7266] RIP: 0033:0x0
[   81.502332][ T7266] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   81.504252][ T7266] RSP: 002b:00000000200002be EFLAGS: 00010217
[   81.505862][ T7266] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   81.507926][ T7266] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   81.509958][ T7266] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   81.511975][ T7266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   81.514024][ T7266] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   81.516084][ T7266]  </TASK>
[   81.517979][ T7266] memory: usage 307200kB, limit 307200kB, failcnt 37597
[   81.519934][ T7266] memory+swap: usage 432188kB, limit 9007199254740988kB, failcnt 0
[   81.521975][ T7266] kmem: usage 5836kB, limit 9007199254740988kB, failcnt 0
[   81.523958][ T7266] Memory cgroup stats for /syz2:
[   81.524025][ T7266] cache 308281344
[   81.526322][ T7266] rss 311296
[   81.527203][ T7266] rss_huge 0
[   81.528203][ T7266] shmem 308277248
[   81.529226][ T7266] mapped_file 0
[   81.530120][ T7266] dirty 0
[   81.530911][ T7266] writeback 0
[   81.531799][ T7266] workingset_refault_anon 31
[   81.533002][ T7266] workingset_refault_file 2173
[   81.534260][ T7266] swap 127987712
[   81.535217][ T7266] swapcached 8192
[   81.536232][ T7266] pgpgin 158595
[   81.537159][ T7266] pgpgout 83254
[   81.538079][ T7266] pgfault 16898
[   81.539037][ T7266] pgmajfault 59
[   81.540200][ T7266] inactive_anon 246820864
[   81.541379][ T7266] active_anon 61767680
[   81.542474][ T7266] inactive_file 4096
[   81.543538][ T7266] active_file 0
[   81.544786][ T7266] unevictable 0
[   81.545728][ T7266] hierarchical_memory_limit 314572800
[   81.547146][ T7266] hierarchical_memsw_limit 9223372036854771712
[   81.548739][ T7266] total_cache 308281344
[   81.549838][ T7266] total_rss 311296
[   81.551034][ T7266] total_rss_huge 0
[   81.552172][ T7266] total_shmem 308277248
[   81.553270][ T7266] total_mapped_file 0
[   81.554342][ T7266] total_dirty 0
[   81.555359][ T7266] total_writeback 0
[   81.556712][ T7266] total_workingset_refault_anon 31
[   81.558239][ T7266] total_workingset_refault_file 2173
[   81.559719][ T7266] total_swap 127987712
[   81.560940][ T7266] total_swapcached 8192
[   81.562083][ T7266] total_pgpgin 158595
[   81.563352][ T7266] total_pgpgout 83254
[   81.564392][ T7266] total_pgfault 16898
[   81.565439][ T7266] total_pgmajfault 59
[   81.566488][ T7266] total_inactive_anon 246820864
[   81.567765][ T7266] total_active_anon 61767680
[   81.568949][ T7266] total_inactive_file 4096
[   81.570097][ T7266] total_active_file 0
[   81.571185][ T7266] total_unevictable 0
[   81.572429][ T7266] anon_cost 0
[   81.573367][ T7266] file_cost 0
[   81.574222][ T7266] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7267,uid=0
[   81.578098][ T7266] Memory cgroup out of memory: Killed process 7267 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:34320kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000
[   81.665441][ T7262] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   81.697017][ T7262] CPU: 2 UID: 0 PID: 7262 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   81.699791][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.702711][ T7262] Call Trace:
[   81.703658][ T7262]  <TASK>
[   81.704437][ T7262]  dump_stack_lvl+0x16c/0x1f0
[   81.705719][ T7262]  dump_header+0x101/0x900
[   81.706995][ T7262]  oom_kill_process+0x270/0xa60
[   81.708530][ T7262]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   81.710063][ T7262]  out_of_memory+0x351/0x1700
[   81.711330][ T7262]  ? __pfx_out_of_memory+0x10/0x10
[   81.712655][ T7262]  ? rcu_read_unlock+0x17/0x60
[   81.713915][ T7262]  ? find_held_lock+0x2d/0x110
[   81.715220][ T7262]  mem_cgroup_out_of_memory+0x207/0x270
[   81.716644][ T7262]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   81.718203][ T7262]  ? do_raw_spin_unlock+0x172/0x230
[   81.719556][ T7262]  try_charge_memcg+0x53f/0xaf0
[   81.720814][ T7262]  ? __pfx_try_charge_memcg+0x10/0x10
[   81.722266][ T7262]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   81.723742][ T7262]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   81.725168][ T7262]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   81.726640][ T7262]  __mem_cgroup_charge+0x9b/0x280
[   81.728001][ T7262]  shmem_alloc_and_add_folio+0x507/0xc00
[   81.729557][ T7262]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   81.731185][ T7262]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   81.732842][ T7262]  ? shmem_huge_global_enabled+0x176/0x250
[   81.734358][ T7262]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   81.735919][ T7262]  shmem_get_folio_gfp+0x689/0x1530
[   81.737436][ T7262]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   81.739415][ T7262]  ? find_held_lock+0x2d/0x110
[   81.741146][ T7262]  shmem_write_begin+0x161/0x300
[   81.742938][ T7262]  ? __pfx_shmem_write_begin+0x10/0x10
[   81.744898][ T7262]  ? timestamp_truncate+0x21f/0x2e0
[   81.746858][ T7262]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   81.749294][ T7262]  generic_perform_write+0x2ba/0x920
[   81.751195][ T7262]  ? __pfx_generic_perform_write+0x10/0x10
[   81.753256][ T7262]  ? inode_needs_update_time.part.0+0x191/0x270
[   81.755458][ T7262]  shmem_file_write_iter+0x10e/0x140
[   81.757355][ T7262]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   81.758984][ T7262]  __kernel_write_iter+0x318/0xa80
[   81.760429][ T7262]  ? __pfx___kernel_write_iter+0x10/0x10
[   81.761999][ T7262]  ? get_dump_page+0x15b/0x230
[   81.763477][ T7262]  ? __pfx___might_resched+0x10/0x10
[   81.764912][ T7262]  ? copy_mc_enhanced_fast_string+0xa/0x13
[   81.766426][ T7262]  dump_user_range+0x389/0x8c0
[   81.767670][ T7262]  ? __pfx_dump_user_range+0x10/0x10
[   81.769035][ T7262]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   81.770820][ T7262]  ? __pfx_writenote+0x10/0x10
[   81.772366][ T7262]  elf_core_dump+0x287c/0x3a50
[   81.773625][ T7262]  ? __pfx_elf_core_dump+0x10/0x10
[   81.774968][ T7262]  ? kasan_save_stack+0x33/0x60
[   81.776273][ T7262]  ? kasan_save_track+0x14/0x30
[   81.777549][ T7262]  ? __kasan_kmalloc+0xaa/0xb0
[   81.778853][ T7262]  ? __kmalloc_node_noprof+0x21f/0x510
[   81.780270][ T7262]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   81.781684][ T7262]  ? get_signal+0x230b/0x26c0
[   81.782954][ T7262]  ? arch_do_signal_or_restart+0x90/0x7e0
[   81.784726][ T7262]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   81.786902][ T7262]  ? rcu_is_watching+0x12/0xc0
[   81.788608][ T7262]  ? trace_lock_acquire+0x146/0x1e0
[   81.790449][ T7262]  ? __pfx_sort+0x10/0x10
[   81.792048][ T7262]  ? get_signal+0x230b/0x26c0
[   81.793801][ T7262]  ? do_coredump+0x3ad7/0x49e0
[   81.795732][ T7262]  do_coredump+0x3ad7/0x49e0
[   81.797570][ T7262]  ? __pfx_do_coredump+0x10/0x10
[   81.799353][ T7262]  ? stack_trace_save+0x95/0xd0
[   81.801096][ T7262]  ? __pfx_stack_trace_save+0x10/0x10
[   81.803053][ T7262]  ? hlock_class+0x4e/0x130
[   81.804939][ T7262]  ? stack_depot_save_flags+0x28/0x8f0
[   81.806767][ T7262]  ? kmem_cache_free+0x152/0x4c0
[   81.808345][ T7262]  ? __sigqueue_free+0xba/0x2a0
[   81.809801][ T7262]  ? get_signal+0xcbc/0x26c0
[   81.811074][ T7262]  ? arch_do_signal_or_restart+0x90/0x7e0
[   81.812551][ T7262]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   81.814071][ T7262]  ? find_held_lock+0x2d/0x110
[   81.815335][ T7262]  ? proc_coredump_connector+0x2d2/0x4f0
[   81.816783][ T7262]  ? __pfx_proc_coredump_connector+0x10/0x10
[   81.818298][ T7262]  get_signal+0x230b/0x26c0
[   81.819465][ T7262]  ? force_sig_fault+0xc5/0x110
[   81.820936][ T7262]  ? __pfx_get_signal+0x10/0x10
[   81.822391][ T7262]  arch_do_signal_or_restart+0x90/0x7e0
[   81.823848][ T7262]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   81.825378][ T7262]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   81.826920][ T7262]  ? __bad_area_nosemaphore+0x334/0x6a0
[   81.828370][ T7262]  ? do_user_addr_fault+0x920/0x13f0
[   81.829791][ T7262]  irqentry_exit_to_user_mode+0x13f/0x280
[   81.831600][ T7262]  asm_exc_page_fault+0x26/0x30
[   81.833142][ T7262] RIP: 0033:0x0
[   81.834135][ T7262] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   81.836058][ T7262] RSP: 002b:00000000200002be EFLAGS: 00010217
[   81.837675][ T7262] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   81.839827][ T7262] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   81.841874][ T7262] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   81.844237][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   81.846214][ T7262] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   81.848430][ T7262]  </TASK>
[   81.852768][   T40] audit: type=1400 audit(1732606553.854:503): avc:  denied  { create } for  pid=7674 comm="syz.2.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[   81.898804][ T7262] memory: usage 307200kB, limit 307200kB, failcnt 38684
[   81.900906][ T7262] memory+swap: usage 432188kB, limit 9007199254740988kB, failcnt 0
[   81.903473][ T7262] kmem: usage 5796kB, limit 9007199254740988kB, failcnt 0
[   81.905324][ T7262] Memory cgroup stats for /syz2:
[   81.905399][ T7262] cache 308289536
[   81.907556][ T7262] rss 348160
[   81.908391][ T7262] rss_huge 0
[   81.909276][ T7262] shmem 308289536
[   81.910297][ T7262] mapped_file 0
[   81.911197][ T7262] dirty 0
[   81.911953][ T7262] writeback 0
[   81.912782][ T7262] workingset_refault_anon 35
[   81.914936][ T7262] workingset_refault_file 2547
[   81.916169][ T7262] swap 127987712
[   81.917116][ T7262] swapcached 8192
[   81.918031][ T7262] pgpgin 161373
[   81.918939][ T7262] pgpgout 86022
[   81.919822][ T7262] pgfault 17011
[   81.920751][ T7262] pgmajfault 69
[   81.921681][ T7262] inactive_anon 65916928
[   81.922750][ T7262] active_anon 241774592
[   81.923859][ T7262] inactive_file 0
[   81.925435][ T7262] active_file 0
[   81.926370][ T7262] unevictable 0
[   81.927259][ T7262] hierarchical_memory_limit 314572800
[   81.928536][ T7262] hierarchical_memsw_limit 9223372036854771712
[   81.930082][ T7262] total_cache 308289536
[   81.931118][ T7262] total_rss 348160
[   81.932109][ T7262] total_rss_huge 0
[   81.933130][ T7262] total_shmem 308289536
[   81.934161][ T7262] total_mapped_file 0
[   81.935627][ T7262] total_dirty 0
[   81.936507][ T7262] total_writeback 0
[   81.937432][ T7262] total_workingset_refault_anon 35
[   81.938754][ T7262] total_workingset_refault_file 2547
[   81.940118][ T7262] total_swap 127987712
[   81.941206][ T7262] total_swapcached 8192
[   81.942308][ T7262] total_pgpgin 161373
[   81.943340][ T7262] total_pgpgout 86022
[   81.944324][ T7262] total_pgfault 17011
[   81.945404][ T7262] total_pgmajfault 69
[   81.946872][ T7262] total_inactive_anon 65916928
[   81.948154][ T7262] total_active_anon 241774592
[   81.949379][ T7262] total_inactive_file 0
[   81.950425][ T7262] total_active_file 0
[   81.951463][ T7262] total_unevictable 0
[   81.952487][ T7262] anon_cost 0
[   81.953356][ T7262] file_cost 0
[   81.954246][ T7262] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7261,uid=0
[   81.958754][ T7262] Memory cgroup out of memory: Killed process 7261 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:30720kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[   81.960575][ T7688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.412'.
[   82.395783][ T1115] sr 2:0:0:0: [sr0] tag#5 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[   82.398949][ T1115] sr 2:0:0:0: [sr0] tag#5 Sense Key : Illegal Request [current] 
[   82.401135][ T1115] sr 2:0:0:0: [sr0] tag#5 Add. Sense: Invalid command operation code
[   82.403578][ T1115] sr 2:0:0:0: [sr0] tag#5 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00
[   82.426750][ T1115] blk_print_req_error: 43 callbacks suppressed
[   82.426769][ T1115] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[   82.432991][ T1115] buffer_io_error: 43 callbacks suppressed
[   82.433003][ T1115] Buffer I/O error on dev sr0, logical block 0, lost async page write
[   82.448354][ T1115] Buffer I/O error on dev sr0, logical block 1, lost async page write
[   82.596400][   T40] audit: type=1400 audit(1732606554.575:504): avc:  denied  { nlmsg_write } for  pid=7707 comm="syz.3.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   82.700946][ T7272] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   82.703450][ T7272] CPU: 1 UID: 0 PID: 7272 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   82.706469][ T7272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.709220][ T7272] Call Trace:
[   82.710128][ T7272]  <TASK>
[   82.711048][ T7272]  dump_stack_lvl+0x16c/0x1f0
[   82.712502][ T7272]  dump_header+0x101/0x900
[   82.714124][ T7272]  oom_kill_process+0x270/0xa60
[   82.716049][ T7272]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   82.718243][ T7272]  out_of_memory+0x351/0x1700
[   82.719992][ T7272]  ? __pfx_out_of_memory+0x10/0x10
[   82.721809][ T7272]  ? rcu_read_unlock+0x17/0x60
[   82.723519][ T7272]  ? find_held_lock+0x2d/0x110
[   82.725224][ T7272]  mem_cgroup_out_of_memory+0x207/0x270
[   82.727216][ T7272]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   82.729341][ T7272]  ? do_raw_spin_unlock+0x172/0x230
[   82.731180][ T7272]  try_charge_memcg+0x53f/0xaf0
[   82.732869][ T7272]  ? __pfx_try_charge_memcg+0x10/0x10
[   82.734817][ T7272]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   82.736753][ T7272]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   82.738644][ T7272]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   82.740547][ T7272]  __mem_cgroup_charge+0x9b/0x280
[   82.742266][ T7272]  shmem_alloc_and_add_folio+0x507/0xc00
[   82.744191][ T7272]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   82.746240][ T7272]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   82.748500][ T7272]  ? shmem_huge_global_enabled+0x176/0x250
[   82.750946][ T7272]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   82.752620][ T7272]  shmem_get_folio_gfp+0x689/0x1530
[   82.754025][ T7272]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   82.755558][ T7272]  ? find_held_lock+0x2d/0x110
[   82.756834][ T7272]  shmem_write_begin+0x161/0x300
[   82.758120][ T7272]  ? __pfx_shmem_write_begin+0x10/0x10
[   82.758852][ T7719] fuse: Bad value for 'fd'
[   82.759516][ T7272]  ? timestamp_truncate+0x21f/0x2e0
[   82.762044][ T7272]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   82.763841][ T7272]  generic_perform_write+0x2ba/0x920
[   82.765232][ T7272]  ? __pfx_generic_perform_write+0x10/0x10
[   82.766729][ T7272]  ? inode_needs_update_time.part.0+0x191/0x270
[   82.768382][ T7272]  shmem_file_write_iter+0x10e/0x140
[   82.769693][ T7272]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   82.771146][ T7272]  __kernel_write_iter+0x318/0xa80
[   82.772474][ T7272]  ? __pfx___kernel_write_iter+0x10/0x10
[   82.773857][ T7272]  ? get_dump_page+0x15b/0x230
[   82.775147][ T7272]  ? __pfx___might_resched+0x10/0x10
[   82.776500][ T7272]  dump_user_range+0x389/0x8c0
[   82.777740][ T7272]  ? __pfx_dump_user_range+0x10/0x10
[   82.779133][ T7272]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   82.780740][ T7272]  ? __pfx_writenote+0x10/0x10
[   82.782004][ T7272]  elf_core_dump+0x287c/0x3a50
[   82.783317][ T7272]  ? __pfx_elf_core_dump+0x10/0x10
[   82.784655][ T7272]  ? kasan_save_stack+0x33/0x60
[   82.785948][ T7272]  ? kasan_save_track+0x14/0x30
[   82.787272][ T7272]  ? __kasan_kmalloc+0xaa/0xb0
[   82.788524][ T7272]  ? __kmalloc_node_noprof+0x21f/0x510
[   82.789942][ T7272]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   82.791361][ T7272]  ? get_signal+0x230b/0x26c0
[   82.792572][ T7272]  ? arch_do_signal_or_restart+0x90/0x7e0
[   82.794072][ T7272]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   82.795640][ T7272]  ? rcu_is_watching+0x12/0xc0
[   82.796825][ T7272]  ? trace_lock_acquire+0x146/0x1e0
[   82.798126][ T7272]  ? __pfx_sort+0x10/0x10
[   82.799249][ T7272]  ? get_signal+0x230b/0x26c0
[   82.800449][ T7272]  ? do_coredump+0x3ad7/0x49e0
[   82.801671][ T7272]  do_coredump+0x3ad7/0x49e0
[   82.802845][ T7272]  ? __pfx_do_coredump+0x10/0x10
[   82.804098][ T7272]  ? stack_trace_save+0x95/0xd0
[   82.805391][ T7272]  ? __pfx_stack_trace_save+0x10/0x10
[   82.806795][ T7272]  ? hlock_class+0x4e/0x130
[   82.808004][ T7272]  ? stack_depot_save_flags+0x28/0x8f0
[   82.809459][ T7272]  ? kmem_cache_free+0x152/0x4c0
[   82.810818][ T7272]  ? __sigqueue_free+0xba/0x2a0
[   82.812085][ T7272]  ? get_signal+0xcbc/0x26c0
[   82.813283][ T7272]  ? arch_do_signal_or_restart+0x90/0x7e0
[   82.814750][ T7272]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   82.816521][ T7272]  ? find_held_lock+0x2d/0x110
[   82.817907][ T7272]  ? proc_coredump_connector+0x2d2/0x4f0
[   82.819368][ T7272]  ? __pfx_proc_coredump_connector+0x10/0x10
[   82.820894][ T7272]  get_signal+0x230b/0x26c0
[   82.822073][ T7272]  ? force_sig_fault+0xc5/0x110
[   82.823339][ T7272]  ? __pfx_get_signal+0x10/0x10
[   82.824602][ T7272]  arch_do_signal_or_restart+0x90/0x7e0
[   82.825986][ T7272]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   82.827607][ T7272]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   82.829174][ T7272]  ? __bad_area_nosemaphore+0x334/0x6a0
[   82.830609][ T7272]  ? do_user_addr_fault+0x920/0x13f0
[   82.831966][ T7272]  irqentry_exit_to_user_mode+0x13f/0x280
[   82.833452][ T7272]  asm_exc_page_fault+0x26/0x30
[   82.834714][ T7272] RIP: 0033:0x0
[   82.835641][ T7272] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   82.837468][ T7272] RSP: 002b:00000000200002be EFLAGS: 00010217
[   82.839007][ T7272] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   82.840980][ T7272] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   82.843023][ T7272] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   82.845083][ T7272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   82.847170][ T7272] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   82.849212][ T7272]  </TASK>
[   82.850122][    C1] vkms_vblank_simulate: vblank timer overrun
[   82.860290][ T7272] memory: usage 307200kB, limit 307200kB, failcnt 40610
[   82.861210][ T7722] netlink: 2 bytes leftover after parsing attributes in process `syz.0.460'.
[   82.863298][ T7272] memory+swap: usage 432172kB, limit 9007199254740988kB, failcnt 0
[   82.867664][ T7272] kmem: usage 5468kB, limit 9007199254740988kB, failcnt 0
[   82.869537][ T7272] Memory cgroup stats for /syz2:
[   82.869613][ T7272] cache 308596736
[   82.871877][ T7272] rss 376832
[   82.872729][ T7272] rss_huge 0
[   82.873585][ T7272] shmem 308506624
[   82.874607][ T7272] mapped_file 90112
[   82.875684][ T7272] dirty 0
[   82.876497][ T7272] writeback 0
[   82.877405][ T7272] workingset_refault_anon 39
[   82.878689][ T7272] workingset_refault_file 3570
[   82.880004][ T7272] swap 127971328
[   82.881001][ T7272] swapcached 24576
[   82.881977][ T7272] pgpgin 179395
[   82.882900][ T7272] pgpgout 103962
[   82.883829][ T7272] pgfault 17779
[   82.884738][ T7272] pgmajfault 81
[   82.885697][ T7272] inactive_anon 87314432
[   82.887618][ T7272] active_anon 219467776
[   82.889207][ T7272] inactive_file 0
[   82.890217][ T7272] active_file 0
[   82.891148][ T7272] unevictable 0
[   82.892048][ T7272] hierarchical_memory_limit 314572800
[   82.893446][ T7272] hierarchical_memsw_limit 9223372036854771712
[   82.895000][ T7272] total_cache 308596736
[   82.896055][ T7272] total_rss 376832
[   82.897101][ T7272] total_rss_huge 0
[   82.898048][ T7272] total_shmem 308506624
[   82.899109][ T7272] total_mapped_file 90112
[   82.900202][ T7272] total_dirty 0
[   82.901149][ T7272] total_writeback 0
[   82.902128][ T7272] total_workingset_refault_anon 39
[   82.903478][ T7272] total_workingset_refault_file 3570
[   82.904889][ T7272] total_swap 127971328
[   82.905995][ T7272] total_swapcached 24576
[   82.907227][ T7272] total_pgpgin 179395
[   82.923555][   T40] audit: type=1400 audit(1732606554.883:505): avc:  denied  { mounton } for  pid=7718 comm="syz.3.459" path="/proc/377/cgroup" dev="proc" ino=19872 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[   82.924783][ T7728] netlink: 'syz.3.459': attribute type 11 has an invalid length.
[   82.932466][ T7728] netlink: 224 bytes leftover after parsing attributes in process `syz.3.459'.
[   82.966563][ T7272] total_pgpgout 103962
[   82.972778][ T7272] total_pgfault 17779
[   83.005958][ T7272] total_pgmajfault 81
[   83.007044][ T7272] total_inactive_anon 87314432
[   83.008756][ T7272] total_active_anon 219467776
[   83.010133][ T7272] total_inactive_file 0
[   83.016830][ T7272] total_active_file 0
[   83.019898][ T7272] total_unevictable 0
[   83.021078][ T7272] anon_cost 0
[   83.022043][ T7272] file_cost 0
[   83.023210][ T7272] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7265,uid=0
[   83.029079][ T7676] socket: no more sockets
[   83.043108][   T40] audit: type=1400 audit(1732606554.986:506): avc:  denied  { ioctl } for  pid=7736 comm="syz.3.463" path="socket:[21735]" dev="sockfs" ino=21735 ioctlcmd=0x9404 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   83.056300][ T7272] Memory cgroup out of memory: Killed process 7265 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:42572kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000
[   83.067767][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz.1.462'.
[   83.068228][ T5921] Bluetooth: hci1: command tx timeout
[   83.550286][ T7260] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   83.555543][ T7260] CPU: 3 UID: 0 PID: 7260 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   83.558201][ T7260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   83.561161][ T7260] Call Trace:
[   83.562088][ T7260]  <TASK>
[   83.562865][ T7260]  dump_stack_lvl+0x16c/0x1f0
[   83.564092][ T7260]  dump_header+0x101/0x900
[   83.565314][ T7260]  oom_kill_process+0x270/0xa60
[   83.566590][ T7260]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   83.568118][ T7260]  out_of_memory+0x351/0x1700
[   83.569403][ T7260]  ? __pfx_out_of_memory+0x10/0x10
[   83.570830][ T7260]  ? rcu_read_unlock+0x17/0x60
[   83.572127][ T7260]  ? find_held_lock+0x2d/0x110
[   83.573461][ T7260]  mem_cgroup_out_of_memory+0x207/0x270
[   83.575073][ T7260]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   83.576674][ T7260]  ? do_raw_spin_unlock+0x172/0x230
[   83.578031][ T7260]  try_charge_memcg+0x53f/0xaf0
[   83.579277][ T7260]  ? __pfx_try_charge_memcg+0x10/0x10
[   83.580582][ T7260]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   83.581919][ T7260]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   83.583266][ T7260]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   83.584687][ T7260]  __mem_cgroup_charge+0x9b/0x280
[   83.586012][ T7260]  shmem_alloc_and_add_folio+0x507/0xc00
[   83.587406][ T7260]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   83.588875][ T7260]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   83.590403][ T7260]  ? shmem_huge_global_enabled+0x176/0x250
[   83.591843][ T7260]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   83.593367][ T7260]  shmem_get_folio_gfp+0x689/0x1530
[   83.594714][ T7260]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   83.596154][ T7260]  ? find_held_lock+0x2d/0x110
[   83.597390][ T7260]  shmem_write_begin+0x161/0x300
[   83.598690][ T7260]  ? __pfx_shmem_write_begin+0x10/0x10
[   83.600122][ T7260]  ? timestamp_truncate+0x21f/0x2e0
[   83.601471][ T7260]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   83.603239][ T7260]  generic_perform_write+0x2ba/0x920
[   83.604614][ T7260]  ? __pfx_generic_perform_write+0x10/0x10
[   83.606143][ T7260]  ? inode_needs_update_time.part.0+0x191/0x270
[   83.607773][ T7260]  shmem_file_write_iter+0x10e/0x140
[   83.609169][ T7260]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   83.610738][ T7260]  __kernel_write_iter+0x318/0xa80
[   83.612118][ T7260]  ? __pfx___kernel_write_iter+0x10/0x10
[   83.613617][ T7260]  ? get_dump_page+0x15b/0x230
[   83.614909][ T7260]  ? __pfx___might_resched+0x10/0x10
[   83.616205][ T7260]  ? copy_mc_enhanced_fast_string+0xa/0x13
[   83.617739][ T7260]  dump_user_range+0x389/0x8c0
[   83.619014][ T7260]  ? __pfx_dump_user_range+0x10/0x10
[   83.620336][ T7260]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   83.621915][ T7260]  ? __pfx_writenote+0x10/0x10
[   83.623168][ T7260]  elf_core_dump+0x287c/0x3a50
[   83.624429][ T7260]  ? __pfx_elf_core_dump+0x10/0x10
[   83.625725][ T7260]  ? kasan_save_stack+0x33/0x60
[   83.626979][ T7260]  ? kasan_save_track+0x14/0x30
[   83.628223][ T7260]  ? __kasan_kmalloc+0xaa/0xb0
[   83.629434][ T7260]  ? __kmalloc_node_noprof+0x21f/0x510
[   83.630877][ T7260]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   83.632222][ T7260]  ? get_signal+0x230b/0x26c0
[   83.633432][ T7260]  ? arch_do_signal_or_restart+0x90/0x7e0
[   83.634872][ T7260]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   83.636401][ T7260]  ? rcu_is_watching+0x12/0xc0
[   83.637609][ T7260]  ? trace_lock_acquire+0x146/0x1e0
[   83.638956][ T7260]  ? __pfx_sort+0x10/0x10
[   83.640127][ T7260]  ? get_signal+0x230b/0x26c0
[   83.641333][ T7260]  ? do_coredump+0x3ad7/0x49e0
[   83.642570][ T7260]  do_coredump+0x3ad7/0x49e0
[   83.643782][ T7260]  ? __pfx_do_coredump+0x10/0x10
[   83.645050][ T7260]  ? stack_trace_save+0x95/0xd0
[   83.646272][ T7260]  ? __pfx_stack_trace_save+0x10/0x10
[   83.647653][ T7260]  ? hlock_class+0x4e/0x130
[   83.648811][ T7260]  ? stack_depot_save_flags+0x28/0x8f0
[   83.650202][ T7260]  ? kmem_cache_free+0x152/0x4c0
[   83.651477][ T7260]  ? __sigqueue_free+0xba/0x2a0
[   83.652699][ T7260]  ? get_signal+0xcbc/0x26c0
[   83.653889][ T7260]  ? arch_do_signal_or_restart+0x90/0x7e0
[   83.655353][ T7260]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   83.656878][ T7260]  ? find_held_lock+0x2d/0x110
[   83.658062][ T7260]  ? proc_coredump_connector+0x2d2/0x4f0
[   83.659458][ T7260]  ? __pfx_proc_coredump_connector+0x10/0x10
[   83.660986][ T7260]  get_signal+0x230b/0x26c0
[   83.662150][ T7260]  ? force_sig_fault+0xc5/0x110
[   83.663371][ T7260]  ? __pfx_get_signal+0x10/0x10
[   83.664620][ T7260]  arch_do_signal_or_restart+0x90/0x7e0
[   83.666008][ T7260]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   83.667568][ T7260]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   83.669159][ T7260]  ? __bad_area_nosemaphore+0x334/0x6a0
[   83.670607][ T7260]  ? do_user_addr_fault+0x920/0x13f0
[   83.671942][ T7260]  irqentry_exit_to_user_mode+0x13f/0x280
[   83.673374][ T7260]  asm_exc_page_fault+0x26/0x30
[   83.674613][ T7260] RIP: 0033:0x0
[   83.675517][ T7260] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   83.677398][ T7260] RSP: 002b:00000000200002be EFLAGS: 00010217
[   83.679017][ T7260] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   83.681052][ T7260] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   83.683032][ T7260] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   83.685046][ T7260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.686995][ T7260] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   83.688989][ T7260]  </TASK>
[   83.701574][ T7260] memory: usage 307200kB, limit 307200kB, failcnt 41553
[   83.703400][ T7260] memory+swap: usage 432036kB, limit 9007199254740988kB, failcnt 0
[   83.705431][ T7260] kmem: usage 5284kB, limit 9007199254740988kB, failcnt 0
[   83.707273][ T7260] Memory cgroup stats for /syz2:
[   83.707345][ T7260] cache 308809728
[   83.720662][ T7260] rss 352256
[   83.721549][ T7260] rss_huge 0
[   83.722392][ T7260] shmem 308785152
[   83.723371][ T7260] mapped_file 0
[   83.724320][ T7260] dirty 0
[   83.725125][ T7260] writeback 0
[   83.726004][ T7260] workingset_refault_anon 47
[   83.727245][ T7260] workingset_refault_file 3585
[   83.728494][ T7260] swap 127832064
[   83.741666][ T7260] swapcached 12288
[   83.742854][ T7260] pgpgin 191665
[   83.743871][ T7260] pgpgout 116186
[   83.744917][ T7260] pgfault 18196
[   83.745915][ T7260] pgmajfault 90
[   83.746916][ T7260] inactive_anon 137490432
[   83.748093][ T7260] active_anon 171155456
[   83.749205][ T7260] inactive_file 4096
[   83.750253][ T7260] active_file 20480
[   83.751316][ T7260] unevictable 0
[   83.753120][ T7260] hierarchical_memory_limit 314572800
[   83.769468][ T7260] hierarchical_memsw_limit 9223372036854771712
[   83.771550][ T7260] total_cache 308809728
[   83.772700][ T7260] total_rss 352256
[   83.774613][ T7260] total_rss_huge 0
[   83.775693][ T7260] total_shmem 308785152
[   83.776832][ T7260] total_mapped_file 0
[   83.777870][ T7260] total_dirty 0
[   83.778865][ T7260] total_writeback 0
[   83.779855][ T7260] total_workingset_refault_anon 47
[   83.781179][ T7260] total_workingset_refault_file 3585
[   83.782528][ T7260] total_swap 127832064
[   83.783599][ T7260] total_swapcached 12288
[   83.784900][ T7260] total_pgpgin 191665
[   83.785942][ T7260] total_pgpgout 116186
[   83.787017][ T7260] total_pgfault 18196
[   83.788071][ T7260] total_pgmajfault 90
[   83.790031][ T7260] total_inactive_anon 137490432
[   83.791294][ T7260] total_active_anon 171155456
[   83.792474][ T7260] total_inactive_file 4096
[   83.793595][ T7260] total_active_file 20480
[   83.794729][ T7260] total_unevictable 0
[   83.795822][ T7260] anon_cost 0
[   83.796670][ T7260] file_cost 0
[   83.797520][ T7260] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7254,uid=0
[   83.801184][ T7260] Memory cgroup out of memory: Killed process 7254 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:36240kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000
[   83.889892][ T7264] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   83.906619][ T7264] CPU: 3 UID: 0 PID: 7264 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   83.909292][ T7264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   83.912070][ T7264] Call Trace:
[   83.912941][ T7264]  <TASK>
[   83.913717][ T7264]  dump_stack_lvl+0x16c/0x1f0
[   83.915022][ T7264]  dump_header+0x101/0x900
[   83.916192][ T7264]  oom_kill_process+0x270/0xa60
[   83.917463][ T7264]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   83.918930][ T7264]  out_of_memory+0x351/0x1700
[   83.920178][ T7264]  ? __pfx_out_of_memory+0x10/0x10
[   83.921512][ T7264]  ? rcu_read_unlock+0x17/0x60
[   83.922773][ T7264]  ? find_held_lock+0x2d/0x110
[   83.924088][ T7264]  mem_cgroup_out_of_memory+0x207/0x270
[   83.925529][ T7264]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   83.927111][ T7264]  ? do_raw_spin_unlock+0x172/0x230
[   83.928448][ T7264]  try_charge_memcg+0x53f/0xaf0
[   83.929699][ T7264]  ? __pfx_try_charge_memcg+0x10/0x10
[   83.931087][ T7264]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   83.932486][ T7264]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   83.933884][ T7264]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   83.935306][ T7264]  __mem_cgroup_charge+0x9b/0x280
[   83.936596][ T7264]  shmem_alloc_and_add_folio+0x507/0xc00
[   83.938036][ T7264]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   83.939563][ T7264]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   83.941139][ T7264]  ? shmem_huge_global_enabled+0x176/0x250
[   83.943328][ T7264]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   83.945401][ T7264]  shmem_get_folio_gfp+0x689/0x1530
[   83.947230][ T7264]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   83.948704][ T7264]  ? find_held_lock+0x2d/0x110
[   83.949943][ T7264]  shmem_write_begin+0x161/0x300
[   83.951248][ T7264]  ? __pfx_shmem_write_begin+0x10/0x10
[   83.952650][ T7264]  ? timestamp_truncate+0x21f/0x2e0
[   83.953985][ T7264]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   83.955775][ T7264]  ? ns_to_timespec64+0x59/0xc0
[   83.957027][ T7264]  generic_perform_write+0x2ba/0x920
[   83.958421][ T7264]  ? __pfx_generic_perform_write+0x10/0x10
[   83.959908][ T7264]  ? inode_needs_update_time.part.0+0x191/0x270
[   83.961530][ T7264]  shmem_file_write_iter+0x10e/0x140
[   83.962992][ T7264]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   83.964484][ T7264]  __kernel_write_iter+0x318/0xa80
[   83.965867][ T7264]  ? __pfx___kernel_write_iter+0x10/0x10
[   83.967863][ T7264]  ? get_dump_page+0x15b/0x230
[   83.969160][ T7264]  ? __pfx___might_resched+0x10/0x10
[   83.970589][ T7264]  ? __sanitizer_cov_trace_pc+0x66/0x70
[   83.972127][ T7264]  dump_user_range+0x389/0x8c0
[   83.973295][ T7264]  ? __pfx_dump_user_range+0x10/0x10
[   83.974712][ T7264]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   83.976261][ T7264]  ? __pfx_writenote+0x10/0x10
[   83.977492][ T7264]  elf_core_dump+0x287c/0x3a50
[   83.978712][ T7264]  ? __pfx_elf_core_dump+0x10/0x10
[   83.980004][ T7264]  ? kasan_save_stack+0x33/0x60
[   83.981230][ T7264]  ? kasan_save_track+0x14/0x30
[   83.982490][ T7264]  ? __kasan_kmalloc+0xaa/0xb0
[   83.983709][ T7264]  ? __kmalloc_node_noprof+0x21f/0x510
[   83.985108][ T7264]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   83.986507][ T7264]  ? get_signal+0x230b/0x26c0
[   83.987679][ T7264]  ? arch_do_signal_or_restart+0x90/0x7e0
[   83.989111][ T7264]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   83.990602][ T7264]  ? rcu_is_watching+0x12/0xc0
[   83.991781][ T7264]  ? trace_lock_acquire+0x146/0x1e0
[   83.993072][ T7264]  ? __pfx_sort+0x10/0x10
[   83.994152][ T7264]  ? get_signal+0x230b/0x26c0
[   83.995350][ T7264]  ? do_coredump+0x3ad7/0x49e0
[   83.996568][ T7264]  do_coredump+0x3ad7/0x49e0
[   83.997761][ T7264]  ? __pfx_do_coredump+0x10/0x10
[   83.999041][ T7264]  ? stack_trace_save+0x95/0xd0
[   84.000308][ T7264]  ? __pfx_stack_trace_save+0x10/0x10
[   84.001737][ T7264]  ? hlock_class+0x4e/0x130
[   84.003079][ T7264]  ? stack_depot_save_flags+0x28/0x8f0
[   84.004593][ T7264]  ? kmem_cache_free+0x152/0x4c0
[   84.005948][ T7264]  ? __sigqueue_free+0xba/0x2a0
[   84.007230][ T7264]  ? get_signal+0xcbc/0x26c0
[   84.008451][ T7264]  ? arch_do_signal_or_restart+0x90/0x7e0
[   84.009895][ T7264]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   84.011420][ T7264]  ? find_held_lock+0x2d/0x110
[   84.012638][ T7264]  ? proc_coredump_connector+0x2d2/0x4f0
[   84.014079][ T7264]  ? __pfx_proc_coredump_connector+0x10/0x10
[   84.015620][ T7264]  get_signal+0x230b/0x26c0
[   84.016810][ T7264]  ? force_sig_fault+0xc5/0x110
[   84.018061][ T7264]  ? __pfx_get_signal+0x10/0x10
[   84.019331][ T7264]  arch_do_signal_or_restart+0x90/0x7e0
[   84.020753][ T7264]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   84.022311][ T7264]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   84.023882][ T7264]  ? __bad_area_nosemaphore+0x334/0x6a0
[   84.025327][ T7264]  ? do_user_addr_fault+0x920/0x13f0
[   84.026693][ T7264]  irqentry_exit_to_user_mode+0x13f/0x280
[   84.028206][ T7264]  asm_exc_page_fault+0x26/0x30
[   84.029691][ T7264] RIP: 0033:0x0
[   84.030717][ T7264] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   84.032788][ T7264] RSP: 002b:00000000200002be EFLAGS: 00010217
[   84.034620][ T7264] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   84.036651][ T7264] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   84.038963][ T7264] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   84.040977][ T7264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.043009][ T7264] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   84.045053][ T7264]  </TASK>
[   84.097483][ T7264] memory: usage 287744kB, limit 307200kB, failcnt 42284
[   84.099378][ T7264] memory+swap: usage 403928kB, limit 9007199254740988kB, failcnt 0
[   84.101411][ T7264] kmem: usage 5412kB, limit 9007199254740988kB, failcnt 0
[   84.113844][ T7264] Memory cgroup stats for /syz2:
[   84.113928][ T7264] cache 283422720
[   84.118902][ T7264] rss 339968
[   84.119779][ T7264] rss_huge 0
[   84.120682][ T7264] shmem 283418624
[   84.121693][ T7264] mapped_file 53248
[   84.122766][ T7264] dirty 0
[   84.123800][ T7264] writeback 4096
[   84.124839][ T7264] workingset_refault_anon 47
[   84.126155][ T7264] workingset_refault_file 3585
[   84.150684][ T7264] swap 119123968
[   84.151683][ T7264] swapcached 20480
[   84.152687][ T7264] pgpgin 192749
[   84.153621][ T7264] pgpgout 123461
[   84.154596][ T7264] pgfault 18376
[   84.155526][ T7264] pgmajfault 90
[   84.156457][ T7264] inactive_anon 72065024
[   84.157585][ T7264] active_anon 211345408
[   84.177780][ T7264] inactive_file 4096
[   84.178865][ T7264] active_file 0
[   84.179804][ T7264] unevictable 0
[   84.181371][ T7264] hierarchical_memory_limit 314572800
[   84.182903][ T7264] hierarchical_memsw_limit 9223372036854771712
[   84.185690][ T7264] total_cache 283422720
[   84.186935][ T7264] total_rss 339968
[   84.187932][ T7264] total_rss_huge 0
[   84.188919][ T7264] total_shmem 283418624
[   84.190060][ T7264] total_mapped_file 53248
[   84.212699][ T7264] total_dirty 0
[   84.213668][ T7264] total_writeback 4096
[   84.214749][ T7264] total_workingset_refault_anon 47
[   84.216073][ T7264] total_workingset_refault_file 3585
[   84.217431][ T7264] total_swap 119123968
[   84.218498][ T7264] total_swapcached 20480
[   84.219582][ T7264] total_pgpgin 192749
[   84.220612][ T7264] total_pgpgout 123461
[   84.221670][ T7264] total_pgfault 18376
[   84.258687][ T7264] total_pgmajfault 90
[   84.259776][ T7264] total_inactive_anon 72065024
[   84.261015][ T7264] total_active_anon 211345408
[   84.262221][ T7264] total_inactive_file 4096
[   84.263391][ T7264] total_active_file 0
[   84.264467][ T7264] total_unevictable 0
[   84.265823][ T7264] anon_cost 0
[   84.266715][ T7264] file_cost 0
[   84.267588][ T7264] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7262,uid=0
[   84.271329][ T7264] Memory cgroup out of memory: Killed process 7262 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:34128kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000
[   84.312162][ T7777] Debayer A: =================  START STATUS  =================
[   84.314400][ T7777] Debayer A: Debayer Mean Window Size: 3
[   84.316213][ T7777] Debayer A: ==================  END STATUS  ==================
[   84.324967][ T7777] ata3.00: invalid multi_count 1 ignored
[   84.806315][ T7273] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   84.808805][ T7273] CPU: 1 UID: 0 PID: 7273 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   84.812249][ T7273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   84.815911][ T7273] Call Trace:
[   84.817123][ T7273]  <TASK>
[   84.818208][ T7273]  dump_stack_lvl+0x16c/0x1f0
[   84.820002][ T7273]  dump_header+0x101/0x900
[   84.821757][ T7273]  oom_kill_process+0x270/0xa60
[   84.823491][ T7273]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   84.825507][ T7273]  out_of_memory+0x351/0x1700
[   84.827033][ T7273]  ? __pfx_out_of_memory+0x10/0x10
[   84.828540][ T7273]  ? rcu_read_unlock+0x17/0x60
[   84.829812][ T7273]  ? find_held_lock+0x2d/0x110
[   84.831148][ T7273]  mem_cgroup_out_of_memory+0x207/0x270
[   84.832544][ T7273]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   84.834772][ T7273]  ? do_raw_spin_unlock+0x172/0x230
[   84.836905][ T7273]  try_charge_memcg+0x53f/0xaf0
[   84.838547][ T7273]  ? __pfx_try_charge_memcg+0x10/0x10
[   84.839975][ T7273]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   84.841363][ T7273]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   84.843120][ T7273]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   84.844772][ T7273]  __mem_cgroup_charge+0x9b/0x280
[   84.846174][ T7273]  shmem_alloc_and_add_folio+0x507/0xc00
[   84.847663][ T7273]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   84.849215][ T7273]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   84.850867][ T7273]  ? shmem_huge_global_enabled+0x176/0x250
[   84.852455][ T7273]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   84.854497][ T7273]  shmem_get_folio_gfp+0x689/0x1530
[   84.856367][ T7273]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   84.857950][ T7273]  ? find_held_lock+0x2d/0x110
[   84.859256][ T7273]  shmem_write_begin+0x161/0x300
[   84.860549][ T7273]  ? __pfx_shmem_write_begin+0x10/0x10
[   84.861968][ T7273]  ? timestamp_truncate+0x21f/0x2e0
[   84.863420][ T7273]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   84.865290][ T7273]  generic_perform_write+0x2ba/0x920
[   84.866724][ T7273]  ? __pfx_generic_perform_write+0x10/0x10
[   84.868319][ T7273]  ? inode_needs_update_time.part.0+0x191/0x270
[   84.869984][ T7273]  shmem_file_write_iter+0x10e/0x140
[   84.871454][ T7273]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   84.873144][ T7273]  __kernel_write_iter+0x318/0xa80
[   84.874553][ T7273]  ? __pfx___kernel_write_iter+0x10/0x10
[   84.876047][ T7273]  ? get_dump_page+0x15b/0x230
[   84.877339][ T7273]  ? __pfx___might_resched+0x10/0x10
[   84.878752][ T7273]  ? copy_mc_enhanced_fast_string+0xa/0x13
[   84.880273][ T7273]  dump_user_range+0x389/0x8c0
[   84.881570][ T7273]  ? __pfx_dump_user_range+0x10/0x10
[   84.883053][ T7273]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   84.885225][ T7273]  ? __pfx_writenote+0x10/0x10
[   84.886896][ T7273]  elf_core_dump+0x287c/0x3a50
[   84.888162][ T7273]  ? __pfx_elf_core_dump+0x10/0x10
[   84.889843][ T7273]  ? kasan_save_stack+0x33/0x60
[   84.891526][ T7273]  ? kasan_save_track+0x14/0x30
[   84.893151][ T7273]  ? __kasan_kmalloc+0xaa/0xb0
[   84.894773][ T7273]  ? __kmalloc_node_noprof+0x21f/0x510
[   84.896637][ T7273]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   84.898498][ T7273]  ? get_signal+0x230b/0x26c0
[   84.900095][ T7273]  ? arch_do_signal_or_restart+0x90/0x7e0
[   84.901557][ T7273]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   84.903117][ T7273]  ? rcu_is_watching+0x12/0xc0
[   84.904352][ T7273]  ? trace_lock_acquire+0x146/0x1e0
[   84.905640][ T7273]  ? __pfx_sort+0x10/0x10
[   84.906720][ T7273]  ? get_signal+0x230b/0x26c0
[   84.907943][ T7273]  ? do_coredump+0x3ad7/0x49e0
[   84.909184][ T7273]  do_coredump+0x3ad7/0x49e0
[   84.910366][ T7273]  ? __pfx_do_coredump+0x10/0x10
[   84.911639][ T7273]  ? stack_trace_save+0x95/0xd0
[   84.913002][ T7273]  ? __pfx_stack_trace_save+0x10/0x10
[   84.914887][ T7273]  ? hlock_class+0x4e/0x130
[   84.916453][ T7273]  ? stack_depot_save_flags+0x28/0x8f0
[   84.917995][ T7273]  ? kmem_cache_free+0x152/0x4c0
[   84.919258][ T7273]  ? __sigqueue_free+0xba/0x2a0
[   84.920494][ T7273]  ? get_signal+0xcbc/0x26c0
[   84.921664][ T7273]  ? arch_do_signal_or_restart+0x90/0x7e0
[   84.923153][ T7273]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   84.924698][ T7273]  ? find_held_lock+0x2d/0x110
[   84.925961][ T7273]  ? proc_coredump_connector+0x2d2/0x4f0
[   84.927441][ T7273]  ? __pfx_proc_coredump_connector+0x10/0x10
[   84.929578][ T7273]  get_signal+0x230b/0x26c0
[   84.931193][ T7273]  ? force_sig_fault+0xc5/0x110
[   84.932896][ T7273]  ? __pfx_get_signal+0x10/0x10
[   84.934707][ T7273]  arch_do_signal_or_restart+0x90/0x7e0
[   84.936571][ T7273]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   84.938692][ T7273]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   84.940763][ T7273]  ? __bad_area_nosemaphore+0x334/0x6a0
[   84.942655][ T7273]  ? do_user_addr_fault+0x920/0x13f0
[   84.944410][ T7273]  irqentry_exit_to_user_mode+0x13f/0x280
[   84.946325][ T7273]  asm_exc_page_fault+0x26/0x30
[   84.947986][ T7273] RIP: 0033:0x0
[   84.949229][ T7273] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   84.951764][ T7273] RSP: 002b:00000000200002be EFLAGS: 00010217
[   84.953832][ T7273] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   84.956897][ T7273] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   84.959748][ T7273] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   84.962339][ T7273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.964809][ T7273] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   84.967506][ T7273]  </TASK>
[   84.968559][    C1] vkms_vblank_simulate: vblank timer overrun
[   84.971806][ T7273] memory: usage 307200kB, limit 307200kB, failcnt 44488
[   84.974014][ T7273] memory+swap: usage 429164kB, limit 9007199254740988kB, failcnt 0
[   84.976643][ T7273] kmem: usage 4900kB, limit 9007199254740988kB, failcnt 0
[   84.978687][ T7273] Memory cgroup stats for /syz2:
[   84.978754][ T7273] cache 309305344
[   84.980989][ T7273] rss 237568
[   84.981894][ T7273] rss_huge 0
[   84.982862][ T7273] shmem 309305344
[   84.983821][ T7273] mapped_file 0
[   84.984732][ T7273] dirty 0
[   84.985516][ T7273] writeback 4096
[   84.986445][ T7273] workingset_refault_anon 52
[   84.987654][ T7273] workingset_refault_file 3861
[   84.988894][ T7273] swap 124891136
[   84.989826][ T7273] swapcached 16384
[   84.990824][ T7273] pgpgin 211891
[   84.991774][ T7273] pgpgout 136317
[   84.992889][ T7273] pgfault 19494
[   84.994166][ T7273] pgmajfault 97
[   84.995571][ T7273] inactive_anon 48320512
[   84.996684][ T7273] active_anon 261210112
[   84.997765][ T7273] inactive_file 0
[   84.998885][ T7273] active_file 0
[   85.000283][ T7273] unevictable 0
[   85.001510][ T7273] hierarchical_memory_limit 314572800
[   85.002939][ T7273] hierarchical_memsw_limit 9223372036854771712
[   85.004711][ T7273] total_cache 309305344
[   85.005789][ T7273] total_rss 237568
[   85.006760][ T7273] total_rss_huge 0
[   85.007729][ T7273] total_shmem 309305344
[   85.008815][ T7273] total_mapped_file 0
[   85.010036][ T7273] total_dirty 0
[   85.011344][ T7273] total_writeback 4096
[   85.012880][ T7273] total_workingset_refault_anon 52
[   85.014874][ T7273] total_workingset_refault_file 3861
[   85.016809][ T7273] total_swap 124891136
[   85.018293][ T7273] total_swapcached 16384
[   85.019713][ T7273] total_pgpgin 211891
[   85.021010][ T7273] total_pgpgout 136317
[   85.022569][ T7273] total_pgfault 19494
[   85.023691][ T7273] total_pgmajfault 97
[   85.024824][ T7273] total_inactive_anon 48320512
[   85.026106][ T7273] total_active_anon 261210112
[   85.027328][ T7273] total_inactive_file 0
[   85.028564][ T7273] total_active_file 0
[   85.029688][ T7273] total_unevictable 0
[   85.031166][ T7273] anon_cost 0
[   85.032206][ T7273] file_cost 0
[   85.033081][ T7273] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7264,uid=0
[   85.037096][ T7273] Memory cgroup out of memory: Killed process 7264 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:47180kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000
[   85.094497][ T7268] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   85.121125][ T7268] CPU: 3 UID: 0 PID: 7268 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   85.124686][ T7268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.128189][ T7268] Call Trace:
[   85.129124][ T7268]  <TASK>
[   85.129921][ T7268]  dump_stack_lvl+0x16c/0x1f0
[   85.131177][ T7268]  dump_header+0x101/0x900
[   85.132378][ T7268]  oom_kill_process+0x270/0xa60
[   85.133870][ T7268]  ? mem_cgroup_out_of_memory+0x8d/0x270
[   85.135865][ T7268]  out_of_memory+0x351/0x1700
[   85.137399][ T7268]  ? __pfx_out_of_memory+0x10/0x10
[   85.138745][ T7268]  ? rcu_read_unlock+0x17/0x60
[   85.140022][ T7268]  ? find_held_lock+0x2d/0x110
[   85.141267][ T7268]  mem_cgroup_out_of_memory+0x207/0x270
[   85.142708][ T7268]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   85.144423][ T7268]  ? do_raw_spin_unlock+0x172/0x230
[   85.145861][ T7268]  try_charge_memcg+0x53f/0xaf0
[   85.147140][ T7268]  ? __pfx_try_charge_memcg+0x10/0x10
[   85.148523][ T7268]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   85.149927][ T7268]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[   85.151388][ T7268]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[   85.152813][ T7268]  __mem_cgroup_charge+0x9b/0x280
[   85.154520][ T7268]  shmem_alloc_and_add_folio+0x507/0xc00
[   85.156573][ T7268]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   85.158225][ T7268]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   85.159915][ T7268]  ? shmem_huge_global_enabled+0x176/0x250
[   85.161472][ T7268]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[   85.163079][ T7268]  shmem_get_folio_gfp+0x689/0x1530
[   85.164685][ T7268]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[   85.166249][ T7268]  ? find_held_lock+0x2d/0x110
[   85.167579][ T7268]  shmem_write_begin+0x161/0x300
[   85.168881][ T7268]  ? __pfx_shmem_write_begin+0x10/0x10
[   85.170340][ T7268]  ? timestamp_truncate+0x21f/0x2e0
[   85.171709][ T7268]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[   85.173468][ T7268]  generic_perform_write+0x2ba/0x920
[   85.174931][ T7268]  ? __pfx_generic_perform_write+0x10/0x10
[   85.176455][ T7268]  ? inode_needs_update_time.part.0+0x191/0x270
[   85.178093][ T7268]  shmem_file_write_iter+0x10e/0x140
[   85.179500][ T7268]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   85.181047][ T7268]  __kernel_write_iter+0x318/0xa80
[   85.182382][ T7268]  ? __pfx___kernel_write_iter+0x10/0x10
[   85.183874][ T7268]  ? get_dump_page+0x15b/0x230
[   85.185238][ T7268]  ? __pfx___might_resched+0x10/0x10
[   85.186894][ T7268]  ? copy_mc_enhanced_fast_string+0xa/0x13
[   85.188425][ T7268]  dump_user_range+0x389/0x8c0
[   85.189687][ T7268]  ? __pfx_dump_user_range+0x10/0x10
[   85.191115][ T7268]  ? elf_coredump_extra_notes_write+0xbe/0x430
[   85.192753][ T7268]  ? __pfx_writenote+0x10/0x10
[   85.194108][ T7268]  elf_core_dump+0x287c/0x3a50
[   85.195803][ T7268]  ? __pfx_elf_core_dump+0x10/0x10
[   85.197693][ T7268]  ? kasan_save_stack+0x33/0x60
[   85.199341][ T7268]  ? kasan_save_track+0x14/0x30
[   85.200825][ T7268]  ? __kasan_kmalloc+0xaa/0xb0
[   85.202169][ T7268]  ? __kmalloc_node_noprof+0x21f/0x510
[   85.203640][ T7268]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   85.205147][ T7268]  ? get_signal+0x230b/0x26c0
[   85.206393][ T7268]  ? arch_do_signal_or_restart+0x90/0x7e0
[   85.207881][ T7268]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   85.209441][ T7268]  ? rcu_is_watching+0x12/0xc0
[   85.211071][ T7268]  ? trace_lock_acquire+0x146/0x1e0
[   85.213000][ T7268]  ? __pfx_sort+0x10/0x10
[   85.214659][ T7268]  ? get_signal+0x230b/0x26c0
[   85.216511][ T7268]  ? do_coredump+0x3ad7/0x49e0
[   85.217866][ T7268]  do_coredump+0x3ad7/0x49e0
[   85.219448][ T7268]  ? __pfx_do_coredump+0x10/0x10
[   85.221262][ T7268]  ? stack_trace_save+0x95/0xd0
[   85.222648][ T7268]  ? __pfx_stack_trace_save+0x10/0x10
[   85.224068][ T7268]  ? hlock_class+0x4e/0x130
[   85.225742][ T7268]  ? stack_depot_save_flags+0x28/0x8f0
[   85.227743][ T7268]  ? kmem_cache_free+0x152/0x4c0
[   85.229516][ T7268]  ? __sigqueue_free+0xba/0x2a0
[   85.231283][ T7268]  ? get_signal+0xcbc/0x26c0
[   85.232958][ T7268]  ? arch_do_signal_or_restart+0x90/0x7e0
[   85.234975][ T7268]  ? irqentry_exit_to_user_mode+0x13f/0x280
[   85.237149][ T7268]  ? find_held_lock+0x2d/0x110
[   85.238902][ T7268]  ? proc_coredump_connector+0x2d2/0x4f0
[   85.240892][ T7268]  ? __pfx_proc_coredump_connector+0x10/0x10
[   85.243106][ T7268]  get_signal+0x230b/0x26c0
[   85.244736][ T7268]  ? force_sig_fault+0xc5/0x110
[   85.246433][ T7268]  ? __pfx_get_signal+0x10/0x10
[   85.248128][ T7268]  arch_do_signal_or_restart+0x90/0x7e0
[   85.250003][ T7268]  ? trace_irq_disable.constprop.0+0xe6/0x140
[   85.252063][ T7268]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   85.253677][ T7268]  ? __bad_area_nosemaphore+0x334/0x6a0
[   85.255214][ T7268]  ? do_user_addr_fault+0x920/0x13f0
[   85.256697][ T7268]  irqentry_exit_to_user_mode+0x13f/0x280
[   85.258627][ T7268]  asm_exc_page_fault+0x26/0x30
[   85.260279][ T7268] RIP: 0033:0x0
[   85.261475][ T7268] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   85.263504][ T7268] RSP: 002b:00000000200002be EFLAGS: 00010217
[   85.265145][ T7268] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819
[   85.267221][ T7268] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20
[   85.269311][ T7268] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058
[   85.271427][ T7268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.273485][ T7268] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68
[   85.276105][ T7268]  </TASK>
[   85.281177][ T7268] memory: usage 290820kB, limit 307200kB, failcnt 44891
[   85.311881][ T7268] memory+swap: usage 404560kB, limit 9007199254740988kB, failcnt 0
[   85.314218][ T7268] kmem: usage 4696kB, limit 9007199254740988kB, failcnt 0
[   85.316114][ T7268] Memory cgroup stats for /syz2:
[   85.316193][ T7268] cache 288026624
[   85.318537][ T7268] rss 237568
[   85.319449][ T7268] rss_huge 0
[   85.320364][ T7268] shmem 288026624
[   85.321451][ T7268] mapped_file 0
[   85.322438][ T7268] dirty 0
[   85.381138][ T7268] writeback 4096
[   85.399024][ T7268] workingset_refault_anon 53
[   85.400328][ T7268] workingset_refault_file 3861
[   85.410164][ T7268] swap 120434688
[   85.411308][ T7268] swapcached 53248
[   85.412339][ T7268] pgpgin 212938
[   85.413284][ T7268] pgpgout 142515
[   85.414341][ T7268] pgfault 19516
[   85.415641][ T7268] pgmajfault 98
[   85.416926][ T7268] inactive_anon 38785024
[   85.418434][ T7268] active_anon 248131584
[   85.419897][ T7268] inactive_file 0
[   85.421514][ T7268] active_file 0
[   85.423595][ T7268] unevictable 0
[   85.424893][ T7268] hierarchical_memory_limit 314572800
[   85.452134][ T7268] hierarchical_memsw_limit 9223372036854771712
[   85.454271][ T7268] total_cache 288026624
[   85.467584][ T7268] total_rss 237568
[   85.468981][ T7268] total_rss_huge 0
[   85.470340][ T7268] total_shmem 288026624
[   85.471857][ T7268] total_mapped_file 0
[   85.473280][ T7268] total_dirty 0
[   85.484377][ T7268] total_writeback 4096
[   85.486145][ T7268] total_workingset_refault_anon 53
[   85.487613][ T7268] total_workingset_refault_file 3861
[   85.489090][ T7268] total_swap 120434688
[   85.490277][ T7268] total_swapcached 53248
[   85.491488][ T7268] total_pgpgin 212938
[   85.492596][ T7268] total_pgpgout 142515
[   85.493714][ T7268] total_pgfault 19516
[   85.494826][ T7268] total_pgmajfault 98
[   85.516357][ T7268] total_inactive_anon 38785024
[   85.517745][ T7268] total_active_anon 248131584
[   85.519058][ T7268] total_inactive_file 0
[   85.520202][ T7268] total_active_file 0
[   85.521300][ T7268] total_unevictable 0
[   85.522391][ T7268] anon_cost 0
[   85.537650][ T7268] file_cost 0
[   85.538653][ T7268] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7260,uid=0
[   85.542629][ T7268] Memory cgroup out of memory: Killed process 7260 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:39000kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000
[   85.591573][  T112] 
[   85.592414][  T112] ======================================================
[   85.594601][  T112] WARNING: possible circular locking dependency detected
[   85.596407][  T112] 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 Not tainted
[   85.598416][  T112] ------------------------------------------------------
[   85.601809][  T112] kswapd0/112 is trying to acquire lock:
[   85.603515][  T112] ffff888107336278 (&q->q_usage_counter(io)#68){++++}-{0:0}, at: blk_mq_submit_bio+0x7ca/0x24c0
[   85.606686][  T112] 
[   85.606686][  T112] but task is already holding lock:
[   85.609085][  T112] ffffffff8e350560 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0
[   85.612185][  T112] 
[   85.612185][  T112] which lock already depends on the new lock.
[   85.612185][  T112] 
[   85.614960][  T112] 
[   85.614960][  T112] the existing dependency chain (in reverse order) is:
[   85.617230][  T112] 
[   85.617230][  T112] -> #1 (fs_reclaim){+.+.}-{0:0}:
[   85.619088][  T112]        fs_reclaim_acquire+0x102/0x150
[   85.620496][  T112]        __kmalloc_node_noprof+0xb7/0x510
[   85.621934][  T112]        __kvmalloc_node_noprof+0xad/0x1a0
[   85.623476][  T112]        sbitmap_init_node+0x1ca/0x770
[   85.624902][  T112]        scsi_realloc_sdev_budget_map+0x2c7/0x610
[   85.626579][  T112]        scsi_add_lun+0x11b4/0x1fd0
[   85.627931][  T112]        scsi_probe_and_add_lun+0x4fa/0xda0
[   85.629465][  T112]        __scsi_add_device+0x24b/0x290
[   85.630890][  T112]        ata_scsi_scan_host+0x215/0x780
[   85.632326][  T112]        async_run_entry_fn+0x9c/0x530
[   85.633769][  T112]        process_one_work+0x9c5/0x1ba0
[   85.635193][  T112]        worker_thread+0x6c8/0xf00
[   85.636519][  T112]        kthread+0x2c1/0x3a0
[   85.637729][  T112]        ret_from_fork+0x45/0x80
[   85.639017][  T112]        ret_from_fork_asm+0x1a/0x30
[   85.640384][  T112] 
[   85.640384][  T112] -> #0 (&q->q_usage_counter(io)#68){++++}-{0:0}:
[   85.642604][  T112]        __lock_acquire+0x249e/0x3c40
[   85.644017][  T112]        lock_acquire.part.0+0x11b/0x380
[   85.645493][  T112]        __bio_queue_enter+0x4c6/0x740
[   85.646904][  T112]        blk_mq_submit_bio+0x7ca/0x24c0
[   85.648329][  T112]        __submit_bio+0x384/0x540
[   85.649633][  T112]        submit_bio_noacct_nocheck+0x698/0xd70
[   85.651241][  T112]        submit_bio_noacct+0x93a/0x1e20
[   85.652681][  T112]        __swap_writepage+0x3a3/0xf50
[   85.654067][  T112]        swap_writepage+0x403/0x1120
[   85.655552][  T112]        pageout+0x3b2/0xaa0
[   85.656735][  T112]        shrink_folio_list+0x3025/0x42d0
[   85.658204][  T112]        evict_folios+0x6e3/0x19c0
[   85.659572][  T112]        try_to_shrink_lruvec+0x61e/0xa80
[   85.661094][  T112]        shrink_one+0x3e3/0x7b0
[   85.662405][  T112]        shrink_node+0x2763/0x3e60
[   85.663862][  T112]        balance_pgdat+0xc1f/0x18f0
[   85.665217][  T112]        kswapd+0x5f8/0xc30
[   85.666417][  T112]        kthread+0x2c1/0x3a0
[   85.667583][  T112]        ret_from_fork+0x45/0x80
[   85.668853][  T112]        ret_from_fork_asm+0x1a/0x30
[   85.670205][  T112] 
[   85.670205][  T112] other info that might help us debug this:
[   85.670205][  T112] 
[   85.672796][  T112]  Possible unsafe locking scenario:
[   85.672796][  T112] 
[   85.674725][  T112]        CPU0                    CPU1
[   85.676126][  T112]        ----                    ----
[   85.677521][  T112]   lock(fs_reclaim);
[   85.678576][  T112]                                lock(&q->q_usage_counter(io)#68);
[   85.680540][  T112]                                lock(fs_reclaim);
[   85.682105][  T112]   rlock(&q->q_usage_counter(io)#68);
[   85.683497][  T112] 
[   85.683497][  T112]  *** DEADLOCK ***
[   85.683497][  T112] 
[   85.685459][  T112] 1 lock held by kswapd0/112:
[   85.686638][  T112]  #0: ffffffff8e350560 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0
[   85.688897][  T112] 
[   85.688897][  T112] stack backtrace:
[   85.690335][  T112] CPU: 1 UID: 0 PID: 112 Comm: kswapd0 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[   85.692778][  T112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.695529][  T112] Call Trace:
[   85.696390][  T112]  <TASK>
[   85.697119][  T112]  dump_stack_lvl+0x116/0x1f0
[   85.698293][  T112]  print_circular_bug+0x419/0x5d0
[   85.699527][  T112]  check_noncircular+0x31a/0x400
[   85.700716][  T112]  ? __pfx_check_noncircular+0x10/0x10
[   85.702046][  T112]  ? lockdep_lock+0xc6/0x200
[   85.703243][  T112]  ? __pfx_lockdep_lock+0x10/0x10
[   85.704446][  T112]  __lock_acquire+0x249e/0x3c40
[   85.705622][  T112]  ? __pfx___lock_acquire+0x10/0x10
[   85.706895][  T112]  lock_acquire.part.0+0x11b/0x380
[   85.708149][  T112]  ? blk_mq_submit_bio+0x7ca/0x24c0
[   85.709438][  T112]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   85.710819][  T112]  ? rcu_is_watching+0x12/0xc0
[   85.712244][  T112]  ? trace_lock_acquire+0x146/0x1e0
[   85.713890][  T112]  ? blk_mq_submit_bio+0x7ca/0x24c0
[   85.715189][  T112]  ? lock_acquire+0x2f/0xb0
[   85.716327][  T112]  ? blk_mq_submit_bio+0x7ca/0x24c0
[   85.717587][  T112]  __bio_queue_enter+0x4c6/0x740
[   85.718823][  T112]  ? blk_mq_submit_bio+0x7ca/0x24c0
[   85.720237][  T112]  ? __pfx___bio_queue_enter+0x10/0x10
[   85.721656][  T112]  ? blk_mq_submit_bio+0x7b5/0x24c0
[   85.723019][  T112]  ? __pfx_autoremove_wake_function+0x10/0x10
[   85.724545][  T112]  blk_mq_submit_bio+0x7ca/0x24c0
[   85.725851][  T112]  ? __pfx_blk_mq_submit_bio+0x10/0x10
[   85.727243][  T112]  ? __pfx_mark_lock+0x10/0x10
[   85.728454][  T112]  __submit_bio+0x384/0x540
[   85.729584][  T112]  ? __pfx___submit_bio+0x10/0x10
[   85.730863][  T112]  ? ktime_get+0x206/0x300
[   85.732015][  T112]  ? lockdep_hardirqs_on+0x7c/0x110
[   85.733372][  T112]  ? submit_bio_noacct_nocheck+0x698/0xd70
[   85.734836][  T112]  submit_bio_noacct_nocheck+0x698/0xd70
[   85.736256][  T112]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[   85.737781][  T112]  ? __pfx___might_resched+0x10/0x10
[   85.739165][  T112]  ? __pfx___folio_start_writeback+0x10/0x10
[   85.740919][  T112]  submit_bio_noacct+0x93a/0x1e20
[   85.742206][  T112]  __swap_writepage+0x3a3/0xf50
[   85.743483][  T112]  swap_writepage+0x403/0x1120
[   85.744716][  T112]  ? folio_clear_dirty_for_io+0x112/0x800
[   85.746261][  T112]  pageout+0x3b2/0xaa0
[   85.747296][  T112]  ? __pfx_pageout+0x10/0x10
[   85.748454][  T112]  ? __pfx_try_to_unmap_one+0x10/0x10
[   85.749840][  T112]  ? __pfx_folio_not_mapped+0x10/0x10
[   85.751221][  T112]  ? __pfx_folio_lock_anon_vma_read+0x10/0x10
[   85.752869][  T112]  ? folio_mark_dirty+0xd8/0x150
[   85.754264][  T112]  shrink_folio_list+0x3025/0x42d0
[   85.755555][  T112]  ? __pfx_shrink_folio_list+0x10/0x10
[   85.756886][  T112]  ? isolate_folios+0x1c57/0x3830
[   85.758158][  T112]  ? hlock_class+0x4e/0x130
[   85.759334][  T112]  ? mark_lock+0xb5/0xc60
[   85.760422][  T112]  ? mark_held_locks+0x9f/0xe0
[   85.761655][  T112]  evict_folios+0x6e3/0x19c0
[   85.762868][  T112]  ? do_shrink_slab+0xb2e/0x11c0
[   85.764158][  T112]  ? __pfx_evict_folios+0x10/0x10
[   85.765470][  T112]  ? find_held_lock+0x2d/0x110
[   85.766720][  T112]  ? __pfx___might_resched+0x10/0x10
[   85.768104][  T112]  ? mem_cgroup_get_nr_swap_pages+0x20/0x120
[   85.769654][  T112]  ? sc_swappiness+0xd4/0x190
[   85.770888][  T112]  try_to_shrink_lruvec+0x61e/0xa80
[   85.772244][  T112]  ? find_held_lock+0x2d/0x110
[   85.773510][  T112]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[   85.775084][  T112]  ? shrink_node+0x2743/0x3e60
[   85.776342][  T112]  shrink_one+0x3e3/0x7b0
[   85.777479][  T112]  ? shrink_node+0x2743/0x3e60
[   85.778740][  T112]  shrink_node+0x2763/0x3e60
[   85.779953][  T112]  ? shrink_node+0x24b0/0x3e60
[   85.781203][  T112]  ? __pfx_shrink_node+0x10/0x10
[   85.782496][  T112]  ? percpu_ref_put_many.constprop.0+0x1b/0x150
[   85.784138][  T112]  ? balance_pgdat+0xc1f/0x18f0
[   85.785582][  T112]  balance_pgdat+0xc1f/0x18f0
[   85.787289][  T112]  ? __pfx_balance_pgdat+0x10/0x10
[   85.788983][  T112]  ? __switch_to+0x749/0x1190
[   85.790556][  T112]  ? __schedule+0xe60/0x5ad0
[   85.792079][  T112]  ? __pfx___lock_acquire+0x10/0x10
[   85.793747][  T112]  ? __pfx___might_resched+0x10/0x10
[   85.795449][  T112]  ? set_pgdat_percpu_threshold+0xc3/0x330
[   85.796897][  T112]  kswapd+0x5f8/0xc30
[   85.797931][  T112]  ? __pfx_kswapd+0x10/0x10
[   85.799115][  T112]  ? __pfx_autoremove_wake_function+0x10/0x10
[   85.800698][  T112]  ? lockdep_hardirqs_on+0x7c/0x110
[   85.802048][  T112]  ? __kthread_parkme+0x148/0x220
[   85.803399][  T112]  ? __pfx_kswapd+0x10/0x10
[   85.804617][  T112]  kthread+0x2c1/0x3a0
[   85.805686][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[   85.807040][  T112]  ? __pfx_kthread+0x10/0x10
[   85.808234][  T112]  ret_from_fork+0x45/0x80
[   85.809393][  T112]  ? __pfx_kthread+0x10/0x10
[   85.810609][  T112]  ret_from_fork_asm+0x1a/0x30
[   85.811855][  T112]  </TASK>
[   85.812775][    C1] vkms_vblank_simulate: vblank timer overrun
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   86.084461][  T829] usb 8-1: USB disconnect, device number 13
[   86.228792][ T7027] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.321379][ T7027] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.421997][ T7273] syz.2.335 (7273) used greatest stack depth: 17456 bytes left
[   86.431502][ T7027] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.502964][ T7027] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.571139][ T7027] bridge_slave_1: left allmulticast mode
[   86.572685][ T7027] bridge_slave_1: left promiscuous mode
[   86.574218][ T7027] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.577476][ T7027] bridge_slave_0: left allmulticast mode
[   86.578956][ T7027] bridge_slave_0: left promiscuous mode
[   86.580549][ T7027] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.775747][ T7027] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   86.779749][ T7027] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   86.783585][ T7027] bond0 (unregistering): Released all slaves
[   87.124850][ T7027] hsr_slave_0: left promiscuous mode
[   87.126600][ T7027] hsr_slave_1: left promiscuous mode
[   87.128493][ T7027] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.130455][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.132694][ T7027] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.134635][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_1
[   87.137679][ T7027] veth1_macvtap: left promiscuous mode
[   87.139131][ T7027] veth0_macvtap: left promiscuous mode
[   87.140586][ T7027] veth1_vlan: left promiscuous mode
[   87.142081][ T7027] veth0_vlan: left promiscuous mode
[   87.251492][ T7027] team0 (unregistering): Port device team_slave_1 removed
[   87.256612][ T7027] team0 (unregistering): Port device team_slave_0 removed
[   87.915551][ T7027] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.989287][ T7027] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.073876][ T7027] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.138723][ T7027] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.195182][ T7027] bridge_slave_1: left promiscuous mode
[   88.196886][ T7027] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.199496][ T7027] bridge_slave_0: left allmulticast mode
[   88.201580][ T7027] bridge_slave_0: left promiscuous mode
[   88.203574][ T7027] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.241140][ T7027] bond0 (unregistering): (slave bridge0): Releasing backup interface
[   88.301102][ T7027] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   88.304460][ T7027] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   88.307720][ T7027] bond0 (unregistering): (slave team0): Releasing backup interface
[   88.310259][ T7027] bond0 (unregistering): Released all slaves
[   88.388936][ T7027] tipc: Disabling bearer <udp:syz1>
[   88.390384][ T7027] tipc: Left network mode
[   88.634380][ T7027] hsr_slave_0: left promiscuous mode
[   88.636336][ T7027] hsr_slave_1: left promiscuous mode
[   88.638600][ T7027] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   88.640615][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_0
[   88.642947][ T7027] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.644948][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_1
[   88.648452][ T7027] veth1_macvtap: left promiscuous mode
[   88.650019][ T7027] veth0_macvtap: left promiscuous mode
[   88.651894][ T7027] veth1_vlan: left promiscuous mode
[   88.653800][ T7027] veth0_vlan: left promiscuous mode
[   88.831840][ T7027] team0 (unregistering): Port device team_slave_1 removed
[   88.864305][ T7027] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
06:53:20  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffffff8e07c740 RCX=1ffffffff1c03f70 RDX=fffffbfff1c0f8e9
RSI=0000000000000008 RDI=0000000000000003 RBP=ffff888039d32440 RSP=ffffc9000321f738
R8 =0000000000000000 R9 =fffffbfff1c0f8e8 R10=ffffffff8e07c747 R11=00000000000a4001
R12=0000000000000000 R13=ffffed1005019488 R14=ffff8880280ca440 R15=dffffc0000000000
RIP=ffffffff8169f1bf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fcc9515c6c0 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fcc9515bf98 CR3=000000005253e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc9450c488 00007fcc9450c480 00007fcc9450c478 00007fcc9450c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc9506d100 00007fcc9450c440 00007fcc9450c458 00007fcc9450c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc9450c498 00007fcc9450c490 00007fcc9450c488 00007fcc9450c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85106065 RDI=ffffffff9ab3da20 RBP=ffffffff9ab3d9e0 RSP=ffffc90002796218
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000031 R14=ffffffff85106000 R15=0000000000000000
RIP=ffffffff8510608f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffe117c5880 CR3=000000004fbf0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc5ee33ba0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff888030130460 RCX=ffff888030130048 RDX=0000000000000000
RSI=0000000000000005 RDI=0000000000000005 RBP=00000000000031cd RSP=ffffc9000329f118
R8 =0000000000000005 R9 =0000000000000005 R10=0000000000000004 R11=ffff88806a828abc
R12=0000000000000000 R13=0000000000000005 R14=00000000000031ce R15=000000000000000f
RIP=ffffffff81ccaef2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555584805500 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007faa90535f78 CR3=000000003981a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe117c5fd0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656d75736e6f6320 647a253d657a6973 000a747261745374 6f687370616e5300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 404850564b4a4605 415f0018405f4c56 000a515744515351 4a4d5655444b5300
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000069d3e RBX=ffff88806a746880 RCX=ffffc90031603000 RDX=0000000000080000
RSI=ffffffff8182b576 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900038bfb18
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed100d4e8d11 R13=0000000000000001 R14=ffff88806a746888 R15=ffff88806a93fe40
RIP=ffffffff8182b578 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fde5f9f96c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fde5fb62320 CR3=0000000058a28000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffff000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000396e6f6d 6273752f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000001a4d4c4e 4150560c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000