last executing test programs:

59.533194224s ago: executing program 2 (id=1674):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getregset(0x4204, r1, 0x202, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x4}, [@IFLA_NET_NS_PID={0x8, 0x13, r1}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

59.093205329s ago: executing program 2 (id=1685):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc008561c, &(0x7f0000000040)={0x980901, 0x3, @name="75b6ebd22c9ea6adc527b3537a12a9dac319d36c77fd90f47112735f3d8ea3c3"})
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r1 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
write$FUSE_INIT(r1, &(0x7f0000000200)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x2d, 0x1, 0x2080, 0x8, 0x8, 0x7f079686, 0x5, 0x0, 0x0, 0x40, 0x40}}, 0x50)
write$binfmt_script(r1, &(0x7f0000000280)={'#! ', './file0', [{0x20, '\x00'}, {0x20, '/dev/v4l-subdev#\x00'}], 0xa, "c310ee588499cdb3cfdceba791efb6a91452fc26dd24613204fd0f576abb630331a531394b7500eee53e82ee0658ee971b78654fecafc310cf4a7ccf0411a39060a49911abaebc06e64561b2a034cee08bfe6b5b9c0bf78a3d2d256a381cbbb681"}, 0x80)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x541b, &(0x7f0000000100))

59.012459155s ago: executing program 2 (id=1690):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
r3 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@dev, 0x0, 0x1, 0x0, 0xa}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x186d, 0x1f86, 0x4e, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c8, &(0x7f0000000100))

58.781249033s ago: executing program 2 (id=1698):
syz_open_dev$vim2m(&(0x7f0000000280), 0x4eb36, 0x2)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000380)={0x0, {0x39b14d69, 0xfffffffc, 0x5, 0x4, 0x3, 0x80000001}})
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000001c0)={{0x0, 0x0, 0xfffd, 0x8001}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000900)={'syz1\x00', {0x9, 0x0, 0x6}, 0x37b4, [0xfeff, 0x4, 0x9, 0x0, 0x0, 0x20000, 0x0, 0xfffffffd, 0x0, 0x1, 0x10001, 0x8, 0x3, 0x5, 0x1ff, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x10000000, 0x10000000, 0xbffffffe, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x6c230c0, 0x1, 0x0, 0x9, 0x3, 0x39b14d67, 0x0, 0x4, 0x80, 0x20, 0x6, 0x3a3, 0x0, 0x0, 0x0, 0x8, 0x3, 0xfffffffd, 0x0, 0xfffff714, 0x200, 0x7, 0x2, 0x7, 0x0, 0x239, 0x20004, 0x0, 0x0, 0x105, 0x0, 0x800000], [0x11, 0xffff0003, 0x3, 0x0, 0xffffffff, 0x9, 0x88bf9219, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f3, 0x0, 0x4, 0xbb, 0x1, 0xfffffffc, 0x5, 0x800, 0x218001, 0xfffffffe, 0x6, 0x100, 0x40, 0x10000, 0xec6a, 0xca86, 0x40000000, 0xffffffff, 0xfffffffc, 0x8, 0xfffffffd, 0x7fffffff, 0xfffffffc, 0x1, 0x0, 0x0, 0x4, 0x0, 0xfffffffc, 0xfffffffc, 0x4, 0x18c, 0x0, 0xffffffff, 0x4000802, 0x5, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x4, 0x9dd, 0x80, 0x8000, 0x40000004, 0x6, 0x3, 0x8f, 0x7], [0xf, 0x4, 0x0, 0x40000000, 0xffffffff, 0x3, 0xa000000, 0x0, 0xfff, 0xffff7fff, 0xfffffffd, 0x0, 0x7, 0x0, 0x0, 0x6, 0x0, 0x0, 0x401, 0x0, 0x2, 0x420, 0xc, 0x4, 0x0, 0x0, 0x1ff, 0x3, 0xfffffffc, 0x7, 0xfffffffc, 0x2af, 0x5, 0x9, 0x0, 0x10000, 0x3, 0x0, 0x0, 0x0, 0x401, 0x401, 0x0, 0x0, 0xfffffffd, 0x5, 0x0, 0x3, 0x1, 0x0, 0xff, 0x4000005, 0x0, 0x4, 0x3ff, 0x400000, 0x0, 0x6, 0x0, 0x0, 0x1, 0xd, 0xffffffdb], [0x3, 0x0, 0x5, 0xc58, 0x0, 0x401, 0x1000, 0x215, 0x4, 0x7ff, 0x100, 0x3, 0xa, 0xf862, 0x80, 0x0, 0x6, 0x0, 0x7d, 0x5, 0x17ffd, 0x9, 0x4, 0x72, 0x0, 0xfffffffe, 0x0, 0x8, 0x5d66, 0x1, 0x800000, 0x9, 0x3, 0x0, 0x0, 0x9, 0xbfb6, 0x4, 0x8, 0x5, 0x0, 0xfffffffd, 0x1, 0xffffffff, 0x100, 0x4006f, 0x5, 0x3, 0xfffffffd, 0x53591a27, 0x3fffffd, 0x0, 0x0, 0x5, 0x400, 0x7, 0x9, 0x0, 0x0, 0x80000000, 0x1000000, 0x80000000, 0x5, 0x8]}, 0x45c)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x1cb)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
fcntl$setstatus(r1, 0x4, 0x4400)
ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000157000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000814000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r3 = io_uring_setup(0x5c6c, &(0x7f00000001c0)={0x0, 0x475a, 0x10, 0x2, 0x14d})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x80, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000480)={[{@nr_blocks={'nr_blocks', 0x3d, [0x38]}}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r4, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000240))
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)

58.562938525s ago: executing program 2 (id=1701):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mount(&(0x7f0000000100)=@md0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='befs\x00', 0x408, &(0x7f0000000240)='/dev/kvm\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r3 = syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x109041)
clock_getres(0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x1000, {0x2a00, 0x80010000, 0x0, 0x52, 0x0, 0x0, 0x1, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d09000000000000008dd4992861ac1000", "90be6c09306003d8006000", [0x0, 0x5]}})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

58.303232712s ago: executing program 2 (id=1702):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000800000002"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x3, 0x2)
openat$cgroup_ro(r1, &(0x7f0000000080)='cgroup.stat\x00', 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r0, &(0x7f00000000c0)="3455a8af80d3335d1074556eb394cbbbfd2e6e4a5d877c211dcc3d3d97129facedf150ad51d9ac3d0f748fc1dcb7f3cf622266e5de78a0c4b30ef0a46fada8a629883e46d70b5825739db797fc8d", &(0x7f00000001c0)=""/103}, 0x20)

58.199634379s ago: executing program 32 (id=1702):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000800000002"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x3, 0x2)
openat$cgroup_ro(r1, &(0x7f0000000080)='cgroup.stat\x00', 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r0, &(0x7f00000000c0)="3455a8af80d3335d1074556eb394cbbbfd2e6e4a5d877c211dcc3d3d97129facedf150ad51d9ac3d0f748fc1dcb7f3cf622266e5de78a0c4b30ef0a46fada8a629883e46d70b5825739db797fc8d", &(0x7f00000001c0)=""/103}, 0x20)

50.221097941s ago: executing program 0 (id=1812):
r0 = socket(0x2, 0x3, 0xff)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x4e24, @remote}, {0x2, 0x4e23, @empty}, {0x2, 0x4e20, @broadcast}, 0x8, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='pim6reg0\x00', 0x0, 0x3, 0x6})
setsockopt$inet_int(r0, 0x0, 0x16, &(0x7f0000000040)=0xfe9, 0x4)

50.113051714s ago: executing program 0 (id=1817):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
r1 = accept4$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000380)=0x1c, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000000000000a004e2200000000fc010000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000030000000a004e2120000000ff0100000000000000000000000000015e090000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e2000000002fc01000000000000000000000000000103000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e2100000004ff0100000000000000000000000000014365d11000"/528], 0x210)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0xe) (async)
r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x121201, 0x0)
ioctl$SNDCTL_DSP_GETFMTS(r2, 0x8004500b, &(0x7f0000000040)=0x5)

50.062423412s ago: executing program 0 (id=1819):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x80902, 0x0) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x2) (async)
r2 = syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x101441)
ioctl$CDROM_SEND_PACKET(r0, 0x5393, &(0x7f0000001580)={"dced38c259004db79960a23f", &(0x7f00000002c0)="5a04e36528948ebfef6060b00019dd706048591437dc045ccda5bdc3cbcd4ccfbf621ca77f327b85bdd76157338dbbcf07724d996b51cab516a710f835fa3b89bbaabbda63f3ae1c81ffd1d4e86e87a2341d514df50203e560a6cf1a67bc59dc8c9f8fddaf0fd35f3af28d16152528c8e017e27d47dfd33e51a52a6e3c3d2eda75a72664f98aea86dea8730c6dc72a67fc7fdd9248f9ad9346cedda6839dab157157d93df0923970b2c727d8a6acce17a4af154ddf3f3b22e707441b35242d2f7c6362d99ddc95fe7a10ac688eb41d6d1277ccd11644a6ccaef5b55108e85f51db", 0xe1, 0x2, &(0x7f0000001500)={0x4, 0x0, 0x8, 0x4, 0x0, 0x1, 0x0, "81aadebb", 0x9, "aabe412c", 0x8, 0x4, 0x5, "ff1a93", "f6b4f6a25bfb16dbd4466236eec4dded6275d8d0718d5eccea071396c1ef448853978b19df65ff108076bf17da40"}, 0x1, 0x7, 0x2}) (async)
r3 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_ep_write(r3, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
syz_usb_control_io(r3, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000340)={0x40, 0x6, 0x1, '\v'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r4 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000003980)={0x0, &(0x7f0000003a80)=[@nested_load_syzos={0x136, 0xe0, {0x3, 0x2, [@wrmsr={0x65, 0x20, {0x8a, 0x8}}, @set_irq_handler={0xc8, 0x20, {0xa2}}, @nested_amd_set_intercept={0x181, 0x30, {0x0, 0x9, 0xb}}, @wrmsr={0x65, 0x20, {0x9ee, 0xffffffffffffff01}}, @nested_amd_vmload={0x182, 0x18, 0x1}, @nested_vmlaunch={0x12f, 0x18, 0x2}]}}, @nested_amd_vmload={0x182, 0x18, 0x2}, @wr_drn={0x68, 0x20, {0x2, 0x6}}, @nested_vmresume={0x130, 0x18, 0x2}, @cpuid={0x64, 0x18, {0x2, 0x3}}, @wrmsr={0x65, 0x20, {0x203, 0x9}}, @uexit={0x0, 0x18, 0x7}, @nested_amd_stgi={0x17e, 0x10}, @nested_vmlaunch={0x12f, 0x18}, @nested_vmlaunch={0x12f, 0x18, 0x2}, @code={0xa, 0x61, {"660fe71126420f381e1a440f01c348b800000000000000000f23d80f21f835c00000300f23f8b96d0200000f3266660ff8fd66baf80cb862f8fa83ef66bafc0cec660f015e0066ba4000b00bee0fc72f"}}, @nested_vmlaunch={0x12f, 0x18, 0x2}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @save_area=0x698, 0x21, 0x56a8}}, @nested_amd_vmsave={0x183, 0x18, 0x3}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x0, @save_area=0x468, 0x80000000, 0x1, 0x3}}, @nested_amd_inject_event={0x180, 0x38, {0x1, 0x9, 0x7, 0x2, 0x1}}, @wr_drn={0x68, 0x20, {0x7, 0x7fffffffffffffff}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x0, @control_area=0x64, 0x2a5, 0x6ac, 0x9}}, @wr_crn={0x67, 0x20, {0x8, 0x100000000}}, @nested_vmlaunch={0x12f, 0x18}, @enable_nested={0x12c, 0x18}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x3, @host32=0x4c00, 0xffffffff, 0x8, 0x400}}, @nested_vmresume={0x130, 0x18, 0x3}, @wr_drn={0x68, 0x20, {0x0, 0x100}}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_stgi={0x17e, 0x10}], 0x431})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000003a40)=[@text64={0x40, &(0x7f00000039c0)="2e36450f01cbc7442400c7000000c744240295cdd6dfff1c24b985010000b800100000ba000000000f30f3450f1ef264660f38805e0eb9800000c00f3235000100000f30660fc77780f2a466b87d000f00d8460f01ca", 0x56}], 0x1, 0x6, &(0x7f0000003a80), 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r5, 0x0, 0x0)
ioctl$CEC_S_MODE(r2, 0x40046109, &(0x7f0000000100)=0x22) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0) (async)
recvmmsg(r6, &(0x7f0000003440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000003c0)=""/4092, 0x1000}, {&(0x7f00000013c0)=""/251, 0xfb}, {&(0x7f00000014c0)=""/44, 0x2c}], 0x3}, 0x5}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, &(0x7f0000003280)=[{&(0x7f0000000240)=""/111, 0x6f}, {&(0x7f0000001b80)=""/130, 0x82}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000000040)=""/165, 0xa5}, {&(0x7f0000002d00)=""/127, 0x7f}, {&(0x7f0000002d80)=""/208, 0xd0}, {&(0x7f0000002e80)=""/251, 0xfb}, {&(0x7f0000002f80)=""/245, 0xf5}, {0x0, 0x20}, {&(0x7f0000003180)=""/246, 0xf6}], 0xa}, 0x81}], 0x400000000000043, 0x40012032, 0x0) (async)
ioctl$CEC_S_MODE(r2, 0x40046109, &(0x7f00000000c0)=0x31) (async)
socket$kcm(0x2, 0xa, 0x2)
execve(&(0x7f0000001540)='./file0\x00', &(0x7f0000001880)={[&(0x7f00000015c0)='/dev/loop#\x00', &(0x7f0000001600)='@\'\x00', &(0x7f0000001640)='#-^!,\x00', &(0x7f0000001680)='\x00', &(0x7f00000016c0)='/#\x00', &(0x7f0000001700)='/dev/cdrom\x00', &(0x7f0000001740)='\x00', &(0x7f0000001780)='/dev/loop#\x00', &(0x7f00000017c0)='/dev/cdrom\x00', &(0x7f0000001840)='%&&-^@}\\:\x00']}, &(0x7f0000001940)={[&(0x7f0000001900)='\x00']})
write$tun(0xffffffffffffffff, 0x0, 0xffe)
r7 = syz_open_dev$loop(&(0x7f0000000b00), 0x7, 0x8000)
ioctl$LOOP_SET_FD(r7, 0x4c00, r0)

49.162902018s ago: executing program 0 (id=1837):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) (async)
r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e24, 0xff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}}, 0x80, 0x0}, 0x0) (async)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x15) (async)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0xfffffffffffffe4b)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0x1, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffff}, {0xffff, 0xffff}, {0x5}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x4}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x840) (async)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/cpuinfo\x00', 0x0, 0x0)
poll(&(0x7f0000000140)=[{r1, 0x4100}], 0x1, 0x1)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

49.159901774s ago: executing program 0 (id=1839):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="58000000020601080000000000000000000000040900020073797a3100000000050004000000000011000300686173683a6e65742c6e6574000000000c000780080012400000000205000500020000000500010006"], 0x58}}, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x18b)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x4000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @remote}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040042}, 0x80)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1842, 0x136)
write$binfmt_aout(r2, 0x0, 0x20)

49.092024459s ago: executing program 0 (id=1841):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}, @NFTA_LOOKUP_SREG={0x8}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
getrlimit(0x0, &(0x7f0000000240))

33.803137286s ago: executing program 33 (id=1841):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}, @NFTA_LOOKUP_SREG={0x8}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
getrlimit(0x0, &(0x7f0000000240))

2.587348697s ago: executing program 4 (id=2350):
prctl$PR_SET_THP_DISABLE(0x41, 0x3)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, 0x0) (async)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0xa0402)
r3 = socket$inet(0x2, 0x4000000000000001, 0x100)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x20, &(0x7f0000000100)=0x6, 0x4) (async)
readv(r2, &(0x7f0000000100)=[{&(0x7f0000000080)=""/16, 0x10}], 0x1)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x504a9}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x10001}]}}}, @IFLA_MTU={0x8}]}, 0x44}}, 0x0) (async, rerun: 32)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 32)

1.871188483s ago: executing program 4 (id=2355):
r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x7, 0x200001)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14)
sendmsg$DEVLINK_CMD_TRAP_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x1c}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8081}, 0x80)
r1 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r1, 0x40047211, &(0x7f0000000240)=0x5)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0), r0)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x48, r2, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xb1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8001}]}, 0x48}, 0x1, 0x0, 0x0, 0x44}, 0x4008040)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000400), 0x204002, 0x0)
r4 = syz_open_dev$swradio(&(0x7f0000000440), 0x1, 0x2)
ioctl$VIDIOC_DBG_G_CHIP_INFO(r4, 0xc0c85666, &(0x7f0000000480)={{0x3, @addr=0x7fff}, "3e310390c121cfc12a5cad5baa94aafd95bb82c166ef6cae58ffde70612a8dab", 0x2})
write$selinux_load(r0, &(0x7f0000000580)={0xf97cff8c, 0x8, 'SE Linux', "aa00f4cdbe68ff241801856bb17a3acf348923561183a0c9ab512e6e6125bf04cbd581e1602e56318ca0ce3fe0fded4b6cadba4da72a3befcd8425724165f9265ef683b11b3ea7a674aa0cc6e1eccf57b78f31941ed071dbe2c62a9cb6f3da5094f25dd4f374afe2c1cb1a7d7ff8d8d20f2873f076cb329d16614022394e35c8ef15b1ed9ba363a55afbd6d8e7db6a8587d4bff9ccffcfd6acfa205660f91981445c1511508130da7a0d954cc67b66636d0fa761ed5c66448c9666519b6b18cb03124447e543a30554eddf4db5815a67f3c56a838f8076bf77bff906db"}, 0xed)
r5 = syz_genetlink_get_family_id$SEG6(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, r5, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x13}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4010}, 0x40)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x40, 0x4, 0x6, 0x3, 0x0, 0x0, {0x3, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000880}, 0x40801)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000900), r0)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000940)={0x8c, r6, 0x20, 0x70bd27, 0x25dfdbfc, {}, [@DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xc, 0xa9, @random="9f3068d93df193b9"}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x7a3e}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x5}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_RATE_TX_MAX={0xc}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_PORT_INDEX={0x8}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4044001}, 0x4)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000c00)={'ip6_vti0\x00', &(0x7f0000000b80)={'ip6tnl0\x00', <r7=>0x0, 0x2f, 0x4, 0x1, 0x7, 0x50, @loopback, @mcast1, 0x10, 0x0, 0x6, 0x8e}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x4, &(0x7f0000000a80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x619}, [@generic={0x7f, 0x3, 0x8, 0xfffa, 0xa0000000}]}, &(0x7f0000000ac0)='syzkaller\x00', 0x1, 0x49, &(0x7f0000000b00)=""/73, 0x41100, 0x27, '\x00', r7, 0x0, r0, 0x8, &(0x7f0000000c40)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000c80)={0x1, 0xa, 0x5, 0x4}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000cc0)=[r0], &(0x7f0000000d00)=[{0x0, 0x3, 0xa}, {0x5, 0x3, 0xf, 0x9}, {0x0, 0x2, 0xb, 0x6}], 0x10, 0x1}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = fsopen(&(0x7f0000000e00)='nilfs2\x00', 0x0)
ioctl$VHOST_VDPA_GET_IOVA_RANGE(r9, 0x8010af78, &(0x7f0000000e40))
r10 = fcntl$dupfd(r8, 0x0, r3)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xa, 0x2010, r3, 0xa0184000)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, &(0x7f0000000e80)=0x5)
setsockopt$sock_timeval(r8, 0x1, 0x42, &(0x7f0000000ec0), 0x10)
r11 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000f00), 0x452000, 0x0)
sendmsg$tipc(r11, &(0x7f0000002200)={&(0x7f0000000f40)=@name={0x1e, 0x2, 0x1, {{0x40, 0x2}}}, 0x10, &(0x7f00000020c0)=[{&(0x7f0000000f80)="a8794778fdc6876a21b92a95568a1b7ddaf67a776d0990edd3a853dfec6a0664283405d36930f2220f62fea041edab40ea517b5b542daa39b6a1aa1865dc366bd9f95b4affbab5fa1393cc025c4f618fddd6dfea55a4c9e12d95a7fb95d36bb738bf", 0x62}, {&(0x7f0000001000)="9921dd7847eea530c9931b2f52ae01f749833086c7a185fc7352a8a24bfb00d46885e3bef21e31ba65394ba84deea3125e745242f1334994d8024fab5c51ceb81434e5a5a45f738fa94993b9c7e1090e757372d8c7658489f8434fb73cc924b68722aba3ef64c3834fb8b6f74db9724cc9a2aa86b682bf13c92733d78825f4b212d5030dfbb8f3a7e1be39119debecf030cb3730df289da855eba211f0cd68a8f73e8d834ed43360c6f3c88322cb734dc6969e36845431d616a377961a2bf27a236c885242eb387394e5c213fbc2dd31abbd2125b2997a8dbe12d68b2f1b87d50b35a7ed023297f66ffb72386bc9f61c43d2cff54011192c4670f7514a5b8652b3b42a70ce3b915fcc6e6df9bf37d969d5825af679d1318d89db293274dc2f14c13f295413becb9766be8fac61ebe03fdaa28942e41acd56efc951eeaed5038224612408e12b7b4c23cc406d7a8a48bf2e01cff27f6b18014b5264cde8563717bdb1fac224781f6fdf4160bc3e23973daf45a4f1bd33f369f81119f30850b1add67d7ce301e11a43bc7b3f0888837c8fd7ff1d273caa7df386d1b05e84a1fdb43b69833c4089e5ed7ab3add3605b3048f57a8e8eadee69cd8d4a81328bad4b3bb91b1e16765c9552283797f003c93f3144172afc69ffa10f6d48a69cb2722875237293e76718a0b1e89c95bf2caec2473fda556041c8c160aed2a3ec7fe4c6bda3aef4881fd567a348c34aeecbc1c98fe2a087d3c4ad27fc653096a1fe93a1095cf792bdf519131f39c9c57aadd0315dbefbf5cbfe2c24a8cdd2988807aceb9bf5d4b51c0fe7761db77fa728ce992aa84b068eb9afdcc04eb7da050023ef65e2e00b7a17e0249ce2946781b67be94d809bed38c264a97592c287e3abb83ff800c392039710eeed58a343ba67e1ac630f2228c06e164a76f3460c279b5a573b91c4bca4c286af39273d1a8a773f8eb07327ad414ba2c513dd30ca6bea9c8512b76ba11e7df37172b8864341cfecfef915de64a2d598366f5e795b0e2015f77b5207482425b55da783cea65a43879e6259405ba3720f05c0f69c8aae868c9557b985cc5da334752988547756c6b8f3328d5342e478dd50ac7e46bf59641abe3bedfc6af2cabffc21bce127439164dcc44cc77d1d44576fa7d1311055f59635a53d9366e8f8fd962294a3400a0351fec82f6dc4caf62d2813bc8dafd1f18354ebdd5c76765df4413c8cbc25d3c438fd583a643b02f4e812b226bdbd99f693abfd0ec0c4414b813040db5151344597997fd2a24cd5e8b1de44dd22f532693ce52e88714631a199929799c08679a226a2166a9394af232d9fb18579a1e772cd77a56d24227066c3c134f21e9187a90e34c2c1fd1093dbb1e7da6aca9f374a1f9dabcf935b48a4b7b3792bd9b96397a392875351246f61cf33512e547e04dee585539dc3c497e4fbf4f33baa4a5d0ee2bdde4d34145b0b919d42b6d3d5aae273042feca972595bd572a2d4b5deb05d2d59ef800426675cc9600c8f0588c4f5038d51e7bf5a65855df8218f6ec7cf81a4587ce417e8c62ac0bff6d166472c89e818bc6cde614de9cc95cc5b80d79d9db34ce4cd7de44a3a0b1c3da1bd53c7d158d907b432f7f9f70efb31ebf0833846c6c408bc09b68f4077a5d80eade9d93cf1833474a75869e4cf27fbfb5dca1d0002678d7a8e00ffe17e5ae04f73c5869d918b84f7760eab9048ca8145ecfb58625b1af8405b5ce5d50f3954f67a023d3fe90634865400a7a3ca9f407eae850619f683adcdf853c95fee2da7c0370154bdeedf234b0ff5e7f611095a8f48def6446d96f87b4b040f39a90ed224051535fa94f47549ef53924f7c0355c8fa15a496e06d1a0d514b47f19144d01c30c4fec555a9acf7c8294b1cba70e4da355fcb4c9366e6924263cc748a1deebe191c4d5c17fc1202b1758bfa9fea484b49bd0ee57d1aa60fafc2da2a3a7814131bda3bb85cee39e03870ae09362cd81ec900e52bad1c25ce324f3b5067b5cd63fc4578ce7c6b019b22f2af8dd79a397c4eb8ed2b3abab3a238714f970de3e388ab2fbba054ee44eaf1055df422bae79d74468abe9beac6e932780294a2fbf13f0386f1eb0d5929b9059ca866055015a547af48d5d968d8d7d329e959810e7d6373e1ee43fe250b1f142af463f186c76746b1a37b600549b7e0bf191595c28ed3303051c3bc12041d9ebb6bd3fbdd01f0b68cbf432f56b5725a822f4336566e1f68315fc4348c3cad6999effea50b70aad6935ba257dcfcfd1b378a1a4f0b9f38593a3eb1d1e603a956da47c8687e599908772b3019f54947170c801c97e2a01b20f39f82eaac064f82081eaf9cdd4cc9f1cb3768124b6f3e069fcd776a43bbdda68ef6e9b9fe03e52997d4984888443b2bcbc71d27f9501983e81c704dcd6ca0c47b42d544f6279104865b1b2cd93e635f49cc6fed38bcc2ce3c3f6811605ba4f13b18e298a29ef8e02c70118fd4e6e1c23bcdb7b01615337095dd1f0bde5ec28f21eb3a590edc7f2f3c0eb8807d0ada2d90e2f1aa8c9f991f140b72bdd2d53a2dcd4f3406e5fcc0c58b4f61df16087bce8993addeb4535f7983917a0c4fd47cf3f4cca84963dd09730225f9e377d41da46f4a5647e159350132f8de2c4ccba8ab2b514a817b280cf2032d9b24a99ae7174f7fab47ca614fae6513f0d73ba25eae3e72bf248e3f389aa95cfc20edaa9a30c58980ef04ba579bc9faaff46dfa7c8df0918d11be42376752bc87e84f1df13d72da894f9f914648f50b5fb637465e587827de1939fb028f0fe3bc5a9518b65dd260bff0eb06d654deb0959340ec5a3e9b01285d2719f4327d457695ea7f25a4d667c6febd71d1481c7cd8c65d37e2263b0a4923b2b238261f23b4ba455bac7b7d4d26f50db015f17fd41b9c6405b509e93136dfee77909f7c082e2ca5704981b78bea1eccce2f39c81ff15cd1550b01c074a107076d58fc21e996ca21f51c2b3bc9a610223ab0335c5ba70860da48fe93b2497b53016d5ff696e964f3b4115a4ea6b24fca3208cb0b18c35eb27dcb1869123bbe4ce7000b19390eced82b58eb6e81a116da0199bacaed93538e0c13cc9089be0c2cb223f08bc89fba6518d010e992e8690ebb5e6ff26d0b938787772b7b24ac705349e7208fbe74dd0fd04fd684a841d36280120f102c7a9efbb039a9fd544a6bf63b88de728e4d73e00ade2575031374cd661f94fff5b0b951c726b39bbf20c502a29a681cb4c5610b9962aeee58314274cb36204390708227e51f28bd53921d1c9eb49b4c9a01f5dac765fed6581f6f9bb146ccdee51a8f884961859a9a238dbdc5af5baad9afc543b21847cf7825b71c3bddeed941f57428e4853d167523b4eda16aed4115dc25123b07d8e0855dd61aed20816b6954bc3a2ee1dea983ad974b8bf8941b6df7da662e4c54ab16f1ef11ab61839c94455ea2551e4db816ca05f3e4749ce0c3d00a28abb18216e6d1a06561b356e969f5ec850dc4fb62341463921aae619d8e91b52d6f9fc6aa276c77d2a2f84d347f95af806e7f8e4944cdd0129b1bbc6b0c4c674995e1fe337d444f254ed652d92182ba6d5d98cfb60215d1b704cd725087ddffd74205998d240fc05649ea90747c6afda76af2dbd6cd716b3e765b4503ffea059bdd43f2887c437d23f2f2934ce22e42e235050000feb6478990e3c312557a040eadee37ec6099e1ff8e0dcbd882a00cfd26d95351189bd76a5461fd118efc3ad0d55f028b3d6a30640393e9c15db1402bc844f10a17654c4dab8c9c8a9995f92c83b0996a94a279667bc4c0b40cc9c92f71300cc94d1df95c6aa7826d325e6753be805a165e27ec3fa417d1f788cb30e570a945355f6124a1d3c0a9ecd2cee9a0976713a11483df969be6ba7960ec4333f98808d9e5e5b85ed2ad1286434e6edbd959ed0fea5ba7d1ac56e5a9fe60da745c617188f18a7001493e621b78dce7d33e6e82629f6c248d1673c0df5c1a65874f6e81bd3995620a3e6a7a4ee95a7acef740768417a1d4ec51856b717e9de5b6d4864146d3e83ab8acd1652199550f4cc05a7b04137383ada924e3b8c30fcbcc346089f70d259c8499f72a809ee3aba660d4c8ab825b10a3a075a48d81102320effd1d551d5a87cf199edf84c3528c0890c71b49298701fd93786a82a4281e438d094a338e21603f15d66e9a63d20d7b48b8ff85ef043a343a5881c462a7874bd8fc97cf3a12158ea99159e7d3adde6bed498aca92357c11c1552b12408e0817817611964eabcf6a8e2f0127713a53727f4e341fcbd4f763c05649a6cca1f0c3fa261104daf04e8b464836a97908898526df78585a91f0d1b49f27cc106561f59739d0b67603ff3f3b78114e701247d5271518a82ab06805028b9efae398dae84d8589bb51e7b46f070df077bde6e67b97d3babf8b230d888ffeaa87a453c36ce590117e1ae52a877b1b746a96c3e70ed1cdedae06cd7be56f2a6ba6ea9b8b15983baa951dee9986fee579a47787ac0064e18699999b7e79c1adeac1b20534c10d91c719ff701091e1578bc0fca837cb31c4f5aacc7021ee4ce1aef13a70d033549b0a1721c66f8f96376a0fc09d775dabdb87d43a6b7718219353b69814d8a6b0de53a12fde83289d5ee0c5a83aba8cc81ae0a639c8114b2f4fe30ef13a6ac4a28c18813cc431610b42c37c0533f5af44543d702bc72ff3a31740bf74aaeef92f6b15d8ba7e32c3925e8cfa9af905f85daadbe53a55999a25f5f2713bb445415d2feffe8ee20f3ab21512e1485274b3423b957416f9b960c6edb6efd8985b43dd095cac49fb2456c7f11923638c2601db67f3b1eb3e7240fb3bfad084fc4b367c528b274369d8b94fe9785400656a83560fc0c236f1daea0c6957f7425d3d8087a5285a81d3542a4b27cf8317c152f51c8996db8c821eb9b6c40f4fd0c8746b2cbbbc03cf68f4bae676614cd4e61630081c468d7231690f043bc4ec20e4be675bc831a52fc13a91b601171709251c696dcb277d2931dc16a008e084eec67d4896124e6fc8990727219de947e1feb6b27da112078677f86bba8c0726238d7fcdabdc2477824056d985fcfe146d5215db43ba35a80d3690f419bd70cc89a311876e6f412a910ac027ca271c64ac8e26c58f914ebad38646cf90fcbbde8339166eda543f6f646584ffa9fc962ff8611e81235562b63d39ccd8f6efbd2a88c481be3bab1d69b4ea7eadb90c8a6ae3ccd1724c95fbb5d8ab6edb45ede45cedda4db809e0ca11aaeb61e1f7fde115de28d8d5544265b37d8f5ce428f5ae73d7db2e37862e08b1c0b70a99d42a2fa512b7d646391a69c3d14b4e64e4521d4ce85ffcaf6cb3b2637b0cb867f57edf3c73cce52249e162ca40ad3bfc3ea1c3ca1c3de72afb35e526ee39c2bd6e2bc9dd2d2592ae0c8cbd1ae0e9885408d08e24b8b2320a4d88b933cdf5068ea3259cc7c39bea2aa933b15ee3fa59776dd8b3972845f9c6b9975c6586915e2e52f98319074430daa14f157af3a255ef77ae350d9f1653c852a8128b7e04e751125478c11178e85ac217c46b3794582717eabc0bd9e65b4dec382d1c3570fd5e3782e958248dbddf68179157bf4d84a3a3ab7ec51f280e2fa23c938a98e7e621f057cf2cae618e90f39e54e00b634c27cfadecb9ad396cb6dfb0eeaeafa1e623d642191100fedd099e79dff3f032f806d5cffbb4a15eee5398c441ad2ca9059d4e5da61db153e252be2c75e95555f6c4d14c762199b14d6cc8713ce39e95d786230d", 0x1000}, {&(0x7f0000002000)="6e3304b3911072a90cf378827d7b9aa5a290bf6ac98f8d83d5a46ecb691d630acee23a2794152c6537040bc96711bdab820245f3dad9e0201d8c107884f0bcbc45af6792e014859663a8ff36337e71e0848cc6edefbfdd13fbca778c60f5170c55c9d16a64af99037770a2dd197a9c4e91469436e68f47ab8d6ddd2415ff295eefc19f0822e03b53c565171c", 0x8c}], 0x3, &(0x7f0000002100)="36142c4ea94222617f754ecbc00f2a5345ed9dc1f1f66610deb7771eab355266c5d068e4320eb9458f63f62465dde41bcbba8f0b41662ce87b7adc12946da1d681bc19b5bbe394dd6ee0b1125f39de8173d13ae8947a1a599b844a8b32b994f8ff0beb32893e1fd4b637edc1b261544a7286a1af2d25b973fa79007cd181fdb6baa6b932bb42d029b3a6c7a3b1238d527ce8cad9d38c60d9d23988c0e8b506c2067e4eedd9f890381d9ff989a9a3848991a44b2755a41a8d5c19cab13c4f0cfaa46faa9c770702bf5920162b0010ab9673339852aa0a9fc79b4fd3471b84adc93e60175923977c8e090614c77ae13e3739bcefc8e74572420404dab6", 0xfc, 0x4048845}, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r0, 0xc0305615, &(0x7f0000002240))
sendmsg$NL80211_CMD_SET_MAC_ACL(r10, &(0x7f00000024c0)={&(0x7f0000002280)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002480)={&(0x7f0000002340)={0x10c, 0x0, 0x300, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x34, 0xa6, 0x0, 0x1, [{0xa}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x4c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa}]}, @NL80211_ATTR_MAC_ADDRS={0x28, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)

1.741948097s ago: executing program 5 (id=2359):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r3, 0x0, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f00000007c0)={0x28, 0x7, r3, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1004000})
ioctl$IOMMU_TEST_OP_MD_CHECK_MAP(r2, 0x3ba0, &(0x7f0000000800)={0x48, 0x3, r4, 0x0, 0x1004000, 0x1000, &(0x7f0000ffc000)})
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r6=>0x0)
sendto$inet_nvme_icreq_pdu(r2, &(0x7f0000000000)={{0x0, 0x0, 0x80, 0x8}, 0x0, 0x0, 0x0, 0x10000}, 0x80, 0x0, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r6], 0x1c}}, 0x4008054)
write$nci(r0, &(0x7f0000000240)=ANY=[@ANYBLOB='p\x00\t'], 0xc)
write$nci(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="400109000200000000b500049100048fff030000"], 0x14)
write$nci(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="5001", @ANYRES8=r1], 0x14)
close(0x3)

1.591638134s ago: executing program 4 (id=2363):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="290000002000190f00003fffffffda060200000000e80001dd0000040d000600ea11004a35f4667d41", 0x29}], 0x1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000040000701feffffff02000000017c0000040042800c000180060006"], 0x38}, 0x1, 0x0, 0x0, 0x4048011}, 0xc800)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000040), 0x3, 0x2)
ioctl$VIDIOC_S_PARM(r3, 0xc0cc5616, &(0x7f00000001c0)={0x5, @raw_data="7be854c3419e9ee1a2f632adac63f1254845aa6ab2202650aae48c794214d91bf0483c168d64ca79c34743392d972a8770009a6b6bf7b793d2de7dd21eb326308e9293bb8f35679722e9eaf987c4790984d814851563b2f206a0a225fbd06d156e8b2c9b0a1dbf6120aa5108af4e03ede05286d963420f7cb9186a96405b6b01964439c3da4b81d67383b74390e716af1616d7d94692cc29f1c31089658971dee3a0e796e9debcea5498ddfa10d88e8de36d308035786b440111343f8f1de2a2dc60588927914531"})
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x80002, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000200)={@broadcast, @local, 0x1, 0x8, [@multicast1, @rand_addr=0x64010101, @remote, @empty, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x2e}, @multicast1, @loopback]}, 0x30)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x29, 0x1f, 0x0, 0x47)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
add_key(&(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1.521558145s ago: executing program 3 (id=2364):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000ac0), 0x81, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r0, 0x5404)
ioctl$SNDCTL_TMR_STOP(r0, 0x5403)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x14, 0x15, 0x1, 0x70bd29, 0x0, {0xd}}, 0x14}, 0x1, 0x0, 0x0, 0x4800}, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0xa01485, 0x0)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000300)={0x6a1, 0x8001, 0x8, 0xe, 0x3, 0x0, [{0x5, 0x8, 0x1, '\x00', 0x100c}, {0x1c75, 0x0, 0x1, '\x00', 0xc}, {0x5, 0x340, 0x2be8, '\x00', 0x1801}]})
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x2b5b09b, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x8)

1.519612583s ago: executing program 3 (id=2365):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010008506e500001b0000000000000000", @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c00020008000100"], 0x3c}}, 0x0) (async, rerun: 64)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') (rerun: 64)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) (async)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'macsec0\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}]}}}, @IFLA_LINKMODE={0x5, 0x11, 0xe}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

1.43183823s ago: executing program 3 (id=2366):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)={0x1, 0x0, [{0x4b564d07, 0x0, 0xff7}]}) (async)
r3 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000001c0)={'syzkaller1\x00', 0x2}) (async)
writev(r3, &(0x7f0000000140)=[{&(0x7f00000000c0)="da807240827520fdaecb740357c91af1e3169027354a8e9717d94a421b16c69873c9225a6056985db3aaf85dc80674171b70fd340219f96c869663d30296ed00a9bbee7e3a8142411030385383da187996d37c6e90a31c79eb9dbfc904ca115aefc0c3de2243a6536ffd54e62a2b4ea0956276af8278c8e7", 0x78}], 0x1) (async)
r5 = semget$private(0x0, 0x20000000102, 0x0)
timer_create(0x4, &(0x7f00000004c0)={0x0, 0x13, 0x703217af26ad822c, @thr={&(0x7f0000000280)="3a5697fb0f939ffa2c20ada5786a1fa81a7007f3a387886009512cc15b8abab7c0", &(0x7f00000002c0)="7d74c444883d3742f31b3444764279a751778ea68c45ed144193c726c5b2fddfa9787971ed05df23e0744e6729b93594924421dc31a3dd51d14ceaca3edb04deaa4aa64530fed16a045be1365ad0aaed4cd8fb1904a03ef531b2b2c51efdad5c00cd76549b50199be2006871f9f0e52bc19895e0e51670d8d108a181f6704dfcd3b2ea5a59ed5c6fd2fd75ff485f52aa920a76aec3369cbdbbe9ad727b2e47be352485c22fe8b68d3aa6676387ba794a155053f5"}}, &(0x7f0000000500)=<r6=>0x0) (async)
clock_gettime(0x0, &(0x7f0000000540)={<r7=>0x0, <r8=>0x0})
timer_settime(r6, 0x0, &(0x7f0000000580)={{0x0, 0x989680}, {r7, r8+60000000}}, &(0x7f0000000600)) (async)
semop(r5, &(0x7f0000000380)=[{0x2, 0xffff}], 0x1) (async)
r9 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="5c00000014006b00c84e21000af32c6e020675f8002500024001080000000000000024eab582949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d4938037e786a6d0bdd70000b6c0504bb9081139343d0189594c952e805fffa1", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000740)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, 0x0, 0x0)
r11 = accept4(r10, 0x0, 0x0, 0x800)
sendmmsg$alg(r11, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) (async)
recvmsg(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async)
semtimedop(r5, &(0x7f0000000000)=[{0x3, 0xffff, 0x1000}, {0x1, 0x2, 0x3000}], 0x2, &(0x7f0000000080))

1.285056791s ago: executing program 4 (id=2367):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000240)={0x1f, 0x2}, 0x6)
getsockname(r0, 0x0, &(0x7f0000000380))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x11, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x2, 0x4, 0x1, 0x0, r1}, 0x48)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00')
pread64(r2, &(0x7f0000002140)=""/17, 0x11, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = semget(0x1, 0x4, 0x39c)
semop(r3, &(0x7f00000010c0)=[{0x1, 0x8001, 0x1000}, {0x1, 0x5b7a, 0x2000}], 0x2)
semop(0x0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}], 0x1)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff])
semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000240)=[0x6, 0x7fff])
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
write$FUSE_INIT(r4, &(0x7f0000000200)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x2d, 0x1, 0x2080, 0x8, 0x8, 0x7f079686, 0x5, 0x0, 0x0, 0x40, 0x40}}, 0x50)
write$binfmt_script(r4, &(0x7f0000000280)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000300)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r6, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0xfff}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x24048000}, 0x44045)
r7 = accept4(r4, 0x0, 0x0, 0x0)
recvfrom(r7, &(0x7f00000023c0)=""/231, 0xe7, 0x20, 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x541b, 0x0)
ioctl$FS_IOC_GETFSLABEL(r4, 0x81009431, &(0x7f00000003c0))

1.162255929s ago: executing program 4 (id=2368):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$lock(r0, 0x6, &(0x7f0000000380)={0x1, 0x0, 0x200, 0x2})
r1 = socket$inet(0x2, 0x1, 0x6)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e0000001ac1414aa0000000002000000ac1414aa"], 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
fcntl$lock(r0, 0x26, &(0x7f00000031c0)={0x1, 0x3, 0x0, 0x5})
fcntl$lock(r0, 0x26, &(0x7f0000000080))
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x3, 0x3})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)={0x20, r4, 0x301, 0x0, 0x0, {{}, {@void, @void, @val={0xc, 0x99, {0x2, 0x29}}}}}, 0x20}}, 0x40)
ioperm(0x0, 0x2, 0x2)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = dup(r6)
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, &(0x7f00000000c0))
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000380)={0x20000000, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, 0x0}, 0x58)
getpgid(0x0)
r9 = syz_pidfd_open(0x0, 0x0)
r10 = pidfd_getfd(r9, r9, 0x0)
setns(r10, 0x66020000)
move_mount(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x267)
socket$netlink(0x10, 0x3, 0x10)

1.093763101s ago: executing program 3 (id=2369):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x40, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000040)=0xfffffffc) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000dc0), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000e00)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_PMK(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000e40)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0xcf8bc5b45e2f9a98) (async)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4b, 0x0, 0x0)
io_uring_setup(0x286b, &(0x7f00000001c0)={0x0, 0xbe94, 0x0, 0x4000})
r5 = socket(0x2b, 0x1, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x450, 0x40, 0x1, 0x7fffc, 0x4, {0x19}, [@nested={0x4, 0x48}, @nested={0x2f8, 0x1, 0x0, 0x1, [@nested={0x2f4, 0x10, 0x0, 0x1, [@nested={0x2e9, 0x8, 0x0, 0x1, [@typed={0x8, 0x12, 0x0, 0x0, @pid}, @generic="8d71222022955bbfd49f7a66b1cd9bc337c88ae714ae521550b1c034d2b76e288fc2c8fb271a988fc52f3b6d9e701f118457e964de2496c722ffa4e81e5aefd28b91b23237a8e6a46911cd4acd9a9f90bdfb83f7596e56801c3505e17b92a9a9751b34ecf17d99cbd408d849947d38e4fda667f4051609344a84d20f40f4b76e212a5a9881f64e76a81179c2dd18ae27", @typed={0x4, 0x136}, @generic="70dc04c45f4598a49cd421440c957f7ff49f530bc36a860167bd991fba8635a02cc6329c70", @typed={0x8, 0xb8, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="0a89d22fc6aa16b7ee28d5bec03e38e52e4cc0f8d623e53388f0958268391ba6c9eb5c7d4b162aacde847f7530458ccff7ef58bc7e32b3915315aa674219087c568c89058027bdf0e6d5aa47b4f250f9ffa2f541022b4a0eb03cff148a41860e55853f67bb9697bb63834c3c029ca2957a3daa996a210026ff31489771bd3a9db63cd5553bde8d67cdc39e6bc8ca4b47591280b78e922601706621c2", @nested={0x4d, 0x0, 0x0, 0x1, [@generic="538bdc8779d8694509d437458fd10cab6cea38bce3cbcf87ac2e3555a781a69a7dc8d7db990b1fe3698348290c62f9944656d9e1c7c4862211", @typed={0x8, 0x56, 0x0, 0x0, @fd=r6}, @typed={0x8, 0xc7, 0x0, 0x0, @fd=r1}]}, @nested={0x12d, 0x10a, 0x0, 0x1, [@typed={0x4, 0xc7}, @generic="02bfddb2a3ae2c6d93e32d350bf8cf901d99dcb3424db326880561866897460a53d726aa998ac5a0ab8e391b7b6778a8f30d918bb7836fa5c538d16fee30f86868359c94888d4259dbf80680b7187a79a1b3adf60a21dc5bbf3047f597750b5a1fcd5bd037003a27db432148958c076b1038a14f84d7988d0368757c7b15b3bb798b80191180a946515b22288bfeb188edcfebe1ed55c26a22ae9e32b0734e9bd70d2e272e26181a63bfdda4921e604cdd9cd17ac9d4e5647d2a91d7372e5bb54125c4e416f1d3817e2d8037d373ad9bcc5e6ba69959714c32deeb1ade6607ca20051a1ceeb953ddeb41", @generic="0065e9b03009c0e31bd19731db0b4cbaa8c1491afbc0787b548baf4a1569bf5da0bc1986d6e022bf382eab61323739f8767fd1f7da32fc6ec98353"]}]}, @nested={0x4, 0xf}]}]}, @nested={0x4, 0xb6}, @typed={0x4, 0xd1}, @typed={0x9a, 0x5c, 0x0, 0x0, @binary="bb6f99c007aa16bd584abe9732daa3caf1fb9a8df1645c2aecb512e19811ca8a0ad5040b99dc00e0137d86fd552c4973f6caf300c44bad1338f04b5e3133fb099b397f714df99762b55bfdb764092c3a455c55b80f4a247c3f3b5dc630f5167a160f1c00d5003c4e5841ecf13185817e48985d294b3201106f32c051d4be4cfdb3030671710ef0f5c6c891356fa4cc06fc9ca8f28950"}, @generic="a6aede6afe14007a0c1f791835c0c773cff5e02c9f16202c0e338118989787fd3b978fe691a14ce06d3b44513f2e071c661695a9ff990b019c2813487cbe8d2dd9f46239dc524249287e7237d873f7fa2ccc8e060693e7c7aa960883a429153ca19d23765af8cc2df53a00b70fb3e2a77a4d66878c20a7ee9572c1633e3a17fed79c96e6542cce2fa4c8ffa84a614125", @typed={0xc, 0xbf, 0x0, 0x0, @u64=0x6}]}, 0x450}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094) (async)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f0000000280)=ANY=[@ANYRES64=r6], 0x18) (async)
syz_open_dev$vim2m(0x0, 0x1000, 0x2) (async)
r7 = syz_open_dev$hidraw(&(0x7f0000000000), 0x64, 0x100)
getrandom(0x0, 0x0, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$HIDIOCGRAWPHYS(r7, 0x80404805, 0x0) (async)
setsockopt$sock_timeval(r5, 0x1, 0x15, &(0x7f0000000000)={0x0, 0xea60}, 0x10) (async)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) (async)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = dup(r8)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f00000000c0)={0x0, 0x3, 0x2, [0xf0b, 0x1]}, &(0x7f0000000100)=0xc) (async)
bind$inet6(r8, &(0x7f0000000240)={0xa, 0x4e23, 0xa, @remote}, 0x1c)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
r11 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r11, 0x84, 0xc, &(0x7f0000000140)=@assoc_value={<r12=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r10, 0x84, 0x22, &(0x7f0000000100)={0x7, 0x820e, 0xc8b6, 0x3, r12}, &(0x7f0000000140)=0x10) (async)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r9, 0x84, 0x72, &(0x7f0000000140)={r12, 0x8, 0x10}, &(0x7f0000000180)=0xc)

888.638711ms ago: executing program 3 (id=2370):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket(0xa, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @rand_addr=0x64010100}, 0x10)
ptrace(0x10, r2)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r2, 0x10, &(0x7f0000000100)={0x1ff})
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000002b00)={&(0x7f0000000040)={0x18, 0x1409, 0x1, 0x70bd2a, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x58165424b96dc3a1}, 0xc080)
write$UHID_INPUT(r1, &(0x7f0000002300)={0x7, {"a2e3ad214fc752f91b4809094bf70e0dd038e7ff7fc6e5539b326d078b089b3b083872090890e0878f0e1ac6e7049b3d68959b4c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b08390d075d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b46943090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7076600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e988037b2ed050000000000000046684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2e7faa78d1f48c13b64df07847754b8400daaa69bf5e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a299e91eab658d3525859e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a74cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df2928924486cfff799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e74322f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2a9702b4230f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5f400000000000000cb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f002ce8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5478de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df11fddbc48562ea3511a80700000000000000cf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fffffff7f00000000758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

755.471298ms ago: executing program 5 (id=2371):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x2f, 0x1, 0xd1, 0x7, 0x3, @private2, @dev={0xfe, 0x80, '\x00', 0x27}, 0x8000, 0x80, 0x7, 0x1}})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000000c0)="7d4f2c4aaa338299bde19c7fdf1eadc9ee5b413140cc101c3d4993a649d039dfd605bd3a872507f690482407c23912d74ed951599838a73d9b2847b4720056cb2f49c5470fa7e5761345c58ec99399c59c1ef230990ec0c87ffc1b04f7a64628a3a55f30916df7450f8e502d1abe627a3e7710e6ec45fb19545bccc3a47205bf39300fc4efa82ad8be5c06e0b150574ba96c1274a22b56da32f034206cb1100a65c874e72b93223ba725", 0xaa, r0}, 0x68)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x439, 0x70bd2c, 0xffffffe2, {0x0, 0x0, 0xe403, 0x0, 0x243, 0x71dcb}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4090}, 0x4008844)

661.59742ms ago: executing program 1 (id=2372):
r0 = socket$inet(0x2, 0x5, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000180)=ANY=[@ANYBLOB="736563757269747900000000000000000000000000000000000000000000000002000000000000000000000010000000ce0000000000000000000001000000000000000000000000d96cdb2d453a1c35a27b83ba5a7d027f6bbdbadc751f62485df6bb6674a5930581c8706a304c45efe5ff28bd9b39973f1f7bcdc925452b9c25ecdb046a7cfd3a2a6a429e399a46c4e7527ade646730b8a0e6f4f0f83f29bce0b9e8f735a7bc9f2b108f9b9d1d1478bac1a6c8b187a9d1ab778b85f38f8d4f72a0e50ccc80281cc1c6c3f6dc80e514f8601d0814707c9b0decfae34df76b3ef5db437a7245b5e2922159c93e877848869e894b632d65fc94c4d9371c1f5f045c188fbbe5a75b39b7a35774b07536b8ab92529e4d"], 0x48)

661.293714ms ago: executing program 1 (id=2373):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
utimensat(r3, 0x0, &(0x7f0000000100)={{0x0, 0x3fffffff}}, 0x0)
write$binfmt_script(r3, &(0x7f0000000000)={'#! ', './file0', [{0x20, 'nl80211\x00'}, {0x20, 'wlan1\x00'}], 0xa, "451b845e4cb45eadd1063f9e73017c97ff0221f272c48a1d0db66c888af73ee2fb57462853aa427b05e878aae9a3aa177b8c7f9c1de0a75784778df908fd3804a354ab4244442d"}, 0x62)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf253f00000008000300", @ANYRES32=r1, @ANYBLOB="10005ea28400010008000200fcffbfff5ecc60fac97e8057477674ac32b2c5af5695ecf2ac0220fa8d2e28547580d09c0f3113e0b37ce7cac7accc7375bad5588410b1be53c29a16555ecd3822346d571b762548f7fe742acc81b79564239908b8ad2e9feed1d1821fc906dcf301e513a0eddab1e3e8d386f7569d5bd00fa81a45bd3fec80dbefdae77c271ff8a6de7ad8876e15896472401aff092b02105184f4de0b6ceeca009044732e2f803f7ce2bdc7034a9648b6ef6fcbf2b555cfb09e2a8b4ccaf01915ae99b9ac83970d3608"], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

571.989312ms ago: executing program 1 (id=2374):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x30, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x44080)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x44030)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0xfffffffffffffc2b, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x24004044)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, 0x0}, 0x24040084)
io_uring_setup(0x13cf, &(0x7f0000000040)={0x0, 0x4ea1, 0xc000, 0x1, 0x28b})

571.785924ms ago: executing program 5 (id=2375):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0xe00, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r4)
close(r4)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x81902)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xf3b8, 0x0, 0x1000, 0x400, 0x4002004c5, 0x1000, 0x0, 0x297, 0x7, 0x0, 0x4, 0x4], 0xeeee8000, 0x400})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
close_range(r0, 0xffffffffffffffff, 0x0)

553.387479ms ago: executing program 1 (id=2376):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r1, 0x400442c8, &(0x7f0000000000)={r0, 0x1, 0x4, 'Pb'})
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000140)={0x0, 0x0, 0x76, 0x6031})
renameat2(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', r4, &(0x7f00000002c0)='./file0\x00', 0x2)
r5 = dup3(r3, r2, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f0000000440)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
syz_emit_ethernet(0xae, &(0x7f0000000300)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1803"}, {0x0, 0x1, "7e5a01fffeb0621700000000"}, {0x1, 0x1, "fe906d26efe3"}]}}}}}}, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
write$FUSE_INIT(r7, &(0x7f0000000200)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x2d, 0x1, 0x2080, 0x8, 0x8, 0x7f079686, 0x5, 0x0, 0x0, 0x40, 0x40}}, 0x50)
r8 = socket(0x2, 0x80805, 0x0)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000000)=0x5, 0x4)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r8, 0x84, 0xa, &(0x7f0000000180)={0x401, 0xd, 0x800a, 0x6, 0x3, 0xffffff00, 0x8, 0x7, r10}, &(0x7f00000001c0)=0x20)
write$binfmt_script(r7, &(0x7f0000000280)={'#! ', './file0'}, 0xb)

412.386203ms ago: executing program 1 (id=2377):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8ab43, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
syz_clone3(&(0x7f000000dd80)={0xa00400, 0x0, 0x0, 0x0, {0x2}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x300000f, 0x11, r1, 0xcfa3e000)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x40000000, 0x0)
ptrace$poke(0x4, r0, &(0x7f0000000040), 0xfffffffffffffffe)

405.190737ms ago: executing program 5 (id=2378):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x80400, 0x0) (async)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x80400, 0x0)
pipe2$watch_queue(&(0x7f0000001180), 0x80) (async)
pipe2$watch_queue(&(0x7f0000001180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
r3 = add_key$keyring(&(0x7f0000001600), &(0x7f0000001640)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, r2, 0x7c)
r4 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000080)='*', 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r1, 0x36) (async)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r1, 0x36)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) (async)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0) (async)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi1\x00', 0x20043, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'rti800\x00', [0x100, 0xb, 0xcd, 0x2, 0x1, 0x100, 0x3, 0x20000000, 0x8, 0xb, 0x0, 0xb51, 0x9, 0x401, 0x3, 0x1, 0x0, 0x3, 0xfe9, 0xfffffffd, 0x6, 0x2, 0x4, 0x9, 0x48, 0x9, 0x6, 0x6a77, 0x5, 0x7fffffff, 0xa]}) (async)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'rti800\x00', [0x100, 0xb, 0xcd, 0x2, 0x1, 0x100, 0x3, 0x20000000, 0x8, 0xb, 0x0, 0xb51, 0x9, 0x401, 0x3, 0x1, 0x0, 0x3, 0xfe9, 0xfffffffd, 0x6, 0x2, 0x4, 0x9, 0x48, 0x9, 0x6, 0x6a77, 0x5, 0x7fffffff, 0xa]})
socket$netlink(0x10, 0x3, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r8, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'})
socket(0x10, 0x3, 0x0) (async)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=@newqdisc={0x58, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x8000, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0xc, 0xc89f, 0xffff5ef5, 0x0, 0x19, 0x3, 0x2800}}, {0x4}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x803}, 0x20004004)
socket$packet(0x11, 0x3, 0x300) (async)
r11 = socket$packet(0x11, 0x3, 0x300)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r12, 0x402, 0xd)
r13 = socket(0x11, 0x2, 0x0)
setsockopt(r13, 0x107, 0x1, &(0x7f0000000080)="010000000000060000071a80000001cc", 0x10)
r14 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000400)="f57e1ad7fff1288df2501f43b113902d85462ef8bee81eb126864875fb8f1302e7e17421ec0e0baa6dc21f6a6396ba032f0a6fcd33068255b3ac2a86fc6b62c35088db9d9f0e4c7bd070723f0654fb1af5a407d1accba6d05580a1e8dbfe19c0d5d09e415b5c9d310975125509480c4bddcd3ae6528f5f8066efd26387fbbd71aa0fb51715892bbf68d4", 0x8a, 0xfffffffffffffffa)
keyctl$KEYCTL_WATCH_KEY(0x20, r14, r12, 0x5c) (async)
keyctl$KEYCTL_WATCH_KEY(0x20, r14, r12, 0x5c)
sendto$unix(r13, &(0x7f0000000300)="d2203524c309214dceb1158900d33dc2a253b596afd45f2846c2fc37dc03e53dd574f079b564c9bd9805a29164760994f9740f06febcdeb00bc10cd1e14b99d89e7c7f711d66f4eae326464e9cafd3f0dbead7b839d206b46451fc672c12c64a23d658309032a3989670177bb0f840f32d808aad0ec795785da087ebc9caae71b707e7cfa3b5348f840e753fe8fde1b3b9f03bbf85b3b1205afe85b2d646c9fc93b17211b72ad0f2b212e26fd597cacb54cacbee8096da32114c812ccec7c15e09fdc337f1105a6a8444411c7b974dc1ff433ed4a41fe46bc9fb9e7a", 0xdc, 0x8000, 0x0, 0x0)
sendmsg$can_raw(r9, &(0x7f0000000500)={&(0x7f0000000200), 0x10, &(0x7f00000004c0)={&(0x7f0000000280)=@can={{0x0, 0x1, 0x1, 0x1}, 0x8, 0x3, 0x0, 0x0, "ae9bbd60eaa2ead4"}, 0x10}, 0x1, 0x0, 0x0, 0x200408c1}, 0x30008044)
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x81c0, 0x0)
ioctl$COMEDI_RANGEINFO(r6, 0x80106408, &(0x7f0000000580)={0x7ff, &(0x7f0000000540)=[{}]})
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f00000002c0)={'veth1_to_batadv\x00', <r15=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c00000010000305000000000000000000006dc4", @ANYRES32=0x0, @ANYRESDEC=r7, @ANYRES32=r15], 0x4c}}, 0x0)

292.031258ms ago: executing program 1 (id=2379):
socket$packet(0x11, 0x3, 0x300)
r0 = socket(0x10, 0x3, 0xfffffffe)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r0)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x80000, 0x4ec2edca74d3399a, 0x20}, 0x18)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x2}, 0x8000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000d80)="170000007a006bcd9e3fe3dc6e08170007000054250000", 0x17}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
mount$cgroup(0x0, 0x0, 0x0, 0x450, &(0x7f00000000c0)={[{@cpuset_v2_mode}]})
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000600)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00293de3f4ba921cd502a301a24a6db5df3c79814abd575d8718671fa9007635c8921109959abc8eab3f9a90d1145f189699e834f6f741768eae55c86eb0966355d9f28fcbb4bab84b23e88f062bc3017becc74d168f67714e6b5558", 0x89}, {&(0x7f00000003c0)="b972a9353f369e38e1d025d5811aeca3d95bedde0cdcd0857a3b40732a51a3c61d28b1b3383e2f5110c2dbfb85f874f214a16cf32bdad6c1bd5331fd60d4f9ed69fa8c12d462495b243ba94e1daa2c4bcc1eff91707f90", 0xfffffffffffffe87}], 0x2}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a7c000000060a0b0400000000000000000200fffe500004802800018007000100637400001c000280080001400000000208000240000000160500030000000000240001800b0001007470726f7879000014000280080002400000000e08000140000000020900010073797a30000000000900020073797a3200"], 0xa4}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x28, r8, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x4040010)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000100)={@desc={0x1, 0x0, @desc2}})
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000007c0)=@filter={'filter\x00', 0xe, 0x4, 0x2f8, 0xffffffff, 0x190, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x260, 0x260, 0x260, 0xffffffff, 0x4, &(0x7f00000002c0), {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x7}}}, {{@ip={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0xff, 'wlan0\x00', 'vlan0\x00', {}, {}, 0x1, 0x7, 0x41}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@ah={{0x30}, {[0x2, 0x7847]}}, @common=@ah={{0x30}, {[0x6, 0x4]}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0xffffffff, 0x0, 'dummy0\x00', 'batadv_slave_0\x00', {0xff}, {}, 0x2f, 0x0, 0x40}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x2, 0x2, 0xa, 0x4, 0x1, 0x2], 0x3, 0x7}, {0xffffffffffffffff, [0x2, 0x1, 0x2, 0x4, 0x4, 0x4], 0x3, 0x1}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x358)
sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000340)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000001d0000022dbd7000fcdbdf2500000000c39f7eaa42ed94054e9400d5447a22c40772a40e9a2a836283f910465e569f45a1e3e87ebdebb2f4c7f2efdbd4ff0f649daad8e0c58c6965419df42d2dc236d209c35642488b9d54b37624b5cf1c6d5dbcd1b7647dd11a90076deb943b2415305bd76ee4c38a97e6f6fc9c8111430bae8aa9e2f48555ddcb8015fd721e37cd2801611a28a56129ca76f647884a2cf6fa208e7159d9eb5ae47ae6ae233aca2a2571732fd3c315bc159ca9a8fcbac979ca692c173ae1c916ee50", @ANYRES32=r9, @ANYBLOB="0a002203060006004e23000008000800", @ANYRES32=r9, @ANYBLOB="05000c000900000010000e80040002000400020004000200"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x4091)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r10, 0x29, 0x38, 0x0, &(0x7f0000000140))
close_range(r10, r4, 0x2)

291.692939ms ago: executing program 5 (id=2380):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.stat\x00', 0x275a, 0x0)
write$cgroup_devices(r1, &(0x7f0000000000)=ANY=[], 0x9)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000040)=0x3, 0x4)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f00000005c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000cbd70100400000005000000080009000200000008000c00a80a000008000b00000000000600010007"], 0x40}, 0x1, 0x0, 0x0, 0x40811}, 0x20)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x50, &(0x7f0000000040)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "910100", 0x16, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "000000000100"}}}}}}}, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xf, &(0x7f0000000000)='\x00', 0x1)

221.555779ms ago: executing program 4 (id=2381):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="3400000010000d042dbd7000fcffff1f00000000", @ANYRES32=0x0, @ANYBLOB="df310601000100001400128009000100626f6e640000000004000280"], 0x34}, 0x1, 0x0, 0x0, 0x24008045}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_PPC_ALLOCATE_HTAB(r3, 0xc004aea7, &(0x7f0000000040)=0x8001)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x45, 0x56, '\x00', 0xee0})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

220.597369ms ago: executing program 5 (id=2382):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
sendmmsg$sock(r1, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="f8", 0x1}], 0x1, &(0x7f0000000a40)=[@timestamping={{0x14, 0x1, 0x4f, 0x3ff}}], 0x18}}], 0x1, 0x40440d1)
r2 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f2e, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(r2, 0xe)
read$snapshot(r0, 0x0, 0x0)

0s ago: executing program 3 (id=2383):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000000c0)=0x10000) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@host}) (async)
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r1, 0x7af, &(0x7f0000000040)={@host}) (async)
ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r1, 0x7b0, &(0x7f0000000200)={@local, 0x2})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x8080) (async)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000180)={0x200, 0xff, 0x2, 0x0, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r4, 0xc01064b3, &(0x7f0000000240)={r5}) (async)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r3, 0xc00464b4, &(0x7f0000000200)={r5}) (async)
sendmsg$NFNL_MSG_ACCT_DEL(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0x3, 0x7, 0x101, 0x0, 0x0, {0x1, 0x0, 0x6}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x800) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000080)={'gre0\x00', 0x0, 0x7, 0x700, 0x8, 0x163, {{0x6, 0x4, 0x3, 0x9, 0x18, 0x66, 0xd7b, 0xc, 0x2f, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@end]}}}}}) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@deltaction={0x100, 0x31, 0x0, 0x70bd2a, 0x25dfdbfd, {}, [@TCA_ACT_TAB={0x44, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6e6}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @TCA_ACT_TAB={0x30, 0x1, [{0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x10, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80000001}}, {0x10, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}]}, @TCA_ACT_TAB={0x24, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x400}, 0x481d5) (async)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c0001800600060065580000080002"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

kernel console output (not intermixed with test programs):

overlayfs: failed to resolve './file1/file0': -2
[  209.388534][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.395503][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.407127][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.434833][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.458990][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.484124][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.489590][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.492255][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.498277][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.507513][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.511966][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.526241][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.554752][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.586529][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.640670][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.674111][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.682091][T13158] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  209.736897][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.749620][T13158] CPU: 0 UID: 0 PID: 13158 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  209.749641][T13158] Tainted: [L]=SOFTLOCKUP
[  209.749645][T13158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  209.749652][T13158] Call Trace:
[  209.749656][T13158]  <TASK>
[  209.749660][T13158]  dump_stack_lvl+0x100/0x190
[  209.749684][T13158]  dump_header+0xfb/0x606
[  209.749697][T13158]  oom_kill_process.cold+0xd/0x330
[  209.749710][T13158]  out_of_memory+0x340/0x14f0
[  209.749730][T13158]  ? __pfx_out_of_memory+0x10/0x10
[  209.749755][T13158]  mem_cgroup_out_of_memory+0xc6/0x130
[  209.749779][T13158]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  209.749800][T13158]  ? find_held_lock+0x2b/0x80
[  209.749820][T13158]  ? do_raw_spin_unlock+0x145/0x1e0
[  209.749846][T13158]  ? _raw_spin_unlock+0x28/0x50
[  209.749939][T13158]  try_charge_memcg+0x6e5/0xdf0
[  209.749963][T13158]  ? __pfx_try_charge_memcg+0x10/0x10
[  209.749980][T13158]  ? find_held_lock+0x2b/0x80
[  209.749994][T13158]  ? rcu_read_unlock+0x17/0x60
[  209.750014][T13158]  ? rcu_read_unlock+0x17/0x60
[  209.750035][T13158]  ? find_held_lock+0x2b/0x80
[  209.750052][T13158]  ? rcu_read_unlock+0x17/0x60
[  209.750078][T13158]  charge_memcg+0x19f/0x210
[  209.750099][T13158]  __mem_cgroup_charge+0x2b/0x1c0
[  209.750123][T13158]  shmem_alloc_and_add_folio+0x451/0xd40
[  209.750159][T13158]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  209.750190][T13158]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  209.750225][T13158]  shmem_get_folio_gfp+0x6ab/0x1900
[  209.750257][T13158]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  209.750288][T13158]  ? timestamp_truncate+0x22e/0x2f0
[  209.750317][T13158]  shmem_write_begin+0x1a4/0x420
[  209.750380][T13158]  ? __pfx_shmem_write_begin+0x10/0x10
[  209.750405][T13158]  ? rcu_is_watching+0x12/0xc0
[  209.750434][T13158]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  209.750466][T13158]  generic_perform_write+0x292/0xa40
[  209.750498][T13158]  ? __pfx_generic_perform_write+0x10/0x10
[  209.750519][T13158]  ? __mark_inode_dirty+0x55c/0x1720
[  209.750540][T13158]  ? mnt_put_write_access_file+0x4e/0x100
[  209.750562][T13158]  ? file_update_time_flags+0x373/0x500
[  209.750591][T13158]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  209.750608][T13158]  shmem_file_write_iter+0x10e/0x140
[  209.750628][T13158]  __kernel_write_iter+0x2ac/0x920
[  209.750649][T13158]  ? __pfx___kernel_write_iter+0x10/0x10
[  209.750666][T13158]  ? cgroup1_freezing+0x12c/0x3b0
[  209.750687][T13158]  ? cgroup1_freezing+0x136/0x3b0
[  209.750704][T13158]  ? freezing_slow_path+0xb5/0x1a0
[  209.750723][T13158]  dump_user_range+0x3f9/0xad0
[  209.750744][T13158]  ? __pfx_dump_user_range+0x10/0x10
[  209.750767][T13158]  ? __pfx_writenote+0x10/0x10
[  209.750790][T13158]  elf_core_dump+0x2d5f/0x3d10
[  209.750820][T13158]  ? __pfx_elf_core_dump+0x10/0x10
[  209.750837][T13158]  ? kasan_save_stack+0x3f/0x50
[  209.750851][T13158]  ? kasan_save_stack+0x30/0x50
[  209.750865][T13158]  ? __kasan_kmalloc+0xaa/0xb0
[  209.750889][T13158]  ? __kvmalloc_node_noprof+0x360/0xa00
[  209.750913][T13158]  ? vfs_coredump+0x22db/0x5770
[  209.750928][T13158]  ? asm_exc_page_fault+0x26/0x30
[  209.750949][T13158]  ? 0xffffffffff600000
[  209.751001][T13158]  ? vfs_coredump+0x29a0/0x5770
[  209.751018][T13158]  vfs_coredump+0x29a0/0x5770
[  209.751040][T13158]  ? __pfx_vfs_coredump+0x10/0x10
[  209.751051][T13158]  ? __lock_acquire+0x4a5/0x2630
[  209.751070][T13158]  ? lock_acquire+0x1b1/0x370
[  209.751089][T13158]  ? is_bpf_text_address+0x8a/0x1a0
[  209.751104][T13158]  ? bpf_ksym_find+0x128/0x1c0
[  209.751123][T13158]  ? __kernel_text_address+0xd/0x30
[  209.751137][T13158]  ? unwind_get_return_address+0x59/0xa0
[  209.751154][T13158]  ? arch_stack_walk+0xa6/0xf0
[  209.751174][T13158]  ? __sigqueue_free+0xbe/0x2a0
[  209.751185][T13158]  ? stack_trace_save+0x8e/0xc0
[  209.751195][T13158]  ? __pfx_stack_trace_save+0x10/0x10
[  209.751206][T13158]  ? stack_depot_save_flags+0x27/0x9d0
[  209.751235][T13158]  ? __lock_acquire+0x4a5/0x2630
[  209.751271][T13158]  ? proc_coredump_connector+0x2d3/0x4f0
[  209.751297][T13158]  ? __pfx_proc_coredump_connector+0x10/0x10
[  209.751314][T13158]  ? rcu_is_watching+0x12/0xc0
[  209.751332][T13158]  get_signal+0x1f2a/0x21e0
[  209.751353][T13158]  ? __pfx_get_signal+0x10/0x10
[  209.751369][T13158]  ? __pfx_force_sig_fault+0x10/0x10
[  209.751387][T13158]  arch_do_signal_or_restart+0x91/0x7e0
[  209.751406][T13158]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  209.751428][T13158]  ? rcu_is_watching+0x12/0xc0
[  209.751450][T13158]  irqentry_exit+0x410/0x7e0
[  209.751468][T13158]  asm_exc_page_fault+0x26/0x30
[  209.751479][T13158] RIP: 0033:0x7f2b4d39ce59
[  209.751496][T13158] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  209.751503][T13158] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  209.751520][T13158] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  209.751531][T13158] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  209.751543][T13158] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  209.751553][T13158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  209.751562][T13158] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  209.751587][T13158]  </TASK>
[  209.755702][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.774930][T13158] memory: usage 307200kB, limit 307200kB, failcnt 20230
[  209.932693][T13158] memory+swap: usage 432196kB, limit 9007199254740988kB, failcnt 0
[  209.935976][T13158] kmem: usage 8520kB, limit 9007199254740988kB, failcnt 0
[  209.938666][T13158] Memory cgroup stats for /syz1:
[  209.940882][T13158] cache 305786880
[  209.942558][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.945180][T13158] rss 53248
[  209.948169][T13158] rss_huge 0
[  209.948826][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.949316][T13158] shmem 305782784
[  209.949324][T13158] mapped_file 4096
[  209.954766][T13158] dirty 0
[  209.955369][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.955958][T13158] writeback 0
[  209.955968][T13158] workingset_refault_anon 1307
[  209.961499][T13158] workingset_refault_file 8
[  209.962055][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.963081][T13158] swap 127995904
[  209.963089][T13158] swapcached 133361664
[  209.963094][T13158] pgpgin 234360
[  209.969969][T13158] pgpgout 160202
[  209.970626][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.971048][T13158] pgfault 110810
[  209.971055][T13158] pgmajfault 180
[  209.976674][T13158] inactive_anon 227786752
[  209.978143][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.978560][T13158] active_anon 78049280
[  209.983338][T13158] inactive_file 4096
[  209.984187][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.985023][T13158] active_file 0
[  209.989150][T13158] unevictable 0
[  209.989708][T13297] overlayfs: failed to resolve './file1/file0': -2
[  209.990519][T13158] hierarchical_memory_limit 314572800
[  209.990530][T13158] hierarchical_memsw_limit 9223372036854771712
[  209.998377][T13158] total_cache 305786880
[  209.998944][T13297] overlayfs: failed to resolve './file1/file0': -2
[  210.000189][T13158] total_rss 53248
[  210.000200][T13158] total_rss_huge 0
[  210.006126][T13158] total_shmem 305782784
[  210.008139][T13158] total_mapped_file 4096
[  210.009569][T13297] overlayfs: failed to resolve './file1/file0': -2
[  210.009660][T13158] total_dirty 0
[  210.009668][T13158] total_writeback 0
[  210.009672][T13158] total_workingset_refault_anon 1307
[  210.009677][T13158] total_workingset_refault_file 8
[  210.009682][T13158] total_swap 127995904
[  210.009686][T13158] total_swapcached 133361664
[  210.009691][T13158] total_pgpgin 234362
[  210.009696][T13158] total_pgpgout 160204
[  210.009700][T13158] total_pgfault 110820
[  210.009704][T13158] total_pgmajfault 180
[  210.009709][T13158] total_inactive_anon 227786752
[  210.009713][T13158] total_active_anon 78049280
[  210.009718][T13158] total_inactive_file 4096
[  210.032989][T13158] total_active_file 0
[  210.033867][T13297] overlayfs: failed to resolve './file1/file0': -2
[  210.034325][T13302] 9pnet_virtio: no channels available for device syz
[  210.034537][T13158] total_unevictable 0
[  210.034544][T13158] anon_cost 0
[  210.034548][T13158] file_cost 0
[  210.034553][T13158] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13151,uid=0
[  210.037056][T13158] Memory cgroup out of memory: Killed process 13151 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:36800kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000
[  210.059888][T13297] overlayfs: failed to resolve './file1/file0': -2
[  210.061373][T13170] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  210.066115][T13170] CPU: 0 UID: 0 PID: 13170 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  210.066134][T13170] Tainted: [L]=SOFTLOCKUP
[  210.066137][T13170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  210.066144][T13170] Call Trace:
[  210.066148][T13170]  <TASK>
[  210.066153][T13170]  dump_stack_lvl+0x100/0x190
[  210.066171][T13170]  dump_header+0xfb/0x606
[  210.066183][T13170]  oom_kill_process.cold+0xd/0x330
[  210.066196][T13170]  out_of_memory+0x340/0x14f0
[  210.066215][T13170]  ? __pfx_out_of_memory+0x10/0x10
[  210.066235][T13170]  mem_cgroup_out_of_memory+0xc6/0x130
[  210.066251][T13170]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  210.066265][T13170]  ? find_held_lock+0x2b/0x80
[  210.066283][T13170]  ? do_raw_spin_unlock+0x145/0x1e0
[  210.066299][T13170]  ? _raw_spin_unlock+0x28/0x50
[  210.066316][T13170]  try_charge_memcg+0x6e5/0xdf0
[  210.066331][T13170]  ? __pfx_try_charge_memcg+0x10/0x10
[  210.066342][T13170]  ? find_held_lock+0x2b/0x80
[  210.066351][T13170]  ? rcu_read_unlock+0x17/0x60
[  210.066363][T13170]  ? rcu_read_unlock+0x17/0x60
[  210.066375][T13170]  ? find_held_lock+0x2b/0x80
[  210.066385][T13170]  ? rcu_read_unlock+0x17/0x60
[  210.066400][T13170]  charge_memcg+0x19f/0x210
[  210.066412][T13170]  __mem_cgroup_charge+0x2b/0x1c0
[  210.066426][T13170]  shmem_alloc_and_add_folio+0x451/0xd40
[  210.066447][T13170]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  210.066464][T13170]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  210.066484][T13170]  shmem_get_folio_gfp+0x6ab/0x1900
[  210.066503][T13170]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  210.066524][T13170]  shmem_write_begin+0x1a4/0x420
[  210.066542][T13170]  ? __pfx_shmem_write_begin+0x10/0x10
[  210.066559][T13170]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  210.066572][T13170]  ? lockdep_hardirqs_on+0x78/0x100
[  210.066587][T13170]  generic_perform_write+0x292/0xa40
[  210.066606][T13170]  ? __pfx_generic_perform_write+0x10/0x10
[  210.066623][T13170]  ? file_update_time_flags+0x373/0x500
[  210.066642][T13170]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  210.066653][T13170]  shmem_file_write_iter+0x10e/0x140
[  210.066666][T13170]  __kernel_write_iter+0x2ac/0x920
[  210.066678][T13297] overlayfs: failed to resolve './file1/file0': -2
[  210.066679][T13170]  ? __pfx___kernel_write_iter+0x10/0x10
[  210.066692][T13170]  ? cgroup1_freezing+0x12c/0x3b0
[  210.066707][T13170]  ? cgroup1_freezing+0x136/0x3b0
[  210.066719][T13170]  ? freezing_slow_path+0xb5/0x1a0
[  210.066731][T13170]  dump_user_range+0x3f9/0xad0
[  210.066744][T13170]  ? __pfx_dump_user_range+0x10/0x10
[  210.066761][T13170]  ? __pfx_writenote+0x10/0x10
[  210.066775][T13170]  elf_core_dump+0x2d5f/0x3d10
[  210.066795][T13170]  ? __pfx_elf_core_dump+0x10/0x10
[  210.066806][T13170]  ? kasan_save_stack+0x3f/0x50
[  210.066815][T13170]  ? kasan_save_stack+0x30/0x50
[  210.066824][T13170]  ? __kasan_kmalloc+0xaa/0xb0
[  210.066840][T13170]  ? __kvmalloc_node_noprof+0x360/0xa00
[  210.066939][T13170]  ? vfs_coredump+0x22db/0x5770
[  210.066956][T13170]  ? asm_exc_page_fault+0x26/0x30
[  210.066968][T13170]  ? 0xffffffffff600000
[  210.067000][T13170]  ? vfs_coredump+0x29a0/0x5770
[  210.067008][T13170]  vfs_coredump+0x29a0/0x5770
[  210.067025][T13170]  ? __pfx_vfs_coredump+0x10/0x10
[  210.067041][T13170]  ? __lock_acquire+0x4a5/0x2630
[  210.067071][T13170]  ? lock_acquire+0x1b1/0x370
[  210.067111][T13170]  ? is_bpf_text_address+0x8a/0x1a0
[  210.067131][T13170]  ? bpf_ksym_find+0x128/0x1c0
[  210.067158][T13170]  ? __kernel_text_address+0xd/0x30
[  210.067178][T13170]  ? unwind_get_return_address+0x59/0xa0
[  210.067195][T13170]  ? arch_stack_walk+0xa6/0xf0
[  210.067215][T13170]  ? __sigqueue_free+0xbe/0x2a0
[  210.067228][T13170]  ? stack_trace_save+0x8e/0xc0
[  210.067240][T13170]  ? __pfx_stack_trace_save+0x10/0x10
[  210.067251][T13170]  ? stack_depot_save_flags+0x27/0x9d0
[  210.067263][T13170]  ? __lock_acquire+0x4a5/0x2630
[  210.067299][T13170]  ? proc_coredump_connector+0x2d3/0x4f0
[  210.067315][T13170]  ? __pfx_proc_coredump_connector+0x10/0x10
[  210.067332][T13170]  ? rcu_is_watching+0x12/0xc0
[  210.067352][T13170]  get_signal+0x1f2a/0x21e0
[  210.067374][T13170]  ? __pfx_get_signal+0x10/0x10
[  210.067389][T13170]  ? __pfx_force_sig_fault+0x10/0x10
[  210.067407][T13170]  arch_do_signal_or_restart+0x91/0x7e0
[  210.067427][T13170]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  210.067450][T13170]  ? rcu_is_watching+0x12/0xc0
[  210.067467][T13170]  irqentry_exit+0x410/0x7e0
[  210.067485][T13170]  asm_exc_page_fault+0x26/0x30
[  210.067496][T13170] RIP: 0033:0x7f2b4d39ce59
[  210.067512][T13170] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  210.067517][T13170] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  210.067526][T13170] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  210.067532][T13170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  210.067538][T13170] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  210.067544][T13170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.067551][T13170] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  210.067565][T13170]  </TASK>
[  210.067603][T13170] memory: usage 307200kB, limit 307200kB, failcnt 20350
[  210.156706][T13304] 9pnet_virtio: no channels available for device syz
[  210.160026][T13297] overlayfs: failed to resolve './file1/file0': -2
[  210.160682][T13170] memory+swap: usage 416572kB, limit 9007199254740988kB, failcnt 0
[  210.160700][T13170] kmem: usage 8492kB, limit 9007199254740988kB, failcnt 0
[  210.160711][T13170] Memory cgroup stats for /syz1:
[  210.161016][T13170] cache 296353792
[  210.161025][T13170] rss 53248
[  210.161032][T13170] rss_huge 0
[  210.161039][T13170] shmem 296349696
[  210.161046][T13170] mapped_file 4096
[  210.161052][T13170] dirty 0
[  210.161059][T13170] writeback 0
[  210.161066][T13170] workingset_refault_anon 1307
[  210.161073][T13170] workingset_refault_file 8
[  210.161081][T13170] swap 121450496
[  210.161088][T13170] swapcached 133361664
[  210.161095][T13170] pgpgin 234365
[  210.161102][T13170] pgpgout 162510
[  210.161108][T13170] pgfault 110810
[  210.161115][T13170] pgmajfault 180
[  210.161122][T13170] inactive_anon 218787840
[  210.161130][T13170] active_anon 77615104
[  210.161137][T13170] inactive_file 4096
[  210.161143][T13170] active_file 0
[  210.161150][T13170] unevictable 0
[  210.161156][T13170] hierarchical_memory_limit 314572800
[  210.161164][T13170] hierarchical_memsw_limit 9223372036854771712
[  210.161172][T13170] total_cache 296353792
[  210.161179][T13170] total_rss 53248
[  210.161186][T13170] total_rss_huge 0
[  210.161193][T13170] total_shmem 296349696
[  210.161199][T13170] total_mapped_file 4096
[  210.161206][T13170] total_dirty 0
[  210.161213][T13170] total_writeback 0
[  210.161220][T13170] total_workingset_refault_anon 1307
[  210.161228][T13170] total_workingset_refault_file 8
[  210.161235][T13170] total_swap 121450496
[  210.161242][T13170] total_swapcached 133361664
[  210.161249][T13170] total_pgpgin 234367
[  210.161257][T13170] total_pgpgout 162512
[  210.161263][T13170] total_pgfault 110820
[  210.161270][T13170] total_pgmajfault 180
[  210.161284][T13170] total_inactive_anon 218787840
[  210.161292][T13170] total_active_anon 77615104
[  210.161303][T13170] total_inactive_file 4096
[  210.161310][T13170] total_active_file 0
[  210.328839][T13170] total_unevictable 0
[  210.330288][T13170] anon_cost 0
[  210.331647][T13170] file_cost 0
[  210.332883][T13170] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13147,uid=0
[  210.338361][T13170] Memory cgroup out of memory: Killed process 13147 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:31040kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  210.342199][T13306] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17 sclass=netlink_tcpdiag_socket pid=13306 comm=syz.5.2184
[  210.484172][T13315] loop9: detected capacity change from 0 to 7
[  210.659724][T13147] syz.1.2150 (13147) used greatest stack depth: 18856 bytes left
[  210.846178][T13315] Dev loop9: unable to read RDB block 7
[  210.851405][    C1] invalid error, dev loop9, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  210.852540][T13315]  loop9: unable to read partition table
[  210.855252][    C1] Buffer I/O error on dev loop9, logical block 0, lost async page write
[  210.857685][T13315] loop9: partition table beyond EOD, truncated
[  210.863681][T13315] loop_reread_partitions: partition scan of loop9 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  210.905569][T13150] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  210.909483][T13150] CPU: 0 UID: 0 PID: 13150 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  210.909520][T13150] Tainted: [L]=SOFTLOCKUP
[  210.909525][T13150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  210.909532][T13150] Call Trace:
[  210.909538][T13150]  <TASK>
[  210.909543][T13150]  dump_stack_lvl+0x100/0x190
[  210.909563][T13150]  dump_header+0xfb/0x606
[  210.909576][T13150]  oom_kill_process.cold+0xd/0x330
[  210.909591][T13150]  out_of_memory+0x340/0x14f0
[  210.909611][T13150]  ? __pfx_out_of_memory+0x10/0x10
[  210.909632][T13150]  mem_cgroup_out_of_memory+0xc6/0x130
[  210.909650][T13150]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  210.909665][T13150]  ? find_held_lock+0x2b/0x80
[  210.909679][T13150]  ? do_raw_spin_unlock+0x145/0x1e0
[  210.909696][T13150]  ? _raw_spin_unlock+0x28/0x50
[  210.909712][T13150]  try_charge_memcg+0x6e5/0xdf0
[  210.909728][T13150]  ? __pfx_try_charge_memcg+0x10/0x10
[  210.909740][T13150]  ? find_held_lock+0x2b/0x80
[  210.909750][T13150]  ? rcu_read_unlock+0x17/0x60
[  210.909762][T13150]  ? rcu_read_unlock+0x17/0x60
[  210.909775][T13150]  ? find_held_lock+0x2b/0x80
[  210.909786][T13150]  ? rcu_read_unlock+0x17/0x60
[  210.909802][T13150]  charge_memcg+0x19f/0x210
[  210.909815][T13150]  __mem_cgroup_charge+0x2b/0x1c0
[  210.909830][T13150]  shmem_alloc_and_add_folio+0x451/0xd40
[  210.909851][T13150]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  210.909870][T13150]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  210.909891][T13150]  shmem_get_folio_gfp+0x6ab/0x1900
[  210.909912][T13150]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  210.909931][T13150]  ? timestamp_truncate+0x22e/0x2f0
[  210.909949][T13150]  shmem_write_begin+0x1a4/0x420
[  210.909968][T13150]  ? __pfx_shmem_write_begin+0x10/0x10
[  210.909985][T13150]  ? rcu_is_watching+0x12/0xc0
[  210.910003][T13150]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  210.910019][T13150]  generic_perform_write+0x292/0xa40
[  210.910039][T13150]  ? __pfx_generic_perform_write+0x10/0x10
[  210.910054][T13150]  ? __mark_inode_dirty+0x55c/0x1720
[  210.910067][T13150]  ? mnt_put_write_access_file+0x4e/0x100
[  210.910082][T13150]  ? file_update_time_flags+0x373/0x500
[  210.910101][T13150]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  210.910113][T13150]  shmem_file_write_iter+0x10e/0x140
[  210.910127][T13150]  __kernel_write_iter+0x2ac/0x920
[  210.910140][T13150]  ? __pfx___kernel_write_iter+0x10/0x10
[  210.910152][T13150]  ? cgroup1_freezing+0x12c/0x3b0
[  210.910166][T13150]  ? cgroup1_freezing+0x136/0x3b0
[  210.910177][T13150]  ? freezing_slow_path+0xb5/0x1a0
[  210.910190][T13150]  dump_user_range+0x3f9/0xad0
[  210.910204][T13150]  ? __pfx_dump_user_range+0x10/0x10
[  210.910219][T13150]  ? __pfx_writenote+0x10/0x10
[  210.910234][T13150]  elf_core_dump+0x2d5f/0x3d10
[  210.910254][T13150]  ? __pfx_elf_core_dump+0x10/0x10
[  210.910266][T13150]  ? kasan_save_stack+0x3f/0x50
[  210.910275][T13150]  ? kasan_save_stack+0x30/0x50
[  210.910284][T13150]  ? __kasan_kmalloc+0xaa/0xb0
[  210.910300][T13150]  ? __kvmalloc_node_noprof+0x360/0xa00
[  210.910317][T13150]  ? vfs_coredump+0x22db/0x5770
[  210.910327][T13150]  ? asm_exc_page_fault+0x26/0x30
[  210.910340][T13150]  ? 0xffffffffff600000
[  210.910371][T13150]  ? vfs_coredump+0x29a0/0x5770
[  210.910381][T13150]  vfs_coredump+0x29a0/0x5770
[  210.910397][T13150]  ? __pfx_vfs_coredump+0x10/0x10
[  210.910408][T13150]  ? __lock_acquire+0x4a5/0x2630
[  210.910428][T13150]  ? lock_acquire+0x1b1/0x370
[  210.910456][T13150]  ? is_bpf_text_address+0x8a/0x1a0
[  210.910471][T13150]  ? bpf_ksym_find+0x128/0x1c0
[  210.910491][T13150]  ? __kernel_text_address+0xd/0x30
[  210.910507][T13150]  ? unwind_get_return_address+0x59/0xa0
[  210.910524][T13150]  ? arch_stack_walk+0xa6/0xf0
[  210.910545][T13150]  ? __sigqueue_free+0xbe/0x2a0
[  210.910557][T13150]  ? stack_trace_save+0x8e/0xc0
[  210.910569][T13150]  ? __pfx_stack_trace_save+0x10/0x10
[  210.910580][T13150]  ? stack_depot_save_flags+0x27/0x9d0
[  210.910593][T13150]  ? __lock_acquire+0x4a5/0x2630
[  210.910633][T13150]  ? proc_coredump_connector+0x2d3/0x4f0
[  210.910656][T13150]  ? __pfx_proc_coredump_connector+0x10/0x10
[  210.910682][T13150]  ? rcu_is_watching+0x12/0xc0
[  210.910711][T13150]  get_signal+0x1f2a/0x21e0
[  210.910740][T13150]  ? __pfx_get_signal+0x10/0x10
[  210.910761][T13150]  ? __pfx_force_sig_fault+0x10/0x10
[  210.910792][T13150]  arch_do_signal_or_restart+0x91/0x7e0
[  210.910819][T13150]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  210.910852][T13150]  ? rcu_is_watching+0x12/0xc0
[  210.910880][T13150]  irqentry_exit+0x410/0x7e0
[  210.910906][T13150]  asm_exc_page_fault+0x26/0x30
[  210.910921][T13150] RIP: 0033:0x7f2b4d39ce59
[  210.910943][T13150] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  210.910950][T13150] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  210.910965][T13150] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  210.910975][T13150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  210.910984][T13150] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  210.910994][T13150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.911003][T13150] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  210.911025][T13150]  </TASK>
[  210.911032][T13150] memory: usage 307196kB, limit 307200kB, failcnt 23566
[  210.928634][T13324] netlink: 'syz.5.2188': attribute type 4 has an invalid length.
[  210.935004][T13150] memory+swap: usage 432156kB, limit 9007199254740988kB, failcnt 0
[  211.043771][ T5738] Bluetooth: hci2: command 0x0406 tx timeout
[  211.050280][T13150] kmem: usage 8420kB, limit 9007199254740988kB, failcnt 0
[  211.111900][T13150] Memory cgroup stats for /syz1:
[  211.112013][T13150] cache 305872896
[  211.116442][T13150] rss 77824
[  211.119814][T13150] rss_huge 0
[  211.121388][T13150] shmem 305872896
[  211.123926][T13150] mapped_file 0
[  211.125098][T13150] dirty 0
[  211.126254][T13150] writeback 0
[  211.127423][T13150] workingset_refault_anon 1307
[  211.129350][T13150] workingset_refault_file 49
[  211.131385][T13150] swap 127995904
[  211.132815][T13150] swapcached 156069888
[  211.134430][T13150] pgpgin 251382
[  211.138043][T13150] pgpgout 177198
[  211.139604][T13150] pgfault 111880
[  211.141867][T13150] pgmajfault 183
[  211.143324][T13150] inactive_anon 152416256
[  211.145296][T13150] active_anon 153276416
[  211.146881][T13150] inactive_file 0
[  211.148543][T13150] active_file 0
[  211.150047][T13150] unevictable 0
[  211.151588][T13150] hierarchical_memory_limit 314572800
[  211.154044][T13150] hierarchical_memsw_limit 9223372036854771712
[  211.156810][T13150] total_cache 305872896
[  211.161406][T13150] total_rss 77824
[  211.163037][T13150] total_rss_huge 0
[  211.164941][T13150] total_shmem 305872896
[  211.166726][T13150] total_mapped_file 0
[  211.168496][T13150] total_dirty 0
[  211.169985][T13150] total_writeback 0
[  211.171605][T13150] total_workingset_refault_anon 1307
[  211.173977][T13150] total_workingset_refault_file 49
[  211.176198][T13150] total_swap 127995904
[  211.178078][T13150] total_swapcached 156069888
[  211.180091][T13150] total_pgpgin 251384
[  211.181875][T13150] total_pgpgout 177200
[  211.183733][T13150] total_pgfault 111890
[  211.185575][T13150] total_pgmajfault 183
[  211.187369][T13150] total_inactive_anon 152416256
[  211.189501][T13150] total_active_anon 153276416
[  211.191645][T13150] total_inactive_file 0
[  211.193542][T13150] total_active_file 0
[  211.195395][T13150] total_unevictable 0
[  211.197169][T13150] anon_cost 0
[  211.198694][T13150] file_cost 0
[  211.200116][T13150] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13158,uid=0
[  211.206543][T13150] Memory cgroup out of memory: Killed process 13158 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:35328kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000
[  211.336459][T13166] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  211.341442][T13166] CPU: 2 UID: 0 PID: 13166 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  211.341475][T13166] Tainted: [L]=SOFTLOCKUP
[  211.341489][T13166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  211.341501][T13166] Call Trace:
[  211.341508][T13166]  <TASK>
[  211.341516][T13166]  dump_stack_lvl+0x100/0x190
[  211.341547][T13166]  dump_header+0xfb/0x606
[  211.341569][T13166]  oom_kill_process.cold+0xd/0x330
[  211.341593][T13166]  out_of_memory+0x340/0x14f0
[  211.341629][T13166]  ? __pfx_out_of_memory+0x10/0x10
[  211.341664][T13166]  mem_cgroup_out_of_memory+0xc6/0x130
[  211.341693][T13166]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  211.341718][T13166]  ? find_held_lock+0x2b/0x80
[  211.341741][T13166]  ? do_raw_spin_unlock+0x145/0x1e0
[  211.341765][T13166]  ? _raw_spin_unlock+0x28/0x50
[  211.341791][T13166]  try_charge_memcg+0x6e5/0xdf0
[  211.341814][T13166]  ? __pfx_try_charge_memcg+0x10/0x10
[  211.341832][T13166]  ? find_held_lock+0x2b/0x80
[  211.341849][T13166]  ? rcu_read_unlock+0x17/0x60
[  211.341870][T13166]  ? rcu_read_unlock+0x17/0x60
[  211.341891][T13166]  ? find_held_lock+0x2b/0x80
[  211.341910][T13166]  ? rcu_read_unlock+0x17/0x60
[  211.341937][T13166]  charge_memcg+0x19f/0x210
[  211.341959][T13166]  __mem_cgroup_charge+0x2b/0x1c0
[  211.341985][T13166]  shmem_alloc_and_add_folio+0x451/0xd40
[  211.342022][T13166]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  211.342052][T13166]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  211.342088][T13166]  shmem_get_folio_gfp+0x6ab/0x1900
[  211.342125][T13166]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  211.342153][T13166]  ? ktime_expiry_to_cycles+0xc0/0x2c0
[  211.342176][T13166]  ? ktime_expiry_to_cycles+0x3c/0x2c0
[  211.342204][T13166]  shmem_write_begin+0x1a4/0x420
[  211.342236][T13166]  ? __pfx_shmem_write_begin+0x10/0x10
[  211.342265][T13166]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  211.342287][T13166]  ? lockdep_hardirqs_on+0x78/0x100
[  211.342315][T13166]  generic_perform_write+0x292/0xa40
[  211.342349][T13166]  ? __pfx_generic_perform_write+0x10/0x10
[  211.342378][T13166]  ? file_update_time_flags+0x373/0x500
[  211.342416][T13166]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  211.342436][T13166]  shmem_file_write_iter+0x10e/0x140
[  211.342460][T13166]  __kernel_write_iter+0x2ac/0x920
[  211.342484][T13166]  ? __pfx___kernel_write_iter+0x10/0x10
[  211.342511][T13166]  ? cgroup1_freezing+0x136/0x3b0
[  211.342531][T13166]  ? freezing_slow_path+0xb5/0x1a0
[  211.342553][T13166]  dump_user_range+0x3f9/0xad0
[  211.342577][T13166]  ? __pfx_dump_user_range+0x10/0x10
[  211.342603][T13166]  ? __pfx_writenote+0x10/0x10
[  211.342630][T13166]  elf_core_dump+0x2d5f/0x3d10
[  211.342663][T13166]  ? __pfx_elf_core_dump+0x10/0x10
[  211.342680][T13166]  ? kasan_save_stack+0x3f/0x50
[  211.342698][T13166]  ? kasan_save_stack+0x30/0x50
[  211.342712][T13166]  ? __kasan_kmalloc+0xaa/0xb0
[  211.342738][T13166]  ? __kvmalloc_node_noprof+0x360/0xa00
[  211.342765][T13166]  ? vfs_coredump+0x22db/0x5770
[  211.342783][T13166]  ? asm_exc_page_fault+0x26/0x30
[  211.342804][T13166]  ? 0xffffffffff600000
[  211.342863][T13166]  ? vfs_coredump+0x29a0/0x5770
[  211.342879][T13166]  vfs_coredump+0x29a0/0x5770
[  211.342906][T13166]  ? __pfx_vfs_coredump+0x10/0x10
[  211.342925][T13166]  ? __lock_acquire+0x4a5/0x2630
[  211.342959][T13166]  ? lock_acquire+0x1b1/0x370
[  211.342993][T13166]  ? is_bpf_text_address+0x8a/0x1a0
[  211.343019][T13166]  ? bpf_ksym_find+0x128/0x1c0
[  211.343051][T13166]  ? __kernel_text_address+0xd/0x30
[  211.343077][T13166]  ? unwind_get_return_address+0x59/0xa0
[  211.343106][T13166]  ? arch_stack_walk+0xa6/0xf0
[  211.343139][T13166]  ? __sigqueue_free+0xbe/0x2a0
[  211.343159][T13166]  ? stack_trace_save+0x8e/0xc0
[  211.343177][T13166]  ? __pfx_stack_trace_save+0x10/0x10
[  211.343196][T13166]  ? stack_depot_save_flags+0x27/0x9d0
[  211.343215][T13166]  ? __lock_acquire+0x4a5/0x2630
[  211.343283][T13166]  ? proc_coredump_connector+0x2d3/0x4f0
[  211.343309][T13166]  ? __pfx_proc_coredump_connector+0x10/0x10
[  211.343339][T13166]  ? rcu_is_watching+0x12/0xc0
[  211.343373][T13166]  get_signal+0x1f2a/0x21e0
[  211.343417][T13166]  ? __pfx_get_signal+0x10/0x10
[  211.343444][T13166]  ? __pfx_force_sig_fault+0x10/0x10
[  211.343477][T13166]  arch_do_signal_or_restart+0x91/0x7e0
[  211.343507][T13166]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  211.343546][T13166]  ? rcu_is_watching+0x12/0xc0
[  211.343576][T13166]  irqentry_exit+0x410/0x7e0
[  211.343604][T13166]  asm_exc_page_fault+0x26/0x30
[  211.343646][T13166] RIP: 0033:0x7f2b4d39ce59
[  211.343669][T13166] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  211.343677][T13166] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  211.343694][T13166] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  211.343705][T13166] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  211.343714][T13166] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  211.343725][T13166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.343734][T13166] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  211.343760][T13166]  </TASK>
[  211.514876][T13158] syz.1.2150 (13158) used greatest stack depth: 18800 bytes left
[  211.630714][T13343] i2c i2c-1: Frontend requested software zigzag, but didn't set the frequency step size
[  211.750195][T13348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13348 comm=syz.4.2194
[  211.781259][T13166] memory: usage 307200kB, limit 307200kB, failcnt 25017
[  211.793310][T13166] memory+swap: usage 432184kB, limit 9007199254740988kB, failcnt 0
[  211.800843][T13166] kmem: usage 8264kB, limit 9007199254740988kB, failcnt 0
[  211.811226][T13166] Memory cgroup stats for /syz1:
[  211.811437][T13166] cache 306016256
[  211.859233][T13166] rss 24576
[  211.861026][T13166] rss_huge 0
[  211.862422][T13166] shmem 306016256
[  211.863558][T13166] mapped_file 0
[  211.865278][T13166] dirty 0
[  211.867116][T13166] writeback 0
[  211.868339][T13166] workingset_refault_anon 1309
[  211.869909][T13166] workingset_refault_file 51
[  211.871336][T13166] swap 127983616
[  211.875882][T13166] swapcached 161996800
[  211.877189][T13166] pgpgin 260246
[  211.878397][T13166] pgpgout 186039
[  211.879638][T13166] pgfault 112438
[  211.880865][T13166] pgmajfault 184
[  211.882031][T13166] inactive_anon 132423680
[  211.883435][T13166] active_anon 173617152
[  211.884842][T13352] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  211.888532][T13166] inactive_file 0
[  211.889794][T13166] active_file 0
[  211.890969][T13166] unevictable 0
[  211.892079][T13166] hierarchical_memory_limit 314572800
[  211.895276][T13166] hierarchical_memsw_limit 9223372036854771712
[  211.897343][T13166] total_cache 306016256
[  211.898669][T13166] total_rss 24576
[  211.899857][T13166] total_rss_huge 0
[  211.901082][T13356] Cannot find set identified by id 2 to match
[  211.901099][T13166] total_shmem 306016256
[  211.905491][T13166] total_mapped_file 0
[  211.906814][T13166] total_dirty 0
[  211.908047][T13166] total_writeback 0
[  211.909302][T13166] total_workingset_refault_anon 1309
[  211.910977][T13166] total_workingset_refault_file 51
[  211.912563][T13166] total_swap 127983616
[  211.913972][T13166] total_swapcached 161996800
[  211.915648][T13166] total_pgpgin 260248
[  211.917379][T13166] total_pgpgout 186041
[  211.919124][T13166] total_pgfault 112448
[  211.920974][T13166] total_pgmajfault 184
[  211.922986][T13166] total_inactive_anon 132423680
[  211.925956][T13166] total_active_anon 173617152
[  211.928911][T13166] total_inactive_file 0
[  211.930902][T13166] total_active_file 0
[  211.932646][T13166] total_unevictable 0
[  211.934973][T13166] anon_cost 0
[  211.936524][T13166] file_cost 0
[  211.938185][T13166] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13163,uid=0
[  211.953205][T13166] Memory cgroup out of memory: Killed process 13163 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:32704kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[  211.961874][T13170] syz.1.2150 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=1000
[  211.968644][T13170] CPU: 0 UID: 0 PID: 13170 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  211.968665][T13170] Tainted: [L]=SOFTLOCKUP
[  211.968669][T13170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  211.968676][T13170] Call Trace:
[  211.968680][T13170]  <TASK>
[  211.968685][T13170]  dump_stack_lvl+0x100/0x190
[  211.968710][T13170]  dump_header+0xfb/0x606
[  211.968723][T13170]  oom_kill_process.cold+0xd/0x330
[  211.968736][T13170]  out_of_memory+0x340/0x14f0
[  211.968755][T13170]  ? __pfx_out_of_memory+0x10/0x10
[  211.968774][T13170]  mem_cgroup_out_of_memory+0xc6/0x130
[  211.968795][T13170]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  211.968815][T13170]  ? find_held_lock+0x2b/0x80
[  211.968836][T13170]  ? do_raw_spin_unlock+0x145/0x1e0
[  211.968860][T13170]  ? _raw_spin_unlock+0x28/0x50
[  211.968964][T13170]  try_charge_memcg+0x6e5/0xdf0
[  211.968985][T13170]  ? __pfx_try_charge_memcg+0x10/0x10
[  211.969000][T13170]  ? find_held_lock+0x2b/0x80
[  211.969015][T13170]  ? rcu_read_unlock+0x17/0x60
[  211.969033][T13170]  ? rcu_read_unlock+0x17/0x60
[  211.969058][T13170]  obj_cgroup_charge_pages+0x22/0x1d0
[  211.969079][T13170]  __memcg_kmem_charge_page+0x1c1/0x4d0
[  211.969098][T13170]  __alloc_frozen_pages_noprof+0x328/0x2bc0
[  211.969126][T13170]  ? do_raw_spin_lock+0x128/0x260
[  211.969149][T13170]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  211.969173][T13170]  ? find_held_lock+0x2b/0x80
[  211.969185][T13170]  ? __dquot_alloc_space+0x937/0xe00
[  211.969204][T13170]  ? __dquot_alloc_space+0x937/0xe00
[  211.969229][T13170]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  211.969254][T13170]  ? __lock_acquire+0x4a5/0x2630
[  211.969289][T13170]  ? do_raw_spin_lock+0x128/0x260
[  211.969323][T13170]  ? lock_acquire+0x1b1/0x370
[  211.969343][T13170]  ? find_held_lock+0x2b/0x80
[  211.969358][T13170]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  211.969382][T13170]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  211.969404][T13170]  ? policy_nodemask+0xed/0x4f0
[  211.969424][T13170]  alloc_pages_mpol+0x1fb/0x540
[  211.969443][T13170]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  211.969460][T13170]  ? __thp_vma_allowable_orders+0x1d9/0xe90
[  211.969483][T13170]  alloc_pages_noprof+0x1a/0x160
[  211.969503][T13170]  pte_alloc_one+0x1c/0x3d0
[  211.969519][T13170]  do_fault+0x86c/0x1750
[  211.969542][T13170]  __handle_mm_fault+0x187d/0x2a00
[  211.969569][T13170]  ? mt_find+0x45e/0x8e0
[  211.969589][T13170]  ? __pfx___handle_mm_fault+0x10/0x10
[  211.969609][T13170]  ? __pfx_mt_find+0x10/0x10
[  211.969651][T13170]  handle_mm_fault+0x36d/0xa20
[  211.969678][T13170]  __get_user_pages+0x1178/0x32a0
[  211.969703][T13170]  ? __pfx___get_user_pages+0x10/0x10
[  211.969727][T13170]  get_dump_page+0x27e/0x3d0
[  211.969746][T13170]  ? __pfx_get_dump_page+0x10/0x10
[  211.969765][T13170]  ? cgroup1_freezing+0x136/0x3b0
[  211.969783][T13170]  ? freezing_slow_path+0xb5/0x1a0
[  211.969801][T13170]  dump_user_range+0x18d/0xad0
[  211.969819][T13170]  ? __pfx_dump_user_range+0x10/0x10
[  211.969842][T13170]  ? __pfx_writenote+0x10/0x10
[  211.969864][T13170]  elf_core_dump+0x2d5f/0x3d10
[  211.969894][T13170]  ? __pfx_elf_core_dump+0x10/0x10
[  211.969907][T13170]  ? kasan_save_stack+0x3f/0x50
[  211.969921][T13170]  ? kasan_save_stack+0x30/0x50
[  211.969934][T13170]  ? __kasan_kmalloc+0xaa/0xb0
[  211.969957][T13170]  ? __kvmalloc_node_noprof+0x360/0xa00
[  211.969981][T13170]  ? vfs_coredump+0x22db/0x5770
[  211.969995][T13170]  ? asm_exc_page_fault+0x26/0x30
[  211.970011][T13170]  ? 0xffffffffff600000
[  211.970061][T13170]  ? vfs_coredump+0x29a0/0x5770
[  211.970075][T13170]  vfs_coredump+0x29a0/0x5770
[  211.970099][T13170]  ? __pfx_vfs_coredump+0x10/0x10
[  211.970115][T13170]  ? __lock_acquire+0x4a5/0x2630
[  211.970140][T13170]  ? lock_acquire+0x1b1/0x370
[  211.970170][T13170]  ? is_bpf_text_address+0x8a/0x1a0
[  211.970191][T13170]  ? bpf_ksym_find+0x128/0x1c0
[  211.970220][T13170]  ? __kernel_text_address+0xd/0x30
[  211.970237][T13170]  ? unwind_get_return_address+0x59/0xa0
[  211.970262][T13170]  ? arch_stack_walk+0xa6/0xf0
[  211.970293][T13170]  ? __sigqueue_free+0xbe/0x2a0
[  211.970316][T13170]  ? stack_trace_save+0x8e/0xc0
[  211.970328][T13170]  ? __pfx_stack_trace_save+0x10/0x10
[  211.970346][T13170]  ? stack_depot_save_flags+0x27/0x9d0
[  211.970383][T13170]  ? __lock_acquire+0x4a5/0x2630
[  211.970453][T13170]  ? proc_coredump_connector+0x2d3/0x4f0
[  211.970490][T13170]  ? __pfx_proc_coredump_connector+0x10/0x10
[  211.970516][T13170]  ? rcu_is_watching+0x12/0xc0
[  211.970545][T13170]  get_signal+0x1f2a/0x21e0
[  211.970576][T13170]  ? __pfx_get_signal+0x10/0x10
[  211.970599][T13170]  ? __pfx_force_sig_fault+0x10/0x10
[  211.970629][T13170]  arch_do_signal_or_restart+0x91/0x7e0
[  211.970658][T13170]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  211.970688][T13170]  ? rcu_is_watching+0x12/0xc0
[  211.970716][T13170]  irqentry_exit+0x410/0x7e0
[  211.970742][T13170]  asm_exc_page_fault+0x26/0x30
[  211.970758][T13170] RIP: 0033:0x7f2b4d39ce59
[  211.970777][T13170] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  211.970782][T13170] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  211.970796][T13170] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  211.970807][T13170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  211.970816][T13170] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  211.970825][T13170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.970834][T13170] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  211.970857][T13170]  </TASK>
[  211.970906][T13170] memory: usage 307200kB, limit 307200kB, failcnt 25221
[  212.177984][T13170] memory+swap: usage 399528kB, limit 9007199254740988kB, failcnt 0
[  212.181446][T13170] kmem: usage 8080kB, limit 9007199254740988kB, failcnt 0
[  212.184983][T13170] Memory cgroup stats for /syz1:
[  212.185226][T13170] cache 284913664
[  212.188748][T13170] rss 32768
[  212.190009][T13170] rss_huge 0
[  212.191317][T13170] shmem 284913664
[  212.192964][T13170] mapped_file 0
[  212.194855][T13170] dirty 0
[  212.196645][T13170] writeback 0
[  212.198119][T13170] workingset_refault_anon 1310
[  212.200203][T13170] workingset_refault_file 51
[  212.202097][T13170] swap 115855360
[  212.213685][T13170] swapcached 161992704
[  212.215328][T13170] pgpgin 260298
[  212.216808][T13170] pgpgout 191242
[  212.218524][T13170] pgfault 112444
[  212.220114][T13170] pgmajfault 186
[  212.221752][T13170] inactive_anon 121475072
[  212.225315][T13170] active_anon 163471360
[  212.227090][T13170] inactive_file 0
[  212.228835][T13170] active_file 0
[  212.230348][T13170] unevictable 0
[  212.231910][T13170] hierarchical_memory_limit 314572800
[  212.237716][T13170] hierarchical_memsw_limit 9223372036854771712
[  212.240475][T13170] total_cache 284913664
[  212.242242][T13170] total_rss 32768
[  212.243883][T13170] total_rss_huge 0
[  212.245425][T13170] total_shmem 284913664
[  212.247144][T13170] total_mapped_file 0
[  212.248828][T13170] total_dirty 0
[  212.250342][T13170] total_writeback 0
[  212.252123][T13170] total_workingset_refault_anon 1310
[  212.256089][T13170] total_workingset_refault_file 51
[  212.258268][T13170] total_swap 115855360
[  212.260125][T13170] total_swapcached 161992704
[  212.262080][T13170] total_pgpgin 260300
[  212.263958][T13170] total_pgpgout 191244
[  212.265614][T13170] total_pgfault 112454
[  212.267327][T13170] total_pgmajfault 186
[  212.269014][T13170] total_inactive_anon 121475072
[  212.271174][T13170] total_active_anon 163471360
[  212.273126][T13170] total_inactive_file 0
[  212.274767][T13170] total_active_file 0
[  212.276056][T13170] total_unevictable 0
[  212.277388][T13170] anon_cost 0
[  212.278418][T13170] file_cost 0
[  212.279441][T13170] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13152,uid=0
[  212.286270][T13170] Memory cgroup out of memory: Killed process 13152 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:33600kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  212.493048][T13369] can0: slcan on ttynull.
[  212.628123][T13377] binder: 13376:13377 ioctl c0306201 0 returned -14
[  212.727882][T13159] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  212.745482][T13159] CPU: 1 UID: 0 PID: 13159 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  212.745516][T13159] Tainted: [L]=SOFTLOCKUP
[  212.745523][T13159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  212.745534][T13159] Call Trace:
[  212.745542][T13159]  <TASK>
[  212.745550][T13159]  dump_stack_lvl+0x100/0x190
[  212.745594][T13159]  dump_header+0xfb/0x606
[  212.745633][T13159]  oom_kill_process.cold+0xd/0x330
[  212.745656][T13159]  out_of_memory+0x340/0x14f0
[  212.745690][T13159]  ? __pfx_out_of_memory+0x10/0x10
[  212.745725][T13159]  mem_cgroup_out_of_memory+0xc6/0x130
[  212.745753][T13159]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  212.745777][T13159]  ? find_held_lock+0x2b/0x80
[  212.745801][T13159]  ? do_raw_spin_unlock+0x145/0x1e0
[  212.745829][T13159]  ? _raw_spin_unlock+0x28/0x50
[  212.745857][T13159]  try_charge_memcg+0x6e5/0xdf0
[  212.745884][T13159]  ? __pfx_try_charge_memcg+0x10/0x10
[  212.745904][T13159]  ? find_held_lock+0x2b/0x80
[  212.745922][T13159]  ? rcu_read_unlock+0x17/0x60
[  212.745943][T13159]  ? rcu_read_unlock+0x17/0x60
[  212.745965][T13159]  ? find_held_lock+0x2b/0x80
[  212.745985][T13159]  ? rcu_read_unlock+0x17/0x60
[  212.746012][T13159]  charge_memcg+0x19f/0x210
[  212.746034][T13159]  __mem_cgroup_charge+0x2b/0x1c0
[  212.746060][T13159]  shmem_alloc_and_add_folio+0x451/0xd40
[  212.746096][T13159]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  212.746127][T13159]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  212.746162][T13159]  shmem_get_folio_gfp+0x6ab/0x1900
[  212.746197][T13159]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  212.746233][T13159]  shmem_write_begin+0x1a4/0x420
[  212.746263][T13159]  ? __pfx_shmem_write_begin+0x10/0x10
[  212.746298][T13159]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  212.746326][T13159]  ? lockdep_hardirqs_on+0x78/0x100
[  212.746354][T13159]  generic_perform_write+0x292/0xa40
[  212.746390][T13159]  ? __pfx_generic_perform_write+0x10/0x10
[  212.746420][T13159]  ? file_update_time_flags+0x373/0x500
[  212.746452][T13159]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  212.746472][T13159]  shmem_file_write_iter+0x10e/0x140
[  212.746496][T13159]  __kernel_write_iter+0x2ac/0x920
[  212.746520][T13159]  ? __pfx___kernel_write_iter+0x10/0x10
[  212.746541][T13159]  ? cgroup1_freezing+0x12c/0x3b0
[  212.746565][T13159]  ? cgroup1_freezing+0x136/0x3b0
[  212.746587][T13159]  ? freezing_slow_path+0xb5/0x1a0
[  212.746608][T13159]  dump_user_range+0x3f9/0xad0
[  212.746633][T13159]  ? __pfx_dump_user_range+0x10/0x10
[  212.746661][T13159]  ? __pfx_writenote+0x10/0x10
[  212.746689][T13159]  elf_core_dump+0x2d5f/0x3d10
[  212.746723][T13159]  ? __pfx_elf_core_dump+0x10/0x10
[  212.746744][T13159]  ? kasan_save_stack+0x3f/0x50
[  212.746760][T13159]  ? kasan_save_stack+0x30/0x50
[  212.746776][T13159]  ? __kasan_kmalloc+0xaa/0xb0
[  212.746803][T13159]  ? __kvmalloc_node_noprof+0x360/0xa00
[  212.746830][T13159]  ? vfs_coredump+0x22db/0x5770
[  212.746849][T13159]  ? asm_exc_page_fault+0x26/0x30
[  212.746872][T13159]  ? 0xffffffffff600000
[  212.746930][T13159]  ? vfs_coredump+0x29a0/0x5770
[  212.746947][T13159]  vfs_coredump+0x29a0/0x5770
[  212.746976][T13159]  ? __pfx_vfs_coredump+0x10/0x10
[  212.746995][T13159]  ? __lock_acquire+0x4a5/0x2630
[  212.747031][T13159]  ? lock_acquire+0x1b1/0x370
[  212.747065][T13159]  ? is_bpf_text_address+0x8a/0x1a0
[  212.747092][T13159]  ? bpf_ksym_find+0x128/0x1c0
[  212.747125][T13159]  ? __kernel_text_address+0xd/0x30
[  212.747152][T13159]  ? unwind_get_return_address+0x59/0xa0
[  212.747180][T13159]  ? arch_stack_walk+0xa6/0xf0
[  212.747215][T13159]  ? __sigqueue_free+0xbe/0x2a0
[  212.747236][T13159]  ? stack_trace_save+0x8e/0xc0
[  212.747257][T13159]  ? __pfx_stack_trace_save+0x10/0x10
[  212.747277][T13159]  ? stack_depot_save_flags+0x27/0x9d0
[  212.747300][T13159]  ? __lock_acquire+0x4a5/0x2630
[  212.747371][T13159]  ? proc_coredump_connector+0x2d3/0x4f0
[  212.747398][T13159]  ? __pfx_proc_coredump_connector+0x10/0x10
[  212.747427][T13159]  ? rcu_is_watching+0x12/0xc0
[  212.747460][T13159]  get_signal+0x1f2a/0x21e0
[  212.747497][T13159]  ? __pfx_get_signal+0x10/0x10
[  212.747525][T13159]  ? __pfx_force_sig_fault+0x10/0x10
[  212.747557][T13159]  arch_do_signal_or_restart+0x91/0x7e0
[  212.747590][T13159]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  212.747629][T13159]  ? rcu_is_watching+0x12/0xc0
[  212.747661][T13159]  irqentry_exit+0x410/0x7e0
[  212.747689][T13159]  asm_exc_page_fault+0x26/0x30
[  212.747708][T13159] RIP: 0033:0x7f2b4d39ce59
[  212.747731][T13159] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  212.747740][T13159] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  212.747756][T13159] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  212.747767][T13159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  212.747779][T13159] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  212.747790][T13159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  212.747800][T13159] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  212.747826][T13159]  </TASK>
[  212.751566][T13159] memory: usage 307096kB, limit 307200kB, failcnt 29943
[  212.773231][   T40] kauditd_printk_skb: 116 callbacks suppressed
[  212.773249][   T40] audit: type=1400 audit(212.701:421604): avc:  denied  { write } for  pid=13381 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  212.773854][T13159] memory+swap: usage 432128kB, limit 9007199254740988kB, failcnt 0
[  212.776728][   T40] audit: type=1400 audit(212.711:421605): avc:  denied  { remove_name } for  pid=13381 comm="rm" name="resolv.conf.can0.link" dev="tmpfs" ino=7581 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  212.778490][T13159] kmem: usage 8316kB, limit 9007199254740988kB, failcnt 0
[  212.782213][   T40] audit: type=1400 audit(212.711:421606): avc:  denied  { unlink } for  pid=13381 comm="rm" name="resolv.conf.can0.link" dev="tmpfs" ino=7581 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  212.854201][   T40] audit: type=1400 audit(212.791:421607): avc:  denied  { write } for  pid=13384 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  212.855695][T13159] Memory cgroup stats for 
[  212.888763][   T40] audit: type=1400 audit(212.821:421608): avc:  denied  { mounton } for  pid=13387 comm="syz.5.2202" path="/46/file0" dev="tmpfs" ino=279 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  212.892376][T13390] overlay: Unknown parameter './file1'
[  212.903944][   T40] audit: type=1400 audit(212.831:421609): avc:  denied  { write } for  pid=13388 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  212.922000][T13159] /syz1
[  212.964110][   T40] audit: type=1400 audit(212.851:421610): avc:  denied  { mount } for  pid=13387 comm="syz.5.2202" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  213.039141][   T40] audit: type=1400 audit(212.851:421611): avc:  denied  { name_bind } for  pid=13392 comm="syz.4.2203" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  213.049580][   T40] audit: type=1400 audit(212.851:421612): avc:  denied  { node_bind } for  pid=13392 comm="syz.4.2203" saddr=255.255.255.255 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  213.062769][   T40] audit: type=1400 audit(212.931:421613): avc:  denied  { execmem } for  pid=13392 comm="syz.4.2203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  213.073893][T13368] can0 (unregistered): slcan off ttynull.
[  213.125013][ T5738] Bluetooth: hci2: command 0x0406 tx timeout
[  213.152608][T13159] :
[  213.152675][T13159] cache 306147328
[  213.154831][T13159] rss 53248
[  213.155957][T13159] rss_huge 0
[  213.157077][T13159] shmem 306147328
[  213.164382][T13159] mapped_file 0
[  213.165655][T13159] dirty 0
[  213.168423][T13159] writeback 0
[  213.172211][T13159] workingset_refault_anon 1315
[  213.177668][T13159] workingset_refault_file 51
[  213.181443][T13152] syz.1.2150 (13152) used greatest stack depth: 18544 bytes left
[  213.181552][T13159] swap 127926272
[  213.190015][T13159] swapcached 180006912
[  213.192752][T13159] pgpgin 276070
[  213.197563][T13159] pgpgout 201825
[  213.199886][T13159] pgfault 113550
[  213.202265][T13159] pgmajfault 191
[  213.213578][T13159] inactive_anon 166989824
[  213.218347][T13159] active_anon 139202560
[  213.219694][T13159] inactive_file 0
[  213.221746][T13159] active_file 0
[  213.222870][T13159] unevictable 0
[  213.229132][T13159] hierarchical_memory_limit 314572800
[  213.231372][T13159] hierarchical_memsw_limit 9223372036854771712
[  213.234074][T13159] total_cache 306147328
[  213.235837][T13159] total_rss 53248
[  213.237422][T13159] total_rss_huge 0
[  213.239016][T13159] total_shmem 306147328
[  213.240802][T13159] total_mapped_file 0
[  213.242481][T13159] total_dirty 0
[  213.244167][T13159] total_writeback 0
[  213.245952][T13159] total_workingset_refault_anon 1315
[  213.248401][T13159] total_workingset_refault_file 51
[  213.250667][T13159] total_swap 127926272
[  213.252384][T13159] total_swapcached 180006912
[  213.254285][T13159] total_pgpgin 276072
[  213.255930][T13159] total_pgpgout 201827
[  213.257672][T13159] total_pgfault 113560
[  213.259605][T13159] total_pgmajfault 191
[  213.261344][T13159] total_inactive_anon 166989824
[  213.263408][T13159] total_active_anon 139202560
[  213.264200][T13406] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2207'.
[  213.265459][T13159] total_inactive_file 0
[  213.270385][T13159] total_active_file 0
[  213.272162][T13159] total_unevictable 0
[  213.274020][T13159] anon_cost 0
[  213.275447][T13159] file_cost 0
[  213.276908][T13159] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13155,uid=0
[  213.288841][T13159] Memory cgroup out of memory: Killed process 13155 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:32640kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[  213.324393][T13170] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  213.346630][T13170] CPU: 3 UID: 0 PID: 13170 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  213.346659][T13170] Tainted: [L]=SOFTLOCKUP
[  213.346677][T13170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  213.346687][T13170] Call Trace:
[  213.346711][T13170]  <TASK>
[  213.346717][T13170]  dump_stack_lvl+0x100/0x190
[  213.346749][T13170]  dump_header+0xfb/0x606
[  213.346769][T13170]  oom_kill_process.cold+0xd/0x330
[  213.346788][T13170]  out_of_memory+0x340/0x14f0
[  213.346817][T13170]  ? __pfx_out_of_memory+0x10/0x10
[  213.346853][T13170]  mem_cgroup_out_of_memory+0xc6/0x130
[  213.346877][T13170]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  213.346899][T13170]  ? find_held_lock+0x2b/0x80
[  213.346919][T13170]  ? do_raw_spin_unlock+0x145/0x1e0
[  213.346943][T13170]  ? _raw_spin_unlock+0x28/0x50
[  213.347032][T13170]  try_charge_memcg+0x6e5/0xdf0
[  213.347056][T13170]  ? __pfx_try_charge_memcg+0x10/0x10
[  213.347072][T13170]  ? find_held_lock+0x2b/0x80
[  213.347087][T13170]  ? rcu_read_unlock+0x17/0x60
[  213.347104][T13170]  ? rcu_read_unlock+0x17/0x60
[  213.347123][T13170]  ? find_held_lock+0x2b/0x80
[  213.347139][T13170]  ? rcu_read_unlock+0x17/0x60
[  213.347162][T13170]  charge_memcg+0x19f/0x210
[  213.347180][T13170]  __mem_cgroup_charge+0x2b/0x1c0
[  213.347202][T13170]  shmem_alloc_and_add_folio+0x451/0xd40
[  213.347232][T13170]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  213.347275][T13170]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  213.347305][T13170]  shmem_get_folio_gfp+0x6ab/0x1900
[  213.347336][T13170]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  213.347363][T13170]  ? timestamp_truncate+0x22e/0x2f0
[  213.347388][T13170]  shmem_write_begin+0x1a4/0x420
[  213.347415][T13170]  ? __pfx_shmem_write_begin+0x10/0x10
[  213.347438][T13170]  ? rcu_is_watching+0x12/0xc0
[  213.347464][T13170]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  213.347487][T13170]  generic_perform_write+0x292/0xa40
[  213.347517][T13170]  ? __pfx_generic_perform_write+0x10/0x10
[  213.347537][T13170]  ? __mark_inode_dirty+0x55c/0x1720
[  213.347557][T13170]  ? mnt_put_write_access_file+0x4e/0x100
[  213.347578][T13170]  ? file_update_time_flags+0x373/0x500
[  213.347605][T13170]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  213.347623][T13170]  shmem_file_write_iter+0x10e/0x140
[  213.347646][T13170]  __kernel_write_iter+0x2ac/0x920
[  213.347668][T13170]  ? __pfx___kernel_write_iter+0x10/0x10
[  213.347684][T13170]  ? cgroup1_freezing+0x12c/0x3b0
[  213.347706][T13170]  ? cgroup1_freezing+0x136/0x3b0
[  213.347722][T13170]  ? freezing_slow_path+0xb5/0x1a0
[  213.347741][T13170]  dump_user_range+0x3f9/0xad0
[  213.347762][T13170]  ? __pfx_dump_user_range+0x10/0x10
[  213.347785][T13170]  ? __pfx_writenote+0x10/0x10
[  213.347807][T13170]  elf_core_dump+0x2d5f/0x3d10
[  213.347842][T13170]  ? __pfx_elf_core_dump+0x10/0x10
[  213.347859][T13170]  ? kasan_save_stack+0x3f/0x50
[  213.347873][T13170]  ? kasan_save_stack+0x30/0x50
[  213.347887][T13170]  ? __kasan_kmalloc+0xaa/0xb0
[  213.347909][T13170]  ? __kvmalloc_node_noprof+0x360/0xa00
[  213.347933][T13170]  ? vfs_coredump+0x22db/0x5770
[  213.347948][T13170]  ? asm_exc_page_fault+0x26/0x30
[  213.347966][T13170]  ? 0xffffffffff600000
[  213.348019][T13170]  ? vfs_coredump+0x29a0/0x5770
[  213.348033][T13170]  vfs_coredump+0x29a0/0x5770
[  213.348057][T13170]  ? __pfx_vfs_coredump+0x10/0x10
[  213.348074][T13170]  ? __lock_acquire+0x4a5/0x2630
[  213.348103][T13170]  ? lock_acquire+0x1b1/0x370
[  213.348133][T13170]  ? is_bpf_text_address+0x8a/0x1a0
[  213.348154][T13170]  ? bpf_ksym_find+0x128/0x1c0
[  213.348183][T13170]  ? __kernel_text_address+0xd/0x30
[  213.348204][T13170]  ? unwind_get_return_address+0x59/0xa0
[  213.348229][T13170]  ? arch_stack_walk+0xa6/0xf0
[  213.348259][T13170]  ? __sigqueue_free+0xbe/0x2a0
[  213.348301][T13170]  ? stack_trace_save+0x8e/0xc0
[  213.348319][T13170]  ? __pfx_stack_trace_save+0x10/0x10
[  213.348336][T13170]  ? stack_depot_save_flags+0x27/0x9d0
[  213.348370][T13170]  ? __lock_acquire+0x4a5/0x2630
[  213.348428][T13170]  ? proc_coredump_connector+0x2d3/0x4f0
[  213.348464][T13170]  ? __pfx_proc_coredump_connector+0x10/0x10
[  213.348491][T13170]  ? rcu_is_watching+0x12/0xc0
[  213.348518][T13170]  get_signal+0x1f2a/0x21e0
[  213.348551][T13170]  ? __pfx_get_signal+0x10/0x10
[  213.348573][T13170]  ? __pfx_force_sig_fault+0x10/0x10
[  213.348602][T13170]  arch_do_signal_or_restart+0x91/0x7e0
[  213.348629][T13170]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  213.348679][T13170]  ? rcu_is_watching+0x12/0xc0
[  213.348708][T13170]  irqentry_exit+0x410/0x7e0
[  213.348734][T13170]  asm_exc_page_fault+0x26/0x30
[  213.348750][T13170] RIP: 0033:0x7f2b4d39ce59
[  213.348783][T13170] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  213.348791][T13170] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  213.348809][T13170] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  213.348821][T13170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  213.348831][T13170] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  213.348845][T13170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.348854][T13170] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  213.348877][T13170]  </TASK>
[  213.352075][T13170] memory: usage 307200kB, limit 307200kB, failcnt 32101
[  213.529953][T13409] hub 2-0:1.0: USB hub found
[  213.531805][T13170] memory+swap: usage 424820kB, limit 9007199254740988kB, failcnt 0
[  213.534832][T13409] hub 2-0:1.0: 6 ports detected
[  213.536306][T13170] kmem: usage 8108kB, limit 9007199254740988kB, failcnt 0
[  213.577284][T13170] Memory cgroup stats for /syz1:
[  213.577409][T13170] cache 305635328
[  213.581120][T13170] rss 53248
[  213.582460][T13170] rss_huge 0
[  213.583959][T13170] shmem 305635328
[  213.585487][T13170] mapped_file 0
[  213.586944][T13170] dirty 0
[  213.588177][T13170] writeback 0
[  213.589549][T13170] workingset_refault_anon 1315
[  213.591455][T13170] workingset_refault_file 51
[  213.593379][T13170] swap 124641280
[  213.595155][T13170] swapcached 184258560
[  213.596940][T13170] pgpgin 284100
[  213.598515][T13170] pgpgout 209978
[  213.600106][T13170] pgfault 114058
[  213.601730][T13170] pgmajfault 191
[  213.603247][T13170] inactive_anon 109916160
[  213.605209][T13170] active_anon 195334144
[  213.606948][T13170] inactive_file 0
[  213.608613][T13170] active_file 0
[  213.610115][T13170] unevictable 0
[  213.611643][T13170] hierarchical_memory_limit 314572800
[  213.614014][T13170] hierarchical_memsw_limit 9223372036854771712
[  213.616641][T13170] total_cache 305635328
[  213.618454][T13170] total_rss 53248
[  213.620056][T13170] total_rss_huge 0
[  213.621771][T13170] total_shmem 305635328
[  213.623751][T13170] total_mapped_file 0
[  213.625352][T13170] total_dirty 0
[  213.626680][T13170] total_writeback 0
[  213.628201][T13170] total_workingset_refault_anon 1315
[  213.633109][T13170] total_workingset_refault_file 51
[  213.637956][T13170] total_swap 124641280
[  213.639732][T13170] total_swapcached 184258560
[  213.641750][T13170] total_pgpgin 284102
[  213.643437][T13170] total_pgpgout 209980
[  213.645784][T13170] total_pgfault 114068
[  213.647761][T13170] total_pgmajfault 191
[  213.649549][T13170] total_inactive_anon 109916160
[  213.651600][T13170] total_active_anon 195334144
[  213.653558][T13170] total_inactive_file 0
[  213.655575][T13170] total_active_file 0
[  213.657002][T13170] total_unevictable 0
[  213.660060][T13170] anon_cost 0
[  213.661544][T13170] file_cost 0
[  213.662956][T13170] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13156,uid=0
[  213.676072][T13170] Memory cgroup out of memory: Killed process 13156 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000
[  213.763971][   T24] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  213.779279][T13161] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  213.798280][T13161] CPU: 0 UID: 0 PID: 13161 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  213.798309][T13161] Tainted: [L]=SOFTLOCKUP
[  213.798316][T13161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  213.798332][T13161] Call Trace:
[  213.798338][T13161]  <TASK>
[  213.798345][T13161]  dump_stack_lvl+0x100/0x190
[  213.798373][T13161]  dump_header+0xfb/0x606
[  213.798393][T13161]  oom_kill_process.cold+0xd/0x330
[  213.798414][T13161]  out_of_memory+0x340/0x14f0
[  213.798444][T13161]  ? __pfx_out_of_memory+0x10/0x10
[  213.798476][T13161]  mem_cgroup_out_of_memory+0xc6/0x130
[  213.798503][T13161]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  213.798525][T13161]  ? find_held_lock+0x2b/0x80
[  213.798546][T13161]  ? do_raw_spin_unlock+0x145/0x1e0
[  213.798572][T13161]  ? _raw_spin_unlock+0x28/0x50
[  213.798598][T13161]  try_charge_memcg+0x6e5/0xdf0
[  213.798624][T13161]  ? __pfx_try_charge_memcg+0x10/0x10
[  213.798644][T13161]  ? find_held_lock+0x2b/0x80
[  213.798662][T13161]  ? rcu_read_unlock+0x17/0x60
[  213.798682][T13161]  ? rcu_read_unlock+0x17/0x60
[  213.798702][T13161]  ? find_held_lock+0x2b/0x80
[  213.798720][T13161]  ? rcu_read_unlock+0x17/0x60
[  213.798745][T13161]  charge_memcg+0x19f/0x210
[  213.798767][T13161]  __mem_cgroup_charge+0x2b/0x1c0
[  213.798792][T13161]  shmem_alloc_and_add_folio+0x451/0xd40
[  213.798847][T13161]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  213.798878][T13161]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  213.798914][T13161]  shmem_get_folio_gfp+0x6ab/0x1900
[  213.798947][T13161]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  213.798980][T13161]  shmem_write_begin+0x1a4/0x420
[  213.799011][T13161]  ? __pfx_shmem_write_begin+0x10/0x10
[  213.799037][T13161]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  213.799056][T13161]  ? lockdep_hardirqs_on+0x78/0x100
[  213.799080][T13161]  generic_perform_write+0x292/0xa40
[  213.799112][T13161]  ? __pfx_generic_perform_write+0x10/0x10
[  213.799140][T13161]  ? file_update_time_flags+0x373/0x500
[  213.799169][T13161]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  213.799187][T13161]  shmem_file_write_iter+0x10e/0x140
[  213.799207][T13161]  __kernel_write_iter+0x2ac/0x920
[  213.799226][T13161]  ? __pfx___kernel_write_iter+0x10/0x10
[  213.799242][T13161]  ? cgroup1_freezing+0x12c/0x3b0
[  213.799263][T13161]  ? cgroup1_freezing+0x136/0x3b0
[  213.799281][T13161]  ? freezing_slow_path+0xb5/0x1a0
[  213.799301][T13161]  dump_user_range+0x3f9/0xad0
[  213.799324][T13161]  ? __pfx_dump_user_range+0x10/0x10
[  213.799353][T13161]  ? __pfx_writenote+0x10/0x10
[  213.799377][T13161]  elf_core_dump+0x2d5f/0x3d10
[  213.799410][T13161]  ? __pfx_elf_core_dump+0x10/0x10
[  213.799429][T13161]  ? kasan_save_stack+0x3f/0x50
[  213.799445][T13161]  ? kasan_save_stack+0x30/0x50
[  213.799460][T13161]  ? __kasan_kmalloc+0xaa/0xb0
[  213.799484][T13161]  ? __kvmalloc_node_noprof+0x360/0xa00
[  213.799511][T13161]  ? vfs_coredump+0x22db/0x5770
[  213.799528][T13161]  ? asm_exc_page_fault+0x26/0x30
[  213.799549][T13161]  ? 0xffffffffff600000
[  213.799608][T13161]  ? vfs_coredump+0x29a0/0x5770
[  213.799625][T13161]  vfs_coredump+0x29a0/0x5770
[  213.799653][T13161]  ? __pfx_vfs_coredump+0x10/0x10
[  213.799671][T13161]  ? __lock_acquire+0x4a5/0x2630
[  213.799702][T13161]  ? lock_acquire+0x1b1/0x370
[  213.799732][T13161]  ? is_bpf_text_address+0x8a/0x1a0
[  213.799755][T13161]  ? bpf_ksym_find+0x128/0x1c0
[  213.799787][T13161]  ? __kernel_text_address+0xd/0x30
[  213.799811][T13161]  ? unwind_get_return_address+0x59/0xa0
[  213.799838][T13161]  ? arch_stack_walk+0xa6/0xf0
[  213.799873][T13161]  ? __sigqueue_free+0xbe/0x2a0
[  213.799893][T13161]  ? stack_trace_save+0x8e/0xc0
[  213.799911][T13161]  ? __pfx_stack_trace_save+0x10/0x10
[  213.799929][T13161]  ? stack_depot_save_flags+0x27/0x9d0
[  213.799950][T13161]  ? __lock_acquire+0x4a5/0x2630
[  213.800014][T13161]  ? proc_coredump_connector+0x2d3/0x4f0
[  213.800040][T13161]  ? __pfx_proc_coredump_connector+0x10/0x10
[  213.800069][T13161]  ? rcu_is_watching+0x12/0xc0
[  213.800100][T13161]  get_signal+0x1f2a/0x21e0
[  213.800135][T13161]  ? __pfx_get_signal+0x10/0x10
[  213.800159][T13161]  ? __pfx_force_sig_fault+0x10/0x10
[  213.800186][T13161]  arch_do_signal_or_restart+0x91/0x7e0
[  213.800217][T13161]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  213.800256][T13161]  ? rcu_is_watching+0x12/0xc0
[  213.800315][T13161]  irqentry_exit+0x410/0x7e0
[  213.800346][T13161]  asm_exc_page_fault+0x26/0x30
[  213.800362][T13161] RIP: 0033:0x7f2b4d39ce59
[  213.800384][T13161] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  213.800393][T13161] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  213.800409][T13161] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  213.800421][T13161] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  213.800431][T13161] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  213.800442][T13161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.800453][T13161] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  213.800481][T13161]  </TASK>
[  213.807318][T13416] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2210'.
[  213.838212][T13161] memory: usage 307200kB, limit 307200kB, failcnt 33272
[  213.881565][T13422] 9pnet_virtio: no channels available for device syz
[  213.883437][T13161] memory+swap: usage 431812kB, limit 9007199254740988kB, failcnt 0
[  213.895575][T13414] loop5: detected capacity change from 0 to 7
[  213.896472][T13161] kmem: usage 7928kB, limit 9007199254740988kB, failcnt 0
[  213.899544][T13414] Dev loop5: unable to read RDB block 7
[  213.900191][T13161] Memory cgroup stats for 
[  213.902316][T13414]  loop5: unable to read partition table
[  213.904710][T13161] /syz1
[  213.906764][T13414] loop5: partition table beyond EOD, 
[  213.908706][T13161] :
[  213.908808][T13161] cache 302256128
[  213.910794][T13414] truncated
[  213.950078][T13424] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2214'.
[  213.950982][T13414] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  213.951965][T13161] rss 53248
[  213.987141][   T24] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  213.988105][T13161] rss_huge 0
[  213.994091][   T24] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  213.994120][   T24] usb 2-1: Product: QEMU USB Tablet
[  213.994135][   T24] usb 2-1: Manufacturer: QEMU
[  213.994150][   T24] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  214.017106][T13426] use of bytesused == 0 is deprecated and will be removed in the future,
[  214.019882][T13161] shmem 302256128
[  214.023820][T13426] use the actual size instead.
[  214.025008][T13161] mapped_file 0
[  214.040637][T13161] dirty 0
[  214.041625][T13161] writeback 0
[  214.043085][T13161] workingset_refault_anon 1315
[  214.044987][T13161] workingset_refault_file 51
[  214.046529][T13161] swap 124641280
[  214.047998][T13161] swapcached 187609088
[  214.049271][T13161] pgpgin 285102
[  214.050415][T13161] pgpgout 211807
[  214.052497][T13161] pgfault 114120
[  214.054801][T13161] pgmajfault 191
[  214.056022][T13161] inactive_anon 200429568
[  214.057452][T13161] active_anon 101879808
[  214.058759][T13161] inactive_file 0
[  214.059918][T13161] active_file 0
[  214.061067][T13161] unevictable 0
[  214.062290][T13161] hierarchical_memory_limit 314572800
[  214.064501][T13161] hierarchical_memsw_limit 9223372036854771712
[  214.066556][T13161] total_cache 302256128
[  214.067864][T13161] total_rss 53248
[  214.069188][T13161] total_rss_huge 0
[  214.070406][T13161] total_shmem 302256128
[  214.071772][T13161] total_mapped_file 0
[  214.073029][T13161] total_dirty 0
[  214.074720][T13428] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2215'.
[  214.078758][T13161] total_writeback 0
[  214.078769][T13161] total_workingset_refault_anon 1315
[  214.078775][T13161] total_workingset_refault_file 51
[  214.078780][T13161] total_swap 124641280
[  214.078784][T13161] total_swapcached 187609088
[  214.078789][T13161] total_pgpgin 285104
[  214.078793][T13161] total_pgpgout 211809
[  214.078798][T13161] total_pgfault 114130
[  214.078803][T13161] total_pgmajfault 191
[  214.078807][T13161] total_inactive_anon 200429568
[  214.078812][T13161] total_active_anon 101879808
[  214.078816][T13161] total_inactive_file 0
[  214.078821][T13161] total_active_file 0
[  214.078825][T13161] total_unevictable 0
[  214.078830][T13161] anon_cost 0
[  214.078834][T13161] file_cost 0
[  214.078839][T13161] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13161,uid=0
[  214.078908][T13161] Memory cgroup out of memory: Killed process 13161 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:35648kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000
[  214.095867][   T24] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.000A/input/input23
[  214.231086][   T24] hid-generic 0003:0627:0001.000A: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  214.233545][T13156] syz.1.2150 (13156) used greatest stack depth: 18288 bytes left
[  214.237216][T13441] netlink: 'syz.5.2221': attribute type 29 has an invalid length.
[  214.323381][T13448] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2223'.
[  214.327480][T13452] 9pnet_virtio: no channels available for device syz
[  214.331519][T13455] 9pnet_virtio: no channels available for device syz
[  214.372324][T13460] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=46199 sclass=netlink_route_socket pid=13460 comm=syz.4.2226
[  214.377892][T13461] 9pnet_virtio: no channels available for device syz
[  214.381615][T13461] FAULT_INJECTION: forcing a failure.
[  214.381615][T13461] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  214.388537][T13461] CPU: 0 UID: 0 PID: 13461 Comm: syz.3.2225 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  214.388556][T13461] Tainted: [L]=SOFTLOCKUP
[  214.388560][T13461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  214.388566][T13461] Call Trace:
[  214.388571][T13461]  <TASK>
[  214.388576][T13461]  dump_stack_lvl+0x100/0x190
[  214.388594][T13461]  should_fail_ex.cold+0x5/0xa
[  214.388611][T13461]  _copy_from_user+0x2e/0xd0
[  214.388648][T13461]  kstrtouint_from_user+0xd6/0x1d0
[  214.388666][T13461]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  214.388682][T13461]  ? __lock_acquire+0x4a5/0x2630
[  214.388706][T13461]  ? lock_acquire+0x1b1/0x370
[  214.388728][T13461]  proc_fail_nth_write+0x83/0x220
[  214.388741][T13461]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  214.388756][T13461]  vfs_write+0x2aa/0x1070
[  214.388769][T13461]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  214.388797][T13461]  ? __pfx_vfs_write+0x10/0x10
[  214.388809][T13461]  ? __fget_files+0x215/0x3d0
[  214.388830][T13461]  ? __fget_files+0x21f/0x3d0
[  214.388848][T13461]  ksys_write+0x12a/0x250
[  214.388860][T13461]  ? __pfx_ksys_write+0x10/0x10
[  214.388873][T13461]  ? rcu_is_watching+0x12/0xc0
[  214.388892][T13461]  do_syscall_64+0x10b/0xf80
[  214.388909][T13461]  ? clear_bhb_loop+0x40/0x90
[  214.388922][T13461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.388933][T13461] RIP: 0033:0x7fcf7455d68e
[  214.388944][T13461] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  214.388954][T13461] RSP: 002b:00007fcf754f9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  214.388966][T13461] RAX: ffffffffffffffda RBX: 00007fcf754fa6c0 RCX: 00007fcf7455d68e
[  214.388973][T13461] RDX: 0000000000000001 RSI: 00007fcf754fa0a0 RDI: 0000000000000004
[  214.388979][T13461] RBP: 00007fcf754fa090 R08: 0000000000000000 R09: 0000000000000000
[  214.388985][T13461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.388991][T13461] R13: 00007fcf74816038 R14: 00007fcf74815fa0 R15: 00007ffcb5c9a398
[  214.389005][T13461]  </TASK>
[  214.488063][T13168] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  214.491200][T13168] CPU: 0 UID: 0 PID: 13168 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  214.491217][T13168] Tainted: [L]=SOFTLOCKUP
[  214.491221][T13168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  214.491227][T13168] Call Trace:
[  214.491232][T13168]  <TASK>
[  214.491237][T13168]  dump_stack_lvl+0x100/0x190
[  214.491255][T13168]  dump_header+0xfb/0x606
[  214.491267][T13168]  oom_kill_process.cold+0xd/0x330
[  214.491280][T13168]  out_of_memory+0x340/0x14f0
[  214.491299][T13168]  ? __pfx_out_of_memory+0x10/0x10
[  214.491322][T13168]  mem_cgroup_out_of_memory+0xc6/0x130
[  214.491339][T13168]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  214.491354][T13168]  ? find_held_lock+0x2b/0x80
[  214.491366][T13168]  ? do_raw_spin_unlock+0x145/0x1e0
[  214.491382][T13168]  ? _raw_spin_unlock+0x28/0x50
[  214.491398][T13168]  try_charge_memcg+0x6e5/0xdf0
[  214.491413][T13168]  ? __pfx_try_charge_memcg+0x10/0x10
[  214.491424][T13168]  ? find_held_lock+0x2b/0x80
[  214.491434][T13168]  ? rcu_read_unlock+0x17/0x60
[  214.491445][T13168]  ? rcu_read_unlock+0x17/0x60
[  214.491457][T13168]  ? find_held_lock+0x2b/0x80
[  214.491467][T13168]  ? rcu_read_unlock+0x17/0x60
[  214.491482][T13168]  charge_memcg+0x19f/0x210
[  214.491495][T13168]  __mem_cgroup_charge+0x2b/0x1c0
[  214.491509][T13168]  shmem_alloc_and_add_folio+0x451/0xd40
[  214.491529][T13168]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  214.491547][T13168]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  214.491567][T13168]  shmem_get_folio_gfp+0x6ab/0x1900
[  214.491586][T13168]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  214.491607][T13168]  shmem_write_begin+0x1a4/0x420
[  214.491625][T13168]  ? __pfx_shmem_write_begin+0x10/0x10
[  214.491643][T13168]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  214.491655][T13168]  ? lockdep_hardirqs_on+0x78/0x100
[  214.491671][T13168]  generic_perform_write+0x292/0xa40
[  214.491704][T13168]  ? __pfx_generic_perform_write+0x10/0x10
[  214.491722][T13168]  ? file_update_time_flags+0x373/0x500
[  214.491740][T13168]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  214.491751][T13168]  shmem_file_write_iter+0x10e/0x140
[  214.491764][T13168]  __kernel_write_iter+0x2ac/0x920
[  214.491777][T13168]  ? __pfx___kernel_write_iter+0x10/0x10
[  214.491789][T13168]  ? cgroup1_freezing+0x12c/0x3b0
[  214.491802][T13168]  ? cgroup1_freezing+0x136/0x3b0
[  214.491813][T13168]  ? freezing_slow_path+0xb5/0x1a0
[  214.491830][T13168]  dump_user_range+0x3f9/0xad0
[  214.491844][T13168]  ? __pfx_dump_user_range+0x10/0x10
[  214.491860][T13168]  ? __pfx_writenote+0x10/0x10
[  214.491874][T13168]  elf_core_dump+0x2d5f/0x3d10
[  214.491894][T13168]  ? __pfx_elf_core_dump+0x10/0x10
[  214.491905][T13168]  ? kasan_save_stack+0x3f/0x50
[  214.491914][T13168]  ? kasan_save_stack+0x30/0x50
[  214.491924][T13168]  ? __kasan_kmalloc+0xaa/0xb0
[  214.491939][T13168]  ? __kvmalloc_node_noprof+0x360/0xa00
[  214.491957][T13168]  ? vfs_coredump+0x22db/0x5770
[  214.491967][T13168]  ? asm_exc_page_fault+0x26/0x30
[  214.491979][T13168]  ? 0xffffffffff600000
[  214.492011][T13168]  ? vfs_coredump+0x29a0/0x5770
[  214.492020][T13168]  vfs_coredump+0x29a0/0x5770
[  214.492036][T13168]  ? __pfx_vfs_coredump+0x10/0x10
[  214.492046][T13168]  ? __lock_acquire+0x4a5/0x2630
[  214.492066][T13168]  ? lock_acquire+0x1b1/0x370
[  214.492086][T13168]  ? is_bpf_text_address+0x8a/0x1a0
[  214.492101][T13168]  ? bpf_ksym_find+0x128/0x1c0
[  214.492120][T13168]  ? __kernel_text_address+0xd/0x30
[  214.492134][T13168]  ? unwind_get_return_address+0x59/0xa0
[  214.492151][T13168]  ? arch_stack_walk+0xa6/0xf0
[  214.492171][T13168]  ? __sigqueue_free+0xbe/0x2a0
[  214.492183][T13168]  ? stack_trace_save+0x8e/0xc0
[  214.492194][T13168]  ? __pfx_stack_trace_save+0x10/0x10
[  214.492206][T13168]  ? stack_depot_save_flags+0x27/0x9d0
[  214.492218][T13168]  ? __lock_acquire+0x4a5/0x2630
[  214.492255][T13168]  ? proc_coredump_connector+0x2d3/0x4f0
[  214.492296][T13168]  ? __pfx_proc_coredump_connector+0x10/0x10
[  214.492313][T13168]  ? rcu_is_watching+0x12/0xc0
[  214.492333][T13168]  get_signal+0x1f2a/0x21e0
[  214.492353][T13168]  ? __pfx_get_signal+0x10/0x10
[  214.492369][T13168]  ? __pfx_force_sig_fault+0x10/0x10
[  214.492387][T13168]  arch_do_signal_or_restart+0x91/0x7e0
[  214.492405][T13168]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  214.492427][T13168]  ? rcu_is_watching+0x12/0xc0
[  214.492445][T13168]  irqentry_exit+0x410/0x7e0
[  214.492461][T13168]  asm_exc_page_fault+0x26/0x30
[  214.492471][T13168] RIP: 0033:0x7f2b4d39ce59
[  214.492484][T13168] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  214.492489][T13168] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  214.492498][T13168] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  214.492505][T13168] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  214.492511][T13168] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  214.492517][T13168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.492522][T13168] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  214.492536][T13168]  </TASK>
[  214.492570][T13168] memory: usage 307200kB, limit 307200kB, failcnt 35990
[  214.591886][T13478] syzkaller0: entered promiscuous mode
[  214.593391][T13168] memory+swap: usage 430168kB, limit 9007199254740988kB, failcnt 0
[  214.602152][T13478] syzkaller0: entered allmulticast mode
[  214.602369][T13168] kmem: usage 7944kB, limit 9007199254740988kB, failcnt 0
[  214.622792][T13478] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2230'.
[  214.622938][T13168] Memory cgroup stats for 
[  214.626613][T13478] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2230'.
[  214.628164][T13168] /syz1:
[  214.628329][T13168] cache 302284800
[  214.676852][T13168] rss 98304
[  214.677954][T13168] rss_huge 0
[  214.679025][T13168] shmem 302284800
[  214.680221][T13168] mapped_file 0
[  214.681344][T13168] dirty 0
[  214.682270][T13168] writeback 0
[  214.683374][T13168] workingset_refault_anon 1315
[  214.685078][T13168] workingset_refault_file 51
[  214.686511][T13168] swap 126783488
[  214.687729][T13168] swapcached 203124736
[  214.689036][T13168] pgpgin 298795
[  214.690120][T13168] pgpgout 225479
[  214.691243][T13168] pgfault 115007
[  214.692551][T13168] pgmajfault 191
[  214.694272][T13168] inactive_anon 127803392
[  214.695977][T13168] active_anon 173838336
[  214.697833][T13168] inactive_file 0
[  214.699594][T13168] active_file 0
[  214.701456][T13168] unevictable 0
[  214.702978][T13168] hierarchical_memory_limit 314572800
[  214.705815][T13168] hierarchical_memsw_limit 9223372036854771712
[  214.708561][T13168] total_cache 302284800
[  214.710266][T13168] total_rss 98304
[  214.711607][T13168] total_rss_huge 0
[  214.712893][T13168] total_shmem 302284800
[  214.714730][T13168] total_mapped_file 0
[  214.716054][T13168] total_dirty 0
[  214.717216][T13168] total_writeback 0
[  214.718572][T13168] total_workingset_refault_anon 1315
[  214.720402][T13168] total_workingset_refault_file 51
[  214.721999][T13168] total_swap 126783488
[  214.723319][T13168] total_swapcached 203124736
[  214.724879][T13168] total_pgpgin 298797
[  214.726090][T13168] total_pgpgout 225481
[  214.727534][T13168] total_pgfault 115017
[  214.729204][T13168] total_pgmajfault 191
[  214.730663][T13168] total_inactive_anon 127803392
[  214.732477][T13168] total_active_anon 173838336
[  214.734639][T13168] total_inactive_file 0
[  214.736186][T13168] total_active_file 0
[  214.737449][T13168] total_unevictable 0
[  214.738847][T13168] anon_cost 0
[  214.739961][T13168] file_cost 0
[  214.741257][T13168] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13170,uid=0
[  214.746309][T13168] Memory cgroup out of memory: Killed process 13170 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:33344kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  214.762538][T13491] 9pnet_virtio: no channels available for device syz
[  214.814884][T13166] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  214.832672][T13166] CPU: 3 UID: 0 PID: 13166 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  214.832693][T13166] Tainted: [L]=SOFTLOCKUP
[  214.832697][T13166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  214.832703][T13166] Call Trace:
[  214.832708][T13166]  <TASK>
[  214.832713][T13166]  dump_stack_lvl+0x100/0x190
[  214.832730][T13166]  dump_header+0xfb/0x606
[  214.832743][T13166]  oom_kill_process.cold+0xd/0x330
[  214.832756][T13166]  out_of_memory+0x340/0x14f0
[  214.832775][T13166]  ? __pfx_out_of_memory+0x10/0x10
[  214.832795][T13166]  mem_cgroup_out_of_memory+0xc6/0x130
[  214.832811][T13166]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  214.832826][T13166]  ? find_held_lock+0x2b/0x80
[  214.832839][T13166]  ? do_raw_spin_unlock+0x145/0x1e0
[  214.832855][T13166]  ? _raw_spin_unlock+0x28/0x50
[  214.832887][T13166]  try_charge_memcg+0x6e5/0xdf0
[  214.832902][T13166]  ? __pfx_try_charge_memcg+0x10/0x10
[  214.832913][T13166]  ? find_held_lock+0x2b/0x80
[  214.832923][T13166]  ? rcu_read_unlock+0x17/0x60
[  214.832935][T13166]  ? rcu_read_unlock+0x17/0x60
[  214.832947][T13166]  ? find_held_lock+0x2b/0x80
[  214.832957][T13166]  ? rcu_read_unlock+0x17/0x60
[  214.832972][T13166]  charge_memcg+0x19f/0x210
[  214.832984][T13166]  __mem_cgroup_charge+0x2b/0x1c0
[  214.833011][T13166]  shmem_alloc_and_add_folio+0x451/0xd40
[  214.833034][T13166]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  214.833051][T13166]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  214.833071][T13166]  shmem_get_folio_gfp+0x6ab/0x1900
[  214.833091][T13166]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  214.833109][T13166]  ? timestamp_truncate+0x22e/0x2f0
[  214.833125][T13166]  shmem_write_begin+0x1a4/0x420
[  214.833143][T13166]  ? __pfx_shmem_write_begin+0x10/0x10
[  214.833159][T13166]  ? rcu_is_watching+0x12/0xc0
[  214.833176][T13166]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  214.833190][T13166]  generic_perform_write+0x292/0xa40
[  214.833215][T13166]  ? __pfx_generic_perform_write+0x10/0x10
[  214.833229][T13166]  ? __mark_inode_dirty+0x55c/0x1720
[  214.833241][T13166]  ? mnt_put_write_access_file+0x4e/0x100
[  214.833255][T13166]  ? file_update_time_flags+0x373/0x500
[  214.833272][T13166]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  214.833284][T13166]  shmem_file_write_iter+0x10e/0x140
[  214.833297][T13166]  __kernel_write_iter+0x2ac/0x920
[  214.833310][T13166]  ? __pfx___kernel_write_iter+0x10/0x10
[  214.833321][T13166]  ? cgroup1_freezing+0x12c/0x3b0
[  214.833334][T13166]  ? cgroup1_freezing+0x136/0x3b0
[  214.833344][T13166]  ? freezing_slow_path+0xb5/0x1a0
[  214.833357][T13166]  dump_user_range+0x3f9/0xad0
[  214.833370][T13166]  ? __pfx_dump_user_range+0x10/0x10
[  214.833385][T13166]  ? __pfx_writenote+0x10/0x10
[  214.833399][T13166]  elf_core_dump+0x2d5f/0x3d10
[  214.833417][T13166]  ? __pfx_elf_core_dump+0x10/0x10
[  214.833429][T13166]  ? kasan_save_stack+0x3f/0x50
[  214.833438][T13166]  ? kasan_save_stack+0x30/0x50
[  214.833447][T13166]  ? __kasan_kmalloc+0xaa/0xb0
[  214.833462][T13166]  ? __kvmalloc_node_noprof+0x360/0xa00
[  214.833478][T13166]  ? vfs_coredump+0x22db/0x5770
[  214.833488][T13166]  ? asm_exc_page_fault+0x26/0x30
[  214.833500][T13166]  ? 0xffffffffff600000
[  214.833531][T13166]  ? vfs_coredump+0x29a0/0x5770
[  214.833540][T13166]  vfs_coredump+0x29a0/0x5770
[  214.833555][T13166]  ? __pfx_vfs_coredump+0x10/0x10
[  214.833566][T13166]  ? __lock_acquire+0x4a5/0x2630
[  214.833585][T13166]  ? lock_acquire+0x1b1/0x370
[  214.833604][T13166]  ? is_bpf_text_address+0x8a/0x1a0
[  214.833618][T13166]  ? bpf_ksym_find+0x128/0x1c0
[  214.833637][T13166]  ? __kernel_text_address+0xd/0x30
[  214.833651][T13166]  ? unwind_get_return_address+0x59/0xa0
[  214.833667][T13166]  ? arch_stack_walk+0xa6/0xf0
[  214.833687][T13166]  ? __sigqueue_free+0xbe/0x2a0
[  214.833698][T13166]  ? stack_trace_save+0x8e/0xc0
[  214.833708][T13166]  ? __pfx_stack_trace_save+0x10/0x10
[  214.833720][T13166]  ? stack_depot_save_flags+0x27/0x9d0
[  214.833732][T13166]  ? __lock_acquire+0x4a5/0x2630
[  214.833767][T13166]  ? proc_coredump_connector+0x2d3/0x4f0
[  214.833782][T13166]  ? __pfx_proc_coredump_connector+0x10/0x10
[  214.833799][T13166]  ? rcu_is_watching+0x12/0xc0
[  214.833817][T13166]  get_signal+0x1f2a/0x21e0
[  214.833838][T13166]  ? __pfx_get_signal+0x10/0x10
[  214.833853][T13166]  ? __pfx_force_sig_fault+0x10/0x10
[  214.833872][T13166]  arch_do_signal_or_restart+0x91/0x7e0
[  214.833889][T13166]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  214.833912][T13166]  ? rcu_is_watching+0x12/0xc0
[  214.833929][T13166]  irqentry_exit+0x410/0x7e0
[  214.833945][T13166]  asm_exc_page_fault+0x26/0x30
[  214.833956][T13166] RIP: 0033:0x7f2b4d39ce59
[  214.833969][T13166] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  214.833973][T13166] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  214.833982][T13166] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  214.833989][T13166] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  214.833995][T13166] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  214.834000][T13166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.834007][T13166] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  214.834021][T13166]  </TASK>
[  214.994740][T13166] memory: usage 307060kB, limit 307200kB, failcnt 38775
[  214.997027][T13166] memory+swap: usage 429476kB, limit 9007199254740988kB, failcnt 0
[  214.999816][T13166] kmem: usage 8196kB, limit 9007199254740988kB, failcnt 0
[  215.002030][T13166] Memory cgroup stats for /syz1:
[  215.002104][T13166] cache 305291264
[  215.005542][T13166] rss 204800
[  215.006607][T13166] rss_huge 0
[  215.007683][T13166] shmem 305291264
[  215.008854][T13166] mapped_file 0
[  215.009956][T13166] dirty 0
[  215.010896][T13166] writeback 0
[  215.011955][T13166] workingset_refault_anon 1316
[  215.013500][T13166] workingset_refault_file 51
[  215.015071][T13166] swap 125673472
[  215.016200][T13166] swapcached 209551360
[  215.017552][T13166] pgpgin 309746
[  215.018660][T13166] pgpgout 235673
[  215.019828][T13166] pgfault 115757
[  215.021038][T13166] pgmajfault 192
[  215.022284][T13166] inactive_anon 125370368
[  215.024010][T13166] active_anon 179707904
[  215.025420][T13166] inactive_file 0
[  215.026939][T13166] active_file 0
[  215.028075][T13166] unevictable 0
[  215.029192][T13166] hierarchical_memory_limit 314572800
[  215.030878][T13166] hierarchical_memsw_limit 9223372036854771712
[  215.034870][T13166] total_cache 305291264
[  215.036294][T13166] total_rss 204800
[  215.037498][T13166] total_rss_huge 0
[  215.038723][T13166] total_shmem 305291264
[  215.040336][T13166] total_mapped_file 0
[  215.040815][T13498] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2206'.
[  215.041647][T13166] total_dirty 0
[  215.041655][T13166] total_writeback 0
[  215.048317][T13166] total_workingset_refault_anon 1316
[  215.050019][T13166] total_workingset_refault_file 51
[  215.051684][T13166] total_swap 125673472
[  215.053070][T13166] total_swapcached 209551360
[  215.054801][T13166] total_pgpgin 309748
[  215.056101][T13166] total_pgpgout 235675
[  215.057470][T13166] total_pgfault 115767
[  215.058754][T13166] total_pgmajfault 192
[  215.060079][T13166] total_inactive_anon 125370368
[  215.061645][T13498] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2206'.
[  215.061693][T13166] total_active_anon 179707904
[  215.061700][T13166] total_inactive_file 0
[  215.068598][T13166] total_active_file 0
[  215.069942][T13166] total_unevictable 0
[  215.071185][T13166] anon_cost 0
[  215.072229][T13166] file_cost 0
[  215.073455][T13166] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13153,uid=0
[  215.075076][T13498] netlink: 'syz.1.2206': attribute type 4 has an invalid length.
[  215.079154][T13166] Memory cgroup out of memory: OOM victim 13153 (syz.1.2150) is already exiting. Skip killing the task
[  215.082316][T13176] syz.1.2150 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  215.143778][T13176] CPU: 2 UID: 0 PID: 13176 Comm: syz.1.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  215.143798][T13176] Tainted: [L]=SOFTLOCKUP
[  215.143802][T13176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  215.143808][T13176] Call Trace:
[  215.143813][T13176]  <TASK>
[  215.143817][T13176]  dump_stack_lvl+0x100/0x190
[  215.143835][T13176]  dump_header+0xfb/0x606
[  215.143849][T13176]  oom_kill_process.cold+0xd/0x330
[  215.143863][T13176]  out_of_memory+0x340/0x14f0
[  215.143884][T13176]  ? __pfx_out_of_memory+0x10/0x10
[  215.143904][T13176]  mem_cgroup_out_of_memory+0xc6/0x130
[  215.143920][T13176]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  215.143935][T13176]  ? find_held_lock+0x2b/0x80
[  215.143947][T13176]  ? do_raw_spin_unlock+0x145/0x1e0
[  215.143963][T13176]  ? _raw_spin_unlock+0x28/0x50
[  215.143978][T13176]  try_charge_memcg+0x6e5/0xdf0
[  215.143992][T13176]  ? __pfx_try_charge_memcg+0x10/0x10
[  215.144004][T13176]  ? find_held_lock+0x2b/0x80
[  215.144013][T13176]  ? rcu_read_unlock+0x17/0x60
[  215.144025][T13176]  ? rcu_read_unlock+0x17/0x60
[  215.144037][T13176]  ? find_held_lock+0x2b/0x80
[  215.144047][T13176]  ? rcu_read_unlock+0x17/0x60
[  215.144062][T13176]  charge_memcg+0x19f/0x210
[  215.144074][T13176]  __mem_cgroup_charge+0x2b/0x1c0
[  215.144088][T13176]  shmem_alloc_and_add_folio+0x451/0xd40
[  215.144108][T13176]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  215.144126][T13176]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  215.144145][T13176]  shmem_get_folio_gfp+0x6ab/0x1900
[  215.144165][T13176]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  215.144185][T13176]  shmem_write_begin+0x1a4/0x420
[  215.144202][T13176]  ? __pfx_shmem_write_begin+0x10/0x10
[  215.144220][T13176]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  215.144232][T13176]  ? lockdep_hardirqs_on+0x78/0x100
[  215.144275][T13176]  generic_perform_write+0x292/0xa40
[  215.144298][T13176]  ? __pfx_generic_perform_write+0x10/0x10
[  215.144315][T13176]  ? file_update_time_flags+0x373/0x500
[  215.144333][T13176]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  215.144345][T13176]  shmem_file_write_iter+0x10e/0x140
[  215.144357][T13176]  __kernel_write_iter+0x2ac/0x920
[  215.144375][T13176]  ? __pfx___kernel_write_iter+0x10/0x10
[  215.144386][T13176]  ? cgroup1_freezing+0x12c/0x3b0
[  215.144399][T13176]  ? cgroup1_freezing+0x136/0x3b0
[  215.144410][T13176]  ? freezing_slow_path+0xb5/0x1a0
[  215.144422][T13176]  dump_user_range+0x3f9/0xad0
[  215.144435][T13176]  ? __pfx_dump_user_range+0x10/0x10
[  215.144449][T13176]  ? __pfx_writenote+0x10/0x10
[  215.144463][T13176]  elf_core_dump+0x2d5f/0x3d10
[  215.144481][T13176]  ? __pfx_elf_core_dump+0x10/0x10
[  215.144492][T13176]  ? kasan_save_stack+0x3f/0x50
[  215.144501][T13176]  ? kasan_save_stack+0x30/0x50
[  215.144510][T13176]  ? __kasan_kmalloc+0xaa/0xb0
[  215.144526][T13176]  ? __kvmalloc_node_noprof+0x360/0xa00
[  215.144542][T13176]  ? vfs_coredump+0x22db/0x5770
[  215.144552][T13176]  ? asm_exc_page_fault+0x26/0x30
[  215.144564][T13176]  ? 0xffffffffff600000
[  215.144594][T13176]  ? vfs_coredump+0x29a0/0x5770
[  215.144603][T13176]  vfs_coredump+0x29a0/0x5770
[  215.144618][T13176]  ? __pfx_vfs_coredump+0x10/0x10
[  215.144629][T13176]  ? __lock_acquire+0x4a5/0x2630
[  215.144647][T13176]  ? lock_acquire+0x1b1/0x370
[  215.144666][T13176]  ? is_bpf_text_address+0x8a/0x1a0
[  215.144680][T13176]  ? bpf_ksym_find+0x128/0x1c0
[  215.144699][T13176]  ? __kernel_text_address+0xd/0x30
[  215.144713][T13176]  ? unwind_get_return_address+0x59/0xa0
[  215.144730][T13176]  ? arch_stack_walk+0xa6/0xf0
[  215.144749][T13176]  ? __sigqueue_free+0xbe/0x2a0
[  215.144760][T13176]  ? stack_trace_save+0x8e/0xc0
[  215.144771][T13176]  ? __pfx_stack_trace_save+0x10/0x10
[  215.144782][T13176]  ? stack_depot_save_flags+0x27/0x9d0
[  215.144793][T13176]  ? __lock_acquire+0x4a5/0x2630
[  215.144828][T13176]  ? proc_coredump_connector+0x2d3/0x4f0
[  215.144843][T13176]  ? __pfx_proc_coredump_connector+0x10/0x10
[  215.144860][T13176]  ? rcu_is_watching+0x12/0xc0
[  215.144878][T13176]  get_signal+0x1f2a/0x21e0
[  215.144898][T13176]  ? __pfx_get_signal+0x10/0x10
[  215.144914][T13176]  ? __pfx_force_sig_fault+0x10/0x10
[  215.144932][T13176]  arch_do_signal_or_restart+0x91/0x7e0
[  215.144950][T13176]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  215.144972][T13176]  ? rcu_is_watching+0x12/0xc0
[  215.144989][T13176]  irqentry_exit+0x410/0x7e0
[  215.145006][T13176]  asm_exc_page_fault+0x26/0x30
[  215.145016][T13176] RIP: 0033:0x7f2b4d39ce59
[  215.145029][T13176] Code: Unable to access opcode bytes at 0x7f2b4d39ce2f.
[  215.145033][T13176] RSP: 002b:00007f2b4e250fd8 EFLAGS: 00010246
[  215.145043][T13176] RAX: 0000000000000000 RBX: 00007f2b4d615fa0 RCX: 00007f2b4d39ce59
[  215.145049][T13176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  215.145055][T13176] RBP: 00007f2b4d432d6f R08: 0000000000000000 R09: 0000000000000000
[  215.145061][T13176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  215.145067][T13176] R13: 00007f2b4d616038 R14: 00007f2b4d615fa0 R15: 00007fffbb479a68
[  215.145080][T13176]  </TASK>
[  215.145084][T13176] memory: usage 307200kB, limit 307200kB, failcnt 40175
[  215.206886][ T5738] Bluetooth: hci2: command 0x0406 tx timeout
[  215.263812][T13176] memory+swap: usage 402276kB, limit 9007199254740988kB, failcnt 0
[  215.263835][T13176] kmem: usage 8080kB, limit 9007199254740988kB, failcnt 0
[  215.263846][T13176] Memory cgroup stats for /syz1:
[  215.360207][T13176] cache 263241728
[  215.363899][T13503] netlink: 2028 bytes leftover after parsing attributes in process `syz.1.2206'.
[  215.364289][T13176] rss 352256
[  215.368950][T13176] rss_huge 0
[  215.370091][T13176] shmem 263241728
[  215.371272][T13176] mapped_file 0
[  215.372605][T13176] dirty 0
[  215.374042][T13176] writeback 0
[  215.375607][T13176] workingset_refault_anon 1316
[  215.377773][T13176] workingset_refault_file 51
[  215.379806][T13176] swap 101064704
[  215.381417][T13176] swapcached 216625152
[  215.383166][T13176] pgpgin 315966
[  215.384804][T13176] pgpgout 252093
[  215.386390][T13176] pgfault 116215
[  215.387988][T13176] pgmajfault 192
[  215.389569][T13176] inactive_anon 147709952
[  215.391470][T13176] active_anon 115789824
[  215.393354][T13176] inactive_file 0
[  215.397099][T13176] active_file 0
[  215.398665][T13176] unevictable 0
[  215.400301][T13176] hierarchical_memory_limit 314572800
[  215.402621][T13176] hierarchical_memsw_limit 9223372036854771712
[  215.405396][T13176] total_cache 263241728
[  215.407329][T13176] total_rss 352256
[  215.409195][T13176] total_rss_huge 0
[  215.410622][T13501] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.410823][T13176] total_shmem 263241728
[  215.410833][T13176] total_mapped_file 0
[  215.417332][T13176] total_dirty 0
[  215.419026][T13176] total_writeback 0
[  215.420829][T13176] total_workingset_refault_anon 1316
[  215.426299][T13176] total_workingset_refault_file 51
[  215.427109][T13501] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.428478][T13176] total_swap 101064704
[  215.432938][T13176] total_swapcached 216625152
[  215.435708][T13176] total_pgpgin 315968
[  215.438045][T13176] total_pgpgout 252095
[  215.440051][T13176] total_pgfault 116225
[  215.441949][T13176] total_pgmajfault 192
[  215.443919][T13176] total_inactive_anon 147709952
[  215.445546][T13176] total_active_anon 115789824
[  215.447297][T13176] total_inactive_file 0
[  215.448651][T13176] total_active_file 0
[  215.449967][T13176] total_unevictable 0
[  215.451472][T13176] anon_cost 0
[  215.452973][T13176] file_cost 0
[  215.454287][T13176] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2150,pid=13173,uid=0
[  215.459865][T13176] Memory cgroup out of memory: Killed process 13173 (syz.1.2150) total-vm:49268kB, anon-rss:0kB, file-rss:36928kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[  215.588302][T13501] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.632823][T13501] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.655239][T13501] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  215.661542][T13501] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  215.676189][T13501] veth1_macvtap: left promiscuous mode
[  215.681460][T13501] veth0_macvtap: left promiscuous mode
[  215.686806][T13501] veth0_macvtap: entered promiscuous mode
[  215.694867][T13501] veth1_macvtap: entered promiscuous mode
[  215.706859][T13501] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  215.712498][T13501] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  215.720360][T13501] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  215.728732][T13501] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  215.761377][T13501] 8021q: adding VLAN 0 to HW filter on device bond1
[  215.786854][T13501] bond2: left promiscuous mode
[  215.789274][T13501] 8021q: adding VLAN 0 to HW filter on device bond2
[  215.795321][T13501] 8021q: adding VLAN 0 to HW filter on device bond3
[  215.811221][T13501] 8021q: adding VLAN 0 to HW filter on device bond5
[  215.815302][T13501] bridge5: left promiscuous mode
[  215.822112][T13173] syz.1.2150 (13173) used greatest stack depth: 18184 bytes left
[  215.840496][T13501] A link change request failed with some changes committed already. Interface vxlan1 may have been left with an inconsistent configuration, please check.
[  215.867946][ T1220] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.870882][ T1220] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.882858][ T1220] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.886195][ T1220] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.941777][   T68] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  215.945384][   T68] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  215.950616][   T68] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  215.957181][   T68] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  215.967585][T13506] netem: change failed
[  215.970104][   T68] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  215.975446][   T68] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  215.986005][   T68] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  215.989888][   T68] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  215.994701][   T29] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  216.063451][T13159] syz.1.2150 (13159) used greatest stack depth: 17912 bytes left
[  216.115517][ T1263] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  216.624830][   T29] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  217.197973][   T68] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  217.201187][   T68] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  217.273866][ T5738] Bluetooth: hci2: command 0x0406 tx timeout
[  217.408952][T13466] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  217.481811][T13511] binder: 13510:13511 ioctl c0306201 0 returned -14
[  217.567624][T13524] all: renamed from bridge_slave_1 (while UP)
[  217.685278][   T24] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  217.771824][T13531] syz.4.2246 (13531): drop_caches: 2
[  217.901440][   T40] kauditd_printk_skb: 153 callbacks suppressed
[  217.901461][   T40] audit: type=1400 audit(217.831:421767): avc:  denied  { create } for  pid=13534 comm="syz.5.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  217.914256][   T40] audit: type=1400 audit(217.851:421768): avc:  denied  { write } for  pid=13534 comm="syz.5.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  217.961570][   T40] audit: type=1400 audit(217.891:421769): avc:  denied  { execmem } for  pid=13536 comm="syz.5.2248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  218.072657][   T40] audit: type=1400 audit(218.001:421770): avc:  denied  { read } for  pid=13538 comm="syz.3.2249" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  218.082802][   T40] audit: type=1400 audit(218.001:421771): avc:  denied  { open } for  pid=13538 comm="syz.3.2249" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  218.094246][   T40] audit: type=1400 audit(218.011:421772): avc:  denied  { ioctl } for  pid=13538 comm="syz.3.2249" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  218.126722][   T40] audit: type=1400 audit(218.061:421773): avc:  denied  { ioctl } for  pid=13538 comm="syz.3.2249" path="socket:[48003]" dev="sockfs" ino=48003 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  218.137829][   T40] audit: type=1400 audit(218.061:421774): avc:  denied  { write } for  pid=13538 comm="syz.3.2249" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  218.148374][   T40] audit: type=1400 audit(218.061:421775): avc:  denied  { write } for  pid=13541 comm="syz.4.2250" name="event0" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  218.158808][   T40] audit: type=1400 audit(218.071:421776): avc:  denied  { open } for  pid=13541 comm="syz.4.2250" path="/dev/input/event0" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  218.231584][T13546] netlink: 'syz.4.2251': attribute type 27 has an invalid length.
[  218.292540][T13546] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.296498][T13546] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.426539][T13546] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.436723][T13546] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.501732][T13546] ipvlan0: left allmulticast mode
[  218.506386][T13546] veth0_vlan: left allmulticast mode
[  218.604545][T13561] __nla_validate_parse: 8 callbacks suppressed
[  218.604608][T13561] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2252'.
[  218.609288][T13546] mac80211_hwsim hwsim14 wlan1: left allmulticast mode
[  218.628880][   T10] lo speed is unknown, defaulting to 1000
[  218.660978][T13547] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.664856][T13547] 8021q: adding VLAN 0 to HW filter on device team0
[  218.669964][T13547] 8021q: adding VLAN 0 to HW filter on device batadv0
[  218.713920][T13547] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.716418][T13547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  218.731839][T13547] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.734230][T13547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  218.752466][T13547] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.759711][T13547] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.769579][T13547] veth1_vlan: left promiscuous mode
[  218.772331][T13547] veth0_vlan: left promiscuous mode
[  218.775844][T13547] veth0_vlan: entered promiscuous mode
[  218.782479][T13547] veth1_vlan: entered promiscuous mode
[  218.796730][T13547] veth1_macvtap: left promiscuous mode
[  218.800270][T13547] veth0_macvtap: left promiscuous mode
[  218.807560][T13547] veth0_macvtap: entered promiscuous mode
[  218.811853][T13547] veth1_macvtap: entered promiscuous mode
[  218.820873][T13547] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  218.824641][T13547] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  218.827609][T13547] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  218.830913][T13547] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  218.837480][T13547] 8021q: adding VLAN 0 to HW filter on device bond1
[  218.845665][T13547] 8021q: adding VLAN 0 to HW filter on device bond2
[  218.854545][T13547] 8021q: adding VLAN 0 to HW filter on device bond3
[  218.910380][ T1471] lo speed is unknown, defaulting to 1000
[  218.924012][T13573] 9pnet_virtio: no channels available for device syz
[  218.954418][T13573] 9p: Bad value for 'version'
[  219.363795][ T5746] Bluetooth: hci2: command 0x0406 tx timeout
[  219.980344][T13606] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  219.983489][T13606] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  219.987331][T13606] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  219.990234][T13606] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  220.042448][T13614] fuse: Bad value for 'fd'
[  220.346396][T13634] fuse: Unknown parameter 'user_idsystem.posix_acl_default'
[  220.391369][T13638] netlink: 'syz.1.2277': attribute type 64 has an invalid length.
[  220.394913][T13638] netlink: 'syz.1.2277': attribute type 4 has an invalid length.
[  220.397809][T13638] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2277'.
[  220.481253][T13644] 9pnet_virtio: no channels available for device syz
[  220.599313][T13650] binder: 13649:13650 ioctl 3b89 2000000001c0 returned -22
[  220.767769][   T68] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x30
[  220.782963][T13652] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2283'.
[  221.018667][T13672] 9pnet_virtio: no channels available for device syz
[  221.107163][T13674] Cannot find set identified by id 2 to match
[  221.189624][T13683] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2292'.
[  221.203344][T13683] exFAT-fs (nullb0): invalid boot record signature
[  221.210065][T13683] exFAT-fs (nullb0): failed to read boot sector
[  221.213429][T13683] exFAT-fs (nullb0): failed to recognize exfat type
[  221.302425][T13692] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2293'.
[  221.332542][T13691] netlink: 'syz.5.2294': attribute type 64 has an invalid length.
[  221.434259][    C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  221.435174][ T5738] Bluetooth: hci2: command 0x0406 tx timeout
[  221.613987][T13706] 9pnet_virtio: no channels available for device syz
[  221.618183][T13706] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2298'.
[  221.675872][  T122] wlan0: Trigger new scan to find an IBSS to join
[  221.984674][ T5746] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  222.010350][ T5746] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  222.014997][ T5746] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  222.020302][ T5746] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  222.025114][ T5746] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  222.150883][T13744] ufs: You didn't specify the type of your ufs filesystem
[  222.150883][T13744] 
[  222.150883][T13744] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  222.150883][T13744] 
[  222.150883][T13744] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  222.170465][T13744] ufs: ufstype=old is supported read-only
[  222.179432][T13744] ufs: ufs_fill_super(): bad magic number
[  222.250374][T13753] netlink: 92 bytes leftover after parsing attributes in process `syz.3.2308'.
[  222.264386][ T8809] bond0: (slave syz_tun): Releasing backup interface
[  222.296544][T13751] ip6gre1: entered promiscuous mode
[  222.298536][T13751] ip6gre1: entered allmulticast mode
[  222.307985][   T68] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  222.318134][   T68] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  222.334695][   T59] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  222.337708][T13734] lo speed is unknown, defaulting to 1000
[  222.344779][T13734] lo speed is unknown, defaulting to 1000
[  222.348881][T13751] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  222.352726][T13760] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2310'.
[  222.508323][T13769] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  222.512603][T13769] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  222.519785][T13769] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  222.824321][   T68] bond0: (slave netdevsim1): Releasing backup interface
[  222.859107][T13734] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.863911][T13734] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.867649][T13734] bridge_slave_0: entered allmulticast mode
[  222.872246][T13734] bridge_slave_0: entered promiscuous mode
[  222.880174][T13734] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.884529][T13734] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.887680][T13734] bridge_slave_1: entered allmulticast mode
[  222.891433][T13734] bridge_slave_1: entered promiscuous mode
[  222.893973][ T2325] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  222.948462][T13734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  222.957350][T13734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  223.007106][T13798] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.010839][T13798] bridge_slave_1: left allmulticast mode
[  223.013307][T13798] bridge_slave_1: left promiscuous mode
[  223.018646][T13798] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.019032][T13799] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.2317'.
[  223.032883][T13798] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  223.046530][   T40] kauditd_printk_skb: 260 callbacks suppressed
[  223.046549][   T40] audit: type=1400 audit(222.981:422037): avc:  denied  { ioctl } for  pid=13800 comm="syz.3.2318" path="/dev/ptyqa" dev="devtmpfs" ino=137 ioctlcmd=0x5404 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  223.050432][T13734] team0: Port device team_slave_0 added
[  223.081294][T13734] team0: Port device team_slave_1 added
[  223.107660][T13734] batman_adv: batadv0: Adding interface: batadv_slave_0
[  223.110610][T13734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  223.124855][T13734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  223.143362][T13734] batman_adv: batadv0: Adding interface: batadv_slave_1
[  223.146881][T13734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  223.158396][T13734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  223.170958][   T40] audit: type=1400 audit(223.101:422038): avc:  denied  { create } for  pid=13805 comm="syz.4.2319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  223.172537][T13809] netlink: 'syz.3.2320': attribute type 1 has an invalid length.
[  223.182688][   T40] audit: type=1400 audit(223.111:422039): avc:  denied  { setopt } for  pid=13805 comm="syz.4.2319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  223.192286][   T40] audit: type=1400 audit(223.111:422040): avc:  denied  { ioctl } for  pid=13805 comm="syz.4.2319" path="socket:[50788]" dev="sockfs" ino=50788 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  223.202484][   T40] audit: type=1400 audit(223.111:422041): avc:  denied  { write } for  pid=13805 comm="syz.4.2319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  223.210717][   T40] audit: type=1400 audit(223.121:422042): avc:  denied  { read } for  pid=5446 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  223.238713][T13809] 8021q: adding VLAN 0 to HW filter on device bond8
[  223.275703][   T59] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  223.279026][   T40] audit: type=1400 audit(223.211:422043): avc:  denied  { search } for  pid=5446 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  223.288016][   T40] audit: type=1400 audit(223.211:422044): avc:  denied  { search } for  pid=5446 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  223.297558][   T40] audit: type=1400 audit(223.211:422045): avc:  denied  { search } for  pid=5446 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  223.309176][T13734] hsr_slave_0: entered promiscuous mode
[  223.311123][   T40] audit: type=1400 audit(223.211:422046): avc:  denied  { read } for  pid=5446 comm="dhcpcd" name="n52" dev="tmpfs" ino=8147 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  223.311500][T13734] hsr_slave_1: entered promiscuous mode
[  223.322556][T13734] debugfs: 'hsr0' already exists in 'hsr'
[  223.325236][T13734] Cannot create hsr debugfs directory
[  223.328570][   T68] bridge_slave_1: left allmulticast mode
[  223.330978][   T68] bridge_slave_1: left promiscuous mode
[  223.333512][   T68] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.354046][   T68] bridge_slave_0: left allmulticast mode
[  223.358690][   T68] bridge_slave_0: left promiscuous mode
[  223.363520][   T68] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.421767][T13814] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2321'.
[  223.480333][T13824] 9pnet_virtio: no channels available for device syz
[  223.639747][   T68] bond5 (unregistering): (slave gretap2): Releasing active interface
[  223.838154][T13840] netlink: 232 bytes leftover after parsing attributes in process `syz.3.2327'.
[  223.949202][   T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.952189][T13847] netlink: 'syz.3.2329': attribute type 32 has an invalid length.
[  223.958364][   T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.963249][   T68] bond0 (unregistering): Released all slaves
[  223.973919][   T68] bond1 (unregistering): Released all slaves
[  223.986301][   T68] bond2 (unregistering): Released all slaves
[  223.999780][   T68] bond3 (unregistering): Released all slaves
[  224.018713][T13848] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  224.031741][   T68] bond4 (unregistering): Released all slaves
[  224.041383][   T68] bond5 (unregistering): Released all slaves
[  224.054740][   T68] bond6 (unregistering): (slave veth7): Releasing active interface
[  224.059292][   T68] bond6 (unregistering): Released all slaves
[  224.073142][   T68] bond7 (unregistering): (slave veth9): Releasing active interface
[  224.078385][   T68] bond7 (unregistering): Released all slaves
[  224.084062][ T5738] Bluetooth: hci5: command tx timeout
[  224.091698][   T68] bond8 (unregistering): Released all slaves
[  224.105018][ T5446] 8021q: adding VLAN 0 to HW filter on device eth6
[  224.108225][T13836] tipc: Started in network mode
[  224.110410][T13836] tipc: Node identity 3e21aeb77613, cluster identity 4711
[  224.122420][T13836] tipc: Enabled bearer <eth:hsr0>, priority 10
[  224.203585][T13859] random: crng reseeded on system resumption
[  224.288467][   T68] tipc: Left network mode
[  224.394929][T13869] netlink: 208240 bytes leftover after parsing attributes in process `syz.5.2333'.
[  224.715339][   T13] wlan0: Trigger new scan to find an IBSS to join
[  224.819871][T13885] 9pnet_virtio: no channels available for device syz
[  224.916400][ T5446] 8021q: adding VLAN 0 to HW filter on device eth7
[  224.960225][T13894] sctp: [Deprecated]: syz.3.2340 (pid 13894) Use of int in max_burst socket option deprecated.
[  224.960225][T13894] Use struct sctp_assoc_value instead
[  225.118067][   T29] tipc: Node number set to 1211281079
[  225.383443][   T68] hsr_slave_0: left promiscuous mode
[  225.398942][   T68] hsr_slave_1: left promiscuous mode
[  225.401966][   T68] batman_adv: batadv0: Removing interface: batadv_slave_0
[  225.413900][   T68] batman_adv: batadv0: Removing interface: batadv_slave_1
[  225.595420][   T68] team0 (unregistering): Port device team_slave_1 removed
[  225.705777][   T13] smc: removing ib device s
z1
[  225.735248][   T13] smbdirect: ib_dev[s
z1] removed
[  226.003141][T13925] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  226.147417][T13933] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2346'.
[  226.154655][ T5746] Bluetooth: hci5: command tx timeout
[  226.168630][T13734] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  226.199612][T13930] can: request_module (can-proto-0) failed.
[  226.200040][T13734] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  226.204867][T13734] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  226.261703][T13734] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  226.403458][T13922] lo speed is unknown, defaulting to 1000
[  226.405938][T13734] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  226.413268][T13734] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  226.417364][T13734] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  226.427697][T13734] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  226.479235][T13938] bond4 (unregistering): Released all slaves
[  226.483875][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  226.757367][T13734] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.770989][T13734] 8021q: adding VLAN 0 to HW filter on device team0
[  226.784776][  T227] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.787379][  T227] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.799298][  T227] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.801965][  T227] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.814750][T13958] netlink: 'syz.3.2349': attribute type 5 has an invalid length.
[  226.826999][T13960] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  226.960319][   T39] libceph: connect (1)[c::]:6789 error -101
[  226.964785][   T39] libceph: mon0 (1)[c::]:6789 connect error
[  226.985380][T13967] ceph: No mds server is up or the cluster is laggy
[  227.007819][   T68] IPVS: stop unused estimator thread 0...
[  227.181947][T13734] 8021q: adding VLAN 0 to HW filter on device batadv0
[  227.214761][T13994] IPVS: Scheduler module ip_vs_sip not found
[  227.229484][T13734] veth0_vlan: entered promiscuous mode
[  227.303421][T13959] cgroup: fork rejected by pids controller in /syz4
[  227.320011][T13734] veth1_vlan: entered promiscuous mode
[  227.362796][T13734] veth0_macvtap: entered promiscuous mode
[  227.368930][T13734] veth1_macvtap: entered promiscuous mode
[  227.382495][T13734] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.393863][T13734] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.405768][   T58] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.410409][   T58] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.414832][   T58] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.419141][   T58] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.549930][T14027] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14027 comm=syz.4.2355
[  227.554415][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  227.558719][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.575730][ T1220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  227.578975][ T1220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.613312][T14031] 9pnet_virtio: no channels available for device syz
[  227.686035][T14036] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14036 comm=syz.1.2305
[  227.711066][T14042] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  227.754844][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.828006][T14057] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2362'.
[  227.831911][T14057] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2362'.
[  227.833517][T14059] netlink: 'syz.4.2363': attribute type 6 has an invalid length.
[  228.124922][   T40] kauditd_printk_skb: 289 callbacks suppressed
[  228.124936][   T40] audit: type=1400 audit(228.061:422336): avc:  denied  { create } for  pid=14072 comm="syz.4.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  228.133391][   T40] audit: type=1400 audit(228.061:422337): avc:  denied  { bind } for  pid=14072 comm="syz.4.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  228.181467][T14073] 9pnet_virtio: no channels available for device syz
[  228.185207][   T40] audit: type=1400 audit(228.121:422338): avc:  denied  { create } for  pid=14072 comm="syz.4.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  228.193225][   T40] audit: type=1400 audit(228.121:422339): avc:  denied  { bind } for  pid=14072 comm="syz.4.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  228.202174][   T40] audit: type=1400 audit(228.121:422340): avc:  denied  { setopt } for  pid=14072 comm="syz.4.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  228.233819][ T5746] Bluetooth: hci5: command tx timeout
[  228.244236][   T40] audit: type=1400 audit(228.181:422341): avc:  denied  { lock } for  pid=14075 comm="syz.4.2368" path="socket:[54318]" dev="sockfs" ino=54318 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  228.341343][   T40] audit: type=1400 audit(228.271:422342): avc:  denied  { allowed } for  pid=14078 comm="syz.3.2369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  228.350371][   T40] audit: type=1400 audit(228.281:422343): avc:  denied  { create } for  pid=14078 comm="syz.3.2369" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  228.360487][   T40] audit: type=1400 audit(228.281:422344): avc:  denied  { create } for  pid=14078 comm="syz.3.2369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  228.368713][   T40] audit: type=1400 audit(228.281:422345): avc:  denied  { setopt } for  pid=14078 comm="syz.3.2369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  228.552459][T14054] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  228.936235][T14101] 9pnet_virtio: no channels available for device syz
[  229.074495][T14111] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2378'.
[  229.289007][T14125] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  229.292336][T14125] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  229.307880][T14132] bond4: entered promiscuous mode
[  229.322196][T14125] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  229.330564][T14125] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  229.332612][T14125] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  229.340654][T14125] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  229.349511][T14125] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  229.352210][T14125] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  229.427723][T14125] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN NOPTI
[  229.431571][T14125] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
[  229.434138][T14125] CPU: 1 UID: 0 PID: 14125 Comm: syz.5.2382 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  229.437501][T14125] Tainted: [L]=SOFTLOCKUP
[  229.438861][T14125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  229.441946][T14125] RIP: 0010:klist_put+0x4d/0x1d0
[  229.443562][T14125] Code: c1 ea 03 80 3c 02 00 0f 85 74 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 43 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 1c 09 0d
[  229.449484][T14125] RSP: 0018:ffffc90006377280 EFLAGS: 00010202
[  229.451357][T14125] RAX: dffffc0000000000 RBX: ffff88802806f460 RCX: ffffc9000c001000
[  229.453778][T14125] RDX: 000000000000000b RSI: ffffffff8b8062d5 RDI: 0000000000000058
[  229.456223][T14125] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff2175260
[  229.458678][T14125] R10: ffffffff90ba9303 R11: 0000000000000000 R12: 0000000000000000
[  229.461106][T14125] R13: 0000000000000001 R14: ffffffff90ba92c0 R15: dffffc0000000000
[  229.463538][T14125] FS:  00007f170d7a96c0(0000) GS:ffff8880d6472000(0000) knlGS:0000000000000000
[  229.466280][T14125] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  229.468350][T14125] CR2: 00007f2d200e1e9c CR3: 000000003d04f000 CR4: 0000000000352ef0
[  229.470787][T14125] Call Trace:
[  229.471841][T14125]  <TASK>
[  229.472790][T14125]  klist_remove+0x14c/0x2e0
[  229.474216][T14125]  ? __pfx_klist_remove+0x10/0x10
[  229.475788][T14125]  ? __pfx_kobject_move+0x10/0x10
[  229.477390][T14125]  ? kobject_put+0xb9/0x640
[  229.478819][T14125]  device_move+0x12d/0x1140
[  229.480282][T14125]  hci_conn_del_sysfs+0x86/0x1a0
[  229.481827][T14125]  hci_conn_del+0x506/0x1180
[  229.483276][T14125]  hci_abort_conn_sync+0x7d9/0xb20
[  229.484887][T14125]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[  229.486634][T14125]  ? find_held_lock+0x2b/0x80
[  229.488152][T14125]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  229.490379][T14125]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  229.492618][T14125]  ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430
[  229.494802][T14125]  hci_disconnect_all_sync.constprop.0.isra.0+0x155/0x430
[  229.497024][T14125]  ? __pfx_hci_disconnect_all_sync.constprop.0.isra.0+0x10/0x10
[  229.499372][T14125]  ? __hci_cmd_sync_status_sk+0xe4/0x190
[  229.501123][T14125]  hci_suspend_sync+0x8b7/0xa70
[  229.502647][T14125]  ? __pfx_hci_suspend_sync+0x10/0x10
[  229.504343][T14125]  ? mgmt_pending_find+0x13e/0x1a0
[  229.505914][T14125]  hci_suspend_dev+0x31d/0x540
[  229.507440][T14125]  ? __pfx_hci_suspend_dev+0x10/0x10
[  229.509066][T14125]  ? kobject_get+0xbb/0x150
[  229.510492][T14125]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  229.512330][T14125]  hci_suspend_notifier+0x21e/0x330
[  229.513952][T14125]  notifier_call_chain+0x99/0x400
[  229.515533][T14125]  blocking_notifier_call_chain_robust+0xc8/0x160
[  229.517563][T14125]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  229.519724][T14125]  ? do_raw_spin_unlock+0x145/0x1e0
[  229.521339][T14125]  pm_notifier_call_chain_robust+0x27/0x60
[  229.523159][T14125]  snapshot_open+0x189/0x2a0
[  229.524606][T14125]  ? __pfx_snapshot_open+0x10/0x10
[  229.526204][T14125]  misc_open+0x26d/0x450
[  229.527586][T14125]  ? __pfx_misc_open+0x10/0x10
[  229.529089][T14125]  chrdev_open+0x234/0x6a0
[  229.530497][T14125]  ? __pfx_chrdev_open+0x10/0x10
[  229.532054][T14125]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  229.534025][T14125]  do_dentry_open+0x6d8/0x1660
[  229.535865][T14125]  ? __pfx_chrdev_open+0x10/0x10
[  229.537576][T14125]  vfs_open+0x82/0x3f0
[  229.538919][T14125]  path_openat+0x208c/0x31a0
[  229.540504][T14125]  ? __pfx_path_openat+0x10/0x10
[  229.541871][T14125]  do_file_open+0x20e/0x430
[  229.543124][T14125]  ? __pfx_do_file_open+0x10/0x10
[  229.544691][T14125]  ? alloc_fd+0x476/0x790
[  229.546243][T14125]  ? do_getname+0x191/0x390
[  229.548022][T14125]  do_sys_openat2+0x10d/0x1e0
[  229.549557][T14125]  ? __pfx_do_sys_openat2+0x10/0x10
[  229.551188][T14125]  ? do_raw_spin_lock+0x128/0x260
[  229.552759][T14125]  ? find_held_lock+0x2b/0x80
[  229.554362][T14125]  __x64_sys_openat+0x12d/0x210
[  229.556022][T14125]  ? __pfx___x64_sys_openat+0x10/0x10
[  229.557763][T14125]  ? kcov_ioctl+0x16a/0x720
[  229.559187][T14125]  ? rcu_is_watching+0x12/0xc0
[  229.560721][T14125]  do_syscall_64+0x10b/0xf80
[  229.562173][T14125]  ? clear_bhb_loop+0x40/0x90
[  229.563635][T14125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.565467][T14125] RIP: 0033:0x7f170c99ce59
[  229.566873][T14125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  229.572760][T14125] RSP: 002b:00007f170d7a9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  229.575313][T14125] RAX: ffffffffffffffda RBX: 00007f170cc15fa0 RCX: 00007f170c99ce59
[  229.577809][T14125] RDX: 0000000000000400 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  229.580348][T14125] RBP: 00007f170ca32d6f R08: 0000000000000000 R09: 0000000000000000
[  229.583357][T14125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  229.586436][T14125] R13: 00007f170cc16038 R14: 00007f170cc15fa0 R15: 00007ffdd895fa88
[  229.589533][T14125]  </TASK>
[  229.590575][T14125] Modules linked in:
[  229.592911][T14125] ---[ end trace 0000000000000000 ]---
[  229.597439][T14125] RIP: 0010:klist_put+0x4d/0x1d0
[  229.599072][T14125] Code: c1 ea 03 80 3c 02 00 0f 85 74 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 43 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 1c 09 0d
[  229.606550][T14125] RSP: 0018:ffffc90006377280 EFLAGS: 00010202
[  229.608610][T14125] RAX: dffffc0000000000 RBX: ffff88802806f460 RCX: ffffc9000c001000
[  229.610997][T14125] RDX: 000000000000000b RSI: ffffffff8b8062d5 RDI: 0000000000000058
[  229.613340][T14125] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff2175260
[  229.615943][T14125] R10: ffffffff90ba9303 R11: 0000000000000000 R12: 0000000000000000
[  229.618391][T14125] R13: 0000000000000001 R14: ffffffff90ba92c0 R15: dffffc0000000000
[  229.620869][T14125] FS:  00007f170d7a96c0(0000) GS:ffff8880d6372000(0000) knlGS:0000000000000000
[  229.623569][T14125] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  229.626245][T14125] CR2: 00007fcf754d9d58 CR3: 000000003d04f000 CR4: 0000000000352ef0
[  229.628782][T14125] Kernel panic - not syncing: Fatal exception
[  229.631302][T14125] Kernel Offset: disabled
[  229.632613][T14125] Rebooting in 86400 seconds..