last executing test programs:

1m24.360837046s ago: executing program 2 (id=432):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x50)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000000)="4b9137ae4eff4c03a93722d6295c7fd4df73bd9bc095cb9603d07e6174ecf5c01856fe3773af4bc96c9be8f818fbd01fdc9fe27d9e3280dd3d3aba5d08095c62f546d8d330631259a348466af8e197cd69ce239fe8bb47128ecadf903573a076c201062fbf14da7fa91833e1fd16d0971f4eb8ff09011eac4a4d35a98cbe774a3cccbeb6b584044fae38943965d5b2beef142e", &(0x7f0000004880)=@tcp6=r2, 0x4}, 0xffffffffffffff44)
recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x22)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8000, 0x1f7)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x201, 0x4000003e, r3, 0x0)
fanotify_mark(r4, 0x441, 0x103f, r3, 0x0)
syz_clone3(&(0x7f0000000340)={0x480, 0x0, 0x0, 0x0, {0xc}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1m24.291067571s ago: executing program 2 (id=433):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59) (async)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x0) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x4}, [@migrate={0x50, 0x11, [{@in=@local, @in=@broadcast, @in=@multicast2, @in6=@local, 0x3c, 0x4, 0x0, 0x2, 0xa, 0xa}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4) (async)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
sendto$inet6(r0, &(0x7f0000000280)='S', 0x1, 0x8000, 0x0, 0x0) (async)
close(r0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00'})
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x101600, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x2) (async)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x7) (async)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f00000015c0), 0x80000, 0x0)
ioctl$RTC_IRQP_READ(r4, 0x8008700b, &(0x7f0000001600)) (async)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x2)

1m24.191164091s ago: executing program 2 (id=434):
r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$evdev(&(0x7f0000000140), 0x11, 0x109c2)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_io_uring_setup(0x460, &(0x7f0000000280)={0x0, 0x40000020, 0x10, 0x3, 0x34f}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, 0x1a})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0x3d, 0x0, @fd_index, 0x0, 0x0, 0x1ffff, 0x0, 0x0, {0x0, 0x0, r1}})
io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1m24.121051916s ago: executing program 2 (id=435):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = memfd_create(&(0x7f0000000100)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?$^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xce\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x14M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\f\xeaH\xd8cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0', 0x6)
fcntl$addseals(r0, 0x409, 0xc)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x9})
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/kexec_crash_loaded', 0x80, 0x3)
read$msr(r2, &(0x7f0000000280)=""/210, 0xd2)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
unshare(0x22020600)
setns(r4, 0x24020000)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x126e99c2399ce0ec, 0x0)
r5 = syz_pidfd_open(0x0, 0x0)
setns(r5, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) (async)
memfd_create(&(0x7f0000000100)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?$^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xce\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x14M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\f\xeaH\xd8cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0', 0x6) (async)
fcntl$addseals(r0, 0x409, 0xc) (async)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x9}) (async)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) (async)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/kexec_crash_loaded', 0x80, 0x3) (async)
read$msr(r2, &(0x7f0000000280)=""/210, 0xd2) (async)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
getpid() (async)
syz_pidfd_open(r3, 0x0) (async)
unshare(0x22020600) (async)
setns(r4, 0x24020000) (async)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) (async)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x126e99c2399ce0ec, 0x0) (async)
syz_pidfd_open(0x0, 0x0) (async)
setns(r5, 0x24020000) (async)

1m23.670312741s ago: executing program 2 (id=439):
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x4)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x4)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x3)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x0)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)

1m23.510060436s ago: executing program 2 (id=445):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r0, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r0, 0x3300, {0x2a00, 0x80010000, 0x0, 0x8002, 0x200, 0x0, 0xa, 0x800000, 0x15, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bda1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c271f927dd8a0f47cbd090200", [0xffffffffffff0000, 0xd]}})

1m23.408412986s ago: executing program 32 (id=445):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r0, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r0, 0x3300, {0x2a00, 0x80010000, 0x0, 0x8002, 0x200, 0x0, 0xa, 0x800000, 0x15, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bda1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c271f927dd8a0f47cbd090200", [0xffffffffffff0000, 0xd]}})

52.510545931s ago: executing program 1 (id=677):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000006c0)={0x6, 0x15, 0x7, 0x5, 0x8, 0x1, 0xcc7f, 0x7f}, &(0x7f0000000700)={0x0, 0x989680}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x28, r3, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1a}]}]}, 0x28}}, 0x0)
sendmsg(r0, &(0x7f00000001c0)={&(0x7f00000000c0)=@ax25={{0x3, @default, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @bcast, @default, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000140)="4dbdc5585d16a672286762023c", 0xd}], 0x1, &(0x7f00000004c0)=[{0xa0, 0x6, 0x9, "92eb3599a6e9d96684aa683fb50c7cdd46f7ba009c02cb0dcbab6441fabd4c2b0bee75bef5f44c897368e58e9e58831665f7f3374420e2dfdfdfe1d1e020fc3f4773007635086725c3544bfbfc63ca61bb180c00cc06c56ac149aea4ce66ba2459c07fb54b03f114c0f57e23297688e2546ba5942204b64e51c3afbcf2f9c3a502813d6129e4bd10ada72205e3af"}, {0x28, 0x107, 0x9, "74c0e703a04ad692812d87c36bf022cc6913c92cf8aaef48"}, {0xb8, 0x3a, 0x0, "00c7ed1dd481e42bd0b48ec1f258abdd55c7feb5e30fffcdb5fccaa5ed914a26077622bc097be557a6f0d281dbbf9c3277f6eb894d9d613a1517ffd5350f24ba2d0da4c8fa51b06b635a94a1dbe2485ba813177ec7c23eaebfbd23a82a37eb8c580724054abf56784ae61cd9e6f33ae3870bb99506d24c2ec488a95b72e0e499cae4cfbd85bc20323fed91a50e04761edef8bdab640ba1d5b329d2ad9d7cd81317"}], 0x180}, 0x4001)
getsockopt$llc_int(r1, 0x10c, 0x6, &(0x7f0000000000), &(0x7f0000000200)=0x4)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x5, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x2, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r5}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r5, &(0x7f0000000140), &(0x7f0000000000)=""/85}, 0x20)
write$cgroup_int(r0, 0x0, 0xd)
socket$nl_generic(0x10, 0x3, 0x10)

52.509716221s ago: executing program 1 (id=678):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001000)=@raw={'raw\x00', 0x21, 0x3, 0x580, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x4b0, 0xffffffff, 0xffffffff, 0x4b0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @private2, [], [], 'veth0\x00', 'syzkaller1\x00'}, 0x0, 0x220, 0x248, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'sit0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x5}}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv0\x00', 'veth1_macvtap\x00'}, 0x0, 0x200, 0x268, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv4=@loopback, [], @ipv4=@remote}, {@ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {@ipv4=@multicast2, [], @ipv6=@loopback}, {@ipv6=@rand_addr=' \x01\x00', [], @ipv4=@local}], 0x3}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0) (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
r2 = socket(0x2b, 0x80801, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x13, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b0a00fe00000000bda106000000000026010000f8ffffffb702000008000000b703000000000000850000000500000018010000202070000000000000202020c31af8ffa1000000bfa10000000000000701000000fe00ffb702000008000000b70300000000000085000000ca0001009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @empty, 0x1}, 0x1c)
ioctl$sock_SIOCOUTQ(r2, 0x8905, &(0x7f0000000000)) (async)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000002100), 0x100040, &(0x7f0000000240)=ANY=[@ANYRES64=r2, @ANYRESDEC=r1, @ANYRES8=r1, @ANYRESHEX=r0, @ANYRES8=r0, @ANYRES64=r2, @ANYRES32=r2, @ANYRES64=0x0])
r3 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$selinux_context(r3, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d) (async)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x1f, 0x0, 0x23010408, 0x0, 0x0, 0x4000, 0x8000000}}, 0x50) (async)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x1, 0x142)
syz_fuse_handle_req(r4, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e4ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a55300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='stat\x00')
read$FUSE(r5, &(0x7f0000004180)={0x2020}, 0x2020)
io_uring_enter(r5, 0x2e3a, 0xba52, 0x30, &(0x7f00000002c0), 0xfffffffffffffd7f) (async)
syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x6, {0x0, 0x0, 0x0, {0x0, 0xffffffffffff7fb6, 0x5, 0x0, 0xfffffffffffffffa, 0x0, 0x2, 0x3966, 0x3, 0x8000, 0x4, 0x0, 0x0, 0xe, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="c12b7d7131d7a8054d9f9c", @ANYRES16=r8, @ANYBLOB="01000000000000000000170000000c00068008000600ffffffff"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) (async)
r9 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7) (async)
bind$can_raw(r9, &(0x7f0000000000), 0x10) (async)
llistxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=""/64, 0x40) (async)
getsockname$packet(r9, 0x0, &(0x7f0000000500)) (async)
write$tcp_congestion(r6, &(0x7f0000000480)='dctcp\x00', 0x6) (async)
ioprio_set$pid(0x2, 0x0, 0x2004) (async)
dup2(r6, r1) (async)
setsockopt$PNPIPE_INITSTATE(r6, 0x113, 0x4, &(0x7f0000000000), 0x4)

52.419285458s ago: executing program 1 (id=679):
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000000)={0x30, 0x5, 0x0, {0x0, 0x5, 0x344, 0x2}}, 0x30)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x12a, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000100)={0xf, 0x8, 0xfa00, {r1, 0xc}}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000180))
r3 = socket$kcm(0x29, 0x2, 0x0)
r4 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r4, &(0x7f0000000200)={0x15, 0x110, 0xfa00, {r1, 0x8, 0x0, 0x0, 0x0, @in6={0xa, 0x4e20, 0x101, @loopback, 0x1}, @ib={0x1b, 0xfff8, 0x4, {"7f8339533812b08f5fe4639f3ea7d219"}, 0x9, 0x4, 0x6}}}, 0x118)
r5 = creat(&(0x7f0000000340)='./file0\x00', 0x40)
preadv(r3, &(0x7f0000000640)=[{&(0x7f0000000380)=""/31, 0x1f}, {&(0x7f00000003c0)=""/146, 0x92}, {&(0x7f0000000480)=""/140, 0x8c}, {&(0x7f0000000540)=""/36, 0x24}, {&(0x7f0000000580)=""/97, 0x61}, {&(0x7f0000000600)=""/44, 0x2c}], 0x6, 0x7fff, 0x9)
ioctl$EVIOCGSND(r5, 0x8040451a, &(0x7f00000006c0)=""/222)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000800)={0x1, 0x10, 0xfa00, {&(0x7f00000007c0), r1}}, 0x18)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000840), r4)
getsockopt$llc_int(r5, 0x10c, 0x2, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000900)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}})
r6 = syz_genetlink_get_family_id$team(&(0x7f0000000d40), r5)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000d80)={'team0\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000dc0)={'wg1\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000e00)={'team0\x00', <r9=>0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000ec0)={'gretap0\x00', &(0x7f0000000e40)={'ip_vti0\x00', <r10=>0x0, 0x80, 0x1, 0x1d, 0xa, {{0xc, 0x4, 0x2, 0x8, 0x30, 0x67, 0x0, 0x8, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp={0x44, 0x1c, 0x27, 0x0, 0x2, [0x3, 0xe3, 0x25, 0x5, 0x6, 0xffff0001]}]}}}}})
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000001100)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000000f00)={0x198, r6, 0x10, 0x70bd29, 0x25dfdbfc, {}, [{{0x8, 0x1, r7}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8, 0x6, r8}}}]}}, {{0x8, 0x1, r9}, {0x130, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r10}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x20000000}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4000}}, {0x8}}}]}}]}, 0x198}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
sendmsg$IPSET_CMD_GET_BYINDEX(r4, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x2c, 0xf, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8d0}, 0xcd18284a4f79d16d)
r11 = syz_genetlink_get_family_id$wireguard(&(0x7f0000001280), r4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f00000012c0)={'wg0\x00', <r12=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000013c0)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001380)={&(0x7f0000001300)={0x48, r11, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r12}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001400)={r5, <r13=>0xffffffffffffffff}, 0x4)
preadv(r13, &(0x7f00000016c0)=[{&(0x7f0000001440)=""/87, 0x57}, {&(0x7f00000014c0)=""/138, 0x8a}, {&(0x7f0000001580)=""/136, 0x88}, {&(0x7f0000001640)=""/86, 0x56}], 0x4, 0x1, 0xc)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r4, &(0x7f00000018c0)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001880)={&(0x7f0000001780)={0xc4, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r12}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x4}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xf}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x14}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x2}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xc}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x42810}, 0x14)

52.417896839s ago: executing program 1 (id=680):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000004c0), 0x102, 0x0)
read(r1, &(0x7f0000000500)=""/25, 0x19)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x100000001)
syz_emit_ethernet(0x2a, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa0800fd515603e33b4500eb2a000004000002907800000000e04a0001110090780000d082b407141bc86ebb87c08843db8191a2109c4691bc3b252853"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
fsopen(&(0x7f0000000a00)='exofs\x00', 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r3)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x24008001}], 0x1, 0x40044)
sendmsg$TIPC_NL_MEDIA_SET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="200025bd7000fddbdf250c000000303f8aad7cdc7c548e2da22c6745015eb2073165afab6cc0e79b2e2c2ca813cca3b5f9e14d978553dd518bcd79be5005bbd2aa636f14592bba0295405db320c8ce074e094f8f6bd44cdea802434ec5ef2829"], 0x14}, 0x1, 0x0, 0x0, 0x20004080}, 0x8800)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x2040, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x20a048, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
mount(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000300)='securityfs\x00', 0x10000, 0x0)
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f00000001c0)=ANY=[])
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)

51.526858046s ago: executing program 1 (id=683):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x32, 0x32, 0x1, 0x0, 0x0, {}, {0xffdd}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e000000, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x4})

51.320495208s ago: executing program 1 (id=685):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000001480)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d55906000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb937b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9ccd5788029901e5a79d8b9990ace8f74087f25ad50c4608800"/686], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000080)="05804ab382844306d758e620b9dc", 0x0, 0x12c4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0})
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0xfffffffffffffe01)
readv(r4, &(0x7f0000000300)=[{&(0x7f0000000100)=""/114, 0x72}], 0x1)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
connect$can_j1939(r5, 0x0, 0xffffffffffffff7a)
sendmmsg(r5, 0x0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c)
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0x100b}, 0x1c)
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0xe22, 0x1000, @mcast2, 0x5}, 0x1c)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r8, 0x6, 0x1f, 0x0, 0x0)
setsockopt$sock_int(r8, 0x1, 0x1, &(0x7f0000000300)=0x101, 0x4)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x1030002}}, 0x50)

51.300777513s ago: executing program 33 (id=685):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000001480)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d55906000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb937b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9ccd5788029901e5a79d8b9990ace8f74087f25ad50c4608800"/686], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000080)="05804ab382844306d758e620b9dc", 0x0, 0x12c4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0})
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0xfffffffffffffe01)
readv(r4, &(0x7f0000000300)=[{&(0x7f0000000100)=""/114, 0x72}], 0x1)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
connect$can_j1939(r5, 0x0, 0xffffffffffffff7a)
sendmmsg(r5, 0x0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c)
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0x100b}, 0x1c)
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0xe22, 0x1000, @mcast2, 0x5}, 0x1c)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r8, 0x6, 0x1f, 0x0, 0x0)
setsockopt$sock_int(r8, 0x1, 0x1, &(0x7f0000000300)=0x101, 0x4)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x1030002}}, 0x50)

16.280051374s ago: executing program 0 (id=1005):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x10000, 0x0)
ioctl$EVIOCGEFFECTS(r0, 0x80044584, &(0x7f0000000040)=""/152)
ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000100)=""/35)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r2, 0x300, 0x70bd28, 0x25dfdbfe, {{}, {@void, @val={0x8}, @void}}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4010}, 0x4000)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000280)={0x87, 0x207, '\x00', [@generic={0xe, 0x9, "e99925efead0b8ecfe"}, @calipso={0x7, 0x18, {0x1, 0x4, 0x80, 0x7, [0x8c, 0x343]}}, @generic={0x7f, 0x1000, "9cfbdccd5196eeeb24eacbc09d407e2f9541014d1155389b3f36711624c1df31f35ac13e0c10657852df01cc7faed4a9e69cdc60e6c9b6844ca349aa1325674ef607ba26d918906221d9ac76a818077c0abd5a189cdc5318876d1c9b777dcd91fbd37f40b349b14d11f0dd21bfc4177985c7f3b4db350e8821e20b5a8e9cd652d58f4369cf013adc97ba9884fc6534c5778a49e722d9bea3682032d7962118110963ef573276574af4308eb10ac8073b59592e1f9b32b7d9830abfc08966775d5bfcaec31b916d3f3a404abfe3b9e8bae42edba8283ef40a7fd9bb81c3f5d363a72882d4bfb20ba8ed22e5e80a84adec8abf7221585a1ea14f83b55fddf1625234fb5cc9dc208cc65c326574ccadb692af5b5f7b00917fd6981f378f6e9890a49062ae823f46be0a38047f405ca3cdfcdf505699a7312f388edf3bc17416d88cb0e86431ce0939e3c50155276cebdf7d56757d212b2ee9dcfaa544b05e0f74f23cc4ac07ff299f822c491b8c4f6b70ffad8e2307dacda53261df36e3c70d4af5628cd32dbf0e1f4fd5a49da649519e15cea5bdefe9a94e06e1b435612d96fcf729748812601f8b63570dc5cfc09faf4c775838884cb0a3dfb7060db17d1e1a3ff290bf9bd332c6d9c44dbebbe1aa4c1d98cc06a810a5f71b47954eade1c7c20a29ba8d0c18310e9bc056fc6922d75a0781c428468901202a57bb9107ac5a0d7f5023f58c76bf066585a4e434bda4c8b985876300df1ab19cb24c929cf76870c72e8ecc12f6d61420e5526fef7ea4b2998d2a889e6c0fffaa0976ec40359ed3aca341aeaa0ba61ec12adbf02c4f7989fb78026d0f4555f1a3fc2339fd21ab8a7b793343cfb71a1a0dc7c665e2f0dd3f0a333e11bd5c38c4deb89d5f404d2e9c635a6ecd2f173f45f71162acb6929cb631913eedbaf775926cf21f4fb1cbb1a0941d89cb9608790b6fe08d2add7a341307b5838d25efb43813d074a83d4d8d31aa20f798ecd2fefdb4cf9428cc7694989f07e5449ad0e2bae7bcd0a74c58b7fc21acdb35d5aa4a828fd6e0194b12168c3a9472a1b0e6d6d577bbf32e938b3ae8636b711b5bbce04c155ae66d9ccfb49667d97e4291be2e998a7044656d9a350124b5344a7f914c59ebddfd0c7555df2254f60a37f450eae193f9a0d332e5510759c110fe475078b8eccdee5ff6c5e38b5d6c1562060429476d45df3bcd1eb2ccbdf6d4cb4930d11c4dd6619805abd73e3ad6d8ae436037f0b22dfe55d37a8181cf6de2c150041b43fce338ddbce31b2b7bb4b00775614777d4d74d2421cc6a28671af570bbc33058586d4846bc9daa2ff6099babf7c5f1560614253d88ecef2650cc618b8d4e8e36645ceb00f8a9bd8ddf3844fe73b977305e940677efdac089fb2cdb1203a8f031908b5976f19ef6cdcbc76aca1e7ff85163430b4247e20f0db5ae1d8501d072392c8481c3ee323a8760bba3f9680b5fbf031c6898eabbe9f488f7981916c384085ed72e004617e7539af0bcdc5b258968a1812cabee3c17ea4b0f84174f265f86a2eaf60af6093f59891eea56884971a20fa75ff60b51d363db8062a1d9c60b8fcd122a14f972e76c52455ad5aa64e16ece9a68fd8f6d1c9f6dc9a3eaa51a7458d6049ceed3782d1a0efaf6802d6003c54c73cf79135ab7c8cebd625b131c7f09a1b0c77a739a5565a0698705b511b4d4547ca74567672826a82a4c6a6311dffe1dcc7a072e652bfa5a8edd1ee7c6136def02bc2b4e274620e74e067416b2ff6f42c041bc098b91f11a3a199509793b5c23afda0b41a23e8aea559300d2988b6832f16de8bd7bf517c2393c4375b509860aa02dbf107c64e4a757548fcb6608148f9844350e7e5489fc6d3c32eaf87e6cc42e7f7b58fd14090075259286a6a7183e829b77bd04c9517fbdb135fe26fbd7429518899630f2a2c4fa394512689686fdf515fbc5bfe83a3c5ac3f35f085f95ff117797ae2e740b218690da66f6bdcc4ccca7dd536f8f71967700973b90fc085177d8ced3247f86dc1ff93ed1a618ef933bd2c63ef7e51534e32069603c64ec4f81eb95982667135c7534d135872e02aab614acf13fa662fc80d890cb9a02912c1c214e81afe7fb683c4f2e220309105027e0780f6a53c2d497557cd55e2ad3468fe5628874b4f80b10aad55939d194ca6cf596a8ecd1359486008ac6c4ee917d572ff6d5ada245e323c4c99203ec6de3f5a12668cd09431deb56c749439767a89510330fce074fb5d7803fdbda2a0ef71ea5711a4ecae0d16a4043117ff80b5b49c5e259cd117f009d43b3057060285bc35807bcd0b7525e68f3a250722899a2658dffb7afb47032d474dab7e410be6d2e11beaf96820efbde63ebfff05f5f4e7877951a6b5adb801a8e50be9b169ef34881ced8137e09a4c675818842482897f231dd17115ac1969685fa2f6bcc31ff7995e4078092ba59b74adf3517f5fd9d12b4a41a0ddf142b9f6b7eab40f3d896c80bf5c6aecaf6f55ebd7d8e25c856831fa0f4d3c732217f36f368985467cc830e0958fdded9546293165fe70e0e261071b25dfed0127a5fe0f1649ca5c30c5df75e5d5c01a7fdd4c041ac8fa571dc709f21ef4eaeedf091245f6d7948b2d927e9511abea1c02289cf6d89b917364ebed229e71358d9b535646b13dc9ce72afcc932825e4fe4d4b83de0b8680ef76ac98982688321b55eaab2f8bf095986b732e69a9b7d0b38b0de6e075ed23550d4ececaa69bbc4a082832170e991a6099de2e9ef3599e4bcd999314f8c76ba7258340bd218ffcbb64203de0c88e91ec8451eadeef79dff4c971b598ae5028f00cb43771144137c8bb441e991b1d6f3e441c944f00713aa7f768c2c37a70ea749444f6f97de1a4635a615ee9d8e23a7155c9155e5dfebb8dc6605a0a053a5fd41b74d6ea4a27e64f236ca96644ce61511b8dd251ea39da5330ffa3871bcff9f37ef287f45e00d43fc0f3924ee64af99b6c2045018315aa170c188e7a035cba41bf9680c4bda8e7299cc3333a5c7c38bac01bab369d2d3e58d6d3b36ef31d7cb2d64812bc008300094c7f87d0773bc557cda606ab0eb358d65d34a007a4102a0c02e4c4219aa6a855aed885eaee238fd4448f2915dc4b886a471edc465816989b165e7a7cb4902ab63bd76dce455fdd6e2ce1c8c128fe9b61d14aaf7815cfa11b86bababaca5a651707e6b8f3341c9124d6dfa5435c0db958a8792a4d590a1355232ba41d90a726e85ff901b7cf54225463c8dd13e6ff2984fda6d8a6f25d06ccfad4fc333fdf1467972fd8a9acfbe712e4030e352ac22111f4bed14769963dc13aecb91c939b17dba5faf66b61cfcf277cdb734740c8fd739f26ef7a17d8978ef39e2a444ecf88cc2f0f87c50398933709e08726548b968c7fc5f49938cd5d1b1bc736c1168a3e660ed4e2d9a8bd69ad78b5be0881c09d7fe69883a2a97192d31ec7a825afe99237df7f8aa6df489b57ae7189e5dd84b2aa7e3bcf5e867fa6f4b021b1c79711c913cdad558d7411e50b4ad2e192a2a98e77f1cfa57954d64f441ab589ff596b09f15c8c7a2b68ab580c9ea5146472ab0de024eed73ed06771ae73a5aa4bef1847b180ea8028e6637aad2351baa7673ef2f471e31e0a8f2b0b57d7a4760ea3d3ba8db52b97a13584399b2ed5a3dbad1fc3ddd95cc876f9d5fbf3d71b841276628aec560357ec54c8c471edcf3bb99dde430f3468be60ec4c44537c73d4e128f52c47e4fe00b85c5249fd4818fc88430a5d5f3c89098cff636cbeabd0cad15e4adab9e9193c3957aa2e68a8fe19210af0dd6f55a25bfe99a2a0d8a000aa1c0966006e7378d779eda30cff0353d93b4b49f0ae506de98df3998a4afe3f46478eb4be5f6da1762bcabf2a67005b684ee4c57aafe7811c489ae0c4cb435d9ef225a2b2daf779a01ca51a3e0cfa216088a2b23157260c841e3b92b75af152d6bf0b2af0bcc8aad9c562603bb63d9ccb868777829ec05d20d84f7f0e80fb9dce7f3791e52edbefb1635a5c992839a065aefd3f458bc854a3ad70d6afb045d9907e361236dbc492400c939afad2d37c6ed0203fcb23557050a0f6781df79d81dcdc60c4b6930846108dc50e90a82c4997bbe0427a19fecda50305631f44c2445c2c575771e48f0522b688d68640b1aa15f5938f5ccf78ba6095df856b5955521abcbc12cc835a4c1dbdce68ca2db41347ead506d9af9562f2ff428522008d2da817fac4162fbde822fd2686c0842b8565aac315413e25524aaee927da463e472c7ed9132b7974ca5ab506049e3d71016620c2c32299637b1c498e37fd5cd49247106244ea10c6b0a36356d6fa55dc8b38a443cdc57ef8980950450954fbd7ef5452a8508b403c15daa4fa247a4963ed307118c609e6fe7169064999a0b3edb39fbf0a0720921842800c48d8e33e656a3e131943f25bbaabd1207405397e887dc85de877e14c1dd5a93714611531495839440b63c9388626409fa8c066784c92583b9faad02f45866eda974f0e3e1a7620094c2b355b41578c2c8c84da5d6c45cc9c682e6ba2d2d0a6b55e94075928811bb88aff2200ec18bcf9fa02cc36a1990470e0015ebe9da61b5f419c727a1989a5eb22482342a8b765225083356c54f656b3f5addf2a57519b9249178073445768277fb682812bc0c8f467b6ed3e4e1b1d7f86c33196123af509ec9b26f0b0adcd825a52e34a8eb04e96fcd111f88522c2c769022d33206eb3c40f6f706547402e492822f072c1486e7585beefcda702df6613cba101609e9e0e2077a69ad55e3c32713b6e569e9c50cbaef023e4913c29493e1a00caf684613380bfbb671b44044fc56b06a1a94ebde8b612f210df17c770d5f08295284789aafc41f89018a241457ad526a883f923dfb146ff5417bae4561b72f6f9ed81541fb78767add9cb15fccc2351b12323719d2d6c9ba4eb055d8c7d31923a46fc9672089aaae8804944f4c35a2b4d8c32a920b260d144be75b5fd42943cb257db6dfe08e6d3f7167afbfa43427d47e4b7e76b27b470e5d55f04143a4c39eccd497e875d21e491518605f2765072c709053a478f1e9bb41e58c5b8567072a122a1bd652dcd554d7deadd95dcba3042956b1dacfbd9b5aeac73cf075c539c653d2c0d747a23fc50cf0d23a2293655047c7cd82c461dc48b3d1c6eae875b5c3507320fb7929956006fd9e06d170388f952ffe4a63ce5ab93566fa6bc9040bb42c783e3a80d305c660e1f88e036efd78116814dc344acf5e653b8614b4c9b773eeb14057ca8a47564be45cdfdaa1dceb195beb1d814f0f5e02ba2190e64ad7f6f96cc6a860e42add50d144968e0467a1850979c4f426f02e78ad884e49f938970d3eb1d406fc0aefbbade7ef22877ef7e09d3f7fa72d334303ce3075418aef540189b7d360f3f1d9966e1078f136c4d15f57a33788a2958963a6606e603c51f106d24548bd3f188b54db443f80089b32b5887c41de86339ba33d4aec333abe48794310d66b48c5cf9f6149b3ebdeed4c8360610652b57623a7bec7caa755adc674f6186c4b77d1e7538faaeb9016aa5dae545d8fc88b481eb332291596f3446b95806c3e415ad5af2d384b8dedf90b38c9b35f97956fcfdf368dd75acabd7e1381fb48f6e4afb47db349fead286bae205db4befa47cdc8916a0d78f0c07aad8c54606f24287d06801343ff1de797b5f18ae44a520a900638cecc4851f5972eb926fea3298914b0f2b99cc2dffb9c63c1d69f7cace876f14b6a69f348a651f61dd0f6de"}, @ra={0x5, 0x2, 0x5}, @generic={0xfc, 0x2, "8739"}, @ra={0x5, 0x2, 0xc}, @jumbo={0xc2, 0x4, 0xa44}, @pad1]}, 0x1048)
syz_io_uring_setup(0x653f, &(0x7f0000001300)={0x0, 0x392e, 0x200, 0x0, 0x8f}, &(0x7f0000001380)=<r3=>0x0, &(0x7f00000013c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0xc0, &(0x7f0000001400)=0x7fffffff, 0x0, 0x4)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001480), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000014c0)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r5, &(0x7f00000015c0)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001580)={&(0x7f0000001500)={0x60, r6, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xd}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x7}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xd}]}, 0x60}, 0x1, 0x0, 0x0, 0x44851}, 0x40010)
r8 = open(&(0x7f0000001600)='./file0\x00', 0xc0802, 0x82)
ioctl$VIDIOC_G_FREQUENCY(r8, 0xc02c5638, &(0x7f0000001640)={0x0, 0x5, 0x1})
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000016c0)=<r9=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f0000001700)=<r10=>0x0)
sendmsg$NFC_CMD_GET_DEVICE(r5, &(0x7f00000017c0)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x24, 0x0, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x24}}, 0x44)
syz_io_uring_submit(r3, r4, &(0x7f0000001cc0)=@IORING_OP_SENDMSG={0x9, 0x8, 0x0, r1, 0x0, &(0x7f0000001c80)={&(0x7f0000001800)=@rc={0x1f, @any, 0x3}, 0x80, &(0x7f0000001a80)=[{&(0x7f0000001880)="edca202cabfc00f883b9a0ec93750ed5ca5a20786d0b6dd3dd15e476c89ba31a658ef541dc089e6f9ee412ede23fc4247805a245af97048ca93c29e32d32146f7fa12fffb51f12364a69d57642648316d9d80e559f1d85c105d2881204cb8d885a27491a801dab54b955ee7e2323db32372a2b88300aae7963ad61da54fc433dd55a366e99d0db176a6a956f79dae3", 0x8f}, {&(0x7f0000001940)="4c74c11bfb935e08446a4e5c3b35e3b887041dd2ba4e4a57841afdb83d752ae228b75b3e8ac2a77da27917a28df8420d3effe4361226e61e658ecae389a8ce9bf3eec2828d35a02070998970d1bf96bcec0f571805e2e1b7778a7f7e8f259e931311b7105668ecb569351a43ce4f405ff3180351dacce41cbbd3bd15cc6d9d9b94431ff7de6ac1a284c5fceadb289d26a7e06b7d4a8e0db8ed58d03bb1d05a16059ef4ed5a1286952b491db07cf4ecc2d38cc9eca87e48bd9db4e9a9dde072c5b5750e23bf", 0xc5}, {&(0x7f0000001a40)="6d444c496294e45caeeb094cfcf77cf28673c36594599ea167eef7191c13babfc13bf7dd33ed8cd588cb6febbe", 0x2d}], 0x3, &(0x7f0000001ac0)=[{0xc0, 0x111, 0x7, "7e48e2a26236834cb206c77508ed59109041f70d57b0dabeda48bf6dd25936b385bc5baaeb5ab05490bd402d884a4e60a62535cfc7b386d7185124eb3f904dff9e67a8c3f804e5e94f7738ab67ebaf922f35c64da131fdcd49814c6b576a2b3dab4e9bc1d69d80fdb428c9861e035711dff1eda95af92e2ca21525d0075f0a30bd67f19ef57509e99cef7a409f38375671490c73342156bfbbeb77d01abe4cb11f720e85f83f767480a66010fc48f0"}, {0xf8, 0x111, 0x401, "c79da3cc1b24d97e196628f87b456f39caab93f160720f1b423a241901ba5a1f2def04d41cf6761fd90c60694f0e6680fae794e244f79689baf7ccaca47abc02acf22f1b3862747868499132eb1ff25345589f9d4fcf917e2d0b38adc6b1351da14d1643f92e1602fddfe0c2de8967d11a951b74b6d130111500d9d9d3776bf07758b3d27f6a559f997c298edad45c8ffa4676fee6d0797e122d8e735fc433491d70b45f70ae2ac92556e59c4c2985b73023de6e490f669de6195ab77db5f29df36946bbb35069b49526fc7345ce300d68de455eee67cf8dd8bd5b03d4cc269748db9326fad9ff"}], 0x1b8}, 0x0, 0x4000})
io_uring_enter(r8, 0x158c, 0xdb16, 0x67, &(0x7f0000001d00)={[0xfffffffffffffff8]}, 0x8)
sendmsg$nl_route_sched(r8, &(0x7f0000001f80)={&(0x7f0000001d40)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001f40)={&(0x7f0000001d80)=@deltaction={0x1bc, 0x31, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x70, 0x1, [{0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0x10, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xc1b}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xd}}, {0x10, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @TCA_ACT_TAB={0x7c, 0x1, [{0x14, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0x14, 0x20, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xf}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x800}}, {0x10, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}]}, @TCA_ACT_TAB={0x5c, 0x1, [{0x10, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2e2e}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xd1}}]}, @TCA_ACT_TAB={0x60, 0x1, [{0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x98fc}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xeeb6}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x75}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xa}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x1}, 0x20000010)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000002080)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002040)={&(0x7f0000002000)={0x2c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x15}}, @NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x29}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
syz_io_uring_setup(0x778a, &(0x7f00000020c0)={0x0, 0xcef3, 0x800, 0x0, 0x20b, 0x0, r8}, &(0x7f0000002140), &(0x7f0000002180))
ioctl$IOMMU_HWPT_ALLOC$NONE(r8, 0x3b89, &(0x7f0000002240)={0x28, 0x1, 0x0, 0x0, <r11=>0x0, 0x0, 0x0, 0x42, &(0x7f00000021c0)="b06b57150d72e11590600dec17a1c642ab7ffedd9b887e79fef0e6b2cb5577672c9be66bf18ab68ccb33746a369af1c35b00c5009f81d3742bf256c22b696113ff06"})
ioctl$IOMMU_DESTROY$hwpt(r8, 0x3b80, &(0x7f0000002280)={0x8, r11})
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000002380)={&(0x7f00000022c0)={0x10, 0x0, 0x0, 0xd42dbc6bc9b240f9}, 0xc, &(0x7f0000002340)={&(0x7f0000002300)={0x1c, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4001)
socket$l2tp6(0xa, 0x2, 0x73)
getsockopt$PNPIPE_IFINDEX(r8, 0x113, 0x2, &(0x7f00000023c0)=<r12=>0x0, &(0x7f0000002400)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000002440)=@base={0x9, 0x2, 0xfffffffe, 0x8000, 0x1000, r8, 0x1, '\x00', r12, r8, 0x2, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f00000025c0)={0x3, 0x0, &(0x7f00000024c0)=""/44, &(0x7f0000002500)=""/11, &(0x7f0000002540)=""/110, 0xeeee0000})

16.200091888s ago: executing program 0 (id=1006):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0) (async)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r2 = socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0xffffffffffffff25, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYRES16], 0x14}, 0x1, 0x0, 0x0, 0x8004000}, 0x0) (async)
syz_genetlink_get_family_id$smc(&(0x7f0000000100), r3)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000012c0)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0002000000000000200012800e0001006970366772657461700000000c00028008000100", @ANYRES32=r5, @ANYBLOB="f678d0da"], 0x40}}, 0x0)
ioctl$VT_RESIZE(r1, 0x560f, &(0x7f00000002c0)={0xb}) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) (async)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000340)=[@window, @mss, @mss={0x2, 0xff}, @sack_perm, @sack_perm, @timestamp, @timestamp, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f00000001c0), 0x4) (async)
sendto$inet(r6, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6) (async)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00') (async)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') (async)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$alg(r7, &(0x7f0000000240)=""/4096, 0xfffffdef)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000030001581643220000000000000000000000000088ddf27e373d0f071c666c9e370c99862c188e98849a47a8d62bd0bf84b7d5eb9e62a4b5d006acd255a8136c673505eace733c50f02eaac6e31c06"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1807000000000000000000000500000000000000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000001000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r7, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0xb}}, './file1\x00'})
setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000001240)={{0x11, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x2, 'lblcr\x00', 0x3, 0x80000000, 0x49}, {@broadcast, 0x4e23, 0x1, 0x7, 0x1, 0x7434}}, 0x44)
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000040)="c2fb1a94", 0x4}], 0x1)
ioctl$DRM_IOCTL_AGP_ACQUIRE(r7, 0x6430)

16.130183919s ago: executing program 0 (id=1007):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x18000, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000001580)={r1})
sendmsg$AUDIT_SET_FEATURE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3fa, 0x2, 0x70bd2b, 0x25dfdbfc, {}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20004800}, 0x20000800)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) (async)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) (async)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x18000, 0x0) (async)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000001580)={r1}) (async)
sendmsg$AUDIT_SET_FEATURE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3fa, 0x2, 0x70bd2b, 0x25dfdbfc, {}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20004800}, 0x20000800) (async)

16.039613842s ago: executing program 0 (id=1008):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001ac0)=@newqdisc={0x24, 0x24, 0x714, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x2, 0x3}, {0x5, 0xfff3}, {0xfff1, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c051)
recvmsg$can_raw(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x40)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]})

16.038836244s ago: executing program 0 (id=1009):
openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x141000) (async)
r0 = getpid()
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000840)=[@in={0x2, 0x4e21, @local}], 0x10) (async)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f00000008c0)=0xfed, 0x4) (async)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000d80), 0x4) (async)
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x8020000) (async)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f00000025c0)=[{&(0x7f00000000c0)=""/89, 0x59}], 0x1, 0xb7, 0x2) (async)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000040)="05000000010097", 0x7) (async)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x621c2, 0x0)
ftruncate(r4, 0x8800000)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
sendfile(r5, r4, 0x0, 0x558410e9)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$SO_COOKIE(r6, 0x1, 0x2, &(0x7f0000000000), &(0x7f0000000100)=0x8)
io_uring_enter(r4, 0x1c3, 0xe3ab, 0x17, &(0x7f00000001c0)={[0x1]}, 0x8) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r7 = syz_open_procfs(r0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r7, &(0x7f0000000080)=""/237, 0xed, 0x5) (async)
syz_pidfd_open(r0, 0x0)

15.80031741s ago: executing program 0 (id=1010):
move_mount(0xffffffffffffffff, &(0x7f0000000840)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000880)='./file0\x00', 0x120)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000010008000bfa3000000000000070300000dfeffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e64030000000000360404000100edff1604000001000a00b7040000000100007b0af2fe00000000850000000c00000079a0f2fe0000000095000000000000009e17890efeee5e2b7ff8a8cdc218e784909b849d5550ad855dab54d8877a6db61d69f2ffcaa17f82e11cb97c8adf1b831f422543e78461e57b2798779207c9a0c4eeff9674c7fcffffff971e43405d621ffbc9a4fd39b0b56bfe6508ebb3c4631f6dde53b9a53608c10556e5c1e2b8fee684b251e2d107ba7947212e577540497661826c36c5c1df1451ce5413a12e2d9f8004e26b7fcc059c065012828d872b36388b595f6dba87b8031106fb0289ce67a66afd9ac3d09e29a9d542ca9d85b5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee41f5b2e7b91c61ced1eb57ad000000000000e8122a79c3e40000b59b0fc4917de6b0316dec3c080a802a000001000000000031b6a076555125aaffffa7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137e2524847d337ac976376d5074ce1d2638da3261c8362bb7c785d9b7c45218b100ee122040e11e3bdcb9d287ec31cd985841fe91212ee4a38af074c7e2ce006000000dc7777bfae5884e4ba1e9cc44846153ba0dec51a8e4abf07df093101c2c3bc4a59f22e46295a2d89a355bb9bba44f83fed3b2f96520100000040f1a8cde1fc1a1ef36c66880c8351cb06187641ed2f02835a8545a2374c09000000000000003c4e7b6d1a323c41a5d740b95d9317ff00000000000000f9db4a9a840000000033fbf7e9fa4f27245ca051d61c32bc3189af4ead1fca58746120fa0da48604000000000000003a6d824a7649c31576b3b69bd13f5a14c19790e24baf047fe3be299318f86ebb3094756894b2d1a4ff2fb76fed59c97ac9314408399485e659765d8e0000002000000000818d125c58a22151fabaaa7dc9eb40707927d240c6d29508fea81204e41040000000583ef12318bf8b2661f0df85a488f4068d95b59ec07e5aa144dbae3df0000000000000000035d764ee74ee870807942cbd6a28384f6ba7c5fccca601000000e4e9fd18460296d89cc847973955daae01bd99ea1862fdb38410145ade0cf000000055a5efc9ff92e6eb37c3922c8aa02b2dcb4c977a61d989cf088e5c45009d27e1744d9cf4dd50bef1609c13975833c038aee18ed0dcbe865d25e23c0864e50c5a2ed4cc3748672b7cd25067340a37475e0879fe9b3886dd054b43e7c485b2a43c3707d4c686bc5dea5b743d9e4b25adfb068e75b54c09481c8393e94053d99d0f7d67f7ed49b1c744d9f5b19c257136e6b2110000b5480a31359185c89956c2237e4c59d09b5aaab87f0e82802468398ffaac2fa66bb9afae6d449342aa30e443023f0554a756218077d418cf148af56491f0fa5b48582f1b13461fdf9fb9367f44d93d6ece0abe3e84b3279ab1a3f27d4afac67cf28594dd8ef1104c498a7bc63e2f6d3779c70d81c040b88451770eb988e9477d2de85be3555fe48e99d0880acd1c636dd3abff16db16594581d94dad70cc94c689707106000801a5cfad936253d110ca2aa3f13840b34ff956ee55602cad9bb209000000f32edea7a51515c035e55b31c91aeea878a8d51b4ce7bf9023b867ba3f450799f4dbfedad72c7dae607f9075877bd0db50fae9d0e0706c41ca92e71d81e06eaff63dab33c3cb3a8c28a6c2400f04412adeb9416ae3c8cfc8a7f6373247d903d8953de2a3cf07011db94b68af6176d0840a34a9aa493cfed41efc8377e294794771c4278caf7ad1c6c80fef4ae62a62499f9e301a085d14dc7049ddc965f0dabc5b29e972bb585758ac8867bb52cda4f2a73e44ef648d1c74f6ab97e646256a67e237664fa4942a0f1479c31bbeae1d7490d617b926"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)

15.587546219s ago: executing program 34 (id=1010):
move_mount(0xffffffffffffffff, &(0x7f0000000840)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000880)='./file0\x00', 0x120)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000010008000bfa3000000000000070300000dfeffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e64030000000000360404000100edff1604000001000a00b7040000000100007b0af2fe00000000850000000c00000079a0f2fe0000000095000000000000009e17890efeee5e2b7ff8a8cdc218e784909b849d5550ad855dab54d8877a6db61d69f2ffcaa17f82e11cb97c8adf1b831f422543e78461e57b2798779207c9a0c4eeff9674c7fcffffff971e43405d621ffbc9a4fd39b0b56bfe6508ebb3c4631f6dde53b9a53608c10556e5c1e2b8fee684b251e2d107ba7947212e577540497661826c36c5c1df1451ce5413a12e2d9f8004e26b7fcc059c065012828d872b36388b595f6dba87b8031106fb0289ce67a66afd9ac3d09e29a9d542ca9d85b5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee41f5b2e7b91c61ced1eb57ad000000000000e8122a79c3e40000b59b0fc4917de6b0316dec3c080a802a000001000000000031b6a076555125aaffffa7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137e2524847d337ac976376d5074ce1d2638da3261c8362bb7c785d9b7c45218b100ee122040e11e3bdcb9d287ec31cd985841fe91212ee4a38af074c7e2ce006000000dc7777bfae5884e4ba1e9cc44846153ba0dec51a8e4abf07df093101c2c3bc4a59f22e46295a2d89a355bb9bba44f83fed3b2f96520100000040f1a8cde1fc1a1ef36c66880c8351cb06187641ed2f02835a8545a2374c09000000000000003c4e7b6d1a323c41a5d740b95d9317ff00000000000000f9db4a9a840000000033fbf7e9fa4f27245ca051d61c32bc3189af4ead1fca58746120fa0da48604000000000000003a6d824a7649c31576b3b69bd13f5a14c19790e24baf047fe3be299318f86ebb3094756894b2d1a4ff2fb76fed59c97ac9314408399485e659765d8e0000002000000000818d125c58a22151fabaaa7dc9eb40707927d240c6d29508fea81204e41040000000583ef12318bf8b2661f0df85a488f4068d95b59ec07e5aa144dbae3df0000000000000000035d764ee74ee870807942cbd6a28384f6ba7c5fccca601000000e4e9fd18460296d89cc847973955daae01bd99ea1862fdb38410145ade0cf000000055a5efc9ff92e6eb37c3922c8aa02b2dcb4c977a61d989cf088e5c45009d27e1744d9cf4dd50bef1609c13975833c038aee18ed0dcbe865d25e23c0864e50c5a2ed4cc3748672b7cd25067340a37475e0879fe9b3886dd054b43e7c485b2a43c3707d4c686bc5dea5b743d9e4b25adfb068e75b54c09481c8393e94053d99d0f7d67f7ed49b1c744d9f5b19c257136e6b2110000b5480a31359185c89956c2237e4c59d09b5aaab87f0e82802468398ffaac2fa66bb9afae6d449342aa30e443023f0554a756218077d418cf148af56491f0fa5b48582f1b13461fdf9fb9367f44d93d6ece0abe3e84b3279ab1a3f27d4afac67cf28594dd8ef1104c498a7bc63e2f6d3779c70d81c040b88451770eb988e9477d2de85be3555fe48e99d0880acd1c636dd3abff16db16594581d94dad70cc94c689707106000801a5cfad936253d110ca2aa3f13840b34ff956ee55602cad9bb209000000f32edea7a51515c035e55b31c91aeea878a8d51b4ce7bf9023b867ba3f450799f4dbfedad72c7dae607f9075877bd0db50fae9d0e0706c41ca92e71d81e06eaff63dab33c3cb3a8c28a6c2400f04412adeb9416ae3c8cfc8a7f6373247d903d8953de2a3cf07011db94b68af6176d0840a34a9aa493cfed41efc8377e294794771c4278caf7ad1c6c80fef4ae62a62499f9e301a085d14dc7049ddc965f0dabc5b29e972bb585758ac8867bb52cda4f2a73e44ef648d1c74f6ab97e646256a67e237664fa4942a0f1479c31bbeae1d7490d617b926"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)

14.570594063s ago: executing program 3 (id=1013):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r2 = semget(0x0, 0x3, 0x0)
semop(r2, &(0x7f0000000180)=[{0x1, 0x8000, 0x800}, {0x4, 0x17bf, 0x1000}, {0x2, 0xfffe, 0x1000}, {0x3, 0x897d, 0x1800}], 0x4)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000340)={[{@index_on}]})
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
ioctl$CDROMVOLCTRL(r3, 0x5392, &(0x7f0000000100)={0xc, 0x2, 0x9, 0x4})
r4 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0x1], 0x0, 0x0, 0x1, 0x1, r4}}, 0x40)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)

14.080345649s ago: executing program 3 (id=1016):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002280)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf8, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1000000, 0x0, 0x0, 0x200000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x127b, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0xd528, 0x1, 0x5, 0x5, 0x3, {0xa, 0x1, 0x0, 0x2, 0x3, 0x5}, {0x3, 0x2, 0x8001, 0x9fb, 0x0, 0xfff}, 0x2, 0x80000001, 0x80000001}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x158014, 0xffffffffffffffff, 0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0x40, 0x2004, @fd_index=0x2, 0x4009, &(0x7f0000000080)="9e970f5382a25b39470b6aface3690064f10b07f589832e98cbf211107d4c939681a74b8bbedbe46a5c753948697d03980115f9c9abfb926a1bb6cffd5836a7432c599635c612ccfb979cfcef3301f3ee92164dac42b0c0a64aa2725657551318139f28fe8f99d46a14bb9717d355e418651a388926a", 0x76, 0x2, 0x0, {0x0, r3}})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

3.799871941s ago: executing program 4 (id=1023):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x3}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.799684159s ago: executing program 4 (id=1024):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x44, &(0x7f0000000000)={0x0, 0x0}, 0x10)
r1 = socket$inet(0x2, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000040)="9a7daaf4a116510b372e272143245137a449804829e48368cba5f1a610f5a276904b4d80659ca6bf9c2657b7e1d72e64a27a219e73794e85b0add1fb6536ab850a646d34e91020b6d861e0032ff7c89d367f7078107636ec4cf7e8e7cf50bfea9b0289c19b6a6ffe", 0x68}, {&(0x7f00000000c0)="bfdfcfc642c834a69168ab4c842fafe92786b87e01e56d4ac9f75527c85328517e9d98d25b6eab0d4f27dce0f280217d5642429811c3d8b2bb3f86e5bea284d25cfb0a8142a47f917a931508cf7c33d563e3a98bef72f93c39f770c8b5190cb80e2560a542156429333e3a2eab5dfd83dfbd1640a9383b774dfc78f9b40bbd5e4334c0dde3076c8ba3", 0x89}], 0x2, &(0x7f0000000240)=[@ip_retopts={{0x14, 0x0, 0x7, {[@end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}], 0x30}, 0x80)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r2 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_timeval(r3, 0x1, 0x4c, 0x0, &(0x7f0000000300))
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
r4 = syz_open_dev$sg(&(0x7f0000000440), 0xa, 0x8000)
ioctl$SG_SET_TIMEOUT(r4, 0x2201, &(0x7f00000001c0)=0x8000000)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000440)={@multicast2, @loopback, @private=0xa010100}, 0xc)

3.700243891s ago: executing program 3 (id=1025):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e0, &(0x7f0000000100)="4431c674868818a832c5959ff712c46c669cb58fbbf2e2638b4aa237a8fd2877a2b2c081ceb83f8efd9e23e565dee50ef3031f856f21714fce26783bd20bec0cad8263f5ef555d4447836dfed017350bbd195af4e5b7adf7f4335000f4c5fe16df85")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0xf, 0x400000000000, 0x25, 0x7, 0x8, r2, 0x0, 0x0, 0x40000000000e7, 0x0, 0x2, r2}])
sendmsg$key(0xffffffffffffffff, &(0x7f00005f5000)={0x1000000, 0x0, 0x0}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r4=>0x0)
io_destroy(r4)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

3.420054413s ago: executing program 4 (id=1027):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = dup(r3)
ioctl$BLKSECDISCARD(r4, 0x127d, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
sendto$inet6(r5, &(0x7f0000000280)='S', 0x1, 0x8000, 0x0, 0x0)
close(r5)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x78, 0x30, 0xb, 0x0, 0xfffffffe, {}, [{0x64, 0x1, [@m_ct={0x60, 0x1, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x0, 0x1}}, @TCA_CT_MARK={0x8, 0x10, 0xfffffffe}, @TCA_CT_LABELS={0x14, 0x7, "e3ccd1c5b8fbe60833617f2f4a63b45b"}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x10000000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
r7 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$6lowpan_control(r7, &(0x7f0000000240)='disconnect aa:aa:aa:aa:aa:10 2', 0x1e)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x84, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x58, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x1, 0x1, 0x3, 0x1, 0x4, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_MARK={0x10, 0xa, {0xc1, 0x9}}]}}]}, 0x84}}, 0x24040084)
socket(0xb, 0x2, 0x8)

2.471048286s ago: executing program 3 (id=1028):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000140)={0x3e, 0x5c3, 0x7ffffffa})
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2, 0x1, 0x0, 0x3, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private0}}]}, 0x60}}, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r2, &(0x7f0000000780)={0x2, 0x4e24, @multicast1}, 0x10) (async)
bind$inet(r2, &(0x7f0000000780)={0x2, 0x4e24, @multicast1}, 0x10)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000300)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x9, 0x28, 0x68, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x8, 0x2, 0x0, 0x40}}}}}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)=@newtaction={0x64, 0x30, 0xb, 0x5, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x80, 0x0, 0x0, 0x400, 0x400}}, @TCA_CT_ACTION={0x6, 0x3, 0x3b}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x8890}, 0x40)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}}}}}}, 0x0) (async)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}}}}}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x50, 0xda2a8e9cc7bcd9bd, 0x3}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="180000003d00810700eaff00000000000300000004"], 0x18}}, 0x0) (async)
sendmsg$nl_generic(r8, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="180000003d00810700eaff00000000000300000004"], 0x18}}, 0x0)
syz_clone3(&(0x7f0000000500)={0x10200, &(0x7f0000000180), &(0x7f00000001c0)=<r9=>0x0, &(0x7f0000000200), {0x18}, &(0x7f00000003c0)=""/206, 0xce, &(0x7f00000005c0)=""/215, &(0x7f00000004c0)=[0x0, 0x0, 0x0], 0x3}, 0x58)
move_pages(r9, 0x3, &(0x7f00000006c0)=[&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000700)=[0x9, 0x8, 0x2, 0x8, 0x2, 0x2, 0x0], &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0], 0x6)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000040)={@any, 0x2}) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000040)={@any, 0x2})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={<r10=>r5})
ioctl$SCSI_IOCTL_DOORLOCK(0xffffffffffffffff, 0x5380)
recvfrom$rxrpc(r10, &(0x7f00000002c0)=""/208, 0xd0, 0x60002100, &(0x7f0000000100)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e22, 0xf, @rand_addr=' \x01\x00', 0x35}}, 0x24)

2.470863157s ago: executing program 4 (id=1029):
mkdir(&(0x7f0000000200)='./bus\x00', 0x110) (async)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./bus\x00', &(0x7f0000000540), 0x800)

2.466040561s ago: executing program 4 (id=1030):
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r0, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000000))

2.17014507s ago: executing program 4 (id=1031):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000180), 0x108800, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0x0, r3, {0x7, 0x1f, 0x1000001, 0x5069f481, 0x8, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef10542a2201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42731b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c32768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e179100a0000000000000021e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90a14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9edb6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc83cccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x24c01, 0x0)
unshare(0x20020680)
r5 = syz_io_uring_setup(0x10b, &(0x7f00000000c0)={0x0, 0x0, 0x80, 0x1, 0x2000008}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x50, 0x0, 0xffffffffffffffff, &(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r5, 0x47f9, 0x0, 0x0, 0x0, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r8=>0x0)
io_submit(r8, 0x20, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r4, &(0x7f00000000c0)='!', 0xb7f40, 0x407f0b00}])
dup3(r4, r2, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

1.611506175s ago: executing program 5 (id=1035):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x301200, 0x0)
ioctl$CDROM_LAST_WRITTEN(r0, 0x5395, &(0x7f0000000140))
r1 = socket$rds(0x15, 0x5, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r3 = syz_io_uring_setup(0xd2, &(0x7f0000000240)={0x0, 0x9d83, 0x0, 0x1, 0x2bc}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000640)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x8001, 0x6, 0x0, 0x1}]}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=@base={0x5, 0x10001, 0x7fff, 0x2, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001780), 0x8, r6}, 0x38)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r3, 0x47bc, 0x20, 0x0, 0x0, 0x0)
bind$rds(r1, &(0x7f00000000c0)={0x2, 0x1, @loopback}, 0x10)

1.496552541s ago: executing program 3 (id=1036):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
r0 = fsmount(0xffffffffffffffff, 0x46c9f384328af77d, 0xe)
ioctl$IMGETDEVINFO(r0, 0x80044944, &(0x7f0000000040)={0xffff7fff})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
r1 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x39, 0x0, 0x0, 0x62, 0x86cc4097e8288a3a, 0x0, 0x0, 0x0, 0x34, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x1d)
r4 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x402, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000640)=0x10)
ioctl$BINDER_GET_EXTENDED_ERROR(r5, 0xc00c6211, &(0x7f0000000040))
mmap$binder(&(0x7f0000530000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0xb4)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r7, 0x84, 0x80, &(0x7f0000000000)=""/4103, &(0x7f0000001080)=0x1007)
r8 = socket$nl_route(0x10, 0x3, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="900000001000030500"/18, @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=r10], 0x90}}, 0x0)
mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0)
set_mempolicy_home_node(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000008, 0x10, 0xffffffffffffffff, 0x10000000)
add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, r4)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r3, 0xcf)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
fanotify_init(0x0, 0x1000)

1.493589452s ago: executing program 5 (id=1037):
mknod(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
lsetxattr$security_selinux(&(0x7f0000000040)='./bus\x00', &(0x7f0000000140), &(0x7f0000000180)='system_u:object_r:shadow_t:s0\x00', 0x1e, 0x2)
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x3000000, 0x13, r0, 0x0)
fchmodat(r0, &(0x7f00000001c0)='./bus\x00', 0x105)
mount(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000)='jffs2\x00', 0x400080, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix_mp={0x0, 0x0, 0x34325258, 0x0, 0xb, [{}, {0x0, 0xffffffff}, {0x4}, {0x2}, {}, {}, {0xefe}], 0x0, 0x0, 0x0, 0x0, 0x6}})

1.330307902s ago: executing program 5 (id=1038):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0xff)
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e6400000000180002801400088008"], 0x48}}, 0x0)
sendmmsg$inet(r3, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x715a9d1e7a68469a, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_OBJREF_IMM_TYPE={0x2f, 0x1, 0x1, 0x0, 0x5}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz0\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x4000)
write$vhost_msg_v2(r0, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272)

1.029735854s ago: executing program 5 (id=1039):
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x5, 0x212400)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
write$qrtrtun(r1, &(0x7f0000000180)="2bdbca4b", 0x4)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r1, 0x0, 0x10002, 0x0, 0x5, 0x11989d, 0x3de13c})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0500000005000000100a000084"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r2}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x6c, r2}, 0x38)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r3, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r4, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {0x0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0)

860.36426ms ago: executing program 5 (id=1040):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x189000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xa2500, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7fffffffffffffff)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quota'])
r2 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x250942, 0x1cd)
r3 = openat(r2, &(0x7f0000000400)='./file1\x00', 0x80c0, 0x4)
fchown(r3, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r2, 0xffffffff80000901, 0xee00, 0x0)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
sendmmsg$inet(r1, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000300)='\x00\x00', 0x2}], 0x1}}], 0x1, 0x24040890)
openat$cgroup_ro(r2, &(0x7f0000000200)='memory.stat\x00', 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000140)=0x1, 0x4)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r4, 0x84, 0x4, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
clock_gettime(0x1, &(0x7f0000004f40))

549.218445ms ago: executing program 3 (id=1041):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
copy_file_range(r4, 0x0, r4, 0x0, 0x7, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="010000000000"], 0x14}}, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r5, 0x20, &(0x7f0000000100)={0x0, 0x0, <r6=>0x0, 0x0}}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r6, 0x4)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_ext={0x1c, 0x17, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xc}, [@alu={0x7, 0x0, 0xd, 0xe, 0xb, 0x30, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @map_fd={0x18, 0xa, 0x1, 0x0, r2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000180)='GPL\x00', 0x7, 0x4f, &(0x7f0000000280)=""/79, 0x41000, 0xfa, '\x00', 0x0, 0x0, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x5, 0x2, 0x1, 0xfffffffd}, 0x10, 0x2330b, r2, 0x2, &(0x7f0000000480)=[r2, r2, r2, r2], &(0x7f0000000580)=[{0x4, 0x4, 0xb, 0x1}, {0x3, 0x1, 0xf, 0x7}], 0x10, 0xb, @void, @value}, 0x94)
ioctl$BTRFS_IOC_INO_PATHS(r8, 0xc0389423, &(0x7f0000000080)={0x6c7, 0x18, [0x5, 0xe8, 0xb, 0x100], &(0x7f0000000040)=[0x0, 0x0, 0x0]})
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r10=>0x0})
socket$unix(0x1, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r11 = syz_open_procfs(0x0, &(0x7f0000000b40)='attr/current\x00')
read$eventfd(r11, 0x0, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)=ANY=[@ANYRES32=r10, @ANYBLOB="c2ee8a8610f1a70256c1f84d03d00d3ae656a9fddd9769ea6130ca6e2ccc0e8474dd9a8a259a27eb3957d63f5add8c4d0052d7625c7fd048553dd9041484eb4d09eec1235c52e42016516642bb56bd92de1742fe90aef5f7bcb34052f0827d74", @ANYRESHEX=r6], 0x48}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r9)
socket$netlink(0x10, 0x3, 0x10)

0s ago: executing program 5 (id=1042):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="01000000060000000410000010"], 0x50)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x438, 0x268, 0x168, 0x0, 0x268, 0xa, 0x368, 0x250, 0x250, 0x368, 0x250, 0x3, 0x0, {[{{@uncond, 0x0, 0x228, 0x268, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'caif0\x00', {0x1, 0x7ff, 0x8, 0x1, 0x300, 0x6, 0x1000}}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x4, "48c01c5140d722edd3fb24545886bbd1be494201b400"}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x498)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r3, &(0x7f0000000140)=""/56, 0x38)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="01000000060000000410000010"], 0x50) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x438, 0x268, 0x168, 0x0, 0x268, 0xa, 0x368, 0x250, 0x250, 0x368, 0x250, 0x3, 0x0, {[{{@uncond, 0x0, 0x228, 0x268, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'caif0\x00', {0x1, 0x7ff, 0x8, 0x1, 0x300, 0x6, 0x1000}}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x4, "48c01c5140d722edd3fb24545886bbd1be494201b400"}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x498) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r2}, 0x10) (async)
syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') (async)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8) (async)
getdents(r3, &(0x7f0000000140)=""/56, 0x38) (async)

kernel console output (not intermixed with test programs):

m_u:object_r:security_t tclass=security permissive=1
[  129.273708][ T9241] SELinux:  policydb magic number 0x16c20285 does not match expected magic number 0xf97cff8c
[  129.284398][ T9241] SELinux: failed to load policy
[  129.308090][   T40] audit: type=1400 audit(1749210210.594:784): avc:  denied  { write } for  pid=9239 comm="syz.0.838" name="raw6" dev="proc" ino=4026533079 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  129.313146][ T9256] __nla_validate_parse: 1 callbacks suppressed
[  129.313155][ T9256] netlink: 4 bytes leftover after parsing attributes in process `syz.5.842'.
[  129.320152][   T40] audit: type=1400 audit(1749210210.594:785): avc:  denied  { write } for  pid=9251 comm="syz.5.842" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  129.441604][   T40] audit: type=1400 audit(1749210210.724:786): avc:  denied  { mount } for  pid=9267 comm="syz.0.848" name="/" dev="ramfs" ino=27454 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  129.451123][   T40] audit: type=1400 audit(1749210210.724:787): avc:  denied  { mounton } for  pid=9267 comm="syz.0.848" path="/file1" dev="ramfs" ino=27455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  129.535573][   T40] audit: type=1400 audit(1749210210.824:788): avc:  denied  { create } for  pid=9272 comm="syz.4.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  129.541512][   T40] audit: type=1400 audit(1749210210.824:789): avc:  denied  { connect } for  pid=9272 comm="syz.4.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  129.606430][   T40] audit: type=1400 audit(1749210210.894:790): avc:  denied  { read append } for  pid=9276 comm="syz.0.851" name="event1" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  129.615992][   T40] audit: type=1400 audit(1749210210.894:791): avc:  denied  { ioctl } for  pid=9276 comm="syz.0.851" path="/dev/input/event1" dev="devtmpfs" ino=943 ioctlcmd=0x4504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  129.683563][ T7015] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  129.732312][ T9284] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  129.833595][ T7015] usb 8-1: Using ep0 maxpacket: 8
[  129.836708][ T7015] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  129.839882][ T7015] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  129.842929][ T7015] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  129.846251][ T7015] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  129.850376][ T7015] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  129.853253][ T7015] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.966937][   T40] audit: type=1326 audit(1749210211.254:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9293 comm="syz.0.855" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd44838e929 code=0x0
[  130.061548][ T7015] usb 8-1: GET_CAPABILITIES returned 0
[  130.063626][ T7015] usbtmc 8-1:16.0: can't read capabilities
[  130.266348][ T7015] usb 8-1: USB disconnect, device number 11
[  130.416499][ T9297] kvm: pic: non byte read
[  130.802247][ T9304] bpf: Bad value for 'uid'
[  131.046587][ T1143] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.124938][ T1143] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.175540][ T9332] netlink: 24 bytes leftover after parsing attributes in process `syz.3.868'.
[  131.206209][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  131.209865][ T5943] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  131.212718][ T5943] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  131.217804][ T1143] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.219274][ T5943] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  131.224528][ T5943] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  131.355379][ T9335] chnl_net:caif_netlink_parms(): no params data found
[  131.476639][ T9335] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.478830][ T9335] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.480975][ T9335] bridge_slave_0: entered allmulticast mode
[  131.484374][ T9335] bridge_slave_0: entered promiscuous mode
[  131.492695][ T9335] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.494971][ T9335] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.497220][ T9335] bridge_slave_1: entered allmulticast mode
[  131.505878][ T9354] netlink: 36 bytes leftover after parsing attributes in process `syz.3.872'.
[  131.509623][ T9335] bridge_slave_1: entered promiscuous mode
[  131.546667][ T9335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.551170][ T9335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.565740][ T1143] bridge_slave_1: left allmulticast mode
[  131.567545][ T1143] bridge_slave_1: left promiscuous mode
[  131.569829][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.586266][ T1143] bridge_slave_0: left allmulticast mode
[  131.588041][ T1143] bridge_slave_0: left promiscuous mode
[  131.590186][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.717054][ T9365] input: syz1 as /devices/virtual/input/input13
[  131.865728][ T9371] netlink: 'syz.4.878': attribute type 11 has an invalid length.
[  131.868177][ T9371] netlink: 'syz.4.878': attribute type 11 has an invalid length.
[  131.871254][ T9371] netlink: 224 bytes leftover after parsing attributes in process `syz.4.878'.
[  131.912686][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  131.917821][ T1143] bond_slave_0: left allmulticast mode
[  131.920777][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  131.924883][ T1143] bond_slave_1: left allmulticast mode
[  131.927869][ T1143] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  131.930723][ T1143] veth1_vlan: left allmulticast mode
[  131.933173][ T1143] bond0 (unregistering): Released all slaves
[  132.030833][ T9335] team0: Port device team_slave_0 added
[  132.035296][ T9335] team0: Port device team_slave_1 added
[  132.041870][ T1143] IPVS: stopping backup sync thread 8938 ...
[  132.046561][ T1143] IPVS: stopping backup sync thread 8937 ...
[  132.049804][ T1143] IPVS: stopping backup sync thread 8933 ...
[  132.053149][ T1143] IPVS: stopping backup sync thread 8932 ...
[  132.096133][ T9335] batman_adv: batadv0: Adding interface: batadv_slave_0
[  132.098450][ T9335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.108047][ T9335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  132.115820][ T9335] batman_adv: batadv0: Adding interface: batadv_slave_1
[  132.121204][ T9335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.121246][ T9335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  132.215138][ T9387] xt_CT: You must specify a L4 protocol and not use inversions on it
[  132.237231][ T9335] hsr_slave_0: entered promiscuous mode
[  132.240364][ T9335] hsr_slave_1: entered promiscuous mode
[  132.243119][ T9335] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.246485][ T9335] Cannot create hsr debugfs directory
[  132.362133][ T9402] netlink: 8 bytes leftover after parsing attributes in process `syz.5.887'.
[  132.365184][ T9403] netlink: 8 bytes leftover after parsing attributes in process `syz.5.887'.
[  132.372473][ T1143] hsr_slave_0: left promiscuous mode
[  132.375228][ T1143] hsr_slave_1: left promiscuous mode
[  132.375979][ T9403] netlink: 36 bytes leftover after parsing attributes in process `syz.5.887'.
[  132.377485][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.382402][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.387828][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.390356][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.412028][ T1143] veth1_macvtap: left promiscuous mode
[  132.417139][ T1143] veth0_macvtap: left promiscuous mode
[  132.418936][ T1143] veth1_vlan: left promiscuous mode
[  132.420932][ T1143] veth0_vlan: left promiscuous mode
[  132.578640][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  133.070992][ T1143] team0 (unregistering): Port device team_slave_1 removed
[  133.163916][ T1143] team0 (unregistering): Port device team_slave_0 removed
[  133.307963][ T5939] Bluetooth: hci1: command tx timeout
[  133.705780][ T9415] program syz.5.889 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  133.710861][ T9415] vivid-000: =================  START STATUS  =================
[  133.718486][ T9415] vivid-000: Test Pattern: 75% Colorbar
[  133.720752][ T9415] vivid-000: Fill Percentage of Frame: 100
[  133.722817][ T9415] vivid-000: Horizontal Movement: No Movement
[  133.727945][ T9415] vivid-000: Vertical Movement: No Movement
[  133.729947][ T9415] vivid-000: OSD Text Mode: All
[  133.731560][ T9415] vivid-000: Show Border: false
[  133.733262][ T9415] vivid-000: Show Square: false
[  133.735087][ T9415] vivid-000: Sensor Flipped Horizontally: false
[  133.737152][ T9415] vivid-000: Sensor Flipped Vertically: false
[  133.739284][ T9415] vivid-000: Insert SAV Code in Image: false
[  133.745184][ T9415] vivid-000: Insert EAV Code in Image: false
[  133.746521][ T9420] mmap: syz.3.891 (9420): VmData 37597184 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data.
[  133.747267][ T9415] vivid-000: Insert Video Guard Band: false
[  133.755119][ T9415] vivid-000: Reduced Framerate: false
[  133.758098][ T9415] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  133.760484][ T9415] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  133.766089][ T9415] vivid-000: Enable Capture Cropping: true
[  133.768458][ T9415] vivid-000: Enable Capture Composing: true
[  133.770837][ T9415] vivid-000: Enable Capture Scaler: true
[  133.773093][ T9415] vivid-000: Timestamp Source: Start of Exposure
[  133.790148][ T9415] vivid-000: Colorspace: sRGB
[  133.796673][ T9415] vivid-000: Transfer Function: Default
[  133.798524][ T9415] vivid-000: Y'CbCr Encoding: Default
[  133.800437][ T9415] vivid-000: HSV Encoding: Hue 0-179
[  133.802282][ T9415] vivid-000: Quantization: Default
[  133.805258][ T9415] vivid-000: Apply Alpha To Red Only: false
[  133.807224][ T9415] vivid-000: Standard Aspect Ratio: 4x3
[  133.809121][ T9415] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  133.811718][ T9415] vivid-000: DV Timings: 640x480p59 inactive
[  133.815818][ T9415] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  133.819110][ T9415] vivid-000: Maximum EDID Blocks: 2
[  133.821384][ T9415] vivid-000: Limited RGB Range (16-235): false
[  133.824662][ T9415] vivid-000: Rx RGB Quantization Range: Automatic
[  133.826839][ T9415] vivid-000: Power Present: 0x00000001
[  133.828567][ T9415] tpg source WxH: 320x180 (Y'CbCr)
[  133.830251][ T9415] tpg field: 1
[  133.831392][ T9415] tpg crop: (0,0)/320x180
[  133.832806][ T9415] tpg compose: (0,0)/320x180
[  133.836917][ T9415] tpg colorspace: 8
[  133.838168][ T9415] tpg transfer function: 0/0
[  133.839644][ T9415] tpg Y'CbCr encoding: 0/0
[  133.841102][ T9415] tpg quantization: 0/0
[  133.842453][ T9415] tpg RGB range: 0/2
[  133.844142][ T9415] vivid-000: ==================  END STATUS  ==================
[  133.910563][ T9433] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  134.062570][ T1143] IPVS: stop unused estimator thread 0...
[  134.282809][ T9335] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  134.292237][ T9335] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  134.297696][ T9335] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  134.300859][   T40] kauditd_printk_skb: 84 callbacks suppressed
[  134.300872][   T40] audit: type=1400 audit(1749210215.584:877): avc:  denied  { create } for  pid=9480 comm="syz.5.902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  134.306327][ T9335] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  134.319313][   T40] audit: type=1400 audit(1749210215.604:878): avc:  denied  { setopt } for  pid=9480 comm="syz.5.902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  134.331395][   T40] audit: type=1400 audit(1749210215.604:879): avc:  denied  { bind } for  pid=9480 comm="syz.5.902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  134.339937][   T40] audit: type=1400 audit(1749210215.604:880): avc:  denied  { read } for  pid=9480 comm="syz.5.902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  134.375818][   T40] audit: type=1400 audit(1749210215.664:881): avc:  denied  { write } for  pid=9480 comm="syz.5.902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  134.382702][ T9335] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.404239][ T9335] 8021q: adding VLAN 0 to HW filter on device team0
[  134.413017][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.415316][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.430741][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.433041][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.574940][ T8759] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  134.602904][ T9335] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.629657][ T9335] veth0_vlan: entered promiscuous mode
[  134.638018][ T9335] veth1_vlan: entered promiscuous mode
[  134.654960][ T9335] veth0_macvtap: entered promiscuous mode
[  134.658745][ T9335] veth1_macvtap: entered promiscuous mode
[  134.667159][ T9335] batman_adv: batadv0: Interface activated: batadv_slave_0
[  134.674020][ T9335] batman_adv: batadv0: Interface activated: batadv_slave_1
[  134.680324][ T9335] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.687568][ T9335] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.691046][ T9335] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  134.695961][ T9335] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  134.731899][ T8759] usb 9-1: Using ep0 maxpacket: 16
[  134.735888][ T8759] usb 9-1: config 0 has an invalid interface number: 145 but max is 0
[  134.738709][ T8759] usb 9-1: config 0 has no interface number 0
[  134.742618][ T8759] usb 9-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  134.746970][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.749517][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.755923][ T8759] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.759196][ T8759] usb 9-1: Product: syz
[  134.760719][ T8759] usb 9-1: Manufacturer: syz
[  134.762386][ T8759] usb 9-1: SerialNumber: syz
[  134.767444][ T8759] usb 9-1: config 0 descriptor??
[  134.770266][ T8759] hub 9-1:0.145: bad descriptor, ignoring hub
[  134.772045][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.772998][ T8759] hub 9-1:0.145: probe with driver hub failed with error -5
[  134.775212][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.780016][ T8759] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.145/input/input14
[  134.783241][   T40] audit: type=1400 audit(1749210216.064:882): avc:  denied  { mounton } for  pid=9335 comm="syz-executor" path="/syzkaller.s0QPS3/syz-tmp" dev="sda1" ino=2040 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  134.786331][   T40] audit: type=1400 audit(1749210216.074:883): avc:  denied  { mount } for  pid=9335 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  134.803968][   T40] audit: type=1400 audit(1749210216.074:884): avc:  denied  { mounton } for  pid=9335 comm="syz-executor" path="/syzkaller.s0QPS3/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  134.814885][   T40] audit: type=1400 audit(1749210216.074:885): avc:  denied  { mounton } for  pid=9335 comm="syz-executor" path="/syzkaller.s0QPS3/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=28450 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  134.827135][   T40] audit: type=1400 audit(1749210216.104:886): avc:  denied  { mounton } for  pid=9335 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2828 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  135.133082][ T9532] syzkaller1: entered promiscuous mode
[  135.136217][ T9532] syzkaller1: entered allmulticast mode
[  135.373507][ T5939] Bluetooth: hci1: command tx timeout
[  135.385726][ T9562] netlink: 8 bytes leftover after parsing attributes in process `syz.5.912'.
[  135.443597][ T9571] xt_hashlimit: size too large, truncated to 1048576
[  135.559992][ T9585] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  135.562089][ T9585] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  135.566553][ T9585] vhci_hcd vhci_hcd.0: Device attached
[  135.569801][ T9586] vhci_hcd: connection closed
[  135.570107][   T74] vhci_hcd: stop threads
[  135.575146][   T74] vhci_hcd: release socket
[  135.576947][   T74] vhci_hcd: disconnect device
[  135.768525][ T9595] netlink: 8 bytes leftover after parsing attributes in process `syz.4.920'.
[  136.066462][ T9610] bridge2: the hash_elasticity option has been deprecated and is always 16
[  136.286449][ T9617] netlink: 104 bytes leftover after parsing attributes in process `syz.4.928'.
[  136.329483][ T9621] netlink: 'syz.5.931': attribute type 1 has an invalid length.
[  136.344213][ T9621] QAT: Invalid ioctl -2144835806
[  136.828251][ T9660] SELinux: security_context_str_to_sid („) failed with errno=-22
[  136.871534][ T9664] netlink: 12 bytes leftover after parsing attributes in process `syz.0.944'.
[  137.006755][ T9675] netlink: 'syz.0.947': attribute type 1 has an invalid length.
[  137.009556][ T9675] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  137.098319][ T9681] overlay: Unknown parameter 'dont_appraise'
[  137.433513][ T9695] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9695 comm=syz.3.952
[  137.457330][ T5939] Bluetooth: hci1: command tx timeout
[  137.487578][ T9703] CIFS mount error: No usable UNC path provided in device string!
[  137.487578][ T9703] 
[  137.490868][ T9703] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  137.496515][ T9705] team0: Device gtp0 is of different type
[  137.541188][ T9709] tipc: Enabling of bearer <eth:pimreg1> rejected, failed to enable media
[  137.549365][ T5939] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  137.635538][ T9719] netlink: 'syz.3.962': attribute type 1 has an invalid length.
[  137.640430][ T9719] netlink: 'syz.3.962': attribute type 2 has an invalid length.
[  137.650939][ T9719] netlink: 'syz.3.962': attribute type 1 has an invalid length.
[  137.653331][ T9719] netlink: 'syz.3.962': attribute type 2 has an invalid length.
[  137.775002][ T9730] tipc: Started in network mode
[  137.776655][ T9730] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  137.779436][ T9730] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  137.789093][ T9731] syzkaller1: entered promiscuous mode
[  137.791018][ T9731] syzkaller1: entered allmulticast mode
[  137.795317][ T9731] netlink: 'syz.0.966': attribute type 4 has an invalid length.
[  137.827051][ T9733] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  137.834791][ T9733] overlayfs: missing 'lowerdir'
[  137.893680][ T9739] overlayfs: conflicting options: verity=require,redirect_dir=nofollow
[  137.972036][ T9747] loop4: detected capacity change from 0 to 524255232
[  138.184874][ T9763] netlink: 'syz.5.979': attribute type 29 has an invalid length.
[  138.296272][  T836] usb 9-1: USB disconnect, device number 8
[  138.489295][ T9790] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  138.597710][ T9803] netlink: 48 bytes leftover after parsing attributes in process `syz.5.991'.
[  138.646311][ T9806] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  138.646518][ T9807] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_tx_wq": -EINTR
[  138.903257][ T9822] cgroup: fork rejected by pids controller in 
[  138.913916][ T2104] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  138.943144][ T9822] /syz3
[  139.086576][ T2104] usb 10-1: Using ep0 maxpacket: 32
[  139.089430][ T2104] usb 10-1: config 0 has an invalid interface number: 67 but max is 0
[  139.091970][ T2104] usb 10-1: config 0 has no interface number 0
[  139.133792][ T2104] usb 10-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  139.136628][ T2104] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.139078][ T2104] usb 10-1: Product: syz
[  139.140405][ T2104] usb 10-1: Manufacturer: syz
[  139.141872][ T2104] usb 10-1: SerialNumber: syz
[  139.192034][ T2104] usb 10-1: config 0 descriptor??
[  139.196606][ T2104] smsc95xx v2.0.0
[  139.236603][ T9861] IPv6: syztnl0: Disabled Multicast RS
[  139.462035][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  139.462045][   T40] audit: type=1400 audit(1749210220.744:922): avc:  denied  { write } for  pid=9866 comm="syz.0.999" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  139.534088][ T5939] Bluetooth: hci1: command tx timeout
[  139.826028][   T40] audit: type=1400 audit(1749210221.114:923): avc:  denied  { execute } for  pid=9874 comm="syz.0.1003" path="/memory.stat" dev="ramfs" ino=31938 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  139.909638][   T40] audit: type=1400 audit(1749210221.194:924): avc:  denied  { lock } for  pid=9874 comm="syz.0.1003" path="socket:[31942]" dev="sockfs" ino=31942 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  139.929984][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  140.014748][ T9878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1004'.
[  140.025911][ T9878] vlan2: entered allmulticast mode
[  140.027613][ T9878] bond0: entered allmulticast mode
[  140.029350][ T9878] bond_slave_0: entered allmulticast mode
[  140.048139][ T9878] bond_slave_1: entered allmulticast mode
[  140.059396][ T9878] ieee802154 phy0 wpan0: encryption failed: -22
[  140.059396][   T40] audit: type=1400 audit(1749210221.344:925): avc:  denied  { write } for  pid=9877 comm="syz.0.1004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  140.266251][ T9882] ip6gretap1: entered allmulticast mode
[  140.712637][ T8002] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.832887][ T8002] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.898719][ T8002] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.988118][ T8002] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.151852][ T8002] bridge_slave_1: left allmulticast mode
[  141.163587][ T8002] bridge_slave_1: left promiscuous mode
[  141.168588][ T8002] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.179785][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  141.185477][ T5943] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  141.188501][ T5943] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  141.193145][ T5943] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  141.193205][ T8002] bridge_slave_0: left allmulticast mode
[  141.203422][ T8002] bridge_slave_0: left promiscuous mode
[  141.205364][ T8002] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.205398][ T5943] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  141.512145][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  141.583457][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  141.586523][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  141.589645][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  141.592310][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  141.670602][ T2104] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  141.674229][ T2104] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  141.684245][ T2104] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  141.687618][ T2104] smsc95xx 10-1:0.67: probe with driver smsc95xx failed with error -71
[  141.702987][ T2104] usb 10-1: USB disconnect, device number 6
[  141.812190][ T8002] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  141.816049][ T8002] bond_slave_0: left allmulticast mode
[  141.819211][ T8002] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  141.824816][ T8002] bond_slave_1: left allmulticast mode
[  141.828068][ T8002] bond0 (unregistering): Released all slaves
[  141.838074][   T40] audit: type=1400 audit(1749210223.124:926): avc:  denied  { map } for  pid=9907 comm="syz.3.1000" path="/dev/ubi_ctrl" dev="devtmpfs" ino=719 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  141.913911][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  142.039646][   T40] audit: type=1400 audit(1749210223.314:927): avc:  denied  { ioctl } for  pid=9921 comm="syz.5.1014" path="socket:[31400]" dev="sockfs" ino=31400 ioctlcmd=0x8947 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  142.099849][ T9919] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  142.103983][ T9919] overlayfs: missing 'lowerdir'
[  142.118784][ T9901] chnl_net:caif_netlink_parms(): no params data found
[  142.395528][ T9938] netlink: 'syz.5.1017': attribute type 1 has an invalid length.
[  142.398603][ T9938] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1017'.
[  142.401905][ T9938] workqueue: Failed to create a rescuer kthread for wq "phy3": -EINTR
[  142.421560][ T9901] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.428885][ T9901] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.431355][ T9901] bridge_slave_0: entered allmulticast mode
[  142.434384][ T9901] bridge_slave_0: entered promiscuous mode
[  142.437389][ T9901] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.439615][ T9901] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.441846][ T9901] bridge_slave_1: entered allmulticast mode
[  142.454570][ T9901] bridge_slave_1: entered promiscuous mode
[  142.475270][ T9944] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1018'.
[  142.479873][ T9944] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1018'.
[  142.540100][ T8002] hsr_slave_0: left promiscuous mode
[  142.546627][ T8002] hsr_slave_1: left promiscuous mode
[  142.548679][ T8002] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.550987][ T8002] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.554563][ T8002] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.556870][ T8002] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.607471][ T8002] veth1_macvtap: left promiscuous mode
[  142.609386][ T8002] veth0_macvtap: left promiscuous mode
[  142.611175][ T8002] veth1_vlan: left promiscuous mode
[  142.612865][ T8002] veth0_vlan: left promiscuous mode
[  143.303651][ T5943] Bluetooth: hci1: command tx timeout
[  143.361309][ T9835] syz.3.995 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  143.365869][ T9835] CPU: 2 UID: 0 PID: 9835 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  143.365884][ T9835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  143.365891][ T9835] Call Trace:
[  143.365895][ T9835]  <TASK>
[  143.365899][ T9835]  dump_stack_lvl+0x16c/0x1f0
[  143.365948][ T9835]  dump_header+0x101/0x930
[  143.365965][ T9835]  oom_kill_process+0x270/0xa60
[  143.365980][ T9835]  out_of_memory+0x350/0x1700
[  143.365998][ T9835]  ? __pfx_out_of_memory+0x10/0x10
[  143.366016][ T9835]  mem_cgroup_out_of_memory+0x118/0x130
[  143.366028][ T9835]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  143.366043][ T9835]  ? do_raw_spin_unlock+0x172/0x230
[  143.366057][ T9835]  try_charge_memcg+0x72b/0xd50
[  143.366074][ T9835]  ? __pfx_try_charge_memcg+0x10/0x10
[  143.366089][ T9835]  ? __print_lock_name+0xd1/0xe0
[  143.366102][ T9835]  ? rcu_read_unlock+0x17/0x60
[  143.366121][ T9835]  charge_memcg+0x8a/0x230
[  143.366136][ T9835]  __mem_cgroup_charge+0x2b/0x1e0
[  143.366146][ T9835]  filemap_add_folio+0x88/0x220
[  143.366161][ T9835]  ? __pfx_filemap_add_folio+0x10/0x10
[  143.366180][ T9835]  __filemap_get_folio+0x510/0xc30
[  143.366198][ T9835]  filemap_fault+0x661/0x26c0
[  143.366215][ T9835]  ? __pfx_filemap_fault+0x10/0x10
[  143.366237][ T9835]  __do_fault+0x10a/0x490
[  143.366253][ T9835]  __handle_mm_fault+0x3c2a/0x5490
[  143.366269][ T9835]  ? __pfx___handle_mm_fault+0x10/0x10
[  143.366282][ T9835]  ? __pte_offset_map_lock+0x174/0x310
[  143.366298][ T9835]  ? find_held_lock+0x2b/0x80
[  143.366309][ T9835]  ? find_held_lock+0x2b/0x80
[  143.366325][ T9835]  ? follow_page_pte+0x3af/0x14c0
[  143.366338][ T9835]  handle_mm_fault+0x589/0xd10
[  143.366353][ T9835]  __get_user_pages+0x589/0x3b80
[  143.366369][ T9835]  ? __pfx___get_user_pages+0x10/0x10
[  143.366380][ T9835]  ? __kernel_write_iter+0x5a5/0xa90
[  143.366397][ T9835]  get_dump_page+0x257/0x3d0
[  143.366429][ T9835]  ? __pfx_get_dump_page+0x10/0x10
[  143.366443][ T9835]  ? dump_user_range+0x745/0xb60
[  143.366456][ T9835]  ? __kernel_write_iter+0x48c/0xa90
[  143.366471][ T9835]  dump_user_range+0x195/0xb60
[  143.366486][ T9835]  ? __pfx_dump_user_range+0x10/0x10
[  143.366500][ T9835]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  143.366518][ T9835]  ? __pfx_writenote+0x10/0x10
[  143.366536][ T9835]  elf_core_dump+0x288a/0x3a90
[  143.366557][ T9835]  ? __pfx_elf_core_dump+0x10/0x10
[  143.366570][ T9835]  ? kasan_save_stack+0x42/0x60
[  143.366583][ T9835]  ? kasan_save_stack+0x33/0x60
[  143.366595][ T9835]  ? kasan_save_track+0x14/0x30
[  143.366606][ T9835]  ? __kasan_kmalloc+0xaa/0xb0
[  143.366618][ T9835]  ? do_coredump+0x1c9a/0x4f10
[  143.366629][ T9835]  ? get_signal+0x22e3/0x26d0
[  143.366641][ T9835]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  143.366655][ T9835]  ? 0xffffffffff600000
[  143.366688][ T9835]  ? do_coredump+0x399c/0x4f10
[  143.366703][ T9835]  do_coredump+0x399c/0x4f10
[  143.366721][ T9835]  ? __pfx_do_coredump+0x10/0x10
[  143.366733][ T9835]  ? find_held_lock+0x2b/0x80
[  143.366745][ T9835]  ? is_bpf_text_address+0x8a/0x1a0
[  143.366760][ T9835]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  143.366775][ T9835]  ? is_bpf_text_address+0x94/0x1a0
[  143.366787][ T9835]  ? kernel_text_address+0x8d/0x100
[  143.366798][ T9835]  ? __kernel_text_address+0xd/0x40
[  143.366808][ T9835]  ? unwind_get_return_address+0x59/0xa0
[  143.366834][ T9835]  ? stack_depot_save_flags+0x28/0xa40
[  143.366855][ T9835]  ? __lock_acquire+0xb8a/0x1c90
[  143.366873][ T9835]  ? kasan_save_stack+0x42/0x60
[  143.366885][ T9835]  ? kasan_save_stack+0x33/0x60
[  143.366896][ T9835]  ? kasan_save_track+0x14/0x30
[  143.366908][ T9835]  ? kasan_save_free_info+0x3b/0x60
[  143.366919][ T9835]  ? __kasan_slab_free+0x51/0x70
[  143.366931][ T9835]  ? kmem_cache_free+0x2d1/0x4d0
[  143.366943][ T9835]  ? __sigqueue_free+0xba/0x2a0
[  143.366957][ T9835]  ? get_signal+0xcba/0x26d0
[  143.366967][ T9835]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  143.367008][ T9835]  ? proc_coredump_connector+0x2d1/0x4f0
[  143.367025][ T9835]  ? __pfx_proc_coredump_connector+0x10/0x10
[  143.367047][ T9835]  ? rcu_is_watching+0x12/0xc0
[  143.367068][ T9835]  get_signal+0x22e3/0x26d0
[  143.367090][ T9835]  ? force_sig_fault+0xc4/0x100
[  143.367107][ T9835]  ? __pfx_get_signal+0x10/0x10
[  143.367131][ T9835]  arch_do_signal_or_restart+0x8f/0x7d0
[  143.367146][ T9835]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  143.367162][ T9835]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  143.367193][ T9835]  irqentry_exit_to_user_mode+0x12a/0x270
[  143.367213][ T9835]  asm_exc_page_fault+0x26/0x30
[  143.367225][ T9835] RIP: 0033:0x7fa1a2e4f830
[  143.367248][ T9835] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  143.367253][ T9835] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  143.367264][ T9835] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  143.367273][ T9835] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  143.367280][ T9835] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  143.367288][ T9835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  143.367296][ T9835] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  143.367315][ T9835]  </TASK>
[  143.367339][ T9835] memory: usage 307200kB, limit 307200kB, failcnt 17905
[  143.567463][ T9835] memory+swap: usage 432168kB, limit 9007199254740988kB, failcnt 0
[  143.577016][ T9835] kmem: usage 5956kB, limit 9007199254740988kB, failcnt 0
[  143.583261][ T9835] Memory cgroup stats for /syz3:
[  143.584423][ T9835] cache 308146176
[  143.591058][ T9835] rss 307200
[  143.594892][ T9835] rss_huge 0
[  143.607344][ T9835] shmem 307879936
[  143.609983][ T9835] mapped_file 12288
[  143.621773][ T9835] dirty 0
[  143.624104][ T9835] writeback 0
[  143.626619][ T9835] workingset_refault_anon 12
[  143.629998][ T9835] workingset_refault_file 6353
[  143.640021][ T9835] swap 127967232
[  143.642468][ T9835] swapcached 28672
[  143.645621][ T9835] nr_memmap_boot_pages 207484
[  143.648763][ T9835] pgpgin 132684
[  143.658568][ T9835] pglazyfree 59651
[  143.661224][ T9835] pgfault 239
[  143.663968][ T9835] a_other 169091072
[  143.666677][ T9835] inactive_anon 139116544
[  143.676210][ T9835] active_anon 16384
[  143.678817][ T9835] inactive_file 0
[  143.681577][ T9835] active_file 0
[  143.684299][ T9835] hierarchical_memory_limit 314572800
[  143.688138][ T9835] hierarchical_memsw_limit 9223372036854771712
[  143.699650][ T9835] total_cache 308146176
[  143.702628][ T9835] total_rss 307200
[  143.705898][ T9835] total_rss_huge 0
[  143.712905][ T9835] total_shmem 307879936
[  143.717266][ T9835] total_mapped_file 12288
[  143.720367][ T9835] total_dirty 0
[  143.722821][ T9835] total_writeback 0
[  143.732359][ T9835] total_workingset_refault_anon 12
[  143.741026][ T9835] total_workingset_refault_file 6353
[  143.752280][ T9835] total_swap 127967232
[  143.756863][ T9835] total_swapcached 28672
[  143.758601][ T9835] total_nr_memmap_boot_pages 207484
[  143.761049][ T9835] total_pgpgin 132684
[  143.770877][ T9835] total_pglazyfree 59651
[  143.776607][ T9835] total_pgfault 239
[  143.779766][ T9835] total_a_other 175661056
[  143.784858][ T9835] total_inactive_anon 132546560
[  143.790051][ T9835] total_active_anon 16384
[  143.791967][ T9835] total_inactive_file 0
[  143.795612][ T9835] total_active_file 0
[  143.797317][ T9835] anon_cost 0
[  143.798775][ T9835] file_cost 0
[  143.800200][ T9835] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1016,pid=9935,uid=0
[  143.807083][ T9835] Memory cgroup out of memory: Killed process 9936 (syz.3.1016) total-vm:102080kB, anon-rss:944kB, file-rss:23208kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  145.373501][ T5943] Bluetooth: hci1: command tx timeout
[  145.859786][   T42] oom_reaper: reaped process 9936 (syz.3.1016), now anon-rss:0kB, file-rss:22088kB, shmem-rss:0kB
[  145.890987][ T9830] syz.3.995 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  145.901396][ T9830] CPU: 2 UID: 0 PID: 9830 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  145.901414][ T9830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  145.901420][ T9830] Call Trace:
[  145.901424][ T9830]  <TASK>
[  145.901429][ T9830]  dump_stack_lvl+0x16c/0x1f0
[  145.901451][ T9830]  dump_header+0x101/0x930
[  145.901473][ T9830]  oom_kill_process+0x270/0xa60
[  145.901489][ T9830]  out_of_memory+0x350/0x1700
[  145.901506][ T9830]  ? __pfx_out_of_memory+0x10/0x10
[  145.901524][ T9830]  mem_cgroup_out_of_memory+0x118/0x130
[  145.901536][ T9830]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  145.901558][ T9830]  ? do_raw_spin_unlock+0x172/0x230
[  145.901576][ T9830]  try_charge_memcg+0x72b/0xd50
[  145.901594][ T9830]  ? __pfx_try_charge_memcg+0x10/0x10
[  145.901609][ T9830]  ? __print_lock_name+0xd1/0xe0
[  145.901622][ T9830]  ? rcu_read_unlock+0x17/0x60
[  145.901643][ T9830]  charge_memcg+0x8a/0x230
[  145.901672][ T9830]  __mem_cgroup_charge+0x2b/0x1e0
[  145.901689][ T9830]  filemap_add_folio+0x88/0x220
[  145.901711][ T9830]  ? __pfx_filemap_add_folio+0x10/0x10
[  145.901741][ T9830]  __filemap_get_folio+0x510/0xc30
[  145.901768][ T9830]  filemap_fault+0x661/0x26c0
[  145.901796][ T9830]  ? __pfx_filemap_fault+0x10/0x10
[  145.901827][ T9830]  __do_fault+0x10a/0x490
[  145.901843][ T9830]  __handle_mm_fault+0x3c2a/0x5490
[  145.901859][ T9830]  ? __pfx___handle_mm_fault+0x10/0x10
[  145.901872][ T9830]  ? __pte_offset_map_lock+0x174/0x310
[  145.901893][ T9830]  ? find_held_lock+0x2b/0x80
[  145.901909][ T9830]  ? find_held_lock+0x2b/0x80
[  145.901932][ T9830]  ? follow_page_pte+0x3af/0x14c0
[  145.901955][ T9830]  handle_mm_fault+0x589/0xd10
[  145.901978][ T9830]  __get_user_pages+0x589/0x3b80
[  145.902003][ T9830]  ? __pfx___get_user_pages+0x10/0x10
[  145.902021][ T9830]  ? __kernel_write_iter+0x5a5/0xa90
[  145.902045][ T9830]  get_dump_page+0x257/0x3d0
[  145.902061][ T9830]  ? __pfx_get_dump_page+0x10/0x10
[  145.902077][ T9830]  ? dump_user_range+0x745/0xb60
[  145.902100][ T9830]  dump_user_range+0x195/0xb60
[  145.902123][ T9830]  ? __pfx_dump_user_range+0x10/0x10
[  145.902143][ T9830]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  145.902169][ T9830]  ? __pfx_writenote+0x10/0x10
[  145.902192][ T9830]  elf_core_dump+0x288a/0x3a90
[  145.902222][ T9830]  ? __pfx_elf_core_dump+0x10/0x10
[  145.902245][ T9830]  ? kasan_save_stack+0x42/0x60
[  145.902266][ T9830]  ? kasan_save_stack+0x33/0x60
[  145.902285][ T9830]  ? kasan_save_track+0x14/0x30
[  145.902303][ T9830]  ? __kasan_kmalloc+0xaa/0xb0
[  145.902322][ T9830]  ? do_coredump+0x1c9a/0x4f10
[  145.902336][ T9830]  ? get_signal+0x22e3/0x26d0
[  145.902354][ T9830]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  145.902378][ T9830]  ? 0xffffffffff600000
[  145.902463][ T9830]  ? do_coredump+0x399c/0x4f10
[  145.902481][ T9830]  do_coredump+0x399c/0x4f10
[  145.902511][ T9830]  ? __pfx_do_coredump+0x10/0x10
[  145.902532][ T9830]  ? find_held_lock+0x2b/0x80
[  145.902553][ T9830]  ? is_bpf_text_address+0x8a/0x1a0
[  145.902576][ T9830]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  145.902600][ T9830]  ? is_bpf_text_address+0x94/0x1a0
[  145.902620][ T9830]  ? kernel_text_address+0x8d/0x100
[  145.902638][ T9830]  ? __kernel_text_address+0xd/0x40
[  145.902655][ T9830]  ? unwind_get_return_address+0x59/0xa0
[  145.902707][ T9830]  ? stack_depot_save_flags+0x28/0xa40
[  145.902733][ T9830]  ? __lock_acquire+0xb8a/0x1c90
[  145.902761][ T9830]  ? kasan_save_stack+0x42/0x60
[  145.902779][ T9830]  ? kasan_save_stack+0x33/0x60
[  145.902798][ T9830]  ? kasan_save_track+0x14/0x30
[  145.902817][ T9830]  ? kasan_save_free_info+0x3b/0x60
[  145.902833][ T9830]  ? __kasan_slab_free+0x51/0x70
[  145.902852][ T9830]  ? kmem_cache_free+0x2d1/0x4d0
[  145.902872][ T9830]  ? __sigqueue_free+0xba/0x2a0
[  145.902894][ T9830]  ? get_signal+0xcba/0x26d0
[  145.902911][ T9830]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  145.902966][ T9830]  ? proc_coredump_connector+0x2d1/0x4f0
[  145.902987][ T9830]  ? __pfx_proc_coredump_connector+0x10/0x10
[  145.903014][ T9830]  ? rcu_is_watching+0x12/0xc0
[  145.903038][ T9830]  get_signal+0x22e3/0x26d0
[  145.903064][ T9830]  ? force_sig_fault+0xc4/0x100
[  145.903084][ T9830]  ? __pfx_get_signal+0x10/0x10
[  145.903113][ T9830]  arch_do_signal_or_restart+0x8f/0x7d0
[  145.903131][ T9830]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  145.903151][ T9830]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  145.903180][ T9830]  irqentry_exit_to_user_mode+0x12a/0x270
[  145.903204][ T9830]  asm_exc_page_fault+0x26/0x30
[  145.903219][ T9830] RIP: 0033:0x7fa1a2e4f830
[  145.903238][ T9830] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  145.903245][ T9830] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  145.903259][ T9830] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  145.903268][ T9830] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  145.903277][ T9830] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  145.903286][ T9830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  145.903295][ T9830] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  145.903320][ T9830]  </TASK>
[  145.903327][ T9830] memory: usage 307200kB, limit 307200kB, failcnt 27269
[  146.080331][ T9830] memory+swap: usage 432168kB, limit 9007199254740988kB, failcnt 0
[  146.082838][ T9830] kmem: usage 5956kB, limit 9007199254740988kB, failcnt 0
[  146.088579][ T9830] Memory cgroup stats for /syz3:
[  146.088654][ T9830] cache 308314112
[  146.091425][ T9830] rss 139264
[  146.092516][ T9830] rss_huge 0
[  146.094413][ T9830] shmem 308273152
[  146.095939][ T9830] mapped_file 0
[  146.097361][ T9830] dirty 0
[  146.098615][ T9830] writeback 0
[  146.099966][ T9830] workingset_refault_anon 12
[  146.101497][ T9830] workingset_refault_file 6829
[  146.104219][ T9830] swap 127967232
[  146.105394][ T9830] swapcached 28672
[  146.106628][ T9830] nr_memmap_boot_pages 208233
[  146.108153][ T9830] pgpgin 133433
[  146.109588][ T9830] pglazyfree 59747
[  146.111749][ T9830] pgfault 331
[  146.113016][ T9830] a_other 265797632
[  146.115498][ T9830] inactive_anon 42635264
[  146.117109][ T9830] active_anon 8192
[  146.118310][ T9830] inactive_file 0
[  146.119512][ T9830] active_file 0
[  146.120637][ T9830] hierarchical_memory_limit 314572800
[  146.122322][ T9830] hierarchical_memsw_limit 9223372036854771712
[  146.125366][ T9830] total_cache 308314112
[  146.126867][ T9830] total_rss 139264
[  146.128135][ T9830] total_rss_huge 0
[  146.129347][ T9830] total_shmem 308273152
[  146.130693][ T9830] total_mapped_file 0
[  146.131979][ T9830] total_dirty 0
[  146.133103][ T9830] total_writeback 0
[  146.136125][ T9830] total_workingset_refault_anon 12
[  146.137759][ T9830] total_workingset_refault_file 6829
[  146.139490][ T9830] total_swap 127967232
[  146.140806][ T9830] total_swapcached 28672
[  146.150094][ T9830] total_nr_memmap_boot_pages 208233
[  146.151760][ T9830] total_pgpgin 133433
[  146.152998][ T9830] total_pglazyfree 59747
[  146.159163][ T9830] total_pgfault 331
[  146.160376][ T9830] total_a_other 265797632
[  146.161716][ T9830] total_inactive_anon 42635264
[  146.163228][ T9830] total_active_anon 8192
[  146.165555][ T9830] total_inactive_file 0
[  146.166930][ T9830] total_active_file 0
[  146.168196][ T9830] anon_cost 0
[  146.169338][ T9830] file_cost 0
[  146.170416][ T9830] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.977,pid=9767,uid=0
[  146.184273][ T9830] Memory cgroup out of memory: Killed process 9767 (syz.3.977) total-vm:101948kB, anon-rss:980kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  146.211203][ T9834] syz.3.995 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  146.221030][ T9834] CPU: 2 UID: 0 PID: 9834 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  146.221047][ T9834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.221053][ T9834] Call Trace:
[  146.221057][ T9834]  <TASK>
[  146.221061][ T9834]  dump_stack_lvl+0x16c/0x1f0
[  146.221079][ T9834]  dump_header+0x101/0x930
[  146.221108][ T9834]  oom_kill_process+0x270/0xa60
[  146.221123][ T9834]  out_of_memory+0x350/0x1700
[  146.221141][ T9834]  ? __pfx_out_of_memory+0x10/0x10
[  146.221159][ T9834]  mem_cgroup_out_of_memory+0x118/0x130
[  146.221171][ T9834]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  146.221185][ T9834]  ? do_raw_spin_unlock+0x172/0x230
[  146.221200][ T9834]  try_charge_memcg+0x72b/0xd50
[  146.221217][ T9834]  ? __pfx_try_charge_memcg+0x10/0x10
[  146.221232][ T9834]  ? __print_lock_name+0xd0/0xe0
[  146.221245][ T9834]  ? rcu_read_unlock+0x17/0x60
[  146.221264][ T9834]  charge_memcg+0x8a/0x230
[  146.221279][ T9834]  __mem_cgroup_charge+0x2b/0x1e0
[  146.221289][ T9834]  filemap_add_folio+0x88/0x220
[  146.221304][ T9834]  ? __pfx_filemap_add_folio+0x10/0x10
[  146.221322][ T9834]  __filemap_get_folio+0x510/0xc30
[  146.221340][ T9834]  filemap_fault+0x661/0x26c0
[  146.221358][ T9834]  ? __pfx_filemap_fault+0x10/0x10
[  146.221380][ T9834]  __do_fault+0x10a/0x490
[  146.221395][ T9834]  __handle_mm_fault+0x3c2a/0x5490
[  146.221411][ T9834]  ? __pfx___handle_mm_fault+0x10/0x10
[  146.221423][ T9834]  ? __pte_offset_map_lock+0x174/0x310
[  146.221439][ T9834]  ? find_held_lock+0x2b/0x80
[  146.221450][ T9834]  ? find_held_lock+0x2b/0x80
[  146.221466][ T9834]  ? follow_page_pte+0x3af/0x14c0
[  146.221479][ T9834]  handle_mm_fault+0x589/0xd10
[  146.221494][ T9834]  __get_user_pages+0x589/0x3b80
[  146.221510][ T9834]  ? __pfx___get_user_pages+0x10/0x10
[  146.221522][ T9834]  ? __kernel_write_iter+0x5a5/0xa90
[  146.221538][ T9834]  get_dump_page+0x257/0x3d0
[  146.221548][ T9834]  ? __pfx_get_dump_page+0x10/0x10
[  146.221559][ T9834]  ? dump_user_range+0x745/0xb60
[  146.221571][ T9834]  ? dump_user_range+0x50d/0xb60
[  146.221586][ T9834]  dump_user_range+0x195/0xb60
[  146.221601][ T9834]  ? __pfx_dump_user_range+0x10/0x10
[  146.221614][ T9834]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  146.221634][ T9834]  ? __pfx_writenote+0x10/0x10
[  146.221651][ T9834]  elf_core_dump+0x288a/0x3a90
[  146.221672][ T9834]  ? __pfx_elf_core_dump+0x10/0x10
[  146.221689][ T9834]  ? kasan_save_stack+0x42/0x60
[  146.221701][ T9834]  ? kasan_save_stack+0x33/0x60
[  146.221713][ T9834]  ? kasan_save_track+0x14/0x30
[  146.221724][ T9834]  ? __kasan_kmalloc+0xaa/0xb0
[  146.221736][ T9834]  ? do_coredump+0x1c9a/0x4f10
[  146.221747][ T9834]  ? get_signal+0x22e3/0x26d0
[  146.221759][ T9834]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  146.221773][ T9834]  ? 0xffffffffff600000
[  146.221805][ T9834]  ? do_coredump+0x399c/0x4f10
[  146.221816][ T9834]  do_coredump+0x399c/0x4f10
[  146.221833][ T9834]  ? __pfx_do_coredump+0x10/0x10
[  146.221846][ T9834]  ? find_held_lock+0x2b/0x80
[  146.221858][ T9834]  ? is_bpf_text_address+0x8a/0x1a0
[  146.221872][ T9834]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  146.221886][ T9834]  ? is_bpf_text_address+0x94/0x1a0
[  146.221898][ T9834]  ? kernel_text_address+0x8d/0x100
[  146.221909][ T9834]  ? __kernel_text_address+0xd/0x40
[  146.221920][ T9834]  ? unwind_get_return_address+0x59/0xa0
[  146.221945][ T9834]  ? stack_depot_save_flags+0x28/0xa40
[  146.221961][ T9834]  ? __lock_acquire+0xb8a/0x1c90
[  146.221978][ T9834]  ? kasan_save_stack+0x42/0x60
[  146.221990][ T9834]  ? kasan_save_stack+0x33/0x60
[  146.222001][ T9834]  ? kasan_save_track+0x14/0x30
[  146.222013][ T9834]  ? kasan_save_free_info+0x3b/0x60
[  146.222023][ T9834]  ? __kasan_slab_free+0x51/0x70
[  146.222035][ T9834]  ? kmem_cache_free+0x2d1/0x4d0
[  146.222047][ T9834]  ? __sigqueue_free+0xba/0x2a0
[  146.222060][ T9834]  ? get_signal+0xcba/0x26d0
[  146.222071][ T9834]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  146.222101][ T9834]  ? proc_coredump_connector+0x2d1/0x4f0
[  146.222114][ T9834]  ? __pfx_proc_coredump_connector+0x10/0x10
[  146.222129][ T9834]  ? rcu_is_watching+0x12/0xc0
[  146.222144][ T9834]  get_signal+0x22e3/0x26d0
[  146.222159][ T9834]  ? force_sig_fault+0xc4/0x100
[  146.222172][ T9834]  ? __pfx_get_signal+0x10/0x10
[  146.222188][ T9834]  arch_do_signal_or_restart+0x8f/0x7d0
[  146.222198][ T9834]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  146.222211][ T9834]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  146.222231][ T9834]  irqentry_exit_to_user_mode+0x12a/0x270
[  146.222245][ T9834]  asm_exc_page_fault+0x26/0x30
[  146.222255][ T9834] RIP: 0033:0x7fa1a2e4f830
[  146.222269][ T9834] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  146.222273][ T9834] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  146.222281][ T9834] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  146.222288][ T9834] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  146.222294][ T9834] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  146.222300][ T9834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.222305][ T9834] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  146.222319][ T9834]  </TASK>
[  146.307594][ T9834] memory: usage 307200kB, limit 307200kB, failcnt 28395
[  146.380392][ T9834] memory+swap: usage 432004kB, limit 9007199254740988kB, failcnt 0
[  146.383278][ T9834] kmem: usage 5840kB, limit 9007199254740988kB, failcnt 0
[  146.385793][ T9834] Memory cgroup stats for /syz3:
[  146.386488][ T9834] cache 308449280
[  146.389853][ T9834] rss 139264
[  146.390876][ T9834] rss_huge 0
[  146.391900][ T9834] shmem 308363264
[  146.393062][ T9834] mapped_file 0
[  146.394708][ T9834] dirty 0
[  146.395667][ T9834] writeback 0
[  146.396927][ T9834] workingset_refault_anon 12
[  146.399301][ T9834] workingset_refault_file 6945
[  146.400782][ T9834] swap 127799296
[  146.401893][ T9834] swapcached 4096
[  146.403133][ T9834] nr_memmap_boot_pages 208451
[  146.405200][ T9834] pgpgin 133622
[  146.406321][ T9834] pglazyfree 59771
[  146.407888][ T9834] pgfault 350
[  146.409295][ T9834] a_other 253702144
[  146.410569][ T9834] inactive_anon 54804480
[  146.411893][ T9834] active_anon 86016
[  146.414012][ T9834] inactive_file 0
[  146.415485][ T9834] active_file 0
[  146.416981][ T9834] hierarchical_memory_limit 314572800
[  146.419270][ T9834] hierarchical_memsw_limit 9223372036854771712
[  146.421876][ T9834] total_cache 308449280
[  146.427255][ T9834] total_rss 139264
[  146.430340][ T9834] total_rss_huge 0
[  146.431956][ T9834] total_shmem 308363264
[  146.434168][ T9834] total_mapped_file 0
[  146.435927][ T9834] total_dirty 0
[  146.437586][ T9834] total_writeback 0
[  146.439291][ T9834] total_workingset_refault_anon 12
[  146.441513][ T9834] total_workingset_refault_file 6945
[  146.446071][ T9834] total_swap 127799296
[  146.447855][ T9834] total_swapcached 4096
[  146.449650][ T9834] total_nr_memmap_boot_pages 208451
[  146.451820][ T9834] total_pgpgin 133622
[  146.454151][ T9834] total_pglazyfree 59771
[  146.456916][ T9834] total_pgfault 350
[  146.458675][ T9834] total_a_other 262959104
[  146.461046][ T9834] total_inactive_anon 45547520
[  146.463088][ T9834] total_active_anon 86016
[  146.466411][ T9834] total_inactive_file 0
[  146.468250][ T9834] total_active_file 0
[  146.469942][ T9834] anon_cost 0
[  146.471399][ T9834] file_cost 0
[  146.472738][ T9834] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.995,pid=9827,uid=0
[  146.483846][ T9834] Memory cgroup out of memory: Killed process 9827 (syz.3.995) total-vm:45436kB, anon-rss:128kB, file-rss:2752kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000
[  146.840027][ T9827] syz.3.995 (9827) used greatest stack depth: 19048 bytes left
[  147.273520][ T9847] syz.3.995 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  147.287840][ T9847] CPU: 0 UID: 0 PID: 9847 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  147.287858][ T9847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.287864][ T9847] Call Trace:
[  147.287868][ T9847]  <TASK>
[  147.287872][ T9847]  dump_stack_lvl+0x16c/0x1f0
[  147.287891][ T9847]  dump_header+0x101/0x930
[  147.287920][ T9847]  oom_kill_process+0x270/0xa60
[  147.287938][ T9847]  out_of_memory+0x350/0x1700
[  147.287955][ T9847]  ? __pfx_out_of_memory+0x10/0x10
[  147.287972][ T9847]  mem_cgroup_out_of_memory+0x118/0x130
[  147.287985][ T9847]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  147.287999][ T9847]  ? do_raw_spin_unlock+0x172/0x230
[  147.288014][ T9847]  try_charge_memcg+0x72b/0xd50
[  147.288031][ T9847]  ? __pfx_try_charge_memcg+0x10/0x10
[  147.288046][ T9847]  ? __print_lock_name+0xd1/0xe0
[  147.288059][ T9847]  ? rcu_read_unlock+0x17/0x60
[  147.288078][ T9847]  charge_memcg+0x8a/0x230
[  147.288093][ T9847]  __mem_cgroup_charge+0x2b/0x1e0
[  147.288103][ T9847]  shmem_alloc_and_add_folio+0x514/0xc20
[  147.288119][ T9847]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  147.288134][ T9847]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  147.288149][ T9847]  shmem_get_folio_gfp+0x67f/0x1600
[  147.288165][ T9847]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  147.288179][ T9847]  ? timestamp_truncate+0x21e/0x2d0
[  147.288197][ T9847]  shmem_write_begin+0x160/0x300
[  147.288211][ T9847]  ? __pfx_shmem_write_begin+0x10/0x10
[  147.288225][ T9847]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  147.288239][ T9847]  generic_perform_write+0x3cd/0x930
[  147.288257][ T9847]  ? __pfx_generic_perform_write+0x10/0x10
[  147.288271][ T9847]  ? generic_update_time+0xcf/0xf0
[  147.288280][ T9847]  ? mnt_put_write_access_file+0x45/0xf0
[  147.288296][ T9847]  shmem_file_write_iter+0x10e/0x140
[  147.288312][ T9847]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  147.288326][ T9847]  __kernel_write_iter+0x317/0xa90
[  147.288341][ T9847]  ? __pfx___kernel_write_iter+0x10/0x10
[  147.288353][ T9847]  ? __up_read+0x1f8/0x750
[  147.288366][ T9847]  ? dump_user_range+0x745/0xb60
[  147.288378][ T9847]  ? dump_user_range+0x16e/0xb60
[  147.288392][ T9847]  dump_user_range+0x41f/0xb60
[  147.288408][ T9847]  ? __pfx_dump_user_range+0x10/0x10
[  147.288421][ T9847]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  147.288439][ T9847]  ? __pfx_writenote+0x10/0x10
[  147.288457][ T9847]  elf_core_dump+0x288a/0x3a90
[  147.288478][ T9847]  ? __pfx_elf_core_dump+0x10/0x10
[  147.288490][ T9847]  ? kasan_save_stack+0x42/0x60
[  147.288503][ T9847]  ? kasan_save_stack+0x33/0x60
[  147.288514][ T9847]  ? kasan_save_track+0x14/0x30
[  147.288526][ T9847]  ? __kasan_kmalloc+0xaa/0xb0
[  147.288538][ T9847]  ? do_coredump+0x1c9a/0x4f10
[  147.288549][ T9847]  ? get_signal+0x22e3/0x26d0
[  147.288560][ T9847]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  147.288574][ T9847]  ? 0xffffffffff600000
[  147.288607][ T9847]  ? do_coredump+0x399c/0x4f10
[  147.288618][ T9847]  do_coredump+0x399c/0x4f10
[  147.288635][ T9847]  ? __pfx_do_coredump+0x10/0x10
[  147.288647][ T9847]  ? find_held_lock+0x2b/0x80
[  147.288665][ T9847]  ? is_bpf_text_address+0x8a/0x1a0
[  147.288680][ T9847]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  147.288694][ T9847]  ? is_bpf_text_address+0x94/0x1a0
[  147.288706][ T9847]  ? kernel_text_address+0x8d/0x100
[  147.288717][ T9847]  ? __kernel_text_address+0xd/0x40
[  147.288727][ T9847]  ? unwind_get_return_address+0x59/0xa0
[  147.288752][ T9847]  ? stack_depot_save_flags+0x28/0xa40
[  147.288768][ T9847]  ? __lock_acquire+0xb8a/0x1c90
[  147.288785][ T9847]  ? kasan_save_stack+0x42/0x60
[  147.288797][ T9847]  ? kasan_save_stack+0x33/0x60
[  147.288809][ T9847]  ? kasan_save_track+0x14/0x30
[  147.288821][ T9847]  ? kasan_save_free_info+0x3b/0x60
[  147.288831][ T9847]  ? __kasan_slab_free+0x51/0x70
[  147.288843][ T9847]  ? kmem_cache_free+0x2d1/0x4d0
[  147.288855][ T9847]  ? __sigqueue_free+0xba/0x2a0
[  147.288868][ T9847]  ? get_signal+0xcba/0x26d0
[  147.288879][ T9847]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  147.288909][ T9847]  ? proc_coredump_connector+0x2d1/0x4f0
[  147.288922][ T9847]  ? __pfx_proc_coredump_connector+0x10/0x10
[  147.288937][ T9847]  ? rcu_is_watching+0x12/0xc0
[  147.288951][ T9847]  get_signal+0x22e3/0x26d0
[  147.288967][ T9847]  ? force_sig_fault+0xc4/0x100
[  147.288979][ T9847]  ? __pfx_get_signal+0x10/0x10
[  147.288995][ T9847]  arch_do_signal_or_restart+0x8f/0x7d0
[  147.289006][ T9847]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  147.289018][ T9847]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  147.289038][ T9847]  irqentry_exit_to_user_mode+0x12a/0x270
[  147.289053][ T9847]  asm_exc_page_fault+0x26/0x30
[  147.289062][ T9847] RIP: 0033:0x7fa1a2e4f830
[  147.289074][ T9847] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  147.289079][ T9847] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  147.289088][ T9847] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  147.289094][ T9847] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  147.289100][ T9847] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  147.289105][ T9847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.289111][ T9847] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  147.289125][ T9847]  </TASK>
[  147.464196][ T5943] Bluetooth: hci1: command tx timeout
[  147.505321][ T9847] memory: usage 307200kB, limit 307200kB, failcnt 33879
[  147.507551][ T9847] memory+swap: usage 432192kB, limit 9007199254740988kB, failcnt 0
[  147.510031][ T9847] kmem: usage 5660kB, limit 9007199254740988kB, failcnt 0
[  147.512197][ T9847] Memory cgroup stats for /syz3:
[  147.512394][ T9847] cache 308637696
[  147.515538][ T9847] rss 131072
[  147.516603][ T9847] rss_huge 0
[  147.517640][ T9847] shmem 308531200
[  147.518825][ T9847] mapped_file 0
[  147.519963][ T9847] dirty 0
[  147.520924][ T9847] writeback 0
[  147.522014][ T9847] workingset_refault_anon 13
[  147.524050][ T9847] workingset_refault_file 11064
[  147.527625][ T9847] swap 127991808
[  147.529117][ T9847] swapcached 4096
[  147.530503][ T9847] nr_memmap_boot_pages 219744
[  147.532412][ T9847] pgpgin 144871
[  147.534326][ T9847] pglazyfree 60434
[  147.535586][ T9847] pgfault 577
[  147.536637][ T9847] a_other 274132992
[  147.537824][ T9847] inactive_anon 34533376
[  147.539133][ T9847] active_anon 0
[  147.540215][ T9847] inactive_file 0
[  147.541343][ T9847] active_file 0
[  147.542469][ T9847] hierarchical_memory_limit 314572800
[  147.545236][ T9847] hierarchical_memsw_limit 9223372036854771712
[  147.547655][ T9847] total_cache 308637696
[  147.549103][ T9847] total_rss 131072
[  147.550278][ T9847] total_rss_huge 0
[  147.551472][ T9847] total_shmem 308531200
[  147.552772][ T9847] total_mapped_file 0
[  147.554527][ T9847] total_dirty 0
[  147.555655][ T9847] total_writeback 0
[  147.556844][ T9847] total_workingset_refault_anon 13
[  147.558483][ T9847] total_workingset_refault_file 11064
[  147.560144][ T9847] total_swap 127991808
[  147.561420][ T9847] total_swapcached 4096
[  147.562766][ T9847] total_nr_memmap_boot_pages 219744
[  147.564962][ T9847] total_pgpgin 144871
[  147.566218][ T9847] total_pglazyfree 60434
[  147.567509][ T9847] total_pgfault 577
[  147.568701][ T9847] total_a_other 274132992
[  147.570093][ T9847] total_inactive_anon 34533376
[  147.571566][ T9847] total_active_anon 0
[  147.572808][ T9847] total_inactive_file 0
[  147.574606][ T9847] total_active_file 0
[  147.575927][ T9847] anon_cost 0
[  147.576968][ T9847] file_cost 0
[  147.577999][ T9847] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.995,pid=9832,uid=0
[  147.585213][ T9847] Memory cgroup out of memory: Killed process 9832 (syz.3.995) total-vm:45436kB, anon-rss:128kB, file-rss:2652kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[  147.656974][ T9831] syz.3.995 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  147.707947][ T9831] CPU: 1 UID: 0 PID: 9831 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  147.707965][ T9831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.707972][ T9831] Call Trace:
[  147.707976][ T9831]  <TASK>
[  147.707980][ T9831]  dump_stack_lvl+0x16c/0x1f0
[  147.707998][ T9831]  dump_header+0x101/0x930
[  147.708014][ T9831]  oom_kill_process+0x270/0xa60
[  147.708031][ T9831]  out_of_memory+0x350/0x1700
[  147.708048][ T9831]  ? __pfx_out_of_memory+0x10/0x10
[  147.708065][ T9831]  mem_cgroup_out_of_memory+0x118/0x130
[  147.708077][ T9831]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  147.708092][ T9831]  ? do_raw_spin_unlock+0x172/0x230
[  147.708106][ T9831]  try_charge_memcg+0x72b/0xd50
[  147.708123][ T9831]  ? __pfx_try_charge_memcg+0x10/0x10
[  147.708137][ T9831]  ? __print_lock_name+0xd0/0xe0
[  147.708150][ T9831]  ? rcu_read_unlock+0x17/0x60
[  147.708170][ T9831]  charge_memcg+0x8a/0x230
[  147.708185][ T9831]  __mem_cgroup_charge+0x2b/0x1e0
[  147.708195][ T9831]  filemap_add_folio+0x88/0x220
[  147.708209][ T9831]  ? __pfx_filemap_add_folio+0x10/0x10
[  147.708228][ T9831]  __filemap_get_folio+0x510/0xc30
[  147.708245][ T9831]  filemap_fault+0x661/0x26c0
[  147.708269][ T9831]  ? __pfx_filemap_fault+0x10/0x10
[  147.708302][ T9831]  __do_fault+0x10a/0x490
[  147.708325][ T9831]  __handle_mm_fault+0x3c2a/0x5490
[  147.708341][ T9831]  ? __pfx___handle_mm_fault+0x10/0x10
[  147.708353][ T9831]  ? __pte_offset_map_lock+0x174/0x310
[  147.708369][ T9831]  ? find_held_lock+0x2b/0x80
[  147.708380][ T9831]  ? find_held_lock+0x2b/0x80
[  147.708396][ T9831]  ? follow_page_pte+0x3af/0x14c0
[  147.708409][ T9831]  handle_mm_fault+0x589/0xd10
[  147.708424][ T9831]  __get_user_pages+0x589/0x3b80
[  147.708440][ T9831]  ? __pfx___get_user_pages+0x10/0x10
[  147.708451][ T9831]  ? __kernel_write_iter+0x5a5/0xa90
[  147.708468][ T9831]  get_dump_page+0x257/0x3d0
[  147.708478][ T9831]  ? __pfx_get_dump_page+0x10/0x10
[  147.708489][ T9831]  ? dump_user_range+0x745/0xb60
[  147.708504][ T9831]  dump_user_range+0x195/0xb60
[  147.708520][ T9831]  ? __pfx_dump_user_range+0x10/0x10
[  147.708533][ T9831]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  147.708551][ T9831]  ? __pfx_writenote+0x10/0x10
[  147.708569][ T9831]  elf_core_dump+0x288a/0x3a90
[  147.708590][ T9831]  ? __pfx_elf_core_dump+0x10/0x10
[  147.708607][ T9831]  ? kasan_save_stack+0x42/0x60
[  147.708619][ T9831]  ? kasan_save_stack+0x33/0x60
[  147.708631][ T9831]  ? kasan_save_track+0x14/0x30
[  147.708643][ T9831]  ? __kasan_kmalloc+0xaa/0xb0
[  147.708654][ T9831]  ? do_coredump+0x1c9a/0x4f10
[  147.708665][ T9831]  ? get_signal+0x22e3/0x26d0
[  147.708677][ T9831]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  147.708691][ T9831]  ? 0xffffffffff600000
[  147.708723][ T9831]  ? do_coredump+0x399c/0x4f10
[  147.708734][ T9831]  do_coredump+0x399c/0x4f10
[  147.708751][ T9831]  ? __pfx_do_coredump+0x10/0x10
[  147.708764][ T9831]  ? find_held_lock+0x2b/0x80
[  147.708776][ T9831]  ? is_bpf_text_address+0x8a/0x1a0
[  147.708790][ T9831]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  147.708805][ T9831]  ? is_bpf_text_address+0x94/0x1a0
[  147.708816][ T9831]  ? kernel_text_address+0x8d/0x100
[  147.708828][ T9831]  ? __kernel_text_address+0xd/0x40
[  147.708838][ T9831]  ? unwind_get_return_address+0x59/0xa0
[  147.708863][ T9831]  ? stack_depot_save_flags+0x28/0xa40
[  147.708880][ T9831]  ? __lock_acquire+0xb8a/0x1c90
[  147.708896][ T9831]  ? kasan_save_stack+0x42/0x60
[  147.708908][ T9831]  ? kasan_save_stack+0x33/0x60
[  147.708920][ T9831]  ? kasan_save_track+0x14/0x30
[  147.708932][ T9831]  ? kasan_save_free_info+0x3b/0x60
[  147.708944][ T9831]  ? __kasan_slab_free+0x51/0x70
[  147.708960][ T9831]  ? kmem_cache_free+0x2d1/0x4d0
[  147.708972][ T9831]  ? __sigqueue_free+0xba/0x2a0
[  147.708985][ T9831]  ? get_signal+0xcba/0x26d0
[  147.708996][ T9831]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  147.709037][ T9831]  ? proc_coredump_connector+0x2d1/0x4f0
[  147.709052][ T9831]  ? __pfx_proc_coredump_connector+0x10/0x10
[  147.709067][ T9831]  ? rcu_is_watching+0x12/0xc0
[  147.709082][ T9831]  get_signal+0x22e3/0x26d0
[  147.709097][ T9831]  ? force_sig_fault+0xc4/0x100
[  147.709110][ T9831]  ? __pfx_get_signal+0x10/0x10
[  147.709126][ T9831]  arch_do_signal_or_restart+0x8f/0x7d0
[  147.709136][ T9831]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  147.709149][ T9831]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  147.709169][ T9831]  irqentry_exit_to_user_mode+0x12a/0x270
[  147.709184][ T9831]  asm_exc_page_fault+0x26/0x30
[  147.709193][ T9831] RIP: 0033:0x7fa1a2e4f830
[  147.709206][ T9831] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  147.709210][ T9831] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  147.709219][ T9831] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  147.709225][ T9831] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  147.709231][ T9831] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  147.709237][ T9831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.709242][ T9831] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  147.709256][ T9831]  </TASK>
[  147.709272][ T9831] memory: usage 307160kB, limit 307200kB, failcnt 34917
[  147.947204][ T9831] memory+swap: usage 431740kB, limit 9007199254740988kB, failcnt 0
[  147.951272][ T9831] kmem: usage 5544kB, limit 9007199254740988kB, failcnt 0
[  147.967097][ T9831] Memory cgroup stats for /syz3:
[  147.967184][ T9831] cache 308736000
[  147.969952][ T9831] rss 8192
[  147.970960][ T9831] rss_huge 0
[  147.972000][ T9831] shmem 301658112
[  147.973168][ T9831] mapped_file 6340608
[  147.993428][ T9831] dirty 0
[  147.994743][ T9831] writeback 0
[  147.996154][ T9831] workingset_refault_anon 14
[  148.015172][ T9831] workingset_refault_file 12862
[  148.017238][ T9831] swap 127991808
[  148.029078][ T9831] swapcached 4096
[  148.030649][ T9831] nr_memmap_boot_pages 225770
[  148.032647][ T9831] pgpgin 150898
[  148.057619][ T9831] pglazyfree 60787
[  148.059251][ T9831] pgfault 635
[  148.065043][ T9831] a_other 222842880
[  148.066703][ T9831] inactive_anon 78184448
[  148.068489][ T9831] active_anon 3223552
[  148.091217][ T9831] inactive_file 2793472
[  148.101397][ T9831] active_file 0
[  148.116153][ T9831] hierarchical_memory_limit 314572800
[  148.169084][ T9831] hierarchical_memsw_limit 9223372036854771712
[  148.171840][ T9831] total_cache 308736000
[  148.174568][ T9831] total_rss 8192
[  148.176099][ T9831] total_rss_huge 0
[  148.177695][ T9831] total_shmem 301658112
[  148.179528][ T9831] total_mapped_file 6340608
[  148.181543][ T9831] total_dirty 0
[  148.183099][ T9831] total_writeback 0
[  148.185515][ T9831] total_workingset_refault_anon 14
[  148.191951][ T9831] total_workingset_refault_file 12862
[  148.195094][ T9831] total_swap 127991808
[  148.196859][ T9831] total_swapcached 4096
[  148.198668][ T9831] total_nr_memmap_boot_pages 225770
[  148.200871][ T9831] total_pgpgin 150898
[  148.207682][ T9831] total_pglazyfree 60787
[  148.209528][ T9831] total_pgfault 635
[  148.211269][ T9831] total_a_other 222842880
[  148.213121][ T9831] total_inactive_anon 78184448
[  148.215890][ T9831] total_active_anon 3223552
[  148.220200][ T9831] total_inactive_file 2793472
[  148.222228][ T9831] total_active_file 0
[  148.228446][ T9831] anon_cost 0
[  148.232770][ T9831] file_cost 0
[  148.240614][ T9831] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.995,pid=9845,uid=0
[  148.275181][ T9831] Memory cgroup out of memory: Killed process 9845 (syz.3.995) total-vm:45436kB, anon-rss:128kB, file-rss:2764kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000
[  148.357937][ T8002] team0 (unregistering): Port device team_slave_1 removed
[  148.953845][ T8002] team0 (unregistering): Port device team_slave_0 removed
[  149.374577][ T9851] syz.3.995 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  149.385125][ T9851] CPU: 0 UID: 0 PID: 9851 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  149.385143][ T9851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.385149][ T9851] Call Trace:
[  149.385153][ T9851]  <TASK>
[  149.385157][ T9851]  dump_stack_lvl+0x16c/0x1f0
[  149.385187][ T9851]  dump_header+0x101/0x930
[  149.385204][ T9851]  oom_kill_process+0x270/0xa60
[  149.385220][ T9851]  out_of_memory+0x350/0x1700
[  149.385237][ T9851]  ? __pfx_out_of_memory+0x10/0x10
[  149.385255][ T9851]  mem_cgroup_out_of_memory+0x118/0x130
[  149.385267][ T9851]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  149.385282][ T9851]  ? do_raw_spin_unlock+0x172/0x230
[  149.385296][ T9851]  try_charge_memcg+0x72b/0xd50
[  149.385313][ T9851]  ? __pfx_try_charge_memcg+0x10/0x10
[  149.385328][ T9851]  ? __print_lock_name+0xd1/0xe0
[  149.385341][ T9851]  ? rcu_read_unlock+0x17/0x60
[  149.385360][ T9851]  charge_memcg+0x8a/0x230
[  149.385374][ T9851]  __mem_cgroup_charge+0x2b/0x1e0
[  149.385385][ T9851]  shmem_alloc_and_add_folio+0x514/0xc20
[  149.385401][ T9851]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  149.385415][ T9851]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  149.385431][ T9851]  shmem_get_folio_gfp+0x67f/0x1600
[  149.385447][ T9851]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  149.385460][ T9851]  ? timestamp_truncate+0x21e/0x2d0
[  149.385479][ T9851]  shmem_write_begin+0x160/0x300
[  149.385494][ T9851]  ? __pfx_shmem_write_begin+0x10/0x10
[  149.385508][ T9851]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  149.385522][ T9851]  generic_perform_write+0x3cd/0x930
[  149.385540][ T9851]  ? __pfx_generic_perform_write+0x10/0x10
[  149.385555][ T9851]  ? generic_update_time+0xcf/0xf0
[  149.385564][ T9851]  ? mnt_put_write_access_file+0x45/0xf0
[  149.385579][ T9851]  shmem_file_write_iter+0x10e/0x140
[  149.385595][ T9851]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  149.385609][ T9851]  __kernel_write_iter+0x317/0xa90
[  149.385624][ T9851]  ? __pfx___kernel_write_iter+0x10/0x10
[  149.385637][ T9851]  ? __up_read+0x1f8/0x750
[  149.385649][ T9851]  ? dump_user_range+0x745/0xb60
[  149.385665][ T9851]  dump_user_range+0x41f/0xb60
[  149.385680][ T9851]  ? __pfx_dump_user_range+0x10/0x10
[  149.385693][ T9851]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  149.385712][ T9851]  ? __pfx_writenote+0x10/0x10
[  149.385729][ T9851]  elf_core_dump+0x288a/0x3a90
[  149.385750][ T9851]  ? __pfx_elf_core_dump+0x10/0x10
[  149.385763][ T9851]  ? kasan_save_stack+0x42/0x60
[  149.385775][ T9851]  ? kasan_save_stack+0x33/0x60
[  149.385787][ T9851]  ? kasan_save_track+0x14/0x30
[  149.385798][ T9851]  ? __kasan_kmalloc+0xaa/0xb0
[  149.385810][ T9851]  ? do_coredump+0x1c9a/0x4f10
[  149.385821][ T9851]  ? get_signal+0x22e3/0x26d0
[  149.385832][ T9851]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  149.385850][ T9851]  ? 0xffffffffff600000
[  149.385883][ T9851]  ? do_coredump+0x399c/0x4f10
[  149.385894][ T9851]  do_coredump+0x399c/0x4f10
[  149.385911][ T9851]  ? __pfx_do_coredump+0x10/0x10
[  149.385924][ T9851]  ? find_held_lock+0x2b/0x80
[  149.385936][ T9851]  ? is_bpf_text_address+0x8a/0x1a0
[  149.385952][ T9851]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  149.385966][ T9851]  ? is_bpf_text_address+0x94/0x1a0
[  149.385978][ T9851]  ? kernel_text_address+0x8d/0x100
[  149.385989][ T9851]  ? __kernel_text_address+0xd/0x40
[  149.385999][ T9851]  ? unwind_get_return_address+0x59/0xa0
[  149.386024][ T9851]  ? stack_depot_save_flags+0x28/0xa40
[  149.386039][ T9851]  ? __lock_acquire+0xb8a/0x1c90
[  149.386056][ T9851]  ? kasan_save_stack+0x42/0x60
[  149.386068][ T9851]  ? kasan_save_stack+0x33/0x60
[  149.386079][ T9851]  ? kasan_save_track+0x14/0x30
[  149.386091][ T9851]  ? kasan_save_free_info+0x3b/0x60
[  149.386101][ T9851]  ? __kasan_slab_free+0x51/0x70
[  149.386113][ T9851]  ? kmem_cache_free+0x2d1/0x4d0
[  149.386124][ T9851]  ? __sigqueue_free+0xba/0x2a0
[  149.386138][ T9851]  ? get_signal+0xcba/0x26d0
[  149.386148][ T9851]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  149.386179][ T9851]  ? proc_coredump_connector+0x2d1/0x4f0
[  149.386192][ T9851]  ? __pfx_proc_coredump_connector+0x10/0x10
[  149.386207][ T9851]  ? rcu_is_watching+0x12/0xc0
[  149.386222][ T9851]  get_signal+0x22e3/0x26d0
[  149.386237][ T9851]  ? force_sig_fault+0xc4/0x100
[  149.386249][ T9851]  ? __pfx_get_signal+0x10/0x10
[  149.386266][ T9851]  arch_do_signal_or_restart+0x8f/0x7d0
[  149.386276][ T9851]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  149.386288][ T9851]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  149.386308][ T9851]  irqentry_exit_to_user_mode+0x12a/0x270
[  149.386323][ T9851]  asm_exc_page_fault+0x26/0x30
[  149.386333][ T9851] RIP: 0033:0x7fa1a2e4f830
[  149.386345][ T9851] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  149.386370][ T9851] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  149.386383][ T9851] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  149.386391][ T9851] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  149.386397][ T9851] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  149.386403][ T9851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.386408][ T9851] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  149.386422][ T9851]  </TASK>
[  149.535620][ T5943] Bluetooth: hci1: command tx timeout
[  149.551048][ T9851] memory: usage 307200kB, limit 307200kB, failcnt 43077
[  149.562321][ T9851] memory+swap: usage 432164kB, limit 9007199254740988kB, failcnt 0
[  149.592968][ T9851] kmem: usage 5360kB, limit 9007199254740988kB, failcnt 0
[  149.595467][ T9851] Memory cgroup stats for /syz3:
[  149.595538][ T9851] cache 309043200
[  149.598202][ T9851] rss 8192
[  149.599201][ T9851] rss_huge 0
[  149.600260][ T9851] shmem 308830208
[  149.601464][ T9851] mapped_file 0
[  149.602573][ T9851] dirty 0
[  149.604038][ T9851] writeback 0
[  149.605150][ T9851] workingset_refault_anon 52
[  149.606628][ T9851] workingset_refault_file 23985
[  149.608186][ T9851] swap 127963136
[  149.609341][ T9851] swapcached 32768
[  149.610581][ T9851] nr_memmap_boot_pages 251423
[  149.612066][ T9851] pgpgin 176474
[  149.613207][ T9851] pglazyfree 62410
[  149.617556][ T9851] pgfault 977
[  149.618710][ T9851] a_other 188968960
[  149.619982][ T9851] inactive_anon 119902208
[  149.621400][ T9851] active_anon 4096
[  149.622611][ T9851] inactive_file 0
[  149.624220][ T9851] active_file 0
[  149.625378][ T9851] hierarchical_memory_limit 314572800
[  149.627096][ T9851] hierarchical_memsw_limit 9223372036854771712
[  149.629039][ T9851] total_cache 309043200
[  149.630391][ T9851] total_rss 8192
[  149.631550][ T9851] total_rss_huge 0
[  149.632787][ T9851] total_shmem 308830208
[  149.634677][ T9851] total_mapped_file 0
[  149.635998][ T9851] total_dirty 0
[  149.637127][ T9851] total_writeback 0
[  149.638472][ T9851] total_workingset_refault_anon 52
[  149.640124][ T9851] total_workingset_refault_file 23985
[  149.641805][ T9851] total_swap 127963136
[  149.643105][ T9851] total_swapcached 32768
[  149.644975][ T9851] total_nr_memmap_boot_pages 251423
[  149.646620][ T9851] total_pgpgin 176474
[  149.647995][ T9851] total_pglazyfree 62410
[  149.649377][ T9851] total_pgfault 977
[  149.650639][ T9851] total_a_other 188968960
[  149.652009][ T9851] total_inactive_anon 119902208
[  149.654142][ T9851] total_active_anon 4096
[  149.655533][ T9851] total_inactive_file 0
[  149.656876][ T9851] total_active_file 0
[  149.658147][ T9851] anon_cost 0
[  149.659250][ T9851] file_cost 0
[  149.660352][ T9851] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.995,pid=9842,uid=0
[  149.665606][ T9851] Memory cgroup out of memory: Killed process 9842 (syz.3.995) total-vm:45436kB, anon-rss:0kB, file-rss:2772kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
[  150.127149][ T9841] syz.3.995 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  150.130223][ T9841] CPU: 2 UID: 0 PID: 9841 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  150.130238][ T9841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.130244][ T9841] Call Trace:
[  150.130248][ T9841]  <TASK>
[  150.130252][ T9841]  dump_stack_lvl+0x16c/0x1f0
[  150.130282][ T9841]  dump_header+0x101/0x930
[  150.130299][ T9841]  oom_kill_process+0x270/0xa60
[  150.130315][ T9841]  out_of_memory+0x350/0x1700
[  150.130332][ T9841]  ? __pfx_out_of_memory+0x10/0x10
[  150.130365][ T9841]  mem_cgroup_out_of_memory+0x118/0x130
[  150.130378][ T9841]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  150.130393][ T9841]  ? do_raw_spin_unlock+0x172/0x230
[  150.130408][ T9841]  try_charge_memcg+0x72b/0xd50
[  150.130425][ T9841]  ? __pfx_try_charge_memcg+0x10/0x10
[  150.130440][ T9841]  ? __print_lock_name+0xd1/0xe0
[  150.130453][ T9841]  ? rcu_read_unlock+0x17/0x60
[  150.130472][ T9841]  charge_memcg+0x8a/0x230
[  150.130487][ T9841]  __mem_cgroup_charge+0x2b/0x1e0
[  150.130498][ T9841]  shmem_alloc_and_add_folio+0x514/0xc20
[  150.130515][ T9841]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  150.130531][ T9841]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  150.130547][ T9841]  shmem_get_folio_gfp+0x67f/0x1600
[  150.130563][ T9841]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  150.130576][ T9841]  ? timestamp_truncate+0x21e/0x2d0
[  150.130595][ T9841]  shmem_write_begin+0x160/0x300
[  150.130609][ T9841]  ? __pfx_shmem_write_begin+0x10/0x10
[  150.130623][ T9841]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  150.130637][ T9841]  generic_perform_write+0x3cd/0x930
[  150.130655][ T9841]  ? __pfx_generic_perform_write+0x10/0x10
[  150.130669][ T9841]  ? generic_update_time+0xcf/0xf0
[  150.130679][ T9841]  ? mnt_put_write_access_file+0x45/0xf0
[  150.130695][ T9841]  shmem_file_write_iter+0x10e/0x140
[  150.130710][ T9841]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  150.130724][ T9841]  __kernel_write_iter+0x317/0xa90
[  150.130739][ T9841]  ? __pfx___kernel_write_iter+0x10/0x10
[  150.130752][ T9841]  ? __up_read+0x1f8/0x750
[  150.130764][ T9841]  ? dump_user_range+0x745/0xb60
[  150.130780][ T9841]  dump_user_range+0x41f/0xb60
[  150.130795][ T9841]  ? __pfx_dump_user_range+0x10/0x10
[  150.130808][ T9841]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  150.130828][ T9841]  ? __pfx_writenote+0x10/0x10
[  150.130845][ T9841]  elf_core_dump+0x288a/0x3a90
[  150.130866][ T9841]  ? __pfx_elf_core_dump+0x10/0x10
[  150.130878][ T9841]  ? kasan_save_stack+0x42/0x60
[  150.130895][ T9841]  ? kasan_save_stack+0x33/0x60
[  150.130907][ T9841]  ? kasan_save_track+0x14/0x30
[  150.130919][ T9841]  ? __kasan_kmalloc+0xaa/0xb0
[  150.130931][ T9841]  ? do_coredump+0x1c9a/0x4f10
[  150.130941][ T9841]  ? get_signal+0x22e3/0x26d0
[  150.130953][ T9841]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  150.130968][ T9841]  ? 0xffffffffff600000
[  150.131000][ T9841]  ? do_coredump+0x399c/0x4f10
[  150.131011][ T9841]  do_coredump+0x399c/0x4f10
[  150.131028][ T9841]  ? __pfx_do_coredump+0x10/0x10
[  150.131041][ T9841]  ? find_held_lock+0x2b/0x80
[  150.131053][ T9841]  ? is_bpf_text_address+0x8a/0x1a0
[  150.131067][ T9841]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  150.131082][ T9841]  ? is_bpf_text_address+0x94/0x1a0
[  150.131094][ T9841]  ? kernel_text_address+0x8d/0x100
[  150.131105][ T9841]  ? __kernel_text_address+0xd/0x40
[  150.131115][ T9841]  ? unwind_get_return_address+0x59/0xa0
[  150.131140][ T9841]  ? stack_depot_save_flags+0x28/0xa40
[  150.131156][ T9841]  ? __lock_acquire+0xb8a/0x1c90
[  150.131173][ T9841]  ? kasan_save_stack+0x42/0x60
[  150.131185][ T9841]  ? kasan_save_stack+0x33/0x60
[  150.131196][ T9841]  ? kasan_save_track+0x14/0x30
[  150.131208][ T9841]  ? kasan_save_free_info+0x3b/0x60
[  150.131218][ T9841]  ? __kasan_slab_free+0x51/0x70
[  150.131231][ T9841]  ? kmem_cache_free+0x2d1/0x4d0
[  150.131243][ T9841]  ? __sigqueue_free+0xba/0x2a0
[  150.131257][ T9841]  ? get_signal+0xcba/0x26d0
[  150.131267][ T9841]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  150.131298][ T9841]  ? proc_coredump_connector+0x2d1/0x4f0
[  150.131311][ T9841]  ? __pfx_proc_coredump_connector+0x10/0x10
[  150.131326][ T9841]  ? rcu_is_watching+0x12/0xc0
[  150.131340][ T9841]  get_signal+0x22e3/0x26d0
[  150.131356][ T9841]  ? force_sig_fault+0xc4/0x100
[  150.131368][ T9841]  ? __pfx_get_signal+0x10/0x10
[  150.131384][ T9841]  arch_do_signal_or_restart+0x8f/0x7d0
[  150.131395][ T9841]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  150.131407][ T9841]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  150.131427][ T9841]  irqentry_exit_to_user_mode+0x12a/0x270
[  150.131442][ T9841]  asm_exc_page_fault+0x26/0x30
[  150.131452][ T9841] RIP: 0033:0x7fa1a2e4f830
[  150.131465][ T9841] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  150.131469][ T9841] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  150.131478][ T9841] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  150.131484][ T9841] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  150.131490][ T9841] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  150.131496][ T9841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.131501][ T9841] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  150.131515][ T9841]  </TASK>
[  150.131544][ T9841] memory: usage 307200kB, limit 307200kB, failcnt 46706
[  150.303007][ T9841] memory+swap: usage 432168kB, limit 9007199254740988kB, failcnt 0
[  150.316509][ T9841] kmem: usage 5252kB, limit 9007199254740988kB, failcnt 0
[  150.319738][ T9841] Memory cgroup stats for /syz3:
[  150.319966][ T9841] cache 309157888
[  150.323994][ T9841] rss 8192
[  150.325237][ T9841] rss_huge 0
[  150.326313][ T9841] shmem 309067776
[  150.327574][ T9841] mapped_file 0
[  150.328775][ T9841] dirty 0
[  150.329767][ T9841] writeback 0
[  150.330955][ T9841] workingset_refault_anon 52
[  150.332688][ T9841] workingset_refault_file 27397
[  150.334965][ T9841] swap 127967232
[  150.336442][ T9841] swapcached 28672
[  150.337962][ T9841] nr_memmap_boot_pages 258349
[  150.339910][ T9841] pgpgin 183373
[  150.341176][ T9841] pglazyfree 62869
[  150.342405][ T9841] pgfault 1144
[  150.347220][ T9841] a_other 103256064
[  150.348456][ T9841] inactive_anon 205848576
[  150.349831][ T9841] active_anon 86016
[  150.351138][ T9841] inactive_file 0
[  150.352280][ T9841] active_file 0
[  150.353642][ T9841] hierarchical_memory_limit 314572800
[  150.355314][ T9841] hierarchical_memsw_limit 9223372036854771712
[  150.357192][ T9841] total_cache 309157888
[  150.358518][ T9841] total_rss 8192
[  150.363162][ T9841] total_rss_huge 0
[  150.364699][ T9841] total_shmem 309067776
[  150.366095][ T9841] total_mapped_file 0
[  150.367390][ T9841] total_dirty 0
[  150.368556][ T9841] total_writeback 0
[  150.369816][ T9841] total_workingset_refault_anon 52
[  150.371534][ T9841] total_workingset_refault_file 27397
[  150.373239][ T9841] total_swap 127967232
[  150.375055][ T9841] total_swapcached 28672
[  150.376415][ T9841] total_nr_memmap_boot_pages 258349
[  150.378049][ T9841] total_pgpgin 183373
[  150.379322][ T9841] total_pglazyfree 62869
[  150.380675][ T9841] total_pgfault 1144
[  150.381938][ T9841] total_a_other 103256064
[  150.383296][ T9841] total_inactive_anon 205848576
[  150.385361][ T9841] total_active_anon 86016
[  150.386756][ T9841] total_inactive_file 0
[  150.388088][ T9841] total_active_file 0
[  150.389370][ T9841] anon_cost 0
[  150.390577][ T9841] file_cost 0
[  150.392043][ T9841] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.995,pid=9825,uid=0
[  150.426424][ T9841] Memory cgroup out of memory: Killed process 9825 (syz.3.995) total-vm:45436kB, anon-rss:128kB, file-rss:2688kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000
[  151.072593][ T9825] syz.3.995 (9825) used greatest stack depth: 18552 bytes left
[  151.390550][ T9849] syz.3.995 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  151.394037][ T9849] CPU: 1 UID: 0 PID: 9849 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  151.394052][ T9849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.394069][ T9849] Call Trace:
[  151.394074][ T9849]  <TASK>
[  151.394078][ T9849]  dump_stack_lvl+0x16c/0x1f0
[  151.394096][ T9849]  dump_header+0x101/0x930
[  151.394113][ T9849]  oom_kill_process+0x270/0xa60
[  151.394129][ T9849]  out_of_memory+0x350/0x1700
[  151.394146][ T9849]  ? __pfx_out_of_memory+0x10/0x10
[  151.394164][ T9849]  mem_cgroup_out_of_memory+0x118/0x130
[  151.394176][ T9849]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  151.394190][ T9849]  ? do_raw_spin_unlock+0x172/0x230
[  151.394204][ T9849]  try_charge_memcg+0x72b/0xd50
[  151.394222][ T9849]  ? __pfx_try_charge_memcg+0x10/0x10
[  151.394236][ T9849]  ? __print_lock_name+0xd1/0xe0
[  151.394249][ T9849]  ? rcu_read_unlock+0x17/0x60
[  151.394268][ T9849]  charge_memcg+0x8a/0x230
[  151.394283][ T9849]  __mem_cgroup_charge+0x2b/0x1e0
[  151.394294][ T9849]  filemap_add_folio+0x88/0x220
[  151.394308][ T9849]  ? __pfx_filemap_add_folio+0x10/0x10
[  151.394327][ T9849]  __filemap_get_folio+0x510/0xc30
[  151.394363][ T9849]  filemap_fault+0x661/0x26c0
[  151.394381][ T9849]  ? __pfx_filemap_fault+0x10/0x10
[  151.394403][ T9849]  __do_fault+0x10a/0x490
[  151.394419][ T9849]  __handle_mm_fault+0x3c2a/0x5490
[  151.394435][ T9849]  ? __pfx___handle_mm_fault+0x10/0x10
[  151.394447][ T9849]  ? __pte_offset_map_lock+0x174/0x310
[  151.394463][ T9849]  ? find_held_lock+0x2b/0x80
[  151.394474][ T9849]  ? find_held_lock+0x2b/0x80
[  151.394490][ T9849]  ? follow_page_pte+0x3af/0x14c0
[  151.394503][ T9849]  handle_mm_fault+0x589/0xd10
[  151.394518][ T9849]  __get_user_pages+0x589/0x3b80
[  151.394534][ T9849]  ? __pfx___get_user_pages+0x10/0x10
[  151.394546][ T9849]  ? __kernel_write_iter+0x5a5/0xa90
[  151.394562][ T9849]  get_dump_page+0x257/0x3d0
[  151.394572][ T9849]  ? __pfx_get_dump_page+0x10/0x10
[  151.394583][ T9849]  ? dump_user_range+0x745/0xb60
[  151.394596][ T9849]  ? dump_user_range+0x1b3/0xb60
[  151.394610][ T9849]  dump_user_range+0x195/0xb60
[  151.394625][ T9849]  ? __pfx_dump_user_range+0x10/0x10
[  151.394639][ T9849]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  151.394658][ T9849]  ? __pfx_writenote+0x10/0x10
[  151.394675][ T9849]  elf_core_dump+0x288a/0x3a90
[  151.394696][ T9849]  ? __pfx_elf_core_dump+0x10/0x10
[  151.394709][ T9849]  ? kasan_save_stack+0x42/0x60
[  151.394721][ T9849]  ? kasan_save_stack+0x33/0x60
[  151.394733][ T9849]  ? kasan_save_track+0x14/0x30
[  151.394745][ T9849]  ? __kasan_kmalloc+0xaa/0xb0
[  151.394757][ T9849]  ? do_coredump+0x1c9a/0x4f10
[  151.394768][ T9849]  ? get_signal+0x22e3/0x26d0
[  151.394779][ T9849]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  151.394793][ T9849]  ? 0xffffffffff600000
[  151.394826][ T9849]  ? do_coredump+0x399c/0x4f10
[  151.394837][ T9849]  do_coredump+0x399c/0x4f10
[  151.394855][ T9849]  ? __pfx_do_coredump+0x10/0x10
[  151.394867][ T9849]  ? find_held_lock+0x2b/0x80
[  151.394883][ T9849]  ? is_bpf_text_address+0x8a/0x1a0
[  151.394897][ T9849]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  151.394912][ T9849]  ? is_bpf_text_address+0x94/0x1a0
[  151.394924][ T9849]  ? kernel_text_address+0x8d/0x100
[  151.394935][ T9849]  ? __kernel_text_address+0xd/0x40
[  151.394945][ T9849]  ? unwind_get_return_address+0x59/0xa0
[  151.394970][ T9849]  ? stack_depot_save_flags+0x28/0xa40
[  151.394985][ T9849]  ? __lock_acquire+0xb8a/0x1c90
[  151.395002][ T9849]  ? kasan_save_stack+0x42/0x60
[  151.395014][ T9849]  ? kasan_save_stack+0x33/0x60
[  151.395026][ T9849]  ? kasan_save_track+0x14/0x30
[  151.395037][ T9849]  ? kasan_save_free_info+0x3b/0x60
[  151.395047][ T9849]  ? __kasan_slab_free+0x51/0x70
[  151.395060][ T9849]  ? kmem_cache_free+0x2d1/0x4d0
[  151.395071][ T9849]  ? __sigqueue_free+0xba/0x2a0
[  151.395084][ T9849]  ? get_signal+0xcba/0x26d0
[  151.395095][ T9849]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  151.395125][ T9849]  ? proc_coredump_connector+0x2d1/0x4f0
[  151.395138][ T9849]  ? __pfx_proc_coredump_connector+0x10/0x10
[  151.395153][ T9849]  ? rcu_is_watching+0x12/0xc0
[  151.395168][ T9849]  get_signal+0x22e3/0x26d0
[  151.395183][ T9849]  ? force_sig_fault+0xc4/0x100
[  151.395196][ T9849]  ? __pfx_get_signal+0x10/0x10
[  151.395212][ T9849]  arch_do_signal_or_restart+0x8f/0x7d0
[  151.395223][ T9849]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  151.395236][ T9849]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  151.395255][ T9849]  irqentry_exit_to_user_mode+0x12a/0x270
[  151.395271][ T9849]  asm_exc_page_fault+0x26/0x30
[  151.395280][ T9849] RIP: 0033:0x7fa1a2e4f830
[  151.395293][ T9849] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  151.395297][ T9849] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  151.395306][ T9849] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  151.395312][ T9849] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  151.395318][ T9849] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  151.395324][ T9849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.395330][ T9849] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  151.395343][ T9849]  </TASK>
[  151.400325][ T9849] memory: usage 307200kB, limit 307200kB, failcnt 53219
[  151.588155][ T9849] memory+swap: usage 432192kB, limit 9007199254740988kB, failcnt 0
[  151.598384][ T9849] kmem: usage 5148kB, limit 9007199254740988kB, failcnt 0
[  151.601768][ T9849] Memory cgroup stats for /syz3:
[  151.601891][ T9849] cache 309256192
[  151.609869][ T9849] rss 8192
[  151.615299][ T9849] rss_huge 0
[  151.617510][ T9849] shmem 309080064
[  151.619169][ T9849] mapped_file 32768
[  151.620935][ T9849] dirty 0
[  151.622307][ T9849] writeback 0
[  151.624460][ T9849] workingset_refault_anon 53
[  151.630199][ T9849] workingset_refault_file 34288
[  151.639520][ T9849] swap 127991808
[  151.641101][ T9849] swapcached 4096
[  151.642692][ T9849] nr_memmap_boot_pages 270436
[  151.645040][ T9849] pgpgin 195435
[  151.646522][ T9849] pglazyfree 63608
[  151.648657][ T9849] pgfault 1344
[  151.650130][ T9849] a_other 169492480
[  151.651768][ T9849] inactive_anon 139337728
[  151.654292][ T9849] active_anon 143360
[  151.655903][ T9849] inactive_file 0
[  151.657439][ T9849] active_file 0
[  151.667871][ T9849] hierarchical_memory_limit 314572800
[  151.670147][ T9849] hierarchical_memsw_limit 9223372036854771712
[  151.672731][ T9849] total_cache 309256192
[  151.674973][ T9849] total_rss 8192
[  151.676475][ T9849] total_rss_huge 0
[  151.678019][ T9849] total_shmem 309080064
[  151.679971][ T9849] total_mapped_file 32768
[  151.681360][ T9849] total_dirty 0
[  151.682737][ T9849] total_writeback 0
[  151.685061][ T9849] total_workingset_refault_anon 53
[  151.687209][ T9849] total_workingset_refault_file 34288
[  151.689494][ T9849] total_swap 127991808
[  151.691038][ T9849] total_swapcached 4096
[  151.692776][ T9849] total_nr_memmap_boot_pages 270436
[  151.702458][ T9849] total_pgpgin 195435
[  151.706137][ T9849] total_pglazyfree 63608
[  151.714957][ T9849] total_pgfault 1344
[  151.723008][ T9849] total_a_other 169492480
[  151.726989][ T9849] total_inactive_anon 139337728
[  151.731573][ T9849] total_active_anon 143360
[  151.743485][ T9849] total_inactive_file 0
[  151.753707][ T9849] total_active_file 0
[  151.755494][ T9849] anon_cost 0
[  151.760648][ T9849] file_cost 0
[  151.763915][ T9849] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.995,pid=9831,uid=0
[  151.784031][ T9849] Memory cgroup out of memory: Killed process 9831 (syz.3.995) total-vm:45436kB, anon-rss:128kB, file-rss:2732kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  152.548809][ T9901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.635954][ T9901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.730426][ T9831] syz.3.995 (9831) used greatest stack depth: 18536 bytes left
[  152.736190][ T9959] vlan2: entered promiscuous mode
[  152.737672][ T9959] bridge0: entered promiscuous mode
[  152.739275][ T9959] vlan2: entered allmulticast mode
[  152.740763][ T9959] bridge0: entered allmulticast mode
[  152.751455][ T9968] netlink: 'syz.4.1024': attribute type 4 has an invalid length.
[  152.804622][ T9971] netlink: 'syz.4.1024': attribute type 4 has an invalid length.
[  152.961142][ T9976] pimreg: entered allmulticast mode
[  152.972040][ T9901] team0: Port device team_slave_0 added
[  153.051759][   T40] audit: type=1400 audit(1749210234.334:928): avc:  denied  { ioctl } for  pid=9981 comm="syz.4.1027" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x127d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  153.067824][ T9980] pimreg: left allmulticast mode
[  153.206759][ T9977] syz.3.1025 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  153.220096][ T9977] CPU: 2 UID: 0 PID: 9977 Comm: syz.3.1025 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  153.220134][ T9977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.220144][ T9977] Call Trace:
[  153.220149][ T9977]  <TASK>
[  153.220156][ T9977]  dump_stack_lvl+0x16c/0x1f0
[  153.220182][ T9977]  dump_header+0x101/0x930
[  153.220208][ T9977]  oom_kill_process+0x270/0xa60
[  153.220233][ T9977]  out_of_memory+0x350/0x1700
[  153.220261][ T9977]  ? __pfx_out_of_memory+0x10/0x10
[  153.220289][ T9977]  mem_cgroup_out_of_memory+0x118/0x130
[  153.220308][ T9977]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  153.220331][ T9977]  ? do_raw_spin_unlock+0x172/0x230
[  153.220354][ T9977]  try_charge_memcg+0x72b/0xd50
[  153.220382][ T9977]  ? __pfx_try_charge_memcg+0x10/0x10
[  153.220405][ T9977]  ? __print_lock_name+0xd1/0xe0
[  153.220425][ T9977]  ? rcu_read_unlock+0x17/0x60
[  153.220455][ T9977]  charge_memcg+0x8a/0x230
[  153.220479][ T9977]  __mem_cgroup_charge+0x2b/0x1e0
[  153.220495][ T9977]  do_wp_page+0x1171/0x4f20
[  153.220524][ T9977]  ? __pfx_do_wp_page+0x10/0x10
[  153.220543][ T9977]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  153.220567][ T9977]  __handle_mm_fault+0x2223/0x5490
[  153.220592][ T9977]  ? __pfx___handle_mm_fault+0x10/0x10
[  153.220610][ T9977]  ? __pfx_mt_find+0x10/0x10
[  153.220651][ T9977]  ? find_vma+0xbf/0x140
[  153.220667][ T9977]  ? __pfx_find_vma+0x10/0x10
[  153.220682][ T9977]  handle_mm_fault+0x589/0xd10
[  153.220703][ T9977]  ? __pkru_allows_pkey+0x21/0xb0
[  153.220727][ T9977]  do_user_addr_fault+0x7a6/0x1370
[  153.220752][ T9977]  ? rcu_is_watching+0x12/0xc0
[  153.220775][ T9977]  exc_page_fault+0x5c/0xb0
[  153.220796][ T9977]  asm_exc_page_fault+0x26/0x30
[  153.220811][ T9977] RIP: 0033:0x7fa1a2f8e93b
[  153.220826][ T9977] Code: 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 <64> 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41
[  153.220847][ T9977] RSP: 002b:00007fff33b76298 EFLAGS: 00010213
[  153.220862][ T9977] RAX: 000000000000006e RBX: 000000000002550c RCX: ffffffffffffffa8
[  153.220872][ T9977] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa1a31b5fac
[  153.220882][ T9977] RBP: 0000000000000032 R08: 00007fa1a3d4c000 R09: 0000000933b7658f
[  153.220892][ T9977] R10: 00007fff33b76390 R11: 0000000000000246 R12: 00007fa1a31b5fac
[  153.220901][ T9977] R13: 00007fff33b76390 R14: 000000000002553e R15: 00007fff33b763b0
[  153.220930][ T9977]  </TASK>
[  153.293721][ T9977] memory: usage 307196kB, limit 307200kB, failcnt 58963
[  153.324698][ T9977] memory+swap: usage 432184kB, limit 9007199254740988kB, failcnt 0
[  153.327845][ T9977] kmem: usage 5136kB, limit 9007199254740988kB, failcnt 0
[  153.332948][ T9977] Memory cgroup stats for /syz3:
[  153.334285][ T9977] cache 309080064
[  153.345491][ T9977] rss 221184
[  153.349075][ T9977] rss_huge 0
[  153.356020][ T9977] shmem 308842496
[  153.359857][ T9977] mapped_file 0
[  153.364566][ T9977] dirty 0
[  153.367908][ T9977] writeback 0
[  153.370202][ T9977] workingset_refault_anon 68
[  153.376697][ T9977] workingset_refault_file 40299
[  153.382587][ T9977] swap 127983616
[  153.388557][ T9977] swapcached 12288
[  153.392881][ T9977] nr_memmap_boot_pages 283162
[  153.398618][ T9977] pgpgin 208157
[  153.402630][ T9977] pglazyfree 64510
[  153.409828][ T9901] team0: Port device team_slave_1 added
[  153.429896][ T9977] pgfault 1548
[  153.432259][ T9977] a_other 59457536
[  153.438150][ T9977] inactive_anon 249618432
[  153.439897][ T9977] active_anon 36864
[  153.441409][ T9977] inactive_file 0
[  153.442700][ T9977] active_file 0
[  153.446271][ T9977] hierarchical_memory_limit 314572800
[  153.453737][ T9977] hierarchical_memsw_limit 9223372036854771712
[  153.467770][ T9977] total_cache 309080064
[  153.469550][ T9977] total_rss 221184
[  153.471719][ T9977] total_rss_huge 0
[  153.475217][ T9977] total_shmem 308842496
[  153.478357][ T9977] total_mapped_file 0
[  153.481434][ T9977] total_dirty 0
[  153.487404][ T9977] total_writeback 0
[  153.489133][ T9977] total_workingset_refault_anon 68
[  153.490979][ T9977] total_workingset_refault_file 40299
[  153.492899][ T9977] total_swap 127983616
[  153.494346][ T9977] total_swapcached 12288
[  153.495787][ T9977] total_nr_memmap_boot_pages 283162
[  153.497847][ T9977] total_pgpgin 208157
[  153.499414][ T9977] total_pglazyfree 64510
[  153.500961][ T9977] total_pgfault 1548
[  153.502396][ T9977] total_a_other 59457536
[  153.503848][ T9977] total_inactive_anon 249618432
[  153.505985][ T9977] total_active_anon 0
[  153.508107][ T9977] total_inactive_file 36864
[  153.510254][ T9977] total_active_file 0
[  153.512083][ T9977] anon_cost 0
[  153.515252][ T9977] file_cost 0
[  153.518342][ T9977] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1025,pid=9977,uid=0
[  153.528877][ T9977] Memory cgroup out of memory: Killed process 9977 (syz.3.1025) total-vm:101820kB, anon-rss:1060kB, file-rss:22936kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  153.818690][ T9851] syz.3.995 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  153.833157][ T9851] CPU: 3 UID: 0 PID: 9851 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  153.833181][ T9851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.833191][ T9851] Call Trace:
[  153.833197][ T9851]  <TASK>
[  153.833204][ T9851]  dump_stack_lvl+0x16c/0x1f0
[  153.833230][ T9851]  dump_header+0x101/0x930
[  153.833255][ T9851]  oom_kill_process+0x270/0xa60
[  153.833279][ T9851]  out_of_memory+0x350/0x1700
[  153.833305][ T9851]  ? __pfx_out_of_memory+0x10/0x10
[  153.833334][ T9851]  mem_cgroup_out_of_memory+0x118/0x130
[  153.833385][ T9851]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  153.833408][ T9851]  ? do_raw_spin_unlock+0x172/0x230
[  153.833430][ T9851]  try_charge_memcg+0x72b/0xd50
[  153.833455][ T9851]  ? __pfx_try_charge_memcg+0x10/0x10
[  153.833478][ T9851]  ? __print_lock_name+0xd1/0xe0
[  153.833498][ T9851]  ? rcu_read_unlock+0x17/0x60
[  153.833538][ T9851]  charge_memcg+0x8a/0x230
[  153.833562][ T9851]  __mem_cgroup_charge+0x2b/0x1e0
[  153.833579][ T9851]  filemap_add_folio+0x88/0x220
[  153.833600][ T9851]  ? __pfx_filemap_add_folio+0x10/0x10
[  153.833629][ T9851]  __filemap_get_folio+0x510/0xc30
[  153.833658][ T9851]  filemap_fault+0x661/0x26c0
[  153.833687][ T9851]  ? __pfx_filemap_fault+0x10/0x10
[  153.833724][ T9851]  __do_fault+0x10a/0x490
[  153.833748][ T9851]  __handle_mm_fault+0x3c2a/0x5490
[  153.833773][ T9851]  ? __pfx___handle_mm_fault+0x10/0x10
[  153.833791][ T9851]  ? __pte_offset_map_lock+0x174/0x310
[  153.833816][ T9851]  ? find_held_lock+0x2b/0x80
[  153.833834][ T9851]  ? find_held_lock+0x2b/0x80
[  153.833859][ T9851]  ? follow_page_pte+0x3af/0x14c0
[  153.833881][ T9851]  handle_mm_fault+0x589/0xd10
[  153.833905][ T9851]  __get_user_pages+0x589/0x3b80
[  153.833931][ T9851]  ? __pfx___get_user_pages+0x10/0x10
[  153.833949][ T9851]  ? __kernel_write_iter+0x5a5/0xa90
[  153.833974][ T9851]  get_dump_page+0x257/0x3d0
[  153.833992][ T9851]  ? __pfx_get_dump_page+0x10/0x10
[  153.834008][ T9851]  ? dump_user_range+0x745/0xb60
[  153.834033][ T9851]  dump_user_range+0x195/0xb60
[  153.834059][ T9851]  ? __pfx_dump_user_range+0x10/0x10
[  153.834081][ T9851]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  153.834109][ T9851]  ? __pfx_writenote+0x10/0x10
[  153.834136][ T9851]  elf_core_dump+0x288a/0x3a90
[  153.834171][ T9851]  ? __pfx_elf_core_dump+0x10/0x10
[  153.834191][ T9851]  ? kasan_save_stack+0x42/0x60
[  153.834211][ T9851]  ? kasan_save_stack+0x33/0x60
[  153.834230][ T9851]  ? kasan_save_track+0x14/0x30
[  153.834248][ T9851]  ? __kasan_kmalloc+0xaa/0xb0
[  153.834267][ T9851]  ? do_coredump+0x1c9a/0x4f10
[  153.834283][ T9851]  ? get_signal+0x22e3/0x26d0
[  153.834300][ T9851]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  153.834353][ T9851]  ? 0xffffffffff600000
[  153.834410][ T9851]  ? do_coredump+0x399c/0x4f10
[  153.834427][ T9851]  do_coredump+0x399c/0x4f10
[  153.834456][ T9851]  ? __pfx_do_coredump+0x10/0x10
[  153.834474][ T9851]  ? find_held_lock+0x2b/0x80
[  153.834493][ T9851]  ? is_bpf_text_address+0x8a/0x1a0
[  153.834516][ T9851]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  153.834545][ T9851]  ? is_bpf_text_address+0x94/0x1a0
[  153.834564][ T9851]  ? kernel_text_address+0x8d/0x100
[  153.834582][ T9851]  ? __kernel_text_address+0xd/0x40
[  153.834599][ T9851]  ? unwind_get_return_address+0x59/0xa0
[  153.834639][ T9851]  ? stack_depot_save_flags+0x28/0xa40
[  153.834661][ T9851]  ? __lock_acquire+0xb8a/0x1c90
[  153.834688][ T9851]  ? kasan_save_stack+0x42/0x60
[  153.834707][ T9851]  ? kasan_save_stack+0x33/0x60
[  153.834726][ T9851]  ? kasan_save_track+0x14/0x30
[  153.834745][ T9851]  ? kasan_save_free_info+0x3b/0x60
[  153.834760][ T9851]  ? __kasan_slab_free+0x51/0x70
[  153.834779][ T9851]  ? kmem_cache_free+0x2d1/0x4d0
[  153.834796][ T9851]  ? __sigqueue_free+0xba/0x2a0
[  153.834817][ T9851]  ? get_signal+0xcba/0x26d0
[  153.834832][ T9851]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  153.834884][ T9851]  ? proc_coredump_connector+0x2d1/0x4f0
[  153.834903][ T9851]  ? __pfx_proc_coredump_connector+0x10/0x10
[  153.834929][ T9851]  ? rcu_is_watching+0x12/0xc0
[  153.834952][ T9851]  get_signal+0x22e3/0x26d0
[  153.834976][ T9851]  ? force_sig_fault+0xc4/0x100
[  153.834995][ T9851]  ? __pfx_get_signal+0x10/0x10
[  153.835039][ T9851]  arch_do_signal_or_restart+0x8f/0x7d0
[  153.835057][ T9851]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  153.835077][ T9851]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  153.835110][ T9851]  irqentry_exit_to_user_mode+0x12a/0x270
[  153.835133][ T9851]  asm_exc_page_fault+0x26/0x30
[  153.835148][ T9851] RIP: 0033:0x7fa1a2e4f830
[  153.835165][ T9851] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  153.835172][ T9851] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  153.835185][ T9851] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  153.835194][ T9851] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  153.835204][ T9851] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  153.835213][ T9851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.835222][ T9851] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  153.835247][ T9851]  </TASK>
[  154.014515][ T9851] memory: usage 307200kB, limit 307200kB, failcnt 61122
[  154.017842][ T9851] memory+swap: usage 432184kB, limit 9007199254740988kB, failcnt 0
[  154.020581][ T9851] kmem: usage 4996kB, limit 9007199254740988kB, failcnt 0
[  154.022997][ T9851] Memory cgroup stats for /syz3:
[  154.023069][ T9851] cache 309362688
[  154.026244][ T9851] rss 81920
[  154.027419][ T9851] rss_huge 0
[  154.029502][ T9851] shmem 309325824
[  154.104690][ T9851] mapped_file 0
[  154.107853][ T9851] dirty 0
[  154.109172][ T9851] writeback 0
[  154.112897][ T9851] workingset_refault_anon 68
[  154.115719][ T9851] workingset_refault_file 40916
[  154.117867][ T9851] swap 127983616
[  154.119409][ T9851] swapcached 12288
[  154.120941][ T9851] nr_memmap_boot_pages 283962
[  154.123015][ T9851] pgpgin 208922
[  154.127877][ T9851] pglazyfree 64632
[  154.129473][ T9851] pgfault 1641
[  154.130927][ T9851] a_other 102969344
[  154.132592][ T9851] inactive_anon 206450688
[  154.136352][ T9851] active_anon 4096
[  154.137980][ T9851] inactive_file 0
[  154.139532][ T9851] active_file 0
[  154.140964][ T9851] hierarchical_memory_limit 314572800
[  154.143173][ T9851] hierarchical_memsw_limit 9223372036854771712
[  154.146385][ T9851] total_cache 309362688
[  154.148177][ T9851] total_rss 81920
[  154.149749][ T9851] total_rss_huge 0
[  154.151335][ T9851] total_shmem 309325824
[  154.153050][ T9851] total_mapped_file 0
[  154.155640][ T9851] total_dirty 0
[  154.157233][ T9851] total_writeback 0
[  154.158861][ T9851] total_workingset_refault_anon 68
[  154.160950][ T9851] total_workingset_refault_file 40916
[  154.163176][ T9851] total_swap 127983616
[  154.165537][ T9851] total_swapcached 12288
[  154.167454][ T9851] total_nr_memmap_boot_pages 283962
[  154.170062][ T9851] total_pgpgin 208922
[  154.171409][ T9851] total_pglazyfree 64632
[  154.172795][ T9851] total_pgfault 1641
[  154.176365][ T9851] total_a_other 109420544
[  154.178273][ T9851] total_inactive_anon 199999488
[  154.180556][ T9851] total_active_anon 4096
[  154.182082][ T9851] total_inactive_file 20480
[  154.184143][ T9851] total_active_file 0
[  154.185471][ T9851] anon_cost 0
[  154.186624][ T9851] file_cost 0
[  154.187717][ T9851] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.995,pid=9839,uid=0
[  154.192436][ T9851] Memory cgroup out of memory: Killed process 9839 (syz.3.995) total-vm:45436kB, anon-rss:0kB, file-rss:2868kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  154.306385][   T40] audit: type=1400 audit(1749210235.594:929): avc:  denied  { execute } for  pid=9995 comm="syz.4.1031" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  154.761150][ T9901] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.761322][ T9839] syz.3.995 (9839) used greatest stack depth: 18280 bytes left
[  154.765463][ T9901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.775677][ T9901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.795774][ T9901] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.798113][ T9901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.823461][ T9901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  155.014565][T10020] SELinux:  Context system_u:object_r:shadow_t:s0 is not valid (left unmapped).
[  155.029444][   T40] audit: type=1400 audit(1749210236.314:930): avc:  denied  { relabelto } for  pid=10019 comm="syz.5.1037" name="bus" dev="tmpfs" ino=585 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:shadow_t:s0"
[  155.037621][   T40] audit: type=1400 audit(1749210236.314:931): avc:  denied  { associate } for  pid=10019 comm="syz.5.1037" name="bus" dev="tmpfs" ino=585 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:shadow_t:s0"
[  155.047860][T10020] No source specified
[  155.049524][   T40] audit: type=1400 audit(1749210236.334:932): avc:  denied  { mounton } for  pid=10019 comm="syz.5.1037" path="/104/bus" dev="tmpfs" ino=585 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:shadow_t:s0"
[  155.098056][   T40] audit: type=1400 audit(1749210236.384:933): avc:  denied  { unlink } for  pid=8548 comm="syz-executor" name="bus" dev="tmpfs" ino=585 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:shadow_t:s0"
[  155.287923][   T40] audit: type=1400 audit(1749210236.574:934): avc:  denied  { map } for  pid=10022 comm="syz.5.1038" path="/105/file0/pids.current" dev="9p" ino=35913966 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  155.291562][T10026] netfs: Couldn't get user pages (rc=-14)
[  155.316706][T10023] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  155.320268][T10023] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  155.325725][ T9901] hsr_slave_0: entered promiscuous mode
[  155.328010][ T9901] hsr_slave_1: entered promiscuous mode
[  155.330058][ T9901] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  155.332578][ T9901] Cannot create hsr debugfs directory
[  155.483092][T10024] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1036'.
[  155.592001][ T9843] syz.3.995 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  155.687520][ T9843] CPU: 2 UID: 0 PID: 9843 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  155.687542][ T9843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.687549][ T9843] Call Trace:
[  155.687553][ T9843]  <TASK>
[  155.687557][ T9843]  dump_stack_lvl+0x16c/0x1f0
[  155.687574][ T9843]  dump_header+0x101/0x930
[  155.687591][ T9843]  oom_kill_process+0x270/0xa60
[  155.687607][ T9843]  out_of_memory+0x350/0x1700
[  155.687635][ T9843]  ? __pfx_out_of_memory+0x10/0x10
[  155.687656][ T9843]  mem_cgroup_out_of_memory+0x118/0x130
[  155.687668][ T9843]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  155.687683][ T9843]  ? do_raw_spin_unlock+0x172/0x230
[  155.687697][ T9843]  try_charge_memcg+0x72b/0xd50
[  155.687715][ T9843]  ? __pfx_try_charge_memcg+0x10/0x10
[  155.687730][ T9843]  ? __print_lock_name+0xd1/0xe0
[  155.687742][ T9843]  ? rcu_read_unlock+0x17/0x60
[  155.687761][ T9843]  charge_memcg+0x8a/0x230
[  155.687780][ T9843]  __mem_cgroup_charge+0x2b/0x1e0
[  155.687791][ T9843]  filemap_add_folio+0x88/0x220
[  155.687805][ T9843]  ? __pfx_filemap_add_folio+0x10/0x10
[  155.687824][ T9843]  __filemap_get_folio+0x510/0xc30
[  155.687842][ T9843]  filemap_fault+0x661/0x26c0
[  155.687860][ T9843]  ? __pfx_filemap_fault+0x10/0x10
[  155.687882][ T9843]  __do_fault+0x10a/0x490
[  155.687898][ T9843]  __handle_mm_fault+0x3c2a/0x5490
[  155.687914][ T9843]  ? __pfx___handle_mm_fault+0x10/0x10
[  155.687926][ T9843]  ? __pte_offset_map_lock+0x174/0x310
[  155.687942][ T9843]  ? find_held_lock+0x2b/0x80
[  155.687953][ T9843]  ? find_held_lock+0x2b/0x80
[  155.687969][ T9843]  ? follow_page_pte+0x3af/0x14c0
[  155.687982][ T9843]  handle_mm_fault+0x589/0xd10
[  155.687997][ T9843]  __get_user_pages+0x589/0x3b80
[  155.688013][ T9843]  ? __pfx___get_user_pages+0x10/0x10
[  155.688024][ T9843]  ? __kernel_write_iter+0x5a5/0xa90
[  155.688041][ T9843]  get_dump_page+0x257/0x3d0
[  155.688051][ T9843]  ? __pfx_get_dump_page+0x10/0x10
[  155.688062][ T9843]  ? dump_user_range+0x745/0xb60
[  155.688077][ T9843]  dump_user_range+0x195/0xb60
[  155.688093][ T9843]  ? __pfx_dump_user_range+0x10/0x10
[  155.688106][ T9843]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  155.688125][ T9843]  ? __pfx_writenote+0x10/0x10
[  155.688143][ T9843]  elf_core_dump+0x288a/0x3a90
[  155.688164][ T9843]  ? __pfx_elf_core_dump+0x10/0x10
[  155.688177][ T9843]  ? kasan_save_stack+0x42/0x60
[  155.688189][ T9843]  ? kasan_save_stack+0x33/0x60
[  155.688201][ T9843]  ? kasan_save_track+0x14/0x30
[  155.688213][ T9843]  ? __kasan_kmalloc+0xaa/0xb0
[  155.688224][ T9843]  ? do_coredump+0x1c9a/0x4f10
[  155.688235][ T9843]  ? get_signal+0x22e3/0x26d0
[  155.688247][ T9843]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  155.688261][ T9843]  ? 0xffffffffff600000
[  155.688294][ T9843]  ? do_coredump+0x399c/0x4f10
[  155.688305][ T9843]  do_coredump+0x399c/0x4f10
[  155.688323][ T9843]  ? __pfx_do_coredump+0x10/0x10
[  155.688335][ T9843]  ? find_held_lock+0x2b/0x80
[  155.688347][ T9843]  ? is_bpf_text_address+0x8a/0x1a0
[  155.688361][ T9843]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  155.688375][ T9843]  ? is_bpf_text_address+0x94/0x1a0
[  155.688387][ T9843]  ? kernel_text_address+0x8d/0x100
[  155.688398][ T9843]  ? __kernel_text_address+0xd/0x40
[  155.688408][ T9843]  ? unwind_get_return_address+0x59/0xa0
[  155.688433][ T9843]  ? stack_depot_save_flags+0x28/0xa40
[  155.688449][ T9843]  ? __lock_acquire+0xb8a/0x1c90
[  155.688465][ T9843]  ? kasan_save_stack+0x42/0x60
[  155.688477][ T9843]  ? kasan_save_stack+0x33/0x60
[  155.688490][ T9843]  ? kasan_save_track+0x14/0x30
[  155.688507][ T9843]  ? kasan_save_free_info+0x3b/0x60
[  155.688521][ T9843]  ? __kasan_slab_free+0x51/0x70
[  155.688541][ T9843]  ? kmem_cache_free+0x2d1/0x4d0
[  155.688561][ T9843]  ? __sigqueue_free+0xba/0x2a0
[  155.688584][ T9843]  ? get_signal+0xcba/0x26d0
[  155.688601][ T9843]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  155.688656][ T9843]  ? proc_coredump_connector+0x2d1/0x4f0
[  155.688676][ T9843]  ? __pfx_proc_coredump_connector+0x10/0x10
[  155.688703][ T9843]  ? rcu_is_watching+0x12/0xc0
[  155.688729][ T9843]  get_signal+0x22e3/0x26d0
[  155.688756][ T9843]  ? force_sig_fault+0xc4/0x100
[  155.688782][ T9843]  ? __pfx_get_signal+0x10/0x10
[  155.688808][ T9843]  arch_do_signal_or_restart+0x8f/0x7d0
[  155.688827][ T9843]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  155.688847][ T9843]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  155.688882][ T9843]  irqentry_exit_to_user_mode+0x12a/0x270
[  155.688907][ T9843]  asm_exc_page_fault+0x26/0x30
[  155.688923][ T9843] RIP: 0033:0x7fa1a2e4f830
[  155.688942][ T9843] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  155.688950][ T9843] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  155.688965][ T9843] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  155.688976][ T9843] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  155.688987][ T9843] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  155.688997][ T9843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.689007][ T9843] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  155.689033][ T9843]  </TASK>
[  155.689061][ T9843] memory: usage 307200kB, limit 307200kB, failcnt 67133
[  155.746222][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  155.753705][ T9843] memory+swap: usage 432176kB, limit 9007199254740988kB, failcnt 0
[  155.911780][ T9843] kmem: usage 4896kB, limit 9007199254740988kB, failcnt 0
[  155.915502][ T9843] Memory cgroup stats for /syz3:
[  155.915637][ T9843] cache 309493760
[  155.918996][ T9843] rss 57344
[  155.920244][ T9843] rss_huge 0
[  155.921515][ T9843] shmem 309293056
[  155.922776][ T9843] mapped_file 28672
[  155.924429][ T9843] dirty 0
[  155.925612][ T9843] writeback 0
[  155.926912][ T9843] workingset_refault_anon 71
[  155.928706][ T9843] workingset_refault_file 45395
[  155.930601][ T9843] swap 127975424
[  155.932006][ T9843] swapcached 4096
[  155.933942][ T9843] nr_memmap_boot_pages 295978
[  155.935917][ T9843] pgpgin 220913
[  155.938310][ T9843] pglazyfree 65609
[  155.939781][ T9843] pgfault 1872
[  155.941889][ T9843] a_other 169664512
[  155.945469][ T9843] inactive_anon 139689984
[  155.951160][ T9843] active_anon 28672
[  155.952658][ T9843] inactive_file 8192
[  155.955020][ T9843] active_file 0
[  155.956405][ T9843] hierarchical_memory_limit 314572800
[  155.958444][ T9843] hierarchical_memsw_limit 9223372036854771712
[  155.960826][ T9843] total_cache 309493760
[  156.039592][ T9843] total_rss 57344
[  156.050643][ T9901] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  156.068885][ T9901] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  156.075641][ T9843] total_rss_huge 0
[  156.097378][ T9843] total_shmem 309293056
[  156.099158][ T9843] total_mapped_file 28672
[  156.124373][ T9843] total_dirty 0
[  156.133322][ T9843] total_writeback 0
[  156.147704][ T9843] total_workingset_refault_anon 71
[  156.151073][ T9901] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  156.161745][ T9843] total_workingset_refault_file 45395
[  156.167510][ T9901] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  156.223162][ T9843] total_swap 127975424
[  156.257595][ T9901] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.271638][ T9901] 8021q: adding VLAN 0 to HW filter on device team0
[  156.278175][ T8002] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.281029][ T8002] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.284779][ T9843] total_swapcached 4096
[  156.295030][ T8004] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.297904][ T8004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.367199][ T9843] total_nr_memmap_boot_pages 295978
[  156.389552][ T9843] total_pgpgin 220913
[  156.391081][ T9843] total_pglazyfree 65609
[  156.392635][ T9843] total_pgfault 1872
[  156.394510][ T9843] total_a_other 169664512
[  156.399722][ T9843] total_inactive_anon 139689984
[  156.401588][ T9843] total_active_anon 28672
[  156.403016][ T9843] total_inactive_file 8192
[  156.406636][ T9843] total_active_file 0
[  156.408048][ T9843] anon_cost 0
[  156.409253][ T9843] file_cost 0
[  156.410522][ T9843] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1036,pid=10021,uid=0
[  156.416441][ T9843] Memory cgroup out of memory: OOM victim 10021 (syz.3.1036) is already exiting. Skip killing the task
[  156.420850][ T9835] syz.3.995 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  156.440463][ T9835] CPU: 2 UID: 0 PID: 9835 Comm: syz.3.995 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  156.440496][ T9835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.440507][ T9835] Call Trace:
[  156.440512][ T9835]  <TASK>
[  156.440519][ T9835]  dump_stack_lvl+0x16c/0x1f0
[  156.440547][ T9835]  dump_header+0x101/0x930
[  156.440575][ T9835]  oom_kill_process+0x270/0xa60
[  156.440604][ T9835]  out_of_memory+0x350/0x1700
[  156.440635][ T9835]  ? __pfx_out_of_memory+0x10/0x10
[  156.440667][ T9835]  mem_cgroup_out_of_memory+0x118/0x130
[  156.440687][ T9835]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  156.440713][ T9835]  ? do_raw_spin_unlock+0x172/0x230
[  156.440737][ T9835]  try_charge_memcg+0x72b/0xd50
[  156.440772][ T9835]  ? __pfx_try_charge_memcg+0x10/0x10
[  156.440798][ T9835]  ? __print_lock_name+0xd0/0xe0
[  156.440819][ T9835]  ? rcu_read_unlock+0x17/0x60
[  156.440866][ T9835]  charge_memcg+0x8a/0x230
[  156.440893][ T9835]  __mem_cgroup_charge+0x2b/0x1e0
[  156.440912][ T9835]  shmem_alloc_and_add_folio+0x514/0xc20
[  156.440940][ T9835]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  156.440964][ T9835]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  156.440991][ T9835]  shmem_get_folio_gfp+0x67f/0x1600
[  156.441019][ T9835]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  156.441043][ T9835]  ? __pte_offset_map_lock+0x174/0x310
[  156.441074][ T9835]  shmem_write_begin+0x160/0x300
[  156.441096][ T9835]  ? find_held_lock+0x2b/0x80
[  156.441116][ T9835]  ? __pfx_shmem_write_begin+0x10/0x10
[  156.441139][ T9835]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  156.441157][ T9835]  ? __pfx_timestamp_truncate+0x10/0x10
[  156.441187][ T9835]  generic_perform_write+0x3cd/0x930
[  156.441218][ T9835]  ? __pfx_generic_perform_write+0x10/0x10
[  156.441241][ T9835]  ? inode_needs_update_time.part.0+0x191/0x270
[  156.441275][ T9835]  shmem_file_write_iter+0x10e/0x140
[  156.441302][ T9835]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  156.441325][ T9835]  __kernel_write_iter+0x317/0xa90
[  156.441350][ T9835]  ? __pfx___kernel_write_iter+0x10/0x10
[  156.441371][ T9835]  ? __up_read+0x1f8/0x750
[  156.441392][ T9835]  ? dump_user_range+0x745/0xb60
[  156.441411][ T9835]  ? get_dump_page+0x270/0x3d0
[  156.441433][ T9835]  dump_user_range+0x41f/0xb60
[  156.441458][ T9835]  ? __pfx_dump_user_range+0x10/0x10
[  156.441479][ T9835]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  156.441508][ T9835]  ? __pfx_writenote+0x10/0x10
[  156.441535][ T9835]  elf_core_dump+0x288a/0x3a90
[  156.441570][ T9835]  ? __pfx_elf_core_dump+0x10/0x10
[  156.441590][ T9835]  ? kasan_save_stack+0x42/0x60
[  156.441609][ T9835]  ? kasan_save_stack+0x33/0x60
[  156.441626][ T9835]  ? kasan_save_track+0x14/0x30
[  156.441644][ T9835]  ? __kasan_kmalloc+0xaa/0xb0
[  156.441663][ T9835]  ? do_coredump+0x1c9a/0x4f10
[  156.441680][ T9835]  ? get_signal+0x22e3/0x26d0
[  156.441697][ T9835]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  156.441721][ T9835]  ? 0xffffffffff600000
[  156.441784][ T9835]  ? do_coredump+0x399c/0x4f10
[  156.441802][ T9835]  do_coredump+0x399c/0x4f10
[  156.441833][ T9835]  ? __pfx_do_coredump+0x10/0x10
[  156.441852][ T9835]  ? find_held_lock+0x2b/0x80
[  156.441872][ T9835]  ? is_bpf_text_address+0x8a/0x1a0
[  156.441896][ T9835]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  156.441919][ T9835]  ? is_bpf_text_address+0x94/0x1a0
[  156.441940][ T9835]  ? kernel_text_address+0x8d/0x100
[  156.441958][ T9835]  ? __kernel_text_address+0xd/0x40
[  156.441976][ T9835]  ? unwind_get_return_address+0x59/0xa0
[  156.442019][ T9835]  ? stack_depot_save_flags+0x28/0xa40
[  156.442046][ T9835]  ? __lock_acquire+0xb8a/0x1c90
[  156.442074][ T9835]  ? kasan_save_stack+0x42/0x60
[  156.442094][ T9835]  ? kasan_save_stack+0x33/0x60
[  156.442114][ T9835]  ? kasan_save_track+0x14/0x30
[  156.442133][ T9835]  ? kasan_save_free_info+0x3b/0x60
[  156.442150][ T9835]  ? __kasan_slab_free+0x51/0x70
[  156.442170][ T9835]  ? kmem_cache_free+0x2d1/0x4d0
[  156.442189][ T9835]  ? __sigqueue_free+0xba/0x2a0
[  156.442212][ T9835]  ? get_signal+0xcba/0x26d0
[  156.442230][ T9835]  ? arch_do_signal_or_restart+0x8f/0x7d0
[  156.442281][ T9835]  ? proc_coredump_connector+0x2d1/0x4f0
[  156.442322][ T9835]  ? __pfx_proc_coredump_connector+0x10/0x10
[  156.442344][ T9835]  ? rcu_is_watching+0x12/0xc0
[  156.442366][ T9835]  get_signal+0x22e3/0x26d0
[  156.442391][ T9835]  ? force_sig_fault+0xc4/0x100
[  156.442409][ T9835]  ? __pfx_get_signal+0x10/0x10
[  156.442434][ T9835]  arch_do_signal_or_restart+0x8f/0x7d0
[  156.442451][ T9835]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  156.442472][ T9835]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  156.442506][ T9835]  irqentry_exit_to_user_mode+0x12a/0x270
[  156.442529][ T9835]  asm_exc_page_fault+0x26/0x30
[  156.442543][ T9835] RIP: 0033:0x7fa1a2e4f830
[  156.442558][ T9835] Code: Unable to access opcode bytes at 0x7fa1a2e4f806.
[  156.442565][ T9835] RSP: 002b:00007fa1a0dd7138 EFLAGS: 00010246
[  156.442578][ T9835] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007fa1a2f8e929
[  156.442588][ T9835] RDX: 00007fa1a0dd7140 RSI: 00007fa1a0dd7270 RDI: 000000000000000b
[  156.442598][ T9835] RBP: 00007fa1a3010b39 R08: 0000000000000000 R09: 0000000000000058
[  156.442608][ T9835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  156.442617][ T9835] R13: 0000000000000000 R14: 00007fa1a31b6160 R15: 00007fff33b76138
[  156.442644][ T9835]  </TASK>
[  156.453717][ T9835] memory: usage 307200kB, limit 307200kB, failcnt 68276
[  156.570373][ T9901] 8021q: adding VLAN 0 to HW filter on device batadv0
[  156.573247][ T9835] memory+swap: usage 432176kB, limit 9007199254740988kB, failcnt 0
[  156.633893][ T9835] kmem: usage 4804kB, limit 9007199254740988kB, failcnt 0
[  156.636904][ T9835] Memory cgroup stats for /syz3:
[  156.637187][ T9835] cache 309538816
[  156.640904][ T9835] rss 110592
[  156.642324][ T9835] rss_huge 0
[  156.644499][ T9835] shmem 309481472
[  156.646099][ T9835] mapped_file 0
[  156.647657][ T9835] dirty 0
[  156.648937][ T9835] writeback 0
[  156.650251][ T9835] workingset_refault_anon 71
[  156.651738][ T9835] workingset_refault_file 45616
[  156.653271][ T9835] swap 127975424
[  156.655651][ T9835] swapcached 4096
[  156.657192][ T9835] nr_memmap_boot_pages 296438
[  156.659044][ T9835] pgpgin 221350
[  156.660166][ T9835] pglazyfree 65688
[  156.661332][ T9835] pgfault 1911
[  156.662404][ T9835] a_other 127602688
[  156.665316][ T9835] inactive_anon 181993472
[  156.666670][ T9835] active_anon 28672
[  156.667872][ T9835] inactive_file 0
[  156.669046][ T9835] active_file 0
[  156.670158][ T9835] hierarchical_memory_limit 314572800
[  156.671874][ T9835] hierarchical_memsw_limit 9223372036854771712
[  156.675837][ T9835] total_cache 309538816
[  156.677163][ T9835] total_rss 110592
[  156.678366][ T9835] total_rss_huge 0
[  156.679608][ T9835] total_shmem 309481472
[  156.680994][ T9835] total_mapped_file 0
[  156.682299][ T9835] total_dirty 0
[  156.702918][ T9835] total_writeback 0
[  156.705536][ T9835] total_workingset_refault_anon 71
[  156.707202][ T9835] total_workingset_refault_file 45616
[  156.708918][ T9835] total_swap 127975424
[  156.710197][ T9835] total_swapcached 4096
[  156.711512][ T9835] total_nr_memmap_boot_pages 296438
[  156.713158][ T9835] total_pgpgin 221350
[  156.715170][ T9835] total_pglazyfree 65688
[  156.716550][ T9835] total_pgfault 1911
[  156.717794][ T9835] total_a_other 127602688
[  156.719210][ T9835] total_inactive_anon 181993472
[  156.720727][ T9835] total_active_anon 28672
[  156.722094][ T9835] total_inactive_file 0
[  156.724897][ T9835] total_active_file 0
[  156.726185][ T9835] anon_cost 0
[  156.727233][ T9835] file_cost 0
[  156.728309][ T9835] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1041,pid=10038,uid=0
[  156.733030][ T9835] Memory cgroup out of memory: Killed process 10038 (syz.3.1041) total-vm:101816kB, anon-rss:940kB, file-rss:21668kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000
[  156.769180][T10038] 
[  156.769979][T10038] =====================================
[  156.771667][T10038] WARNING: bad unlock balance detected!
[  156.773393][T10038] 6.15.0-syzkaller-12426-ge271ed52b344 #0 Not tainted
[  156.775573][T10038] -------------------------------------
[  156.778992][T10038] syz.3.1041/10038 is trying to release lock (&sighand->siglock) at:
[  156.781452][T10038] [<ffffffff817aac14>] copy_process+0x6b74/0x76a0
[  156.783450][T10038] but there are no more locks to release!
[  156.785199][T10038] 
[  156.785199][T10038] other info that might help us debug this:
[  156.787523][T10038] 1 lock held by syz.3.1041/10038:
[  156.789135][T10038]  #0: ffffffff8e61ecd0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x4ba7/0x76a0
[  156.792263][T10038] 
[  156.792263][T10038] stack backtrace:
[  156.794028][T10038] CPU: 0 UID: 0 PID: 10038 Comm: syz.3.1041 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  156.794042][T10038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.794048][T10038] Call Trace:
[  156.794052][T10038]  <TASK>
[  156.794056][T10038]  dump_stack_lvl+0x116/0x1f0
SYZFAIL: failed to recv rpc
[  156.794070][T10038]  ? copy_process+0x6b74/0x76a0
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  156.794082][T10038]  print_unlock_imbalance_bug+0x11b/0x130
[  156.794097][T10038]  ? copy_process+0x6b74/0x76a0
[  156.794109][T10038]  lock_release+0x242/0x2f0
[  156.794125][T10038]  _raw_spin_unlock+0x16/0x50
[  156.794136][T10038]  copy_process+0x6b74/0x76a0
[  156.794151][T10038]  ? __pfx_copy_process+0x10/0x10
[  156.794165][T10038]  ? _copy_from_user+0x59/0xd0
[  156.794180][T10038]  kernel_clone+0xfc/0x960
[  156.794192][T10038]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  156.794203][T10038]  ? __pfx_kernel_clone+0x10/0x10
[  156.794217][T10038]  ? __lock_acquire+0xb8a/0x1c90
[  156.794232][T10038]  __do_sys_clone3+0x212/0x290
[  156.794245][T10038]  ? __pfx___do_sys_clone3+0x10/0x10
[  156.794264][T10038]  do_syscall_64+0xcd/0x4c0
[  156.794278][T10038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.794311][T10038] RIP: 0033:0x7fa1a2fc3189
[  156.794323][T10038] Code: c0 08 00 48 8d 3d 7c c0 08 00 e8 02 29 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[  156.794337][T10038] RSP: 002b:00007fff33b76008 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3
[  156.794347][T10038] RAX: ffffffffffffffda RBX: 00007fa1a2f45590 RCX: 00007fa1a2fc3189
[  156.794353][T10038] RDX: 00007fa1a2f45590 RSI: 0000000000000058 RDI: 00007fff33b76050
[  156.794359][T10038] RBP: 00007fa1a3d4b6c0 R08: 00007fa1a3d4b6c0 R09: 00007fff33b76137
[  156.794365][T10038] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8
[  156.794371][T10038] R13: 000000000000004d R14: 00007fff33b76050 R15: 00007fff33b76138
[  156.794380][T10038]  </TASK>
[  156.873602][   T40] audit: type=1400 audit(1749210238.094:935): avc:  denied  { write } for  pid=5850 comm="syz-executor" path="pipe:[7325]" dev="pipefs" ino=7325 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  156.881608][ T9901] veth0_vlan: entered promiscuous mode
[  156.886230][T10038] ------------[ cut here ]------------
[  156.887146][ T9901] veth1_vlan: entered promiscuous mode
[  156.887959][T10038] pvqspinlock: lock 0xffff888029071280 has corrupted value 0x0!
[  156.888006][T10038] WARNING: CPU: 1 PID: 10038 at kernel/locking/qspinlock_paravirt.h:504 __pv_queued_spin_unlock_slowpath+0x237/0x330
[  156.896511][T10038] Modules linked in:
[  156.898393][T10038] CPU: 1 UID: 0 PID: 10038 Comm: syz.3.1041 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  156.901856][T10038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.902839][ T9901] veth0_macvtap: entered promiscuous mode
[  156.905155][T10038] RIP: 0010:__pv_queued_spin_unlock_slowpath+0x237/0x330
[  156.909737][T10038] Code: 03 0f b6 14 02 4c 89 e8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 67 41 8b 55 00 4c 89 ee 48 c7 c7 00 83 ad 8b e8 5a 09 f9 f5 90 <0f> 0b 90 90 e9 64 ff ff ff 90 0f 0b 48 89 df 4c 89 04 24 e8 b1 f5
[  156.909810][ T9901] veth1_macvtap: entered promiscuous mode
[  156.916193][T10038] RSP: 0018:ffffc900038779c8 EFLAGS: 00010286
[  156.919912][T10038] RAX: 0000000000000000 RBX: ffff888029071280 RCX: ffffffff817ae368
[  156.922277][T10038] RDX: ffff888025ea8000 RSI: ffffffff817ae375 RDI: 0000000000000001
[  156.925011][T10038] RBP: ffff888029071288 R08: 0000000000000001 R09: 0000000000000000
[  156.926232][ T9901] batman_adv: batadv0: Interface activated: batadv_slave_0
[  156.928097][T10038] R10: 0000000000000000 R11: 000000002d2d2d2d R12: ffff888029071290
[  156.933701][ T9901] batman_adv: batadv0: Interface activated: batadv_slave_1
[  156.933874][T10038] R13: ffff888029071280 R14: 00000000003d0f00 R15: ffff888028f5a440
[  156.938716][ T9901] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  156.939052][T10038] FS:  00005555738c3500(0000) GS:ffff8880d685a000(0000) knlGS:0000000000000000
[  156.942585][ T9901] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.945892][T10038] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  156.949168][ T9901] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.950847][T10038] CR2: 00007f4b826e7d60 CR3: 000000010b18e000 CR4: 0000000000352ef0
[  156.954379][ T9901] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.957090][T10038] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  156.963479][T10038] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  156.965861][T10038] Call Trace:
[  156.967229][T10038]  <TASK>
[  156.968461][T10038]  __raw_callee_save___pv_queued_spin_unlock_slowpath+0x15/0x30
[  156.971056][T10038]  ? debug_locks_off+0x19/0x80
[  156.972595][T10038]  .slowpath+0x9/0x18
[  156.974005][T10038]  ? debug_locks_off+0x24/0x80
[  156.977244][T10038]  do_raw_spin_unlock+0x172/0x230
[  156.979323][T10038]  _raw_spin_unlock+0x1e/0x50
[  156.981146][T10038]  copy_process+0x6b74/0x76a0
[  156.983025][T10038]  ? __pfx_copy_process+0x10/0x10
[  156.984934][T10038]  ? _copy_from_user+0x59/0xd0
[  156.986771][T10038]  kernel_clone+0xfc/0x960
[  156.988433][T10038]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  156.990215][T10038]  ? __pfx_kernel_clone+0x10/0x10
[  156.992194][T10038]  ? __lock_acquire+0xb8a/0x1c90
[  156.993829][T10038]  __do_sys_clone3+0x212/0x290
[  156.995550][T10038]  ? __pfx___do_sys_clone3+0x10/0x10
[  156.997698][T10038]  do_syscall_64+0xcd/0x4c0
[  156.999322][T10038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.001704][T10038] RIP: 0033:0x7fa1a2fc3189
[  157.003591][T10038] Code: c0 08 00 48 8d 3d 7c c0 08 00 e8 02 29 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[  157.012417][T10038] RSP: 002b:00007fff33b76008 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3
[  157.015952][T10038] RAX: ffffffffffffffda RBX: 00007fa1a2f45590 RCX: 00007fa1a2fc3189
[  157.019152][T10038] RDX: 00007fa1a2f45590 RSI: 0000000000000058 RDI: 00007fff33b76050
[  157.022904][T10038] RBP: 00007fa1a3d4b6c0 R08: 00007fa1a3d4b6c0 R09: 00007fff33b76137
[  157.026233][T10038] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8
[  157.029215][T10038] R13: 000000000000004d R14: 00007fff33b76050 R15: 00007fff33b76138
[  157.031882][T10038]  </TASK>
[  157.032844][T10038] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  157.034979][T10038] CPU: 1 UID: 0 PID: 10038 Comm: syz.3.1041 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[  157.039175][T10038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.042531][T10038] Call Trace:
[  157.043731][T10038]  <TASK>
[  157.044771][T10038]  dump_stack_lvl+0x3d/0x1f0
[  157.046442][T10038]  panic+0x71c/0x800
[  157.047748][T10038]  ? __pfx_panic+0x10/0x10
[  157.049106][T10038]  ? show_trace_log_lvl+0x29b/0x3e0
[  157.050693][T10038]  ? check_panic_on_warn+0x1f/0xb0
[  157.052252][T10038]  ? __pv_queued_spin_unlock_slowpath+0x237/0x330
[  157.054224][T10038]  check_panic_on_warn+0xab/0xb0
[  157.055765][T10038]  __warn+0xf6/0x3c0
[  157.056956][T10038]  ? __pv_queued_spin_unlock_slowpath+0x237/0x330
[  157.058900][T10038]  report_bug+0x3c3/0x580
[  157.060220][T10038]  ? __pv_queued_spin_unlock_slowpath+0x237/0x330
[  157.062168][T10038]  handle_bug+0x184/0x210
[  157.063627][T10038]  exc_invalid_op+0x17/0x50
[  157.065159][T10038]  asm_exc_invalid_op+0x1a/0x20
[  157.066763][T10038] RIP: 0010:__pv_queued_spin_unlock_slowpath+0x237/0x330
[  157.068920][T10038] Code: 03 0f b6 14 02 4c 89 e8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 67 41 8b 55 00 4c 89 ee 48 c7 c7 00 83 ad 8b e8 5a 09 f9 f5 90 <0f> 0b 90 90 e9 64 ff ff ff 90 0f 0b 48 89 df 4c 89 04 24 e8 b1 f5
[  157.074687][T10038] RSP: 0018:ffffc900038779c8 EFLAGS: 00010286
[  157.076557][T10038] RAX: 0000000000000000 RBX: ffff888029071280 RCX: ffffffff817ae368
[  157.079032][T10038] RDX: ffff888025ea8000 RSI: ffffffff817ae375 RDI: 0000000000000001
[  157.081375][T10038] RBP: ffff888029071288 R08: 0000000000000001 R09: 0000000000000000
[  157.083736][T10038] R10: 0000000000000000 R11: 000000002d2d2d2d R12: ffff888029071290
[  157.086226][T10038] R13: ffff888029071280 R14: 00000000003d0f00 R15: ffff888028f5a440
[  157.088635][T10038]  ? __warn_printk+0x198/0x350
[  157.090087][T10038]  ? __warn_printk+0x1a5/0x350
[  157.091514][T10038]  ? __pv_queued_spin_unlock_slowpath+0x236/0x330
[  157.093444][T10038]  __raw_callee_save___pv_queued_spin_unlock_slowpath+0x15/0x30
[  157.095736][T10038]  ? debug_locks_off+0x19/0x80
[  157.097176][T10038]  .slowpath+0x9/0x18
[  157.098744][T10038]  ? debug_locks_off+0x24/0x80
[  157.100588][T10038]  do_raw_spin_unlock+0x172/0x230
[  157.102071][T10038]  _raw_spin_unlock+0x1e/0x50
[  157.103501][T10038]  copy_process+0x6b74/0x76a0
[  157.104864][T10038]  ? __pfx_copy_process+0x10/0x10
[  157.106479][T10038]  ? _copy_from_user+0x59/0xd0
[  157.107929][T10038]  kernel_clone+0xfc/0x960
[  157.109270][T10038]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  157.110856][T10038]  ? __pfx_kernel_clone+0x10/0x10
[  157.112371][T10038]  ? __lock_acquire+0xb8a/0x1c90
[  157.114193][T10038]  __do_sys_clone3+0x212/0x290
[  157.116080][T10038]  ? __pfx___do_sys_clone3+0x10/0x10
[  157.118162][T10038]  do_syscall_64+0xcd/0x4c0
[  157.119985][T10038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.122301][T10038] RIP: 0033:0x7fa1a2fc3189
[  157.123910][T10038] Code: c0 08 00 48 8d 3d 7c c0 08 00 e8 02 29 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7
[  157.131079][T10038] RSP: 002b:00007fff33b76008 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3
[  157.133894][T10038] RAX: ffffffffffffffda RBX: 00007fa1a2f45590 RCX: 00007fa1a2fc3189
[  157.136345][T10038] RDX: 00007fa1a2f45590 RSI: 0000000000000058 RDI: 00007fff33b76050
[  157.139443][T10038] RBP: 00007fa1a3d4b6c0 R08: 00007fa1a3d4b6c0 R09: 00007fff33b76137
[  157.141737][T10038] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8
[  157.144064][T10038] R13: 000000000000004d R14: 00007fff33b76050 R15: 00007fff33b76138
[  157.146478][T10038]  </TASK>
[  157.148068][T10038] Kernel Offset: disabled
[  157.149397][T10038] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:39:42  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855b2985 RDI=ffffffff9b082320 RBP=ffffffff9b0822e0 RSP=ffffc90003877590
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000002d2d2d2d
R12=0000000000000000 R13=0000000000000037 R14=ffffffff9b0822e0 R15=ffffffff855b2920
RIP=ffffffff855b29af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555738c3500 ffffffff 00c00000
GS =0000 ffff8880d675a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fe40e546ff8 CR3=000000010b18e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=00000000000000c8 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff33b764c0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1a3011b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1a3011b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1a3011b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1a3011b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1a3011bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1a3011c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=000000000000000f RCX=ffffffff8b783030 RDX=ffff888031d94880
RSI=00007f280a578fff RDI=00007f280a57bfff RBP=0000000000000001 RSP=ffffc900039a7320
R8 =0000000000000007 R9 =0000000000000000 R10=00007f280a57bfff R11=0000000000000001
R12=000000000000000a R13=00007f280a57bfff R14=00007f280a578fff R15=ffff888117ee4a58
RIP=ffffffff81bc1100 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d685a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f280a23f000 CR3=000000010a55e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 63696d6f74616269 6c2f343662696c2f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000248 0000000000007db8
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001da0 0000000000033260
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000000 RBX=ffffc900039464d0 RCX=ffffffff8b7d2afe RDX=1ffffffff35ba9d1
RSI=ffffffff8b7d2b0d RDI=ffffffff9add4e88 RBP=0000000000000003 RSP=ffffc90003946430
R8 =0000000000000007 R9 =0000000000000002 R10=0000000000000003 R11=1ffffffff1cb9f79
R12=0000000000000003 R13=ffffc900039464e8 R14=ffffffff9add4e40 R15=0000000000000080
RIP=ffffffff8b7d2b44 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fa1a0df66c0 ffffffff 00c00000
GS =0000 ffff8880d695a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f4a1560de9c CR3=000000010735e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000100001 Opmask01=0000000000000001 Opmask02=0000000000080000 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd3cfc0b8b 00007ffd3cfc0b8b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd3cfc1090 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd3cfc1090 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 342e36353120205b 3e343c002e363038 6634653261316166 3778302074612000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3424363531202051 3434360024363032 6634653261316166 3772302074612000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d696c202c426b34 3038342065676173 75203a6d656d6b20 5d3533383954205b
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20296c6c75662854 504d454552502030 2320343433623235 646531373265672d
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 36323432312d7265 6c6c616b7a79732d 302e35312e362064 65746e6961742074
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f4e203539392e33 2e7a7973203a6d6d 6f43203533383920 3a4449502030203a
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4449552032203a55 5043205d35333839 54205b5d33363430 34342e3635312020
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3636393331393533 3d6f6e6920227039 223d766564202274 6e65727275632e73
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffffffff8b81b162 RCX=1ffffffff35b7e08 RDX=0000000000000000
RSI=ffffffff8c156fa0 RDI=ffffffff8b81b162 RBP=ffff88803210a8a0 RSP=ffffc90003e96690
R8 =0000000000000000 R9 =fffffbfff215000a R10=ffffffff90a80057 R11=0000000000000003
R12=ffff88806a73cc91 R13=0000000000000001 R14=ffffffff8e5cfb00 R15=ffff88803210a440
RIP=ffffffff8198aa80 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fa1a0df66c0 ffffffff 00c00000
GS =0000 ffff8880d6a5a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055ac70e76ce8 CR3=000000004dec4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f2000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055a0ea610600 000055a0ea610600
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff26f72560 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c426b3034393a73 73722d6e6f6e6120 2c426b3631383130 313a6d762d6c6174
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 303030313a6a6461 5f65726f63735f6d 6f6f20426b323131 3a73656c62617467
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7020303a44495520 2c426b303a737372 2d6d656d6873202c 426b38363631323a
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373722d656c6966 202c426b3034393a 7373722d6e6f6e61 202c426b36313831
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30313a6d762d6c61 746f742029313430 312e332e7a797328 2038333030312073
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000