program:
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000006110180000000000dc0500002000000095000000ea000000"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x48)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x0, 0x2, 0x2, "ff833813596d39168e8eb0e787e663c059cd02522a9b3a37fe28d0f21854c0e3", 0x30313953})
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
write$FUSE_LK(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x6, 0x4, 0x1}}}, 0x28)
write$FUSE_INTERRUPT(r3, &(0x7f00000000c0)={0x10, 0x24}, 0x10)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@posixacl}]}})
r4 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$inet_int(r4, 0x0, 0x22, 0x0, &(0x7f0000000000))
r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000400)={[{@lazytime}, {@noload}, {@bh}, {@noquota}, {@noblock_validity}, {@sysvgroups}, {@mblk_io_submit}, {@acl}, {@bsdgroups}], [], 0x3d}, 0x1, 0x522, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRdkVrJ00tI16KEVCcKoElPsSEieK4sRR7LSbqIKsOHBEQgiQOJULFyROnJBQJS4cEVIlOIMAgRBs4YAEdCrb43Q3GSfZjWNn4++TJvPmeeb97zma8byZp5kARtZTEfFyRLybpun1iJjM8gvZFHudqbXeO3feWGxNSaTpq/9IIsnyumWlbY/E1WyzyxHxlS9GfD05HLexs7u2UKtVt7LlSnN9s9LY2b2xur6wUl2pbszNzT4//8L8c/MzfWnnRES89Pm/fP87P/nCS7/89Ot/vPm3a99Isvw40I77VDzqw07TS+3v4u4Nth4w2HlUbLcwM563xtihnNtnXCcAAHr7QER8IiKux2SMHX06CwAAADyE0s9OxP+S7r27Qy71yAcAAAAeIoX2GNikUM7G+05EoVAuR3sM74fiSqFWbzQ/tVzf3ljqjJWdilJhebVWncnGCk9FKWktz7bT7y8/e2B5LiIej4jvTY63l8uL9drSsC9+AAAAwIi4eqD//+/JTv8fAAAAuGCmhl0BAAAA4Mzp/wMAAMDFp/8PAAAAF9qXXnmlNaXd918vvbazvVZ/7cZStbFWXt9eLC/WtzbLK/X6SvuZfevHlVer1zc/ExvbtyrNaqNZaezs3lyvb280b67e8wpsAAAAYIAe/9hbv08iYu/F8fbUculkm55wNeC8Ku6nkmyes1v/4bHO/M8DqhQwEGPDrgAwNMVhVwAYmtKwKwAMXXLM5z0H7/wmm3+8v/UBAAD6b/oj+ff/j78uuFcYQPWAM+T+H4wu+z+MrvZ5/klH8jrjhwul5AwARt6p7/8fK03vq0IAAEDfTbSnpFDOLu9NRKFQLkc82n4tQClZXq1VZyLisYj43WTpkdbybHvL5Ng+AwAAAAAAAAAAAAAAAAAAAAAAAADQkaZJpAAAAMCFFlH4a/KrzrP8pyefmTh4feBS8p/JyF4R+vqPXv3BrYVmc2u2lf/P/fzmD7P8Z4dxBQMAAABGQvF+Vu7207v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADop3fuvLHYnQYZ9++fi4ipvPjFuNyeX45SRFz5VxLFu7ZLImKsD/HHW38+nBc/aVVrP2Re/PE3Tx9/7/aR8WMq+xby4l89fXgYaW+1jj8v5+1/hXiqPc/f/4oR9yw/qN7Hv9g//o312P8fPWGMJ97+WaVn/NsRTxTzjz/d+EmP+E/nFfjzbx/K+tpXd3d7xU/fjJjO/f1J7olVaa5vVho7uzdW1xdWqivVjbm52efnX5h/bn6msrxaq2Z/c2N896O/ePeo9l/pEX/qmPY/k1PepZy8/799684HO8lSXvxrT+fE//WPszUOxy9kv32fzNKtz6e76b1O+m5P/vS3Tx7V/qUe7T/u/3+tV6EHXP/yt/50wlUBgAFo7OyuLdRq1a3zkXgx+l5yq4c/9HY9fIn/pueiGmeb+GZfC0zTNG3tU6coJ4nBfQnJ0VUd9pEJAADot/dP+oddEwAAAAAAAAAAAAAAAAAAABhdg3jS2MGYe/uppB+P0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iv3AgAA//8ZWuAG")
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b000000239c4895000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000008009500000000000000bf98000000000000560800ea000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$int_in(r5, 0x5452, &(0x7f00000001c0)=0x1)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000000)=0xffb)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x2, 0x0, 0x4, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x2, 'syz0\x00', 0x0})

[   85.493689][ T4704] Bluetooth: hci0: command tx timeout
[   85.561788][ T5363] ------------[ cut here ]------------
[   85.564244][ T5363] WARNING: CPU: 0 PID: 5363 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2c8/0x370
[   85.568813][ T5363] Modules linked in:
[   85.570531][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.574376][ T5363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.579017][ T5363] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[   85.581813][ T5363] Code: 74 10 4c 89 e7 89 54 24 0c e8 24 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 f8 15 76 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   85.590825][ T5363] RSP: 0018:ffffc9000d3d78c0 EFLAGS: 00010246
[   85.593552][ T5363] RAX: ffffc9000d3d7900 RBX: 0000000000000020 RCX: 0000000000000000
[   85.596934][ T5363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d3d7928
[   85.600336][ T5363] RBP: ffffc9000d3d79c0 R08: ffffc9000d3d7927 R09: 0000000000000000
[   85.603549][ T5363] R10: ffffc9000d3d7900 R11: fffff52001a7af25 R12: 0000000000000000
[   85.606865][ T5363] R13: 1ffff92001a7af1c R14: 0000000000040d40 R15: dffffc0000000000
[   85.610233][ T5363] FS:  00007fd5c68bf6c0(0000) GS:ffff88808d20c000(0000) knlGS:0000000000000000
[   85.613918][ T5363] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.616886][ T5363] CR2: 0000200000001000 CR3: 0000000043390000 CR4: 0000000000352ef0
[   85.620202][ T5363] Call Trace:
[   85.621650][ T5363]  <TASK>
[   85.622909][ T5363]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   85.625535][ T5363]  ? kfree+0x18e/0x440
[   85.627317][ T5363]  ? policy_nodemask+0x27c/0x720
[   85.629513][ T5363]  ? p9_client_clunk+0x1b6/0x250
[   85.631899][ T5363]  alloc_pages_mpol+0x232/0x4a0
[   85.633928][ T5363]  ___kmalloc_large_node+0x5f/0x1b0
[   85.636636][ T5363]  __kmalloc_large_node_noprof+0x18/0x90
[   85.639039][ T5363]  __kmalloc_noprof+0x36f/0x4f0
[   85.641122][ T5363]  ? v9fs_fid_get_acl+0x4f/0x100
[   85.643171][ T5363]  ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10
[   85.645621][ T5363]  v9fs_fid_get_acl+0x4f/0x100
[   85.647639][ T5363]  v9fs_get_acl+0x11b/0x360
[   85.649441][ T5363]  v9fs_inode_from_fid_dotl+0x221/0x2b0
[   85.651657][ T5363]  v9fs_mount+0x6eb/0xa50
[   85.653383][ T5363]  ? __pfx_v9fs_mount+0x10/0x10
[   85.655346][ T5363]  legacy_get_tree+0xfd/0x1a0
[   85.657464][ T5363]  ? __pfx_v9fs_mount+0x10/0x10
[   85.659590][ T5363]  vfs_get_tree+0x8f/0x2b0
[   85.661544][ T5363]  do_new_mount+0x2a2/0x9e0
[   85.663116][ T5363]  ? ns_capable+0x8a/0xf0
[   85.664748][ T5363]  ? __pfx_do_new_mount+0x10/0x10
[   85.667076][ T5363]  ? path_mount+0x61c/0xfe0
[   85.668836][ T5363]  ? user_path_at+0x44/0x60
[   85.670632][ T5363]  __se_sys_mount+0x317/0x410
[   85.672511][ T5363]  ? __pfx___se_sys_mount+0x10/0x10
[   85.674613][ T5363]  ? rcu_is_watching+0x15/0xb0
[   85.676634][ T5363]  ? do_syscall_64+0xbe/0x3b0
[   85.678527][ T5363]  ? __x64_sys_mount+0x20/0xc0
[   85.680433][ T5363]  do_syscall_64+0xfa/0x3b0
[   85.682305][ T5363]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.684498][ T5363]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.686915][ T5363]  ? clear_bhb_loop+0x60/0xb0
[   85.688872][ T5363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.691408][ T5363] RIP: 0033:0x7fd5c598ebe9
[   85.693279][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.701468][ T5363] RSP: 002b:00007fd5c68bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   85.704804][ T5363] RAX: ffffffffffffffda RBX: 00007fd5c5bc5fa0 RCX: 00007fd5c598ebe9
[   85.708174][ T5363] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[   85.711455][ T5363] RBP: 00007fd5c5a11e19 R08: 0000200000000500 R09: 0000000000000000
[   85.714782][ T5363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.717997][ T5363] R13: 00007fd5c5bc6038 R14: 00007fd5c5bc5fa0 R15: 00007ffcbb2cc828
[   85.721345][ T5363]  </TASK>
[   85.722702][ T5363] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   85.725699][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.729456][ T5363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.733757][ T5363] Call Trace:
[   85.735381][ T5363]  <TASK>
[   85.736659][ T5363]  dump_stack_lvl+0x99/0x250
[   85.738664][ T5363]  ? __asan_memcpy+0x40/0x70
[   85.740584][ T5363]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.742726][ T5363]  ? __pfx__printk+0x10/0x10
[   85.744703][ T5363]  vpanic+0x281/0x750
[   85.746373][ T5363]  ? __pfx__printk+0x10/0x10
[   85.748295][ T5363]  ? __pfx_vpanic+0x10/0x10
[   85.750213][ T5363]  ? is_bpf_text_address+0x26/0x2b0
[   85.752219][ T5363]  panic+0xb9/0xc0
[   85.753817][ T5363]  ? __pfx_panic+0x10/0x10
[   85.755739][ T5363]  __warn+0x31b/0x4b0
[   85.757373][ T5363]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   85.759930][ T5363]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   85.762473][ T5363]  report_bug+0x2be/0x4f0
[   85.764377][ T5363]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   85.767037][ T5363]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   85.769500][ T5363]  ? __alloc_frozen_pages_noprof+0x2ca/0x370
[   85.772045][ T5363]  handle_bug+0x84/0x160
[   85.773928][ T5363]  exc_invalid_op+0x1a/0x50
[   85.775928][ T5363]  asm_exc_invalid_op+0x1a/0x20
[   85.778084][ T5363] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[   85.780832][ T5363] Code: 74 10 4c 89 e7 89 54 24 0c e8 24 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 f8 15 76 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   85.788254][ T5363] RSP: 0018:ffffc9000d3d78c0 EFLAGS: 00010246
[   85.791090][ T5363] RAX: ffffc9000d3d7900 RBX: 0000000000000020 RCX: 0000000000000000
[   85.794490][ T5363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d3d7928
[   85.797782][ T5363] RBP: ffffc9000d3d79c0 R08: ffffc9000d3d7927 R09: 0000000000000000
[   85.801190][ T5363] R10: ffffc9000d3d7900 R11: fffff52001a7af25 R12: 0000000000000000
[   85.804572][ T5363] R13: 1ffff92001a7af1c R14: 0000000000040d40 R15: dffffc0000000000
[   85.807786][ T5363]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   85.810430][ T5363]  ? kfree+0x18e/0x440
[   85.812123][ T5363]  ? policy_nodemask+0x27c/0x720
[   85.814193][ T5363]  ? p9_client_clunk+0x1b6/0x250
[   85.816278][ T5363]  alloc_pages_mpol+0x232/0x4a0
[   85.818431][ T5363]  ___kmalloc_large_node+0x5f/0x1b0
[   85.820661][ T5363]  __kmalloc_large_node_noprof+0x18/0x90
[   85.823097][ T5363]  __kmalloc_noprof+0x36f/0x4f0
[   85.825174][ T5363]  ? v9fs_fid_get_acl+0x4f/0x100
[   85.827335][ T5363]  ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10
[   85.830092][ T5363]  v9fs_fid_get_acl+0x4f/0x100
[   85.832247][ T5363]  v9fs_get_acl+0x11b/0x360
[   85.834292][ T5363]  v9fs_inode_from_fid_dotl+0x221/0x2b0
[   85.836693][ T5363]  v9fs_mount+0x6eb/0xa50
[   85.838569][ T5363]  ? __pfx_v9fs_mount+0x10/0x10
[   85.840732][ T5363]  legacy_get_tree+0xfd/0x1a0
[   85.842757][ T5363]  ? __pfx_v9fs_mount+0x10/0x10
[   85.844877][ T5363]  vfs_get_tree+0x8f/0x2b0
[   85.846886][ T5363]  do_new_mount+0x2a2/0x9e0
[   85.848919][ T5363]  ? ns_capable+0x8a/0xf0
[   85.850793][ T5363]  ? __pfx_do_new_mount+0x10/0x10
[   85.852904][ T5363]  ? path_mount+0x61c/0xfe0
[   85.854899][ T5363]  ? user_path_at+0x44/0x60
[   85.856855][ T5363]  __se_sys_mount+0x317/0x410
[   85.859032][ T5363]  ? __pfx___se_sys_mount+0x10/0x10
[   85.861239][ T5363]  ? rcu_is_watching+0x15/0xb0
[   85.863245][ T5363]  ? do_syscall_64+0xbe/0x3b0
[   85.865189][ T5363]  ? __x64_sys_mount+0x20/0xc0
[   85.867178][ T5363]  do_syscall_64+0xfa/0x3b0
[   85.869050][ T5363]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.871244][ T5363]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.873513][ T5363]  ? clear_bhb_loop+0x60/0xb0
[   85.875444][ T5363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.877827][ T5363] RIP: 0033:0x7fd5c598ebe9
[   85.879528][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.887208][ T5363] RSP: 002b:00007fd5c68bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   85.890586][ T5363] RAX: ffffffffffffffda RBX: 00007fd5c5bc5fa0 RCX: 00007fd5c598ebe9
[   85.893828][ T5363] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[   85.897019][ T5363] RBP: 00007fd5c5a11e19 R08: 0000200000000500 R09: 0000000000000000
[   85.900263][ T5363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.903721][ T5363] R13: 00007fd5c5bc6038 R14: 00007fd5c5bc5fa0 R15: 00007ffcbb2cc828
[   85.907309][ T5363]  </TASK>
[   85.908886][ T5363] Kernel Offset: disabled
[   85.910579][ T5363] Rebooting in 86400 seconds..