last executing test programs:

59.417775708s ago: executing program 1 (id=338):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d)
fcntl$setsig(r1, 0xa, 0x21)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x2, &(0x7f0000000040)='source', &(0x7f0000000080)='./bus\x00', r1)
mknodat$loop(r1, &(0x7f0000002600)='./bus\x00', 0x0, 0x0)

58.490422477s ago: executing program 1 (id=342):
syz_open_dev$dri(&(0x7f0000000080), 0xff2, 0x200040) (async)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xa}, 0x20) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
close(r2) (async, rerun: 32)
fspick(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async, rerun: 32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) (async)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) (async, rerun: 64)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) (async, rerun: 64)
r4 = open(&(0x7f0000000640)='./file1\x00', 0x0, 0x0)
linkat(r3, &(0x7f0000000100)='./file1\x00', r4, &(0x7f0000000240)='./file0\x00', 0x0) (async)
ioctl$SNDRV_TIMER_IOCTL_START(r4, 0x54a0) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f00000000c0)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0xfd7d}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

58.398988337s ago: executing program 1 (id=343):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x5, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x4e)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = memfd_create(&(0x7f0000001e00)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xefE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xd1\xa7@\xa1_B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7<\x7f\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xb0\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcd\x90\x95\xdd\x8a\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\fe\x84\x7f\x10Y,\xe6\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xab>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1d<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4M\xc7\xfa\f\b\x8f\xc4\xbe\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaa\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00w\xa8wW\xb7\a\xda\xe1\xe0\x9b\xcd\x1dM\t\x86.\xc5\x06A\x17\xd3\xb7\xd7\xe8\xf5\xf4\xa48\xa1\x8cp\x89\x95y\x14\xa5k/\xceu\xad\x7f\x04Q\x96[@\xfb\xe4\x11\x88\xda}\xcd\xe8!\xb8\x92\xa14c\x85b\xd9\f\xbf\x95J\xa1cU\xf9\xa3\x11\xad\xaa\x00vZ]An\xba3\xde}G\x95qZ\xff\x1e\x9d\xd8\x86\x9a\xf8\xca\x1dMiJ\x0f\xed\xbb\x1a\xf5\xf2\x90j\x13\xdc^!\xe2Z\':\xb6\x19js|\xb5\xdf\xe7\xe3\xff\x17+\x96\xae\t\xb7\xcd#s5VTT\x93hD\xe9`\xfbl\xc4\xf9\xe7_\xb4\xc4[%B\x85\x91\x0f\xef\x15)je\xc9.\xec\xb7@\a\xa1\x83\xe3/\x04bw\x00\x00\x00\x00\x00\x00\x00\x00\x00\xda\xca\x1fM\x15\x9c\xe0}\x86,\xef=s(\xc0\x03\xf1H\xa0\xa9\xfblV\x81\xd1\xe3KQlR\xbc\xc9\'O}+e\xc3\xabr?v\x9dMS\xa9<\fq3\xe8\xe2I\x9f\x9b\x11\xa4\xc0\xbdV;\x83Y\x86$\r\a%\x1aV\x00\x00\x00\x00\x8f:R9\xe3HU_\xebJ\xc4C\v)\x87[\xa0\xc0\x90\xb0\x9f\x8f\xae |m\x85m\xe6\xa3~\xa4', 0x3)
pwritev(r3, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000380)="b9", 0x1}], 0x2, 0x800000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
openat$full(0xffffff9c, &(0x7f00000003c0), 0x303200, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000800000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000140)='./file0\x00', 0x50)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5bbf91a1e7f99074, &(0x7f0000000000))

57.940557897s ago: executing program 1 (id=344):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x8e, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newsa={0x148, 0x10, 0x713, 0x0, 0x0, {{@in=@private, @in=@empty}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_val={0x10}]}, 0x148}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}], 0x2)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

57.850097985s ago: executing program 1 (id=345):
syz_io_uring_setup(0x3b63, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="8406853e0bebd81937fea42e14d57358258306ea9f5989bd9f60279e9f2d755d8f801162e191febec48cf78426740d465f800a83425e55b918a36ee24c6dd14192ffeaa6fcffb579598354e17835cdcc08862ac529d238f65698fa015ac461f7c1372428f88ce0e89d91d08b21627f111d4c3d855fa6f2c6fff2dab744dd12584aa7b8a748bed08f46bdd52d5f8f5d44fe6bee5ffb790ca51ca6a3f8d4e259079a94fe06fa00960f5a8b582fd7d6c3917606dde449227ded1f2ab676d5a9228255b82997962211e1cac94ab4e4ef3c841071372c7074eadb4d5055138da6e63b74674d5f2f88c70c35e4660a009c0ed7c9ed047556aa9d49829625178700"/267], 0xe)

57.849389928s ago: executing program 1 (id=347):
r0 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa, 0x11, r0, 0xffffd000)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r2 = syz_open_dev$vcsu(&(0x7f0000000040), 0xff, 0x210201)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000000080)={0x0, 0x0, {0x0, @usage, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @struct}})
ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f0000000600)={r3, "b9810000007b5a8b1095d7ce2000"})

42.831885339s ago: executing program 32 (id=347):
r0 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa, 0x11, r0, 0xffffd000)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r2 = syz_open_dev$vcsu(&(0x7f0000000040), 0xff, 0x210201)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000000080)={0x0, 0x0, {0x0, @usage, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @struct}})
ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f0000000600)={r3, "b9810000007b5a8b1095d7ce2000"})

4.707774519s ago: executing program 2 (id=706):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1f, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="b70700000000000063119f00000000000700000000000000950000000000000086b223c17fd5c6311e80752befb60f283890ff0a97195cba4872b282cd13a47f256c1748557c"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc01cf509, &(0x7f00000002c0)={r0, 0x800000f, 0x10001, 0x6})
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000040)=@sr0, 0x0, 0x0, 0x0, 0x0)
read$snddsp(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="fb9c", 0xfffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0x9}, 0x18)
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x109000)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x0, 0x9, 0x0, [<r7=>0x0], [0xff, 0x0, 0x39a], [], [0x100000001]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r7, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000200)={r6, 0x0, 0x0, 0x0, 0x0, [<r9=>0x0]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r8})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000040)={r9})
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r10, 0xffffffffffffffff, 0x0)

4.196208369s ago: executing program 0 (id=713):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000240)=0x1)
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket$inet(0xa, 0x801, 0x84)
listen(r6, 0x100000001)
r7 = accept4(r6, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, 0x0, 0x0)
r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SDTEFACILITIES(r8, 0x541b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "bb67a153cd0e3e4a1aac449e5ad88b56923d9dfe", "b1610538917aa875e9b6000000007aa56a33d100"})
recvmmsg(r7, &(0x7f0000004300), 0x3a4, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
ppoll(0x0, 0x0, &(0x7f0000000180)={0x77359400}, 0x0, 0x0)
r9 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r9, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r9, 0x4c80, 0x0)
ioctl$LOOP_CTL_REMOVE(r9, 0x4c81, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0xc0046209, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000000)='FROZEN\x00', 0x7)

3.436502123s ago: executing program 2 (id=718):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
close(r2)
execve(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)

2.568952982s ago: executing program 2 (id=721):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000240)=0x1)
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket$inet(0xa, 0x801, 0x84)
listen(r6, 0x100000001)
r7 = accept4(r6, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xe)
r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SDTEFACILITIES(r8, 0x541b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "bb67a153cd0e3e4a1aac449e5ad88b56923d9dfe", "b1610538917aa875e9b6000000007aa56a33d100"})
recvmmsg(r7, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
ppoll(0x0, 0x0, &(0x7f0000000180)={0x77359400}, 0x0, 0x0)
r9 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r9, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r9, 0x4c80, 0x0)
ioctl$LOOP_CTL_REMOVE(r9, 0x4c81, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0xc0046209, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000000)='FROZEN\x00', 0x7)

2.005532509s ago: executing program 0 (id=722):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f00000001c0))
r0 = openat$dir(0xffffff9c, &(0x7f0000000100)='./file1\x00', 0x80000, 0x61)
getdents(r0, 0x0, 0x0)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f00000002c0)=<r3=>0x0)
io_submit(r3, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r4, 0x5)
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
syz_io_uring_setup(0x231, 0x0, &(0x7f0000000080)=<r5=>0x0, 0x0)
syz_io_uring_submit(r5, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r6 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$apparmor_current(r6, &(0x7f0000000d00)=ANY=[@ANYBLOB='changeprofie '], 0x280)

1.640068534s ago: executing program 4 (id=725):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r0, r0, 0x0, 0x40008)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

1.631270099s ago: executing program 2 (id=727):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x34, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x100)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004"], 0x528}}, 0xc000)

1.56970784s ago: executing program 4 (id=728):
sched_setattr(0x0, &(0x7f0000000140)={0x82}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000480)={0x6, <r4=>0x0}, 0x8)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x6, 0x5, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0xd70}, [@cb_func={0x18, 0xa, 0x4, 0x0, 0x1}]}, &(0x7f0000000500)='syzkaller\x00', 0xfffffff8, 0x4c, &(0x7f0000000540)=""/76, 0x40f00, 0x45, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x1, 0x6, 0x3350, 0xfffffffe}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000640)=[{0x5, 0x1, 0xf, 0x3}, {0x2, 0x4, 0x9}, {0x1, 0x2, 0x7}, {0x0, 0x5, 0x8}, {0x0, 0x2, 0x3, 0x6}], 0x10, 0x1, @void, @value}, 0x94)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000b00))
r8 = dup(r7)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f0000000000)={0x1, r8})
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000001000000050000000000000000000000eaffffff000000002cc474e6f26886976f34895ffc6fd7d949b8a9f988442a9bfc5494465ec2d0f8c20eeca3d8eaab1ab2230c93e6b9712b555dc40b2150aa4982430a8c10459e875ad3bb1890e0e87789faf26d"], 0x50)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0900000004000000080000000f00000000000000", @ANYRES32, @ANYBLOB="00000000008104d0bfeb67957903c89b4000"/32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000800)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2, 0x18, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, {}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='syzkaller\x00', 0x0, 0xe7, &(0x7f0000000340)=""/231, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x2, 0x6, 0x100, 0x5}, 0x10, r4, r5, 0x6, &(0x7f0000000880)=[r8, r9, r10, r11], &(0x7f00000008c0)=[{0x5, 0x1, 0x1, 0x5}, {0x3, 0x3, 0x1, 0x5}, {0x0, 0x1, 0x6, 0x9}, {0x5, 0x4, 0x6, 0x1}, {0x4, 0x2, 0x1, 0xa}, {0x4, 0x3, 0xb, 0x6}], 0x10, 0x80, @void, @value}, 0x94)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r3, 0x40045542, &(0x7f0000000b00)=0x5236)
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r12 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r12, 0x400455c8, 0x20000000009)
ioctl$TCGETS2(r12, 0x800455c9, 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b00010000030009040000"], 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.56919545s ago: executing program 2 (id=729):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
close(r2)
execve(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)

1.47873624s ago: executing program 4 (id=730):
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000500)={0x0, 0x40000, 0x0, 0xfffffffc, 0x356}, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0})
io_uring_enter(r4, 0x3f70, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)

1.365621035s ago: executing program 4 (id=731):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ifreq(r8, 0x8932, &(0x7f0000001dc0)={'tunl0\x00', @ifru_settings={0xffffff80, 0x7fffffff, @te1=0x0}})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000b8072552000008000300", @ANYRES32=r7, @ANYBLOB="0800b70000000000080026006c09000008009f0006000000"], 0x34}}, 0x40020)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r9 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
write$P9_RMKNOD(r9, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r9, 0x84, 0x77, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="fe0d08000600090002b90800070006000400696a2aa2b7aec42eeb49b895e4b23fa23f90b50fedbc9fde557c76a0220fd8c7b43678b788a8632dfa9d6ef68d40dd115bc3a8a58c985551508ef9abb6c9a623db9ec24121ce6ba8022b1e2261189265edda"], 0x18)
read$FUSE(r9, &(0x7f0000003c80)={0x2020}, 0x2020)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
openat$tun(0xffffff9c, &(0x7f0000000080), 0x101002, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r10 = socket(0x1e, 0x5, 0x0)
r11 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
connect$ax25(r11, &(0x7f0000000000)={{0x3, @null}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast]}, 0x48)
connect$tipc(r10, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
recvmmsg(r10, &(0x7f0000003c40)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000540)=""/228, 0xe4}], 0x1}}], 0x1, 0x0, 0x0)
r12 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
memfd_secret(0x0)
ioctl$USBDEVFS_REAPURB(r12, 0x4008550c, 0x0)

1.058327149s ago: executing program 0 (id=732):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
socketpair(0x14, 0x2, 0x80000001, &(0x7f0000000040))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x7, &(0x7f0000001180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000ee4200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$inet(r3, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
umount2(&(0x7f0000000240)='./cgroup\x00', 0x2)

980.364517ms ago: executing program 0 (id=733):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000400)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x68, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0xfff3, 0x10}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x401, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x401, 0x8001, 0x400}, 0x10a5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}, @TCA_TBF_PBURST={0x8, 0x7, 0x2a4}]}}]}, 0x68}}, 0x44080)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1, 0x0, 0x0, 0xf000000}}], 0x1, 0x0)

750.210796ms ago: executing program 3 (id=734):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), 0xffffffffffffffff) (async, rerun: 32)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x14, r3, 0x701, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) (async)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r4, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000c000000200001801400020073797a5f74756e000000000000000000080003000300000014000380"], 0x48}}, 0x0)

750.016551ms ago: executing program 3 (id=735):
ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0xed, 0x0, 0x1})
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="850000002e000000350000000000000085000000230000009500000000000000f4670880271e3503000ffa95a2c8c037c5fcadf78683149e17e24e96a142dfa8ba6287066c5197fabd5f7010e81ae0b737126ea6f7dc39cd34d5aeed8d38665c01002ff5dde54704d25c79949c23e2eb15d755a2350ea7c09c6db5640c11664baf8adb2142a9c28de194f44800000000b0d3712c7e93363af3c075ff1e23160104d95433bb755af3d57609d700ab56e77201bc692c5a2ad40709d031f40f3012e9576e51a7f550afc852003b2ff3462664c744ae6af3c037102124e25cec074c6949e1d76d067a97000247fe5f17fdab800f4104dbaba46aac3abe6c4d7f47ef6d02ba536cdacecf7eb6baaa4a9779f8555eaea76899f2c221c110ef050000000ee282ab76f593d928cf95846be6277cd8a4f8dc8dcba00b1b2d2547c45b0c52087b5efabf8496b9a9812ed03cee579251667dd58ea032eda2296efb19a34268335648e1f844ce328c10752a42dca52fb98c1452b651ebf942f7297f7b2744419a2f238f173d0cd46dafc6e9d929e03e5309ec91d83cf4fbd775e629b3000000000000000000000000000000000000000000000000004e410700ff9cfa139a35a8a669689144ff0173b15aa0f3794dbe2b0e6523155f5c4631f4cd2947de92f74fe3889ea5786118a4a8010e0de54a7d37885343e2545cffe14c8206da26a9ebf6cda6f5c081a320020bb82f56c0ab09797161997af2ad43ab7347a8c2ba7726a60459f43f8482482cc85096f11f14eecff54dca4a32ee9cfa02b397ef622284c5286e186cb7d73119c6a356722c890c9b06c42853c4043e9d44c306e7b1a03fb70317a75a013f617a834283a978fc460bdab3ba34e8336608eb0f591e4815ac1e51f1c20ef5"], &(0x7f0000000140)='GPL\x00', 0x8, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc38, 0x0, 0xffffffffffffffff, 0xffffffffffffffdc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'gre0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(r2, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff006003000000007f141434e3177f43055762cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x88a8, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0xfffff000, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x8000, 0x0, 0x92, 0x0, &(0x7f0000000240)="a4da57df712462aa0da7152f892444f624ca72c3ae1da8dc3a065519945631d50bc06e2b5ca04b349157652bb6b912ee5ec14ffd1159d51c0440a0009961b0bf80500850f60157c1f9e7eb4150cee1e98d13a7b79bf6bf2cf78e1148411375bbfb3916cc871e0fdfca0f39b57d3c3ad4550661475c2f8fade0bd6adf2e60716dcc9367223c11886db15f61a7d82f3ca6adb7"}, 0x4c)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0)=0x1, r4, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000002380)={0x7, 0x8, 0xfa00, {r4}}, 0x10)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x20001403)
ioctl$TUNSETOFFLOAD(r5, 0x40087446, 0x20002eae)
r6 = syz_io_uring_setup(0x1458, &(0x7f00000004c0)={0x0, 0x4, 0x10180, 0x2000, 0x3ae}, &(0x7f0000000100)=<r7=>0x0, &(0x7f00000002c0)=<r8=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='9'], 0x38}}, 0x4000)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x6a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2040, 0x1})
io_uring_enter(r6, 0x2d3e, 0xfffffffd, 0x0, 0x0, 0x0)

642.242109ms ago: executing program 2 (id=736):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000240)=0x1)
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket$inet(0xa, 0x801, 0x84)
listen(r6, 0x100000001)
r7 = accept4(r6, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xe)
r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SDTEFACILITIES(r8, 0x541b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "bb67a153cd0e3e4a1aac449e5ad88b56923d9dfe", "b1610538917aa875e9b6000000007aa56a33d100"})
recvmmsg(r7, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
ppoll(0x0, 0x0, &(0x7f0000000180)={0x77359400}, 0x0, 0x0)
r9 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r9, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r9, 0x4c80, 0x0)
ioctl$LOOP_CTL_REMOVE(r9, 0x4c81, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0xc0046209, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000000)='FROZEN\x00', 0x7)

641.792223ms ago: executing program 3 (id=737):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r0}, 0x0, 0x0}, 0x20)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SHUTDOWN={0x22, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x1})
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
syz_emit_ethernet(0xa6, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x70, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "ffffffffff60000000000000"}]}}}}}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000084040000000000000002"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000000c00000002000000002000000000001304000080"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000480)={0x3, &(0x7f0000000000)=[{}, {0x0, 0x8}, {0x0, 0x0, 0x0, 0x1}]})
r5 = socket(0x21, 0x2, 0x2)
recvmmsg(r5, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x3378}], 0x1, 0x2022, 0x0)
bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x1}, 0x10)
ioctl$TCFLSH(r4, 0x404c4701, 0x20000000)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006d6163736563000014000280050009000100000005000b"], 0x44}}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r6, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}}, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f00000001c0)={0x400, 0x1, &(0x7f0000000340)=[r2], &(0x7f0000000180)=[0x1], &(0x7f0000000200), &(0x7f00000000c0)})

460.052654ms ago: executing program 4 (id=738):
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xc3ff, 0x0}, 0x0)

432.502315ms ago: executing program 4 (id=739):
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000300)={'veth1_macvtap\x00', &(0x7f0000000280)=@ethtool_coalesce={0xe, 0x0, 0x45c9ae97, 0x94, 0x7, 0x95e, 0x8, 0x9, 0x4, 0x8, 0xfff, 0x9, 0x3ff, 0x9, 0xfffff840, 0x5, 0x6, 0x7, 0x2, 0x0, 0x1, 0x0, 0x5}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_REFILL_DELAY={0x8, 0x9, 0xfffffff8}]}}]}, 0x38}}, 0x0)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="44000000e940c65274cf97dd9921744bbd16d012ac52155e49b54ba2bcb3fbe1bd671123e1a7676bf1829110e7d27fb73a413a431e8e331ddce2b2972af383c17631fffc31486882bec231f1314bea582f71176d933cde4736e742a1badbdfcb09a5e12b937d16fd7494e91a680e447529aecb48efbc9fb1b037d752b674c9314a501b40590dd1be2017154e64a21d02779ee94023289728a1828fe4aba47e96c0aedadec2f34c502060b415aaf90204b0faa8c907f97fb8c41eebd39c65231617b5a9d76e41319ab6086b874086cfc0f32ef13fbe86aa4c6fa5586c334212355774a42b5580867a4df73c963b96f027152b9473d17f01ec5840cdd71cb7ba98985de730d371b6693d387bc1b76f8ae9207197e5a6989c050844517f2c01b3c9fd3c52acdd5363d176f5298c53688062986b4a8641661ecd38a96b183d6798b7196ac57611fed09b1b5828739bac8c10623cf33d50adff15118a03870cb4a8bd5d676c27ce639f002a81c9f0b08df29cfd061f58ef90e14755ffefeac5a2f238e1caf14dff1c6c4d224feb7bb766c3b8f3dc877f7e1c", @ANYRES16=r2, @ANYBLOB="01000000000000000000090000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000300000000000000090000000000"], 0x44}}, 0x0)
get_mempolicy(0x0, &(0x7f0000000040), 0xfffffffffffffc01, &(0x7f0000ffc000/0x3000)=nil, 0x4)
sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x100, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x8081)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c005c794b46fad9eaf01b6819e7e0080012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001df7ff31a0e69ee517d34460bc06000000a705251e6182949a3651f6c5bb", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r6 = syz_open_dev$vivid(&(0x7f0000000740), 0x1, 0x2)
ioctl$VIDIOC_LOG_STATUS(r6, 0x5646, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r7 = open$dir(&(0x7f0000000340)='./file0\x00', 0x4000, 0xc0)
statx(r7, &(0x7f0000000380)='./file0\x00', 0x4000, 0x400, &(0x7f0000000640))
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)

133.707725ms ago: executing program 3 (id=740):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
userfaultfd(0x80001)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=ANY=[@ANYBLOB="203f00001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)

59.917141ms ago: executing program 0 (id=741):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)
r1 = getpgrp(0xffffffffffffffff)
prlimit64(r1, 0xf, &(0x7f0000000040)={0x8, 0x8000}, &(0x7f0000000080))

59.647218ms ago: executing program 3 (id=742):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x14, 0x30, 0xcac229faa96ee7df}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

58.046419ms ago: executing program 3 (id=743):
creat(&(0x7f0000000240)='./file0\x00', 0x148)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000180)='./file0\x00', 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r4, 0x2000009)
sendfile(r3, r4, 0x0, 0x7ffff000)
utime(&(0x7f0000003000)='./file0\x00', 0x0) (fail_nth: 7)

0s ago: executing program 0 (id=744):
openat$vicodec1(0xffffff9c, &(0x7f00000008c0), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000840)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="1100000000cf5573bc000000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="400000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100677470001400028008000100"], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
r4 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
close(r4)
execve(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r5)

kernel console output (not intermixed with test programs):

TER_compat_after_hwframe+0x84/0x8e
[   93.778926][ T7008] RIP: 0023:0xf7fc3579
[   93.780240][ T7008] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   93.785831][ T7008] RSP: 002b:00000000f51465b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[   93.788519][ T7008] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5146620
[   93.790868][ T7008] RDX: 0000000000000001 RSI: 00000000f7450ff4 RDI: 0000000000000000
[   93.793296][ T7008] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[   93.795610][ T7008] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   93.797996][ T7008] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   93.800334][ T7008]  </TASK>
[   94.422836][ T7040] FAULT_INJECTION: forcing a failure.
[   94.422836][ T7040] name failslab, interval 1, probability 0, space 0, times 0
[   94.427483][ T7040] CPU: 0 UID: 0 PID: 7040 Comm: syz.0.267 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   94.431055][ T7040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.434154][ T7040] Call Trace:
[   94.435034][ T7040]  <TASK>
[   94.435828][ T7040]  dump_stack_lvl+0x16c/0x1f0
[   94.437068][ T7040]  should_fail_ex+0x497/0x5b0
[   94.438557][ T7040]  ? fs_reclaim_acquire+0xae/0x150
[   94.440361][ T7040]  should_failslab+0xc2/0x120
[   94.442040][ T7040]  __kmalloc_node_track_caller_noprof+0xcf/0x520
[   94.444130][ T7040]  ? __kthread_create_on_node+0x189/0x400
[   94.445995][ T7040]  kvasprintf+0xbd/0x160
[   94.447504][ T7040]  ? __pfx_kvasprintf+0x10/0x10
[   94.449156][ T7040]  ? __pfx_rxrpc_io_thread+0x10/0x10
[   94.451006][ T7040]  __kthread_create_on_node+0x189/0x400
[   94.452952][ T7040]  ? __pfx___kthread_create_on_node+0x10/0x10
[   94.455104][ T7040]  ? find_held_lock+0x59/0x110
[   94.456811][ T7040]  ? __pfx_rxrpc_io_thread+0x10/0x10
[   94.458687][ T7040]  kthread_create_on_node+0xc8/0x110
[   94.460598][ T7040]  ? __pfx_kthread_create_on_node+0x10/0x10
[   94.462743][ T7040]  ? rxrpc_open_socket+0x3bd/0x6c0
[   94.464592][ T7040]  ? mark_held_locks+0x9f/0xe0
[   94.466346][ T7040]  rxrpc_open_socket+0x3ea/0x6c0
[   94.468139][ T7040]  ? __pfx_rxrpc_open_socket+0x10/0x10
[   94.470110][ T7040]  ? __pfx_rxrpc_encap_rcv+0x10/0x10
[   94.472023][ T7040]  ? __pfx_rxrpc_encap_err_rcv+0x10/0x10
[   94.474052][ T7040]  ? lockdep_init_map_type+0x16d/0x7d0
[   94.476027][ T7040]  ? rcu_is_watching+0x12/0xc0
[   94.477785][ T7040]  rxrpc_lookup_local+0xc12/0x1240
[   94.479649][ T7040]  ? __pfx_rxrpc_lookup_local+0x10/0x10
[   94.481659][ T7040]  ? __local_bh_enable_ip+0xa4/0x120
[   94.483584][ T7040]  rxrpc_sendmsg+0x375/0x5f0
[   94.485286][ T7040]  ____sys_sendmsg+0x9ae/0xb40
[   94.487042][ T7040]  ? __pfx_____sys_sendmsg+0x10/0x10
[   94.488958][ T7040]  ? get_compat_msghdr+0x11b/0x170
[   94.490839][ T7040]  ___sys_sendmsg+0x135/0x1e0
[   94.492442][ T7040]  ? __pfx____sys_sendmsg+0x10/0x10
[   94.493939][ T7040]  ? __pfx_lock_release+0x10/0x10
[   94.495295][ T7040]  ? trace_lock_acquire+0x14e/0x1f0
[   94.496678][ T7040]  ? __fget_files+0x206/0x3a0
[   94.497880][ T7040]  __sys_sendmsg+0x16e/0x220
[   94.499132][ T7040]  ? __pfx___sys_sendmsg+0x10/0x10
[   94.500556][ T7040]  __do_fast_syscall_32+0x73/0x120
[   94.501956][ T7040]  do_fast_syscall_32+0x32/0x80
[   94.503267][ T7040]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   94.505015][ T7040] RIP: 0023:0xf7fc3579
[   94.506161][ T7040] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   94.511312][ T7040] RSP: 002b:00000000f514657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[   94.513575][ T7040] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[   94.515724][ T7040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   94.517882][ T7040] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   94.520198][ T7040] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   94.522912][ T7040] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   94.525629][ T7040]  </TASK>
[   95.063340][ T7054] 9pnet_virtio: no channels available for device syz
[   95.197217][ T7057] FAULT_INJECTION: forcing a failure.
[   95.197217][ T7057] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.201748][ T7057] CPU: 0 UID: 0 PID: 7057 Comm: syz.2.272 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   95.204497][ T7057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.207302][ T7057] Call Trace:
[   95.208193][ T7057]  <TASK>
[   95.208980][ T7057]  dump_stack_lvl+0x16c/0x1f0
[   95.210214][ T7057]  should_fail_ex+0x497/0x5b0
[   95.211444][ T7057]  _copy_from_iter+0x29b/0x1400
[   95.212726][ T7057]  ? __pfx__copy_from_iter+0x10/0x10
[   95.214112][ T7057]  ? write_comp_data+0x42/0x90
[   95.215357][ T7057]  ? __virt_addr_valid+0x5e/0x590
[   95.216702][ T7057]  ? const_folio_flags.constprop.0+0x56/0x150
[   95.218286][ T7057]  ? __phys_addr_symbol+0x30/0x80
[   95.219591][ T7057]  ? __check_object_size+0x488/0x710
[   95.220973][ T7057]  mptcp_sendmsg+0x1010/0x1f20
[   95.222234][ T7057]  ? __pfx_mptcp_sendmsg+0x10/0x10
[   95.223559][ T7057]  ? __pfx_aa_sk_perm+0x10/0x10
[   95.224827][ T7057]  ? __fget_files+0x206/0x3a0
[   95.226066][ T7057]  ? __pfx_mptcp_sendmsg+0x10/0x10
[   95.227490][ T7057]  inet_sendmsg+0x119/0x140
[   95.228685][ T7057]  __sys_sendto+0x42a/0x4f0
[   95.229876][ T7057]  ? __pfx___sys_sendto+0x10/0x10
[   95.231200][ T7057]  ? ksys_write+0x1ba/0x250
[   95.232409][ T7057]  __ia32_sys_sendto+0xdd/0x1b0
[   95.233763][ T7057]  ? lockdep_hardirqs_on+0x7c/0x110
[   95.235217][ T7057]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   95.236981][ T7057]  __do_fast_syscall_32+0x73/0x120
[   95.238338][ T7057]  do_fast_syscall_32+0x32/0x80
[   95.239602][ T7057]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   95.241242][ T7057] RIP: 0023:0xf7f95579
[   95.242300][ T7057] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   95.247260][ T7057] RSP: 002b:00000000f50f557c EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[   95.249411][ T7057] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200002c0
[   95.251445][ T7057] RDX: 0000000000300000 RSI: 0000000000000000 RDI: 0000000000000000
[   95.253470][ T7057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   95.255356][ T7057] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   95.257441][ T7057] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   95.259486][ T7057]  </TASK>
[   95.647598][ T7072] overlayfs: missing 'lowerdir'
[   96.071247][ T7090] =======================================================
[   96.071247][ T7090] WARNING: The mand mount option has been deprecated and
[   96.071247][ T7090]          and is ignored by this kernel. Remove the mand
[   96.071247][ T7090]          option from the mount to silence this warning.
[   96.071247][ T7090] =======================================================
[   96.403030][ T7100] netlink: 16 bytes leftover after parsing attributes in process `syz.3.285'.
[   96.870871][ T7123] warning: `syz.2.291' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   97.132221][ T7132] FAULT_INJECTION: forcing a failure.
[   97.132221][ T7132] name failslab, interval 1, probability 0, space 0, times 0
[   97.136359][ T7132] CPU: 3 UID: 0 PID: 7132 Comm: syz.3.293 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   97.139102][ T7132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.141895][ T7132] Call Trace:
[   97.142772][ T7132]  <TASK>
[   97.143553][ T7132]  dump_stack_lvl+0x16c/0x1f0
[   97.144799][ T7132]  should_fail_ex+0x497/0x5b0
[   97.146040][ T7132]  ? fs_reclaim_acquire+0xae/0x150
[   97.147371][ T7132]  should_failslab+0xc2/0x120
[   97.148611][ T7132]  __kmalloc_noprof+0xce/0x4f0
[   97.149878][ T7132]  ? nft_trans_alloc_gfp+0x26/0x2e0
[   97.151246][ T7132]  ? rhashtable_init_noprof+0x57f/0x7d0
[   97.152696][ T7132]  nft_trans_alloc_gfp+0x26/0x2e0
[   97.154026][ T7132]  nf_tables_newtable+0x13e5/0x1b80
[   97.155464][ T7132]  ? net_generic+0xea/0x2a0
[   97.156657][ T7132]  ? __pfx_nf_tables_newtable+0x10/0x10
[   97.158102][ T7132]  ? __nla_parse+0x40/0x60
[   97.159267][ T7132]  nfnetlink_rcv_batch+0x1a2a/0x24e0
[   97.160648][ T7132]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[   97.162249][ T7132]  ? __local_bh_enable_ip+0xa4/0x120
[   97.163752][ T7132]  ? lockdep_hardirqs_on+0x7c/0x110
[   97.165145][ T7132]  ? __pfx___dev_queue_xmit+0x10/0x10
[   97.166566][ T7132]  ? __nla_parse+0x40/0x60
[   97.167740][ T7132]  nfnetlink_rcv+0x3c3/0x430
[   97.168948][ T7132]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   97.170290][ T7132]  netlink_unicast+0x53c/0x7f0
[   97.171543][ T7132]  ? __pfx_netlink_unicast+0x10/0x10
[   97.172918][ T7132]  ? const_folio_flags.constprop.0+0x56/0x150
[   97.174496][ T7132]  ? __phys_addr_symbol+0x30/0x80
[   97.175822][ T7132]  ? __check_object_size+0x488/0x710
[   97.177210][ T7132]  netlink_sendmsg+0x8b8/0xd70
[   97.178468][ T7132]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.179856][ T7132]  ? trace_contention_end+0xee/0x140
[   97.181247][ T7132]  sock_sendmsg+0x369/0x410
[   97.182440][ T7132]  ? __pfx_sock_sendmsg+0x10/0x10
[   97.183763][ T7132]  splice_to_socket+0xaac/0x1040
[   97.185066][ T7132]  ? __pfx_splice_to_socket+0x10/0x10
[   97.186445][ T7132]  ? apparmor_file_permission+0x251/0x400
[   97.187935][ T7132]  ? bpf_lsm_file_permission+0x9/0x10
[   97.189340][ T7132]  ? security_file_permission+0x71/0x210
[   97.190818][ T7132]  ? __pfx_splice_to_socket+0x10/0x10
[   97.192225][ T7132]  do_splice+0x145c/0x1f60
[   97.193415][ T7132]  ? __pfx_do_splice+0x10/0x10
[   97.194671][ T7132]  ? __pfx_pipe_clear_nowait+0x10/0x10
[   97.196098][ T7132]  ? __pfx_lock_release+0x10/0x10
[   97.197420][ T7132]  ? trace_lock_acquire+0x14e/0x1f0
[   97.198787][ T7132]  __do_splice+0x327/0x360
[   97.199960][ T7132]  ? __pfx___do_splice+0x10/0x10
[   97.201258][ T7132]  ? __fget_files+0x206/0x3a0
[   97.202499][ T7132]  __ia32_sys_splice+0x189/0x250
[   97.203789][ T7132]  __do_fast_syscall_32+0x73/0x120
[   97.205148][ T7132]  do_fast_syscall_32+0x32/0x80
[   97.206437][ T7132]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.208077][ T7132] RIP: 0023:0xf7f46579
[   97.209144][ T7132] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.214157][ T7132] RSP: 002b:00000000f50a557c EFLAGS: 00000292 ORIG_RAX: 0000000000000139
[   97.216318][ T7132] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[   97.218376][ T7132] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000007fff
[   97.220418][ T7132] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.222464][ T7132] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   97.224505][ T7132] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.226556][ T7132]  </TASK>
[   97.227465][    C3] vkms_vblank_simulate: vblank timer overrun
[   98.022959][ T7155] FAULT_INJECTION: forcing a failure.
[   98.022959][ T7155] name failslab, interval 1, probability 0, space 0, times 0
[   98.026334][ T7155] CPU: 3 UID: 0 PID: 7155 Comm: syz.1.299 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   98.029070][ T7155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.031866][ T7155] Call Trace:
[   98.032746][ T7155]  <TASK>
[   98.033537][ T7155]  dump_stack_lvl+0x16c/0x1f0
[   98.034790][ T7155]  should_fail_ex+0x497/0x5b0
[   98.036046][ T7155]  ? fs_reclaim_acquire+0xae/0x150
[   98.037399][ T7155]  should_failslab+0xc2/0x120
[   98.038643][ T7155]  __kmalloc_node_noprof+0xd1/0x520
[   98.040015][ T7155]  ? crypto_alloc_tfmmem.isra.0+0x38/0x110
[   98.041560][ T7155]  ? __pfx_crypto_alg_extsize+0x10/0x10
[   98.043014][ T7155]  crypto_alloc_tfmmem.isra.0+0x38/0x110
[   98.044488][ T7155]  crypto_create_tfm_node+0x83/0x320
[   98.045894][ T7155]  crypto_alloc_tfm_node+0x102/0x260
[   98.047280][ T7155]  ? crypto_dh_encode_key+0x4a6/0x560
[   98.048689][ T7155]  __keyctl_dh_compute+0x45b/0xf50
[   98.050048][ T7155]  ? __pfx___lock_acquire+0x10/0x10
[   98.051416][ T7155]  ? __pfx___keyctl_dh_compute+0x10/0x10
[   98.052884][ T7155]  ? irqentry_exit+0x3b/0x90
[   98.054126][ T7155]  ? __pfx_lock_release+0x10/0x10
[   98.055453][ T7155]  ? trace_lock_acquire+0x14e/0x1f0
[   98.056838][ T7155]  compat_keyctl_dh_compute+0x161/0x1d0
[   98.058300][ T7155]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[   98.059892][ T7155]  ? ksys_write+0x1ba/0x250
[   98.061094][ T7155]  __do_compat_sys_keyctl+0x27b/0x440
[   98.062511][ T7155]  __do_fast_syscall_32+0x73/0x120
[   98.063854][ T7155]  do_fast_syscall_32+0x32/0x80
[   98.065143][ T7155]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   98.066808][ T7155] RIP: 0023:0xf7f00579
[   98.067887][ T7155] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   98.072872][ T7155] RSP: 002b:00000000f506557c EFLAGS: 00000292 ORIG_RAX: 0000000000000120
[   98.075038][ T7155] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000020000100
[   98.077078][ T7155] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000400
[   98.079157][ T7155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   98.081221][ T7155] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   98.083294][ T7155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   98.085375][ T7155]  </TASK>
[   98.086290][    C3] vkms_vblank_simulate: vblank timer overrun
[   98.250596][ T7161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.300'.
[   98.308858][ T7163] afs: Unknown parameter 'fnock'
[   98.547342][ T7165] netlink: 700 bytes leftover after parsing attributes in process `syz.3.302'.
[   98.556124][ T7165] sp0: Synchronizing with TNC
[   98.694600][ T7169] tipc: Started in network mode
[   98.696073][ T7169] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   98.699079][ T7169] tipc: Enabled bearer <eth:team0>, priority 6
[   99.031639][  T831] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   99.181934][  T831] usb 8-1: Using ep0 maxpacket: 8
[   99.186458][  T831] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   99.189472][  T831] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[   99.191992][  T831] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[   99.195084][  T831] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[   99.198533][  T831] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   99.201005][  T831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.205968][  T831] hub 8-1:1.0: bad descriptor, ignoring hub
[   99.208116][  T831] hub 8-1:1.0: probe with driver hub failed with error -5
[   99.210347][  T831] cdc_wdm 8-1:1.0: skipping garbage
[   99.211977][  T831] cdc_wdm 8-1:1.0: skipping garbage
[   99.215268][  T831] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[   99.216958][  T831] cdc_wdm 8-1:1.0: Unknown control protocol
[   99.693329][  T831] tipc: Node number set to 11578026
[   99.886585][ T7208] FAULT_INJECTION: forcing a failure.
[   99.886585][ T7208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.889921][ T7208] CPU: 3 UID: 0 PID: 7208 Comm: syz.1.318 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[   99.892792][ T7208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.895537][ T7208] Call Trace:
[   99.896401][ T7208]  <TASK>
[   99.897174][ T7208]  dump_stack_lvl+0x16c/0x1f0
[   99.898388][ T7208]  should_fail_ex+0x497/0x5b0
[   99.899605][ T7208]  _copy_from_user+0x2e/0xd0
[   99.900792][ T7208]  compat_do_replace+0x16f/0x500
[   99.902078][ T7208]  ? __pfx_compat_do_replace+0x10/0x10
[   99.903467][ T7208]  ? aa_get_newest_label+0x376/0x680
[   99.904839][ T7208]  ? __pfx_aa_get_newest_label+0x10/0x10
[   99.906282][ T7208]  ? bpf_lsm_capable+0x9/0x10
[   99.907478][ T7208]  ? security_capable+0x7e/0x260
[   99.908776][ T7208]  do_ipt_set_ctl+0x686/0xc10
[   99.910022][ T7208]  ? __mutex_lock+0x1cc/0xa60
[   99.911254][ T7208]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[   99.912597][ T7208]  ? __mutex_unlock_slowpath+0x164/0x690
[   99.914023][ T7208]  ? sockopt_release_sock+0x52/0x60
[   99.915261][ T7208]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   99.916833][ T7208]  ? __pfx_do_ip_setsockopt+0x10/0x10
[   99.918232][ T7208]  ? nf_sockopt_find.constprop.0+0x221/0x290
[   99.919751][ T7208]  nf_setsockopt+0x8a/0xf0
[   99.920901][ T7208]  ip_setsockopt+0xcb/0xf0
[   99.922073][ T7208]  udp_setsockopt+0x7d/0xd0
[   99.923265][ T7208]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   99.924803][ T7208]  do_sock_setsockopt+0x222/0x480
[   99.926121][ T7208]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   99.927551][ T7208]  ? lock_acquire+0x2f/0xb0
[   99.928735][ T7208]  __sys_setsockopt+0x1a0/0x230
[   99.929997][ T7208]  __ia32_sys_setsockopt+0xbc/0x160
[   99.931330][ T7208]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.932665][ T7208]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   99.934349][ T7208]  __do_fast_syscall_32+0x73/0x120
[   99.935664][ T7208]  do_fast_syscall_32+0x32/0x80
[   99.936919][ T7208]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   99.938525][ T7208] RIP: 0023:0xf7f00579
[   99.939562][ T7208] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   99.944466][ T7208] RSP: 002b:00000000f508657c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[   99.946586][ T7208] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[   99.948581][ T7208] RDX: 0000000000000040 RSI: 0000000020000580 RDI: 0000000000000380
[   99.950588][ T7208] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   99.952594][ T7208] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   99.954598][ T7208] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   99.956608][ T7208]  </TASK>
[   99.957501][    C3] vkms_vblank_simulate: vblank timer overrun
[   99.984478][   T39] audit: type=1326 audit(1733614183.844:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7209 comm="syz.1.319" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x0
[  100.102322][ T7173] usb 8-1: reset high-speed USB device number 2 using dummy_hcd
[  100.166670][ T7215] binder: 7211:7215 ioctl c0046209 0 returned -22
[  100.484513][ T7173] random: crng reseeded on system resumption
[  100.493114][ T7173] Restarting kernel threads ... done.
[  100.582002][ T5983] usb 8-1: USB disconnect, device number 2
[  100.890421][ T5980] libceph: connect (1)[c::]:6789 error -101
[  100.892200][ T5980] libceph: mon0 (1)[c::]:6789 connect error
[  101.151889][ T5980] libceph: connect (1)[c::]:6789 error -101
[  101.153869][ T5980] libceph: mon0 (1)[c::]:6789 connect error
[  101.188839][ T7238] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  101.190857][ T7238] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  101.193639][ T7238] vhci_hcd vhci_hcd.0: Device attached
[  101.196145][ T7240] vhci_hcd: unknown pdu 1
[  101.199060][ T1230] vhci_hcd: stop threads
[  101.200441][ T1230] vhci_hcd: release socket
[  101.202523][ T1230] vhci_hcd: disconnect device
[  101.262475][ T7234] wg1: entered promiscuous mode
[  101.671840][ T5980] libceph: connect (1)[c::]:6789 error -101
[  101.673535][ T5980] libceph: mon0 (1)[c::]:6789 connect error
[  101.699004][ T7222] ceph: No mds server is up or the cluster is laggy
[  102.506789][ T7262] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  102.841722][ T7267] binder: 7263:7267 ioctl c0046209 0 returned -22
[  103.105334][ T6383] udevd[6383]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  103.566160][ T5983] libceph: connect (1)[c::]:6789 error -101
[  103.567784][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  103.826578][ T5983] libceph: connect (1)[c::]:6789 error -101
[  103.830302][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  104.343553][ T5983] libceph: connect (1)[c::]:6789 error -101
[  104.345513][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  104.370786][ T7282] ceph: No mds server is up or the cluster is laggy
[  104.650792][ T7305] input: syz0 as /devices/virtual/input/input6
[  104.966634][ T7307] netlink: 4 bytes leftover after parsing attributes in process `syz.1.344'.
[  105.404788][  T831] libceph: connect (1)[c::]:6789 error -101
[  105.406648][  T831] libceph: mon0 (1)[c::]:6789 connect error
[  105.662651][  T831] libceph: connect (1)[c::]:6789 error -101
[  105.664384][  T831] libceph: mon0 (1)[c::]:6789 connect error
[  106.172534][  T831] libceph: connect (1)[c::]:6789 error -101
[  106.175095][  T831] libceph: mon0 (1)[c::]:6789 connect error
[  106.197794][ T7326] ceph: No mds server is up or the cluster is laggy
[  106.329763][ T7344] input: syz0 as /devices/virtual/input/input7
[  106.896863][ T7350] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  106.898602][ T7350] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  106.900675][ T7350] vhci_hcd vhci_hcd.0: Device attached
[  106.904275][ T7352] vhci_hcd: connection closed
[  106.904510][   T75] vhci_hcd: stop threads
[  106.907075][   T75] vhci_hcd: release socket
[  106.908253][   T75] vhci_hcd: disconnect device
[  107.401649][ T7364] binder: 7358:7364 ioctl c0046209 0 returned -22
[  107.461629][ T5980] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  107.603767][ T1322] libceph: connect (1)[c::]:6789 error -101
[  107.606112][ T1322] libceph: mon0 (1)[c::]:6789 connect error
[  107.611857][ T5980] usb 8-1: Using ep0 maxpacket: 8
[  107.614445][ T5980] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  107.617431][ T5980] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  107.619862][ T5980] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  107.623656][ T5980] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  107.626729][ T5980] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  107.629068][ T5980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.636970][ T5980] hub 8-1:1.0: bad descriptor, ignoring hub
[  107.638517][ T5980] hub 8-1:1.0: probe with driver hub failed with error -5
[  107.640474][ T5980] cdc_wdm 8-1:1.0: skipping garbage
[  107.642201][ T5980] cdc_wdm 8-1:1.0: skipping garbage
[  107.645109][ T5980] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  107.646641][ T5980] cdc_wdm 8-1:1.0: Unknown control protocol
[  107.861811][ T1322] libceph: connect (1)[c::]:6789 error -101
[  107.863446][ T1322] libceph: mon0 (1)[c::]:6789 connect error
[  108.371805][ T1322] libceph: connect (1)[c::]:6789 error -101
[  108.373431][ T1322] libceph: mon0 (1)[c::]:6789 connect error
[  108.436000][ T7371] ceph: No mds server is up or the cluster is laggy
[  108.602809][ T7362] usb 8-1: reset high-speed USB device number 3 using dummy_hcd
[  108.967002][ T7362] random: crng reseeded on system resumption
[  108.979544][ T7362] Restarting kernel threads ... done.
[  109.081937][ T1322] usb 8-1: USB disconnect, device number 3
[  109.739680][ T7393] FAULT_INJECTION: forcing a failure.
[  109.739680][ T7393] name failslab, interval 1, probability 0, space 0, times 0
[  109.743643][ T7393] CPU: 2 UID: 0 PID: 7393 Comm: syz.3.369 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  109.746309][ T7393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  109.748927][ T7393] Call Trace:
[  109.749782][ T7393]  <TASK>
[  109.750529][ T7393]  dump_stack_lvl+0x16c/0x1f0
[  109.751691][ T7393]  should_fail_ex+0x497/0x5b0
[  109.752870][ T7393]  ? fs_reclaim_acquire+0xae/0x150
[  109.754129][ T7393]  should_failslab+0xc2/0x120
[  109.755311][ T7393]  __kmalloc_noprof+0xce/0x4f0
[  109.756528][ T7393]  ? strset_prepare_data+0x60f/0xb70
[  109.757861][ T7393]  strset_prepare_data+0x60f/0xb70
[  109.759169][ T7393]  ethnl_default_dumpit+0x650/0xd50
[  109.760474][ T7393]  genl_dumpit+0x122/0x230
[  109.761640][ T7393]  netlink_dump+0x53c/0xd00
[  109.763096][ T7393]  ? __pfx_netlink_dump+0x10/0x10
[  109.764418][ T7393]  ? __check_object_size+0x31/0x710
[  109.766113][ T7393]  ? skb_recv_datagram+0x89/0xc0
[  109.767381][ T7393]  ? rcu_is_watching+0x12/0xc0
[  109.768809][ T7393]  netlink_recvmsg+0xa0d/0xf30
[  109.770404][ T7393]  ? __pfx_netlink_recvmsg+0x10/0x10
[  109.772138][ T7393]  ? aa_sk_perm+0x2f5/0xb20
[  109.773609][ T7393]  ? __pfx_aa_sk_perm+0x10/0x10
[  109.775219][ T7393]  sock_recvmsg+0x1f6/0x250
[  109.776733][ T7393]  ____sys_recvmsg+0x219/0x6b0
[  109.778288][ T7393]  ? __pfx_____sys_recvmsg+0x10/0x10
[  109.779941][ T7393]  ___sys_recvmsg+0x115/0x1a0
[  109.781422][ T7393]  ? __pfx____sys_recvmsg+0x10/0x10
[  109.782759][ T7393]  ? __fget_files+0x1fc/0x3a0
[  109.783963][ T7393]  ? trace_lock_acquire+0x14e/0x1f0
[  109.785323][ T7393]  ? __fget_files+0x206/0x3a0
[  109.786741][ T7393]  do_recvmmsg+0x55d/0x740
[  109.788041][ T7393]  ? __pfx_do_recvmmsg+0x10/0x10
[  109.789634][ T7393]  ? vfs_write+0x306/0x1150
[  109.791067][ T7393]  ? __fget_files+0x206/0x3a0
[  109.792444][ T7393]  __sys_recvmmsg+0x21e/0x280
[  109.793679][ T7393]  ? __pfx___sys_recvmmsg+0x10/0x10
[  109.795117][ T7393]  ? __pfx_ksys_write+0x10/0x10
[  109.796634][ T7393]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  109.798495][ T7393]  ? lockdep_hardirqs_on+0x7c/0x110
[  109.799825][ T7393]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  109.801519][ T7393]  __do_fast_syscall_32+0x73/0x120
[  109.802842][ T7393]  do_fast_syscall_32+0x32/0x80
[  109.804142][ T7393]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  109.806054][ T7393] RIP: 0023:0xf7f46579
[  109.807434][ T7393] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  109.813494][ T7393] RSP: 002b:00000000f50a557c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  109.816128][ T7393] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020004d80
[  109.818608][ T7393] RDX: 0000000000000493 RSI: 000000000000000a RDI: 0000000000000000
[  109.821097][ T7393] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  109.823580][ T7393] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  109.826069][ T7393] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  109.828604][ T7393]  </TASK>
[  109.829511][    C2] vkms_vblank_simulate: vblank timer overrun
[  110.051947][ T7399] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  110.053621][ T7399] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  110.056246][ T7399] vhci_hcd vhci_hcd.0: Device attached
[  110.069524][ T7400] vhci_hcd: connection closed
[  110.071216][   T75] vhci_hcd: stop threads
[  110.074235][   T75] vhci_hcd: release socket
[  110.075526][   T75] vhci_hcd: disconnect device
[  110.787822][ T7412] binder: 7409:7412 ioctl c0046209 0 returned -22
[  111.364858][ T7421] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  111.733354][ T7428] binder: 7425:7428 ioctl c0046209 0 returned -22
[  112.339843][ T7430] binder: 7429:7430 ioctl c0046209 0 returned -22
[  113.326691][ T7442] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  113.328423][ T7442] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  113.330528][ T7442] vhci_hcd vhci_hcd.0: Device attached
[  113.337333][ T7444] vhci_hcd: connection closed
[  113.338320][ T1137] vhci_hcd: stop threads
[  113.340717][ T1137] vhci_hcd: release socket
[  113.342941][ T1137] vhci_hcd: disconnect device
[  113.891475][ T7451] fuse: Bad value for 'fd'
[  113.897401][ T7451] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  113.899209][ T7451] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  114.013109][ T7454] netlink: 80 bytes leftover after parsing attributes in process `syz.0.385'.
[  114.053625][ T7456] FAULT_INJECTION: forcing a failure.
[  114.053625][ T7456] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.056920][ T7456] CPU: 0 UID: 0 PID: 7456 Comm: syz.0.386 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  114.059585][ T7456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.062306][ T7456] Call Trace:
[  114.063165][ T7456]  <TASK>
[  114.063942][ T7456]  dump_stack_lvl+0x16c/0x1f0
[  114.065163][ T7456]  should_fail_ex+0x497/0x5b0
[  114.066392][ T7456]  _copy_from_user+0x2e/0xd0
[  114.067586][ T7456]  kstrtouint_from_user+0xd7/0x1c0
[  114.068883][ T7456]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  114.070346][ T7456]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  114.071790][ T7456]  proc_fail_nth_write+0x84/0x250
[  114.073086][ T7456]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  114.074532][ T7456]  ? ksys_write+0x12b/0x250
[  114.075709][ T7456]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  114.077115][ T7456]  vfs_write+0x24c/0x1150
[  114.078265][ T7456]  ? __fget_files+0x1fc/0x3a0
[  114.079487][ T7456]  ? __pfx___mutex_lock+0x10/0x10
[  114.080804][ T7456]  ? __pfx_vfs_write+0x10/0x10
[  114.082056][ T7456]  ? __fget_files+0x206/0x3a0
[  114.083294][ T7456]  ksys_write+0x12b/0x250
[  114.084439][ T7456]  ? __pfx_ksys_write+0x10/0x10
[  114.085717][ T7456]  __do_fast_syscall_32+0x73/0x120
[  114.087070][ T7456]  do_fast_syscall_32+0x32/0x80
[  114.088332][ T7456]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.089907][ T7456] RIP: 0023:0xf7fc3579
[  114.090856][ T7460] No such timeout policy "syz0"
[  114.090932][ T7456] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.097418][ T7456] RSP: 002b:00000000f51465b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  114.099506][ T7456] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5146620
[  114.101444][ T7456] RDX: 0000000000000001 RSI: 00000000f7450ff4 RDI: 0000000000000000
[  114.103444][ T7456] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  114.105412][ T7456] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.107383][ T7456] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.109334][ T7456]  </TASK>
[  114.154558][ T7460] overlay: Unknown parameter 'smackfsroot'
[  114.621825][ T7477] netlink: 'syz.2.392': attribute type 2 has an invalid length.
[  114.680333][ T7477] netlink: 'syz.2.392': attribute type 10 has an invalid length.
[  114.687181][ T7477] batman_adv: batadv0: Adding interface: team0
[  114.689171][ T7477] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.697612][ T7477] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  114.703631][ T7477] netlink: 'syz.2.392': attribute type 10 has an invalid length.
[  114.706054][ T7477] netlink: 2 bytes leftover after parsing attributes in process `syz.2.392'.
[  114.708935][ T7477] team0: entered promiscuous mode
[  114.710590][ T7477] team_slave_0: entered promiscuous mode
[  114.714632][ T7477] team_slave_1: entered promiscuous mode
[  114.717411][ T7477] 8021q: adding VLAN 0 to HW filter on device team0
[  114.719662][ T7477] batman_adv: batadv0: Interface activated: team0
[  114.721881][ T7477] batman_adv: batadv0: Interface deactivated: team0
[  114.724040][ T7477] batman_adv: batadv0: Removing interface: team0
[  114.804271][ T7481] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  115.078944][ T7485] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  115.078944][ T7485]    program syz.2.394 not setting count and/or reply_len properly
[  115.185802][ T7495] syz.3.398 (7495): /proc/7494/oom_adj is deprecated, please use /proc/7494/oom_score_adj instead.
[  116.081698][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  117.243893][ T7535] netlink: 4 bytes leftover after parsing attributes in process `syz.2.408'.
[  118.202610][ T7564] binder: 7548:7564 ioctl c0046209 0 returned -22
[  118.967626][ T5983] libceph: connect (1)[c::]:6789 error -101
[  118.969791][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  119.244806][ T5983] libceph: connect (1)[c::]:6789 error -101
[  119.257181][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  119.762117][ T5983] libceph: connect (1)[c::]:6789 error -101
[  119.764418][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  119.774011][ T7579] ceph: No mds server is up or the cluster is laggy
[  120.443672][ T5946] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  120.447436][ T5946] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  120.449962][ T5946] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  120.453233][ T5946] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  120.455352][ T5946] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  120.457378][ T5946] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  120.567942][ T7611] chnl_net:caif_netlink_parms(): no params data found
[  120.681200][ T7611] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.684334][ T7611] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.686264][ T7611] bridge_slave_0: entered allmulticast mode
[  120.688889][ T7611] bridge_slave_0: entered promiscuous mode
[  120.691335][ T7611] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.693422][ T7611] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.695496][ T7611] bridge_slave_1: entered allmulticast mode
[  120.697735][ T7611] bridge_slave_1: entered promiscuous mode
[  120.720391][ T7611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.724418][ T7611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.771943][ T7611] team0: Port device team_slave_0 added
[  120.776097][ T7611] team0: Port device team_slave_1 added
[  120.837253][ T7611] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.839120][ T7611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.846857][ T7611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  120.852248][ T7611] batman_adv: batadv0: Adding interface: batadv_slave_1
[  120.854071][ T7611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.860846][ T7611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  120.902811][ T7611] hsr_slave_0: entered promiscuous mode
[  120.907010][ T7611] hsr_slave_1: entered promiscuous mode
[  120.908881][ T7611] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  120.910856][ T7611] Cannot create hsr debugfs directory
[  121.031091][ T7626] binder: 7619:7626 ioctl c0046209 0 returned -22
[  121.035213][ T7611] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  121.040673][ T7611] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  121.044805][ T7611] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  121.055178][ T7611] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  121.076191][ T7611] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.078030][ T7611] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.079951][ T7611] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.081831][ T7611] bridge0: port 1(bridge_slave_0) entered forwarding state
[  121.133650][ T7611] 8021q: adding VLAN 0 to HW filter on device bond0
[  121.146677][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.149546][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.178224][ T7611] 8021q: adding VLAN 0 to HW filter on device team0
[  121.195455][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.197331][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  121.201107][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.202974][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.392649][ T7611] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.516387][ T7611] veth0_vlan: entered promiscuous mode
[  121.523720][ T7611] veth1_vlan: entered promiscuous mode
[  121.538365][ T7611] veth0_macvtap: entered promiscuous mode
[  121.544020][ T7611] veth1_macvtap: entered promiscuous mode
[  121.550365][ T7611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.556572][ T7611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.559181][ T7611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.563520][ T7611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.567233][ T7611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.570173][ T7611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.576588][ T7611] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.580932][ T7611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.584520][ T7611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.587191][ T7611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.589973][ T7611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.597167][ T7611] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.605918][ T7611] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.609251][ T7611] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.618264][ T7611] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.620656][ T7611] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.661294][   T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.664607][   T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.677393][   T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.679616][   T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.790477][ T7639] netlink: 64 bytes leftover after parsing attributes in process `syz.0.431'.
[  121.941703][  T831] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  122.101627][  T831] usb 8-1: Using ep0 maxpacket: 8
[  122.104574][  T831] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  122.107170][  T831] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  122.109853][  T831] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  122.112626][  T831] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  122.116072][  T831] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  122.118620][  T831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.253422][ T7651] binder: 7649:7651 ioctl c0046209 0 returned -22
[  122.482514][ T5946] Bluetooth: hci4: command tx timeout
[  122.551712][  T831] usb 8-1: GET_CAPABILITIES returned 0
[  122.553242][  T831] usbtmc 8-1:16.0: can't read capabilities
[  122.559035][  T831] usb 8-1: USB disconnect, device number 4
[  123.060426][ T7662] binder: 7659:7662 ioctl c0046209 0 returned -22
[  123.121938][   T63] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  123.164873][ T7667] overlayfs: missing 'lowerdir'
[  123.271644][   T63] usb 5-1: Using ep0 maxpacket: 8
[  123.274802][   T63] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  123.278390][   T63] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  123.286994][   T63] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  123.290878][   T63] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  123.296429][   T63] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  123.298876][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.307455][   T63] hub 5-1:1.0: bad descriptor, ignoring hub
[  123.309675][   T63] hub 5-1:1.0: probe with driver hub failed with error -5
[  123.312870][   T63] cdc_wdm 5-1:1.0: skipping garbage
[  123.314266][   T63] cdc_wdm 5-1:1.0: skipping garbage
[  123.317845][   T63] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  123.319864][   T63] cdc_wdm 5-1:1.0: Unknown control protocol
[  123.810544][ T5979] libceph: connect (1)[c::]:6789 error -101
[  123.812379][ T5979] libceph: mon0 (1)[c::]:6789 connect error
[  123.851478][ T7674] netlink: 64 bytes leftover after parsing attributes in process `syz.3.442'.
[  124.071801][ T5979] libceph: connect (1)[c::]:6789 error -101
[  124.073456][ T5979] libceph: mon0 (1)[c::]:6789 connect error
[  124.205012][ T7658] usb 5-1: reset high-speed USB device number 4 using dummy_hcd
[  124.561678][ T5946] Bluetooth: hci4: command tx timeout
[  124.578032][ T7658] random: crng reseeded on system resumption
[  124.581811][  T831] libceph: connect (1)[c::]:6789 error -101
[  124.583436][  T831] libceph: mon0 (1)[c::]:6789 connect error
[  124.591335][ T7658] Restarting kernel threads ... done.
[  124.630462][ T7676] ceph: No mds server is up or the cluster is laggy
[  124.702826][    T8] usb 5-1: USB disconnect, device number 4
[  124.937465][ T7700] ubi0: attaching mtd0
[  124.941803][ T7700] ubi0: scanning is finished
[  124.943131][ T7700] ubi0: empty MTD device detected
[  124.975981][ T7699] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  125.176178][ T7700] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  125.178175][ T7700] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  125.180051][ T7700] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  125.181874][ T7700] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  125.183770][ T7700] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  125.185515][ T7700] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  125.187561][ T7700] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 130938001
[  125.190120][ T7700] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  125.193336][ T7706] ubi0: background thread "ubi_bgt0d" started, PID 7706
[  125.282916][ T7716] overlayfs: missing 'lowerdir'
[  125.323161][ T7712] netlink: 64 bytes leftover after parsing attributes in process `syz.0.452'.
[  125.359754][ T5983] libceph: connect (1)[c::]:6789 error -101
[  125.361448][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  125.409723][   T39] audit: type=1400 audit(1733614209.264:74): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=7715 comm="syz.2.453"
[  125.622012][ T5983] libceph: connect (1)[c::]:6789 error -101
[  125.624191][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  125.669490][ T7728] overlayfs: missing 'lowerdir'
[  125.901640][ T5979] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  126.051685][ T5979] usb 9-1: Using ep0 maxpacket: 8
[  126.055248][ T5979] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  126.058283][ T5979] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  126.061511][ T5979] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  126.064746][ T5979] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  126.068947][ T5979] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  126.072013][ T5979] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.131892][ T5983] libceph: connect (1)[c::]:6789 error -101
[  126.134016][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  126.187728][ T7719] ceph: No mds server is up or the cluster is laggy
[  126.296970][ T5979] usb 9-1: GET_CAPABILITIES returned 0
[  126.298428][ T5979] usbtmc 9-1:16.0: can't read capabilities
[  126.501456][   T63] usb 9-1: USB disconnect, device number 2
[  126.641848][ T5946] Bluetooth: hci4: command tx timeout
[  126.803269][ T7750] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  127.108302][ T7757] overlayfs: missing 'lowerdir'
[  127.232473][   T39] audit: type=1400 audit(1733614211.084:75): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=7756 comm="syz.0.466"
[  127.311649][ T5980] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  127.471776][ T5980] usb 9-1: Using ep0 maxpacket: 8
[  127.475490][ T5980] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  127.478960][ T5980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  127.489270][ T5980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  127.508868][ T5980] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  127.515542][ T5980] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  127.519501][ T5980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.736176][ T5980] usb 9-1: GET_CAPABILITIES returned 0
[  127.737647][ T5980] usbtmc 9-1:16.0: can't read capabilities
[  127.816561][ T7766] veth1_macvtap: left promiscuous mode
[  127.818078][ T7766] macsec0: entered promiscuous mode
[  127.819437][ T7766] macsec0: entered allmulticast mode
[  127.825110][ T7766] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  127.825110][ T7766]    program syz.3.468 not setting count and/or reply_len properly
[  127.830284][ T7766] FAULT_INJECTION: forcing a failure.
[  127.830284][ T7766] name failslab, interval 1, probability 0, space 0, times 0
[  127.834424][ T7766] CPU: 1 UID: 0 PID: 7766 Comm: syz.3.468 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  127.837963][ T7766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.841525][ T7766] Call Trace:
[  127.842642][ T7766]  <TASK>
[  127.843666][ T7766]  dump_stack_lvl+0x16c/0x1f0
[  127.845270][ T7766]  should_fail_ex+0x497/0x5b0
[  127.846863][ T7766]  should_failslab+0xc2/0x120
[  127.848160][ T7766]  __kmalloc_noprof+0xce/0x4f0
[  127.849408][ T7766]  ? trace_kmalloc+0x2d/0xd0
[  127.850614][ T7766]  ? bio_kmalloc+0x41/0x70
[  127.851780][ T7766]  bio_kmalloc+0x41/0x70
[  127.852914][ T7766]  blk_rq_map_user_iov+0x420/0x1320
[  127.854295][ T7766]  ? __pfx_blk_rq_map_user_iov+0x10/0x10
[  127.855769][ T7766]  ? find_held_lock+0x2d/0x110
[  127.857032][ T7766]  ? sg_common_write.constprop.0+0xe6a/0x1c60
[  127.858616][ T7766]  ? __pfx_lock_release+0x10/0x10
[  127.859921][ T7766]  ? rcu_is_watching+0x12/0xc0
[  127.861389][ T7766]  ? __mutex_lock+0x1cc/0xa60
[  127.862999][ T7766]  ? import_ubuf+0x1b6/0x220
[  127.864518][ T7766]  blk_rq_map_user_io+0x206/0x230
[  127.865848][ T7766]  ? __pfx_blk_rq_map_user_io+0x10/0x10
[  127.867285][ T7766]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  127.868936][ T7766]  ? __wake_up_klogd.part.0+0x99/0xf0
[  127.870746][ T7766]  sg_common_write.constprop.0+0xfbf/0x1c60
[  127.872734][ T7766]  ? __pfx_sg_common_write.constprop.0+0x10/0x10
[  127.874521][ T7766]  ? __might_fault+0xe3/0x190
[  127.875749][ T7766]  ? __pfx____ratelimit+0x10/0x10
[  127.877103][ T7766]  sg_write+0x81c/0xe00
[  127.878200][ T7766]  ? __pfx_sg_write+0x10/0x10
[  127.879447][ T7766]  ? aa_file_perm+0x4d5/0xfe0
[  127.881004][ T7766]  ? find_held_lock+0x2d/0x110
[  127.882755][ T7766]  ? apparmor_file_permission+0x251/0x400
[  127.884434][ T7766]  ? bpf_lsm_file_permission+0x9/0x10
[  127.886204][ T7766]  ? security_file_permission+0x71/0x210
[  127.888019][ T7766]  ? __pfx_sg_write+0x10/0x10
[  127.889599][ T7766]  vfs_write+0x24c/0x1150
[  127.891034][ T7766]  ? __fget_files+0x1fc/0x3a0
[  127.892264][ T7766]  ? __pfx_lock_release+0x10/0x10
[  127.893597][ T7766]  ? __pfx_vfs_write+0x10/0x10
[  127.894847][ T7766]  ? lock_acquire+0x2f/0xb0
[  127.896043][ T7766]  ? __fget_files+0x40/0x3a0
[  127.897271][ T7766]  ? __fget_files+0x206/0x3a0
[  127.898511][ T7766]  ksys_write+0x12b/0x250
[  127.899642][ T7766]  ? __pfx_ksys_write+0x10/0x10
[  127.900927][ T7766]  __do_fast_syscall_32+0x73/0x120
[  127.902525][ T7766]  do_fast_syscall_32+0x32/0x80
[  127.904179][ T7766]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  127.906254][ T7766] RIP: 0023:0xf7f46579
[  127.907632][ T7766] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  127.913942][ T7766] RSP: 002b:00000000f508457c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  127.916717][ T7766] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000200
[  127.919697][ T7766] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  127.922347][ T7766] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  127.924774][ T7766] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  127.927272][ T7766] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  127.929940][ T7766]  </TASK>
[  127.949704][ T5980] usb 9-1: USB disconnect, device number 3
[  127.967701][ T1322] libceph: connect (1)[c::]:6789 error -101
[  127.969998][ T1322] libceph: mon0 (1)[c::]:6789 connect error
[  128.232260][ T1322] libceph: connect (1)[c::]:6789 error -101
[  128.234565][ T1322] libceph: mon0 (1)[c::]:6789 connect error
[  128.732354][ T5946] Bluetooth: hci4: command tx timeout
[  128.741822][ T1322] libceph: connect (1)[c::]:6789 error -101
[  128.743574][ T1322] libceph: mon0 (1)[c::]:6789 connect error
[  128.792229][ T7769] ceph: No mds server is up or the cluster is laggy
[  128.910692][ T7792] tmpfs: Unknown parameter '’’’’’’’’18446744073709551615'
[  129.499294][ T7808] FAULT_INJECTION: forcing a failure.
[  129.499294][ T7808] name failslab, interval 1, probability 0, space 0, times 0
[  129.504230][ T7808] CPU: 3 UID: 0 PID: 7808 Comm: syz.0.480 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  129.507062][ T7808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.509885][ T7808] Call Trace:
[  129.510851][ T7808]  <TASK>
[  129.511655][ T7808]  dump_stack_lvl+0x16c/0x1f0
[  129.512932][ T7808]  should_fail_ex+0x497/0x5b0
[  129.514188][ T7808]  ? fs_reclaim_acquire+0xae/0x150
[  129.515583][ T7808]  should_failslab+0xc2/0x120
[  129.516843][ T7808]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  129.518308][ T7808]  ? __pfx___might_resched+0x10/0x10
[  129.519705][ T7808]  ? __anon_vma_prepare+0xae/0x5e0
[  129.521276][ T7808]  __anon_vma_prepare+0xae/0x5e0
[  129.523084][ T7808]  ? __pfx___pte_alloc+0x10/0x10
[  129.524905][ T7808]  __vmf_anon_prepare+0x11c/0x240
[  129.526786][ T7808]  do_pte_missing+0x1020/0x3e00
[  129.528570][ T7808]  ? mt_find+0x82d/0xa20
[  129.530145][ T7808]  ? __pfx_lock_release+0x10/0x10
[  129.531648][ T7808]  __handle_mm_fault+0x103c/0x2a40
[  129.532980][ T7808]  ? __pfx___handle_mm_fault+0x10/0x10
[  129.534374][ T7808]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  129.535831][ T7808]  ? find_vma+0xc0/0x140
[  129.537260][ T7808]  ? __pfx_find_vma+0x10/0x10
[  129.538934][ T7808]  handle_mm_fault+0x3fa/0xaa0
[  129.540632][ T7808]  do_user_addr_fault+0x7a3/0x13f0
[  129.542433][ T7808]  exc_page_fault+0x5c/0xc0
[  129.544047][ T7808]  asm_exc_page_fault+0x26/0x30
[  129.545738][ T7808] RIP: 0010:_copy_to_user+0xb6/0xd0
[  129.547470][ T7808] Code: 89 ee 48 89 ef e8 fa 83 ff fc 4d 85 ff 75 a8 e8 40 82 ff fc 89 de 4c 89 e7 e8 26 40 62 fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 e6 <f3> a4 0f 1f 00 0f 01 ca 48 89 cb eb 80 66 2e 0f 1f 84 00 00 00 00
[  129.552574][ T7808] RSP: 0018:ffffc90003547c38 EFLAGS: 00050246
[  129.554211][ T7808] RAX: 0000000000000001 RBX: 0000000000000044 RCX: 0000000000000044
[  129.556310][ T7808] RDX: ffffed10053b9a09 RSI: ffff888029dcd000 RDI: 0000000020000380
[  129.558831][ T7808] RBP: 0000000020000380 R08: 0000000000000000 R09: ffffed10053b9a08
[  129.561671][ T7808] R10: ffff888029dcd043 R11: 0000000000000000 R12: ffff888029dcd000
[  129.564491][ T7808] R13: 00000000200003c4 R14: 00007ffffffff000 R15: 0000000000000000
[  129.567219][ T7808]  ? _copy_to_user+0xaa/0xd0
[  129.568812][ T7808]  syslog_print_all+0x1db/0x3f0
[  129.570453][ T7808]  ? __pfx_syslog_print_all+0x10/0x10
[  129.572276][ T7808]  ? ksys_write+0x191/0x250
[  129.573868][ T7808]  ? __mutex_unlock_slowpath+0x164/0x690
[  129.575797][ T7808]  do_syslog+0x326/0x6c0
[  129.577227][ T7808]  ? __pfx_do_syslog+0x10/0x10
[  129.578833][ T7808]  ? __fget_files+0x206/0x3a0
[  129.580398][ T7808]  ? ksys_write+0x1ba/0x250
[  129.581946][ T7808]  ? __pfx_ksys_write+0x10/0x10
[  129.583598][ T7808]  __ia32_sys_syslog+0x73/0xb0
[  129.585278][ T7808]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  129.587537][ T7808]  __do_fast_syscall_32+0x73/0x120
[  129.589272][ T7808]  do_fast_syscall_32+0x32/0x80
[  129.590905][ T7808]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.593035][ T7808] RIP: 0023:0xf7fc3579
[  129.594409][ T7808] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  129.600839][ T7808] RSP: 002b:00000000f514657c EFLAGS: 00000292 ORIG_RAX: 0000000000000067
[  129.603596][ T7808] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000380
[  129.606197][ T7808] RDX: 00000000000000e7 RSI: 0000000000000000 RDI: 0000000000000000
[  129.608811][ T7808] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  129.611436][ T7808] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  129.614056][ T7808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.616717][ T7808]  </TASK>
[  129.794532][ T7812] FAULT_INJECTION: forcing a failure.
[  129.794532][ T7812] name failslab, interval 1, probability 0, space 0, times 0
[  129.797842][ T7812] CPU: 3 UID: 0 PID: 7812 Comm: syz.0.482 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  129.800516][ T7812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.803377][ T7812] Call Trace:
[  129.804238][ T7812]  <TASK>
[  129.805020][ T7812]  dump_stack_lvl+0x16c/0x1f0
[  129.806242][ T7812]  should_fail_ex+0x497/0x5b0
[  129.807463][ T7812]  ? __pfx_lock_release+0x10/0x10
[  129.808771][ T7812]  should_failslab+0xc2/0x120
[  129.810008][ T7812]  __kmalloc_cache_noprof+0x68/0x420
[  129.811422][ T7812]  tipc_enable_bearer+0x732/0xfa0
[  129.812966][ T7812]  ? __pfx_tipc_enable_bearer+0x10/0x10
[  129.814961][ T7812]  ? __nla_parse+0x40/0x60
[  129.816417][ T7812]  __tipc_nl_bearer_enable+0x32a/0x420
[  129.817851][ T7812]  ? __pfx___tipc_nl_bearer_enable+0x10/0x10
[  129.819404][ T7812]  ? __nla_parse+0x40/0x60
[  129.820572][ T7812]  tipc_nl_bearer_enable+0x21/0x40
[  129.821945][ T7812]  genl_family_rcv_msg_doit+0x202/0x2f0
[  129.823435][ T7812]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  129.825022][ T7812]  ? genl_get_cmd+0x195/0x580
[  129.826252][ T7812]  ? __radix_tree_lookup+0x21f/0x2c0
[  129.827619][ T7812]  genl_rcv_msg+0x565/0x800
[  129.828800][ T7812]  ? __pfx_genl_rcv_msg+0x10/0x10
[  129.830106][ T7812]  ? __pfx_tipc_nl_bearer_enable+0x10/0x10
[  129.831641][ T7812]  netlink_rcv_skb+0x165/0x410
[  129.833197][ T7812]  ? __pfx_genl_rcv_msg+0x10/0x10
[  129.835032][ T7812]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  129.836716][ T7812]  ? down_read+0xc9/0x330
[  129.837847][ T7812]  ? __pfx_down_read+0x10/0x10
[  129.839089][ T7812]  ? netlink_deliver_tap+0x1ae/0xca0
[  129.840468][ T7812]  genl_rcv+0x28/0x40
[  129.841634][ T7812]  netlink_unicast+0x53c/0x7f0
[  129.843169][ T7812]  ? __pfx_netlink_unicast+0x10/0x10
[  129.845000][ T7812]  ? __phys_addr_symbol+0x30/0x80
[  129.846559][ T7812]  ? __check_object_size+0x488/0x710
[  129.848000][ T7812]  netlink_sendmsg+0x8b8/0xd70
[  129.849283][ T7812]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.850657][ T7812]  ____sys_sendmsg+0x9ae/0xb40
[  129.852067][ T7812]  ? __pfx_____sys_sendmsg+0x10/0x10
[  129.853828][ T7812]  ? get_compat_msghdr+0x11b/0x170
[  129.855678][ T7812]  ___sys_sendmsg+0x135/0x1e0
[  129.857405][ T7812]  ? __pfx____sys_sendmsg+0x10/0x10
[  129.859225][ T7812]  ? __pfx_lock_release+0x10/0x10
[  129.860569][ T7812]  ? trace_lock_acquire+0x14e/0x1f0
[  129.861977][ T7812]  ? __fget_files+0x206/0x3a0
[  129.863216][ T7812]  __sys_sendmsg+0x16e/0x220
[  129.864414][ T7812]  ? __pfx___sys_sendmsg+0x10/0x10
[  129.865739][ T7812]  __do_fast_syscall_32+0x73/0x120
[  129.867062][ T7812]  do_fast_syscall_32+0x32/0x80
[  129.868325][ T7812]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.869957][ T7812] RIP: 0023:0xf7fc3579
[  129.871013][ T7812] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  129.876022][ T7812] RSP: 002b:00000000f514657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  129.878411][ T7812] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  129.880436][ T7812] RDX: 0000000000048004 RSI: 0000000000000000 RDI: 0000000000000000
[  129.882527][ T7812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  129.884864][ T7812] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  129.886818][ T7812] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.889064][ T7812]  </TASK>
[  129.915958][ T7811] netlink: 64 bytes leftover after parsing attributes in process `syz.3.481'.
[  131.877075][ T7849] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  131.924940][ T7272] udevd[7272]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  132.088621][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[  132.090450][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[  132.299095][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.301718][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.304499][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.307192][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.309864][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.312125][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.314324][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.317013][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.319726][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.323545][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.325656][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.328528][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.331393][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.334720][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.336825][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.338887][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.340969][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.344719][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.347912][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.350642][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.353868][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.356621][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.359316][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.362524][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.365257][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.367963][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.370759][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.374197][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.376899][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.379609][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.382811][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.385535][  T831] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  132.392973][  T831] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  132.810039][ T7888] overlayfs: missing 'lowerdir'
[  132.957773][   T39] audit: type=1400 audit(1733614216.814:76): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=7887 comm="syz.0.505"
[  133.032394][ T7895] netlink: 'syz.4.507': attribute type 1 has an invalid length.
[  133.034595][ T7895] netlink: 236 bytes leftover after parsing attributes in process `syz.4.507'.
[  133.408162][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.508'.
[  133.749309][ T7904] mmap: syz.4.507 (7904) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  134.001618][ T7906] netlink: 180 bytes leftover after parsing attributes in process `syz.0.509'.
[  134.237498][ T7914] FAULT_INJECTION: forcing a failure.
[  134.237498][ T7914] name failslab, interval 1, probability 0, space 0, times 0
[  134.240732][ T7914] CPU: 0 UID: 0 PID: 7914 Comm: syz.3.511 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  134.243538][ T7914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.246332][ T7914] Call Trace:
[  134.247212][ T7914]  <TASK>
[  134.247992][ T7914]  dump_stack_lvl+0x16c/0x1f0
[  134.249240][ T7914]  should_fail_ex+0x497/0x5b0
[  134.250474][ T7914]  ? fs_reclaim_acquire+0xae/0x150
[  134.251805][ T7914]  should_failslab+0xc2/0x120
[  134.253013][ T7914]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  134.254506][ T7914]  ? __alloc_skb+0x2b3/0x380
[  134.255730][ T7914]  __alloc_skb+0x2b3/0x380
[  134.256906][ T7914]  ? __pfx___alloc_skb+0x10/0x10
[  134.258206][ T7914]  netlink_ack+0x164/0xb20
[  134.259374][ T7914]  netlink_rcv_skb+0x327/0x410
[  134.260630][ T7914]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  134.262086][ T7914]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  134.263459][ T7914]  ? __pfx_aa_get_newest_label+0x10/0x10
[  134.264939][ T7914]  ? bpf_lsm_capable+0x9/0x10
[  134.266180][ T7914]  ? security_capable+0x7e/0x260
[  134.267492][ T7914]  ? ns_capable+0xd7/0x110
[  134.268674][ T7914]  nfnetlink_rcv+0x1b4/0x430
[  134.269893][ T7914]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  134.271224][ T7914]  ? netlink_deliver_tap+0x1ae/0xca0
[  134.272598][ T7914]  netlink_unicast+0x53c/0x7f0
[  134.273866][ T7914]  ? __pfx_netlink_unicast+0x10/0x10
[  134.275250][ T7914]  ? __phys_addr_symbol+0x30/0x80
[  134.276565][ T7914]  ? __check_object_size+0x4a1/0x710
[  134.277951][ T7914]  netlink_sendmsg+0x8b8/0xd70
[  134.279199][ T7914]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.280576][ T7914]  ____sys_sendmsg+0x9ae/0xb40
[  134.281831][ T7914]  ? __pfx_____sys_sendmsg+0x10/0x10
[  134.283206][ T7914]  ? get_compat_msghdr+0x11b/0x170
[  134.284542][ T7914]  ___sys_sendmsg+0x135/0x1e0
[  134.285752][ T7914]  ? __pfx____sys_sendmsg+0x10/0x10
[  134.287089][ T7914]  ? __pfx_lock_release+0x10/0x10
[  134.288397][ T7914]  ? trace_lock_acquire+0x14e/0x1f0
[  134.289768][ T7914]  ? __fget_files+0x206/0x3a0
[  134.290998][ T7914]  __sys_sendmsg+0x16e/0x220
[  134.292209][ T7914]  ? __pfx___sys_sendmsg+0x10/0x10
[  134.293563][ T7914]  __do_fast_syscall_32+0x73/0x120
[  134.294899][ T7914]  do_fast_syscall_32+0x32/0x80
[  134.296175][ T7914]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.297788][ T7914] RIP: 0023:0xf7f46579
[  134.298845][ T7914] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.303780][ T7914] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  134.305927][ T7914] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  134.307970][ T7914] RDX: 0000000000040050 RSI: 0000000000000000 RDI: 0000000000000000
[  134.310019][ T7914] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  134.312046][ T7914] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.314099][ T7914] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.316171][ T7914]  </TASK>
[  136.208334][ T7941] binder: 7937:7941 ioctl c0046209 0 returned -22
[  137.107771][ T7960] FAULT_INJECTION: forcing a failure.
[  137.107771][ T7960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.111262][ T7960] CPU: 1 UID: 0 PID: 7960 Comm: syz.2.526 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  137.113994][ T7960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.116767][ T7960] Call Trace:
[  137.117648][ T7960]  <TASK>
[  137.118426][ T7960]  dump_stack_lvl+0x16c/0x1f0
[  137.119663][ T7960]  should_fail_ex+0x497/0x5b0
[  137.120910][ T7960]  _copy_to_user+0x32/0xd0
[  137.122081][ T7960]  simple_read_from_buffer+0xd0/0x160
[  137.123473][ T7960]  proc_fail_nth_read+0x198/0x270
[  137.124765][ T7960]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.126191][ T7960]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.127607][ T7960]  vfs_read+0x1df/0xbe0
[  137.128706][ T7960]  ? __fget_files+0x1fc/0x3a0
[  137.129961][ T7960]  ? __pfx___mutex_lock+0x10/0x10
[  137.131547][ T7960]  ? __pfx_vfs_read+0x10/0x10
[  137.132932][ T7960]  ? __fget_files+0x206/0x3a0
[  137.134398][ T7960]  ksys_read+0x12b/0x250
[  137.135834][ T7960]  ? __pfx_ksys_read+0x10/0x10
[  137.137457][ T7960]  __do_fast_syscall_32+0x73/0x120
[  137.139175][ T7960]  do_fast_syscall_32+0x32/0x80
[  137.140828][ T7960]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.142952][ T7960] RIP: 0023:0xf7f95579
[  137.144323][ T7960] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  137.150703][ T7960] RSP: 002b:00000000f51165b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  137.153680][ T7960] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5116620
[  137.156012][ T7960] RDX: 000000000000000f RSI: 00000000f7420ff4 RDI: 0000000000000000
[  137.158114][ T7960] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  137.160170][ T7960] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  137.162249][ T7960] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  137.164314][ T7960]  </TASK>
[  137.380304][ T5980] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  137.531635][ T5980] usb 9-1: Using ep0 maxpacket: 8
[  137.536280][ T5980] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.539675][ T5980] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  137.542515][ T5980] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  137.546131][ T5980] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  137.549373][ T5980] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  137.551923][ T5980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.563898][ T5980] hub 9-1:1.0: bad descriptor, ignoring hub
[  137.565757][ T5980] hub 9-1:1.0: probe with driver hub failed with error -5
[  137.569812][ T5980] cdc_wdm 9-1:1.0: skipping garbage
[  137.571381][ T5980] cdc_wdm 9-1:1.0: skipping garbage
[  137.574823][ T5980] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  137.576761][ T5980] cdc_wdm 9-1:1.0: Unknown control protocol
[  138.131043][ T7978] binder: 7975:7978 ioctl c0046209 0 returned -22
[  138.279278][ T7991] FAULT_INJECTION: forcing a failure.
[  138.279278][ T7991] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.286087][ T7991] CPU: 0 UID: 0 PID: 7991 Comm: syz.2.536 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  138.289771][ T7991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  138.293619][ T7991] Call Trace:
[  138.294774][ T7991]  <TASK>
[  138.295808][ T7991]  dump_stack_lvl+0x16c/0x1f0
[  138.297445][ T7991]  should_fail_ex+0x497/0x5b0
[  138.299090][ T7991]  _copy_from_iter+0x29b/0x1400
[  138.300744][ T7991]  ? trace_lock_acquire+0x14e/0x1f0
[  138.302549][ T7991]  ? __pfx__copy_from_iter+0x10/0x10
[  138.304393][ T7991]  ? __virt_addr_valid+0x1a4/0x590
[  138.306241][ T7991]  ? __virt_addr_valid+0x5e/0x590
[  138.308068][ T7991]  ? const_folio_flags.constprop.0+0x56/0x150
[  138.310260][ T7991]  ? __phys_addr_symbol+0x30/0x80
[  138.312070][ T7991]  ? __check_object_size+0x488/0x710
[  138.314012][ T7991]  skb_copy_datagram_from_iter+0x124/0x710
[  138.316160][ T7991]  ? iov_iter_single_seg_count+0x132/0x360
[  138.318268][ T7991]  tun_get_user+0x197f/0x3e30
[  138.320013][ T7991]  ? find_held_lock+0x2d/0x110
[  138.321533][ T7991]  ? __pfx_tun_get_user+0x10/0x10
[  138.322970][ T7991]  ? find_held_lock+0x2d/0x110
[  138.324162][ T7991]  ? __pfx_lock_release+0x10/0x10
[  138.325480][ T7991]  tun_chr_write_iter+0xdc/0x210
[  138.326789][ T7991]  vfs_write+0x5ae/0x1150
[  138.327932][ T7991]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  138.329344][ T7991]  ? __pfx_vfs_write+0x10/0x10
[  138.330558][ T7991]  ? __fget_files+0x40/0x3a0
[  138.331751][ T7991]  ksys_write+0x12b/0x250
[  138.332864][ T7991]  ? __pfx_ksys_write+0x10/0x10
[  138.334109][ T7991]  __do_fast_syscall_32+0x73/0x120
[  138.335392][ T7991]  do_fast_syscall_32+0x32/0x80
[  138.336646][ T7991]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  138.338302][ T7991] RIP: 0023:0xf7f95579
[  138.339384][ T7991] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  138.344257][ T7991] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  138.346364][ T7991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[  138.348352][ T7991] RDX: 000000000000003a RSI: 0000000000000000 RDI: 0000000000000000
[  138.350291][ T7991] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  138.352228][ T7991] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  138.354251][ T7991] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  138.356327][ T7991]  </TASK>
[  138.472515][ T7958] usb 9-1: reset high-speed USB device number 4 using dummy_hcd
[  138.623519][ T7958] usb 9-1: device firmware changed
[  138.632441][ T7958] cdc_wdm 9-1:1.0: Error autopm - -16
[  138.632580][ T5980] usb 9-1: USB disconnect, device number 4
[  138.771651][ T5980] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  138.921723][ T5980] usb 9-1: Using ep0 maxpacket: 8
[  138.925364][ T5980] usb 9-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[  138.929015][ T5980] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  138.931307][ T5980] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  138.934893][ T5980] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  138.937859][ T5980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.944577][ T5980] hub 9-1:1.0: bad descriptor, ignoring hub
[  138.946430][ T5980] hub 9-1:1.0: probe with driver hub failed with error -5
[  138.949479][ T5980] cdc_wdm 9-1:1.0: skipping garbage
[  138.950919][ T5980] cdc_wdm 9-1:1.0: skipping garbage
[  138.952418][ T5980] cdc_wdm 9-1:1.0: probe with driver cdc_wdm failed with error -22
[  139.231413][ T8006] tipc: Started in network mode
[  139.235854][ T8006] tipc: Node identity fe80000000000000000000000000000f, cluster identity 4711
[  139.239205][ T8006] tipc: Enabled bearer <udp:syz0>, priority 10
[  139.261820][   T63] usb 9-1: USB disconnect, device number 5
[  139.772969][ T8021] overlayfs: missing 'lowerdir'
[  139.800780][ T8022] binder: 8016:8022 ioctl c0046209 0 returned -22
[  139.918121][   T39] audit: type=1400 audit(1733614223.774:77): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=8020 comm="syz.4.546"
[  140.231658][   T63] tipc: Node number set to 4269801487
[  140.443664][ T8031] netlink: 64 bytes leftover after parsing attributes in process `syz.0.549'.
[  140.522089][ T8038] overlayfs: missing 'lowerdir'
[  140.726560][   T39] audit: type=1400 audit(1733614224.584:78): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=8037 comm="syz.0.552"
[  141.478752][ T8057] FAULT_INJECTION: forcing a failure.
[  141.478752][ T8057] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.483535][ T8057] CPU: 0 UID: 0 PID: 8057 Comm: syz.2.557 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  141.486259][ T8057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  141.488967][ T8057] Call Trace:
[  141.489823][ T8057]  <TASK>
[  141.490608][ T8057]  dump_stack_lvl+0x16c/0x1f0
[  141.491957][ T8057]  should_fail_ex+0x497/0x5b0
[  141.493216][ T8057]  _copy_to_user+0x32/0xd0
[  141.494384][ T8057]  simple_read_from_buffer+0xd0/0x160
[  141.495806][ T8057]  proc_fail_nth_read+0x198/0x270
[  141.497122][ T8057]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  141.498549][ T8057]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  141.499975][ T8057]  vfs_read+0x1df/0xbe0
[  141.501096][ T8057]  ? __fget_files+0x1fc/0x3a0
[  141.502313][ T8057]  ? __pfx___mutex_lock+0x10/0x10
[  141.503615][ T8057]  ? __pfx_vfs_read+0x10/0x10
[  141.504843][ T8057]  ? __fget_files+0x206/0x3a0
[  141.506063][ T8057]  ksys_read+0x12b/0x250
[  141.507125][ T8057]  ? __pfx_ksys_read+0x10/0x10
[  141.508304][ T8057]  __do_fast_syscall_32+0x73/0x120
[  141.509573][ T8057]  do_fast_syscall_32+0x32/0x80
[  141.510831][ T8057]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  141.512448][ T8057] RIP: 0023:0xf7f95579
[  141.513511][ T8057] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  141.518422][ T8057] RSP: 002b:00000000f51165b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  141.520553][ T8057] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5116620
[  141.522674][ T8057] RDX: 000000000000000f RSI: 00000000f7420ff4 RDI: 0000000000000000
[  141.524696][ T8057] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  141.526720][ T8057] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  141.528731][ T8057] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  141.530829][ T8057]  </TASK>
[  141.830617][ T8070] netlink: 12 bytes leftover after parsing attributes in process `syz.2.559'.
[  141.858671][ T8073] FAULT_INJECTION: forcing a failure.
[  141.858671][ T8073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.887872][ T8069] afs: Unknown parameter '00000000000000000005'
[  141.890066][ T8073] CPU: 3 UID: 0 PID: 8073 Comm: syz.3.562 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  141.890092][ T8073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  141.890103][ T8073] Call Trace:
[  141.890109][ T8073]  <TASK>
[  141.890116][ T8073]  dump_stack_lvl+0x16c/0x1f0
[  141.890143][ T8073]  should_fail_ex+0x497/0x5b0
[  141.890170][ T8073]  strncpy_from_user+0x3b/0x2d0
[  141.890193][ T8073]  bpf_prog_load+0x1c3f/0x2670
[  141.890215][ T8073]  ? __pfx_bpf_prog_load+0x10/0x10
[  141.890232][ T8073]  ? find_held_lock+0x2d/0x110
[  141.890255][ T8073]  ? __might_fault+0x13b/0x190
[  141.890293][ T8073]  ? __might_fault+0xe3/0x190
[  141.890323][ T8073]  __sys_bpf+0x5677/0x57a0
[  141.890341][ T8073]  ? __pfx_lock_release+0x10/0x10
[  141.890358][ T8073]  ? __pfx___sys_bpf+0x10/0x10
[  141.890374][ T8073]  ? vfs_write+0x306/0x1150
[  141.890400][ T8073]  ? __mutex_unlock_slowpath+0x164/0x690
[  141.890435][ T8073]  ? fput+0x67/0x440
[  141.890458][ T8073]  ? ksys_write+0x1ba/0x250
[  141.890477][ T8073]  ? __pfx_ksys_write+0x10/0x10
[  141.890499][ T8073]  __ia32_sys_bpf+0x76/0xe0
[  141.890518][ T8073]  __do_fast_syscall_32+0x73/0x120
[  141.890543][ T8073]  do_fast_syscall_32+0x32/0x80
[  141.890565][ T8073]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  141.890592][ T8073] RIP: 0023:0xf7f46579
[  141.890605][ T8073] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  141.890622][ T8073] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  141.890642][ T8073] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000440
[  141.890654][ T8073] RDX: 0000000000000070 RSI: 0000000000000000 RDI: 0000000000000000
[  141.890665][ T8073] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  141.890674][ T8073] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  141.890685][ T8073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  141.890707][ T8073]  </TASK>
[  141.897178][ T8064] afs: Unknown parameter 'fnock'
[  142.604036][ T8085] FAULT_INJECTION: forcing a failure.
[  142.604036][ T8085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.604064][ T8085] CPU: 0 UID: 0 PID: 8085 Comm: syz.0.566 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  142.604086][ T8085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.604098][ T8085] Call Trace:
[  142.604104][ T8085]  <TASK>
[  142.604111][ T8085]  dump_stack_lvl+0x16c/0x1f0
[  142.604138][ T8085]  should_fail_ex+0x497/0x5b0
[  142.604166][ T8085]  _copy_to_user+0x32/0xd0
[  142.604195][ T8085]  bpf_test_finish.isra.0+0x55f/0x680
[  142.604228][ T8085]  ? lock_acquire+0x2f/0xb0
[  142.604245][ T8085]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  142.604278][ T8085]  ? _copy_from_user+0x59/0xd0
[  142.604309][ T8085]  bpf_prog_test_run_xdp+0xa13/0x1580
[  142.604335][ T8085]  ? lock_acquire+0x2f/0xb0
[  142.604351][ T8085]  ? __fget_files+0x40/0x3a0
[  142.604372][ T8085]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  142.604394][ T8085]  ? __fget_files+0x206/0x3a0
[  142.604418][ T8085]  ? fput+0x67/0x440
[  142.604443][ T8085]  ? __bpf_prog_get+0xa0/0x290
[  142.604469][ T8085]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  142.637767][ T8085]  __sys_bpf+0x1921/0x57a0
[  142.637787][ T8085]  ? __pfx_lock_release+0x10/0x10
[  142.637798][ T8085]  ? __pfx___sys_bpf+0x10/0x10
[  142.637808][ T8085]  ? vfs_write+0x306/0x1150
[  142.637823][ T8085]  ? __mutex_unlock_slowpath+0x164/0x690
[  142.644190][ T8085]  ? fput+0x67/0x440
[  142.644207][ T8085]  ? ksys_write+0x1ba/0x250
[  142.644218][ T8085]  ? __pfx_ksys_write+0x10/0x10
[  142.644232][ T8085]  __ia32_sys_bpf+0x76/0xe0
[  142.648902][ T8085]  __do_fast_syscall_32+0x73/0x120
[  142.648920][ T8085]  do_fast_syscall_32+0x32/0x80
[  142.648933][ T8085]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  142.653153][ T8085] RIP: 0023:0xf7fc3579
[  142.653165][ T8085] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  142.653176][ T8085] RSP: 002b:00000000f514657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  142.653188][ T8085] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000500
[  142.653195][ T8085] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000
[  142.653201][ T8085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  142.653207][ T8085] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  142.653214][ T8085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  142.653226][ T8085]  </TASK>
[  142.807042][ T8088] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967293 > 32)
[  142.876573][ T8094] netlink: 64 bytes leftover after parsing attributes in process `syz.2.570'.
[  143.194663][ T8106] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  143.284224][ T8109] FAULT_INJECTION: forcing a failure.
[  143.284224][ T8109] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.287642][ T8109] CPU: 3 UID: 0 PID: 8109 Comm: syz.4.574 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  143.290362][ T8109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  143.293339][ T8109] Call Trace:
[  143.294341][ T8109]  <TASK>
[  143.295387][ T8109]  dump_stack_lvl+0x16c/0x1f0
[  143.297041][ T8109]  should_fail_ex+0x497/0x5b0
[  143.298701][ T8109]  _copy_from_user+0x2e/0xd0
[  143.300048][ T8109]  get_compat_msghdr+0xa8/0x170
[  143.301336][ T8109]  ? __pfx_get_compat_msghdr+0x10/0x10
[  143.302777][ T8109]  ___sys_sendmsg+0x1b0/0x1e0
[  143.304163][ T8109]  ? __pfx____sys_sendmsg+0x10/0x10
[  143.305706][ T8109]  ? __pfx_lock_release+0x10/0x10
[  143.307285][ T8109]  ? trace_lock_acquire+0x14e/0x1f0
[  143.308649][ T8109]  ? __fget_files+0x206/0x3a0
[  143.310130][ T8109]  __sys_sendmsg+0x16e/0x220
[  143.311707][ T8109]  ? __pfx___sys_sendmsg+0x10/0x10
[  143.313484][ T8109]  __do_fast_syscall_32+0x73/0x120
[  143.315241][ T8109]  do_fast_syscall_32+0x32/0x80
[  143.316915][ T8109]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  143.319027][ T8109] RIP: 0023:0xf7f74579
[  143.320403][ T8109] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  143.326591][ T8109] RSP: 002b:00000000f50f657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  143.328740][ T8109] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000780
[  143.330889][ T8109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  143.333308][ T8109] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  143.335377][ T8109] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  143.337422][ T8109] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  143.339457][ T8109]  </TASK>
[  143.873659][ T8129] netlink: 28 bytes leftover after parsing attributes in process `syz.0.581'.
[  143.902348][ T8130] netlink: 28 bytes leftover after parsing attributes in process `syz.0.581'.
[  144.098245][ T8136] netlink: 1268 bytes leftover after parsing attributes in process `syz.3.584'.
[  144.100555][ T8136] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  144.419655][ T8144] trusted_key: syz.0.586 sent an empty control message without MSG_MORE.
[  144.606844][ T8159] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  145.028309][ T8164] dccp_close: ABORT with 7183 bytes unread
[  145.089305][ T8169] netlink: 1268 bytes leftover after parsing attributes in process `syz.2.595'.
[  145.092693][ T8169] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  145.138232][ T8171] FAULT_INJECTION: forcing a failure.
[  145.138232][ T8171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.142081][ T8171] CPU: 2 UID: 0 PID: 8171 Comm: syz.2.596 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  145.144826][ T8171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  145.147600][ T8171] Call Trace:
[  145.148454][ T8171]  <TASK>
[  145.149230][ T8171]  dump_stack_lvl+0x16c/0x1f0
[  145.150453][ T8171]  should_fail_ex+0x497/0x5b0
[  145.151884][ T8171]  _copy_from_user+0x2e/0xd0
[  145.153384][ T8171]  get_compat_msghdr+0xa8/0x170
[  145.154662][ T8171]  ? __pfx_get_compat_msghdr+0x10/0x10
[  145.156133][ T8171]  ___sys_recvmsg+0x193/0x1a0
[  145.157374][ T8171]  ? __pfx____sys_recvmsg+0x10/0x10
[  145.158716][ T8171]  ? __fget_files+0x1fc/0x3a0
[  145.159927][ T8171]  ? trace_lock_acquire+0x14e/0x1f0
[  145.161278][ T8171]  ? __fget_files+0x206/0x3a0
[  145.162559][ T8171]  ? __pfx___might_resched+0x10/0x10
[  145.163924][ T8171]  do_recvmmsg+0x55d/0x740
[  145.165111][ T8171]  ? __pfx_do_recvmmsg+0x10/0x10
[  145.166444][ T8171]  ? vfs_write+0x306/0x1150
[  145.167627][ T8171]  ? __fget_files+0x206/0x3a0
[  145.168881][ T8171]  __sys_recvmmsg+0x21e/0x280
[  145.170237][ T8171]  ? __pfx___sys_recvmmsg+0x10/0x10
[  145.171588][ T8171]  ? __pfx_ksys_write+0x10/0x10
[  145.172983][ T8171]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  145.175049][ T8171]  ? lockdep_hardirqs_on+0x7c/0x110
[  145.176679][ T8171]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  145.178405][ T8171]  __do_fast_syscall_32+0x73/0x120
[  145.179836][ T8171]  do_fast_syscall_32+0x32/0x80
[  145.181110][ T8171]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  145.182771][ T8171] RIP: 0023:0xf7f95579
[  145.183872][ T8171] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  145.188827][ T8171] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  145.190954][ T8171] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020003700
[  145.192981][ T8171] RDX: 0000000000000600 RSI: 0000000000000000 RDI: 0000000000000000
[  145.195110][ T8171] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  145.197292][ T8171] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  145.199408][ T8171] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  145.201531][ T8171]  </TASK>
[  145.596984][ T8195] binder: 8190:8195 ioctl c0046209 0 returned -22
[  145.901517][ T8199] netlink: 1268 bytes leftover after parsing attributes in process `syz.0.606'.
[  145.905532][ T8199] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  146.055659][ T8206] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  146.058997][ T8206] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  146.062279][ T8206] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  146.065305][ T8206] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  146.068251][ T8206] vxlan0: entered promiscuous mode
[  146.069798][ T8206] vxlan0: entered allmulticast mode
[  146.075077][ T8206] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  146.078165][ T8206] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  146.081444][ T8206] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  146.084812][ T8206] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  146.417468][ T8213] netlink: 'syz.3.611': attribute type 27 has an invalid length.
[  146.418294][ T8210] FAULT_INJECTION: forcing a failure.
[  146.418294][ T8210] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.428188][ T8210] CPU: 0 UID: 0 PID: 8210 Comm: syz.2.610 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  146.431103][ T8210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.434170][ T8210] Call Trace:
[  146.435192][ T8210]  <TASK>
[  146.436098][ T8210]  dump_stack_lvl+0x16c/0x1f0
[  146.437750][ T8210]  should_fail_ex+0x497/0x5b0
[  146.439462][ T8210]  __kvm_read_guest_page+0x16b/0x210
[  146.441133][ T8210]  kvm_fetch_guest_virt+0x128/0x1a0
[  146.442593][ T8210]  __do_insn_fetch_bytes+0x506/0x730
[  146.444068][ T8210]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  146.445777][ T8210]  ? __pfx_x86_decode_insn+0x10/0x10
[  146.447256][ T8210]  ? init_decode_cache+0xd/0x210
[  146.448652][ T8210]  ? kvm_vm_ioctl_set_msr_filter+0x50/0x990
[  146.450271][ T8210]  x86_decode_insn+0x1888/0x55d0
[  146.451939][ T8210]  ? mark_lock+0xb5/0xc60
[  146.453538][ T8210]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  146.455466][ T8210]  ? __pfx_x86_decode_insn+0x10/0x10
[  146.457165][ T8210]  ? init_decode_cache+0xd/0x210
[  146.458689][ T8210]  ? kvm_vm_ioctl_set_msr_filter+0x50/0x990
[  146.460303][ T8210]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  146.461923][ T8210]  ? rcu_qs+0x2b/0xe0
[  146.463028][ T8210]  ? __pfx_mark_lock+0x10/0x10
[  146.464380][ T8210]  ? clear_bhb_loop+0x35/0x90
[  146.465800][ T8210]  x86_emulate_instruction+0x975/0x1a50
[  146.467312][ T8210]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  146.468943][ T8210]  handle_io+0x261/0x2b0
[  146.470110][ T8210]  ? __pfx_handle_io+0x10/0x10
[  146.471444][ T8210]  vmx_handle_exit+0x733/0x1f70
[  146.472884][ T8210]  vcpu_run+0x2aaf/0x4c00
[  146.474088][ T8210]  ? __pfx_vcpu_run+0x10/0x10
[  146.475512][ T8210]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  146.477062][ T8210]  ? rcu_is_watching+0x12/0xc0
[  146.478371][ T8210]  ? trace_lock_acquire+0x14e/0x1f0
[  146.480000][ T8210]  ? __local_bh_enable_ip+0xa4/0x120
[  146.482119][ T8210]  ? lockdep_hardirqs_on+0x7c/0x110
[  146.484006][ T8210]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  146.485889][ T8210]  ? lock_acquire+0x2f/0xb0
[  146.487208][ T8210]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  146.488742][ T8210]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  146.490175][ T8210]  kvm_vcpu_ioctl+0x6ce/0x1520
[  146.491428][ T8210]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  146.492959][ T8210]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  146.494346][ T8210]  ? tomoyo_path_number_perm+0x190/0x5b0
[  146.496256][ T8210]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  146.498281][ T8210]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  146.499900][ T8210]  ? do_vfs_ioctl+0x513/0x1950
[  146.501208][ T8210]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  146.502562][ T8210]  ? __pfx_lock_release+0x10/0x10
[  146.503727][ T8210]  ? trace_lock_acquire+0x14e/0x1f0
[  146.504201][ T8215] ax25_connect(): syz.3.611 uses autobind, please contact jreuter@yaina.de
[  146.505134][ T8210]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  146.505158][ T8210]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  146.510744][ T8210]  ? __fget_files+0x206/0x3a0
[  146.512058][ T8210]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  146.513601][ T8210]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  146.515011][ T8210]  __do_fast_syscall_32+0x73/0x120
[  146.516438][ T8210]  do_fast_syscall_32+0x32/0x80
[  146.518029][ T8210]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  146.519735][ T8210] RIP: 0023:0xf7f95579
[  146.520848][ T8210] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  146.526328][ T8210] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  146.528636][ T8210] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  146.530742][ T8210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  146.532830][ T8210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  146.535020][ T8210] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  146.537782][ T8210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  146.540537][ T8210]  </TASK>
[  146.929640][ T8231] netlink: 1268 bytes leftover after parsing attributes in process `syz.0.616'.
[  146.941918][ T8231] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  146.957384][   T39] audit: type=1326 audit(1733614230.814:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8232 comm="syz.3.617" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f46579 code=0x0
[  146.986673][ T8236] FAULT_INJECTION: forcing a failure.
[  146.986673][ T8236] name failslab, interval 1, probability 0, space 0, times 0
[  146.990988][ T8236] CPU: 1 UID: 0 PID: 8236 Comm: syz.4.618 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  146.994671][ T8236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.997922][ T8236] Call Trace:
[  146.999015][ T8236]  <TASK>
[  146.999913][ T8236]  dump_stack_lvl+0x16c/0x1f0
[  147.001127][ T8236]  should_fail_ex+0x497/0x5b0
[  147.002575][ T8236]  ? fs_reclaim_acquire+0xae/0x150
[  147.004163][ T8236]  should_failslab+0xc2/0x120
[  147.005720][ T8236]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  147.007464][ T8236]  ? __pfx___might_resched+0x10/0x10
[  147.008753][ T8236]  ? alloc_vmap_area+0x636/0x2a70
[  147.009962][ T8236]  alloc_vmap_area+0x636/0x2a70
[  147.011103][ T8236]  ? __pfx_alloc_vmap_area+0x10/0x10
[  147.012384][ T8236]  __get_vm_area_node+0x19e/0x2f0
[  147.013883][ T8236]  ? trace_contention_end+0xee/0x140
[  147.015545][ T8236]  vmap+0x15a/0x350
[  147.016763][ T8236]  ? qp_host_map_queues+0x26c/0x380
[  147.018289][ T8236]  ? vmci_qp_broker_unmap+0x8d3/0xb00
[  147.019982][ T8236]  ? __pfx_vmap+0x10/0x10
[  147.021358][ T8236]  ? __pfx___mutex_lock+0x10/0x10
[  147.022617][ T8236]  qp_host_map_queues+0x26c/0x380
[  147.024144][ T8236]  ? __pfx_qp_host_map_queues+0x10/0x10
[  147.025931][ T8236]  vmci_qp_broker_unmap+0x805/0xb00
[  147.027498][ T8236]  ? __pfx_vmci_qp_broker_unmap+0x10/0x10
[  147.029233][ T8236]  ? __might_fault+0xe3/0x190
[  147.030763][ T8236]  vmci_host_unlocked_ioctl+0xd74/0x1fb0
[  147.032441][ T8236]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  147.034123][ T8236]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  147.035728][ T8236]  ? __pfx_lock_release+0x10/0x10
[  147.037306][ T8236]  ? trace_lock_acquire+0x14e/0x1f0
[  147.038704][ T8236]  ? __fget_files+0x206/0x3a0
[  147.040057][ T8236]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  147.041971][ T8236]  compat_ptr_ioctl+0x6b/0xa0
[  147.043491][ T8236]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  147.045170][ T8236]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  147.046834][ T8236]  __do_fast_syscall_32+0x73/0x120
[  147.048333][ T8236]  do_fast_syscall_32+0x32/0x80
[  147.049899][ T8236]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.051872][ T8236] RIP: 0023:0xf7f74579
[  147.053047][ T8236] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.058707][ T8236] RSP: 002b:00000000f50f657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  147.061371][ T8236] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000007a4
[  147.063508][ T8236] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  147.065857][ T8236] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.068272][ T8236] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  147.070392][ T8236] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.072862][ T8236]  </TASK>
[  147.073936][    C1] vkms_vblank_simulate: vblank timer overrun
[  147.078431][ T8236] vmap failed
[  147.079376][ T8236] Failed to save queue headers for queue pair (handle=0x4db:0x0,result=-3)
[  147.179552][ T8240] binder: 8237:8240 ioctl c0046209 0 returned -22
[  147.964281][ T8256] tipc: Enabled bearer <eth:team0>, priority 6
[  148.120821][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.125091][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.126997][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.129270][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.134378][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.137000][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.139509][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.145947][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.148471][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.150928][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.155555][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.158244][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.160825][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.168219][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.170849][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.212823][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.215452][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.218024][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.220562][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.223411][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.225994][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.228534][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.231061][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.234184][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.236748][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.239285][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.242054][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.244604][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.247183][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.249712][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.252343][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.254881][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.257436][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.259953][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.262573][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.265242][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.452258][ T8273] usb 1-1: USB disconnect, device number 2
[  148.490257][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.492272][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.494177][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.496110][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.498050][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.499954][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.501942][ T6434] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  148.538174][ T6434] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  148.899515][ T8282] binder: 8277:8282 ioctl c0046209 0 returned -22
[  148.921629][ T6005] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  148.926897][ T8285] overlayfs: missing 'lowerdir'
[  149.101605][ T6005] usb 8-1: Using ep0 maxpacket: 8
[  149.104516][ T6005] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  149.107317][ T6005] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  149.116027][ T6005] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  149.128507][ T6005] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  149.140700][ T6005] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  149.143929][ T6005] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.633062][ T6005] usb 8-1: GET_CAPABILITIES returned 0
[  149.635201][ T6005] usbtmc 8-1:16.0: can't read capabilities
[  149.677924][ T6005] usb 8-1: USB disconnect, device number 5
[  150.014516][ T8298] netlink: 32 bytes leftover after parsing attributes in process `syz.2.636'.
[  150.265738][ T8304] netlink: 64 bytes leftover after parsing attributes in process `syz.2.638'.
[  150.490714][ T8323] overlayfs: missing 'lowerdir'
[  150.871012][ T5979] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  150.902772][ T8336] netlink: 12 bytes leftover after parsing attributes in process `syz.2.650'.
[  151.101627][ T5979] usb 8-1: Using ep0 maxpacket: 8
[  151.105071][ T5979] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  151.107556][ T5979] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  151.110062][ T5979] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  151.112822][ T5979] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  151.116127][ T5979] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  151.118838][ T5979] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.123169][ T8341] netlink: 64 bytes leftover after parsing attributes in process `syz.4.652'.
[  151.333386][ T5979] usb 8-1: GET_CAPABILITIES returned 0
[  151.334913][ T5979] usbtmc 8-1:16.0: can't read capabilities
[  152.005361][ T8347] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  152.007583][ T8347] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  152.019179][ T8347] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  152.031917][    T8] usb 8-1: USB disconnect, device number 6
[  152.115531][ T8365] random: crng reseeded on system resumption
[  152.128709][ T8365] Restarting kernel threads ... done.
[  152.253562][ T8375] netlink: 12 bytes leftover after parsing attributes in process `syz.2.664'.
[  153.212964][ T8396] netlink: 56 bytes leftover after parsing attributes in process `syz.3.670'.
[  153.291718][ T5946] Bluetooth: hci4: command 0x0c1a tx timeout
[  153.973477][   T39] audit: type=1326 audit(1733614237.834:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.0.672" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0
[  155.040722][ T8425] binder: 8420:8425 ioctl c0046209 0 returned -22
[  155.142708][ T8428] overlayfs: missing 'lowerdir'
[  155.311346][   T39] audit: type=1400 audit(1733614239.164:81): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=8427 comm="syz.0.680"
[  155.371649][ T5946] Bluetooth: hci4: command 0x0c1a tx timeout
[  156.318120][ T6434] libceph: connect (1)[c::]:6789 error -101
[  156.319836][ T6434] libceph: mon0 (1)[c::]:6789 connect error
[  156.505532][    T8] kernel write not supported for file bpf-map (pid: 8 comm: kworker/0:0)
[  156.649063][    T8] libceph: connect (1)[c::]:6789 error -101
[  156.651181][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  157.129453][ T8471] netlink: 1268 bytes leftover after parsing attributes in process `syz.3.692'.
[  157.145865][ T8456] ceph: No mds server is up or the cluster is laggy
[  157.161285][ T8473] FAULT_INJECTION: forcing a failure.
[  157.161285][ T8473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.170900][ T8473] CPU: 1 UID: 0 PID: 8473 Comm: syz.4.693 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  157.171810][    T8] libceph: connect (1)[c::]:6789 error -101
[  157.173655][ T8473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.173687][ T8473] Call Trace:
[  157.175385][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  157.178060][ T8473]  <TASK>
[  157.178068][ T8473]  dump_stack_lvl+0x16c/0x1f0
[  157.178086][ T8473]  should_fail_ex+0x497/0x5b0
[  157.178102][ T8473]  _copy_from_user+0x2e/0xd0
[  157.186773][ T8473]  drm_mode_atomic_ioctl+0x655/0x2520
[  157.186814][ T8473]  ? __pfx___lock_acquire+0x10/0x10
[  157.186846][ T8473]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  157.186886][ T8473]  ? do_raw_spin_unlock+0x172/0x230
[  157.186911][ T8473]  drm_ioctl_kernel+0x1e6/0x3d0
[  157.186932][ T8473]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  157.186950][ T8473]  ? __might_fault+0x1/0x190
[  157.186977][ T8473]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  157.186996][ T8473]  ? __might_fault+0xe3/0x190
[  157.187027][ T8473]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  157.187048][ T8473]  drm_ioctl+0x57e/0xba0
[  157.187074][ T8473]  ? __pfx_drm_ioctl+0x10/0x10
[  157.187113][ T8473]  drm_compat_ioctl+0x327/0x460
[  157.187140][ T8473]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  157.187164][ T8473]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  157.187186][ T8473]  __do_fast_syscall_32+0x73/0x120
[  157.187217][ T8473]  do_fast_syscall_32+0x32/0x80
[  157.187241][ T8473]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.187267][ T8473] RIP: 0023:0xf7f74579
[  157.187284][ T8473] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  157.187300][ T8473] RSP: 002b:00000000f50f657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  157.187321][ T8473] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c03864bc
[  157.187334][ T8473] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  157.187346][ T8473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.187358][ T8473] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  157.187370][ T8473] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.187394][ T8473]  </TASK>
[  157.273864][ T8477] netlink: 1268 bytes leftover after parsing attributes in process `syz.4.695'.
[  157.276751][ T8477] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  157.451801][ T5946] Bluetooth: hci4: command 0x0c1a tx timeout
[  157.632332][ T8491] FAULT_INJECTION: forcing a failure.
[  157.632332][ T8491] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.636027][ T8491] CPU: 2 UID: 0 PID: 8491 Comm: syz.4.696 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  157.638940][ T8491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.641814][ T8491] Call Trace:
[  157.642717][ T8491]  <TASK>
[  157.643540][ T8491]  dump_stack_lvl+0x16c/0x1f0
[  157.644845][ T8491]  should_fail_ex+0x497/0x5b0
[  157.646173][ T8491]  _copy_to_user+0x32/0xd0
[  157.647430][ T8491]  simple_read_from_buffer+0xd0/0x160
[  157.648884][ T8491]  proc_fail_nth_read+0x198/0x270
[  157.650254][ T8491]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  157.651728][ T8491]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  157.653219][ T8491]  vfs_read+0x1df/0xbe0
[  157.654349][ T8491]  ? __fget_files+0x1fc/0x3a0
[  157.655637][ T8491]  ? __pfx___mutex_lock+0x10/0x10
[  157.657237][ T8491]  ? __pfx_vfs_read+0x10/0x10
[  157.658550][ T8491]  ? __fget_files+0x206/0x3a0
[  157.659839][ T8491]  ksys_read+0x12b/0x250
[  157.661091][ T8491]  ? __pfx_ksys_read+0x10/0x10
[  157.662368][ T8491]  __do_fast_syscall_32+0x73/0x120
[  157.663773][ T8491]  do_fast_syscall_32+0x32/0x80
[  157.665099][ T8491]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.666867][ T8491] RIP: 0023:0xf7f74579
[  157.668026][ T8491] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  157.673227][ T8491] RSP: 002b:00000000f50d55b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  157.675507][ T8491] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50d5620
[  157.677702][ T8491] RDX: 000000000000000f RSI: 00000000f7400ff4 RDI: 0000000000000000
[  157.679845][ T8491] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  157.681977][ T8491] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  157.684088][ T8491] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.686257][ T8491]  </TASK>
[  157.687139][    C2] vkms_vblank_simulate: vblank timer overrun
[  158.004160][ T8510] binder: 8498:8510 ioctl c0046209 0 returned -22
[  158.183566][ T8512] kAFS: unable to lookup cell 'm/²jĖ”8'
[  158.249430][ T8514] netlink: 1268 bytes leftover after parsing attributes in process `syz.3.704'.
[  158.252207][ T8514] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  158.319055][ T8522] FAULT_INJECTION: forcing a failure.
[  158.319055][ T8522] name failslab, interval 1, probability 0, space 0, times 0
[  158.343399][ T8522] CPU: 3 UID: 0 PID: 8522 Comm: syz.3.708 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  158.346417][ T8522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.349743][ T8522] Call Trace:
[  158.350836][ T8522]  <TASK>
[  158.351786][ T8522]  dump_stack_lvl+0x16c/0x1f0
[  158.353302][ T8522]  should_fail_ex+0x497/0x5b0
[  158.354591][ T8522]  ? fs_reclaim_acquire+0xae/0x150
[  158.356259][ T8522]  should_failslab+0xc2/0x120
[  158.357755][ T8522]  __kmalloc_noprof+0xce/0x4f0
[  158.359274][ T8522]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  158.361589][ T8522]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  158.363745][ T8522]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  158.365490][ T8522]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  158.367393][ T8522]  ? genl_get_cmd+0x195/0x580
[  158.368881][ T8522]  ? bpf_lsm_capable+0x9/0x10
[  158.370348][ T8522]  ? security_capable+0x7e/0x260
[  158.371835][ T8522]  ? ns_capable+0xd7/0x110
[  158.373283][ T8522]  genl_rcv_msg+0x565/0x800
[  158.374742][ T8522]  ? __pfx_genl_rcv_msg+0x10/0x10
[  158.376216][ T8522]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  158.377920][ T8522]  ? __pfx_nl80211_connect+0x10/0x10
[  158.379574][ T8522]  ? __pfx_nl80211_post_doit+0x10/0x10
[  158.381269][ T8522]  netlink_rcv_skb+0x165/0x410
[  158.382861][ T8522]  ? __pfx_genl_rcv_msg+0x10/0x10
[  158.384438][ T8522]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  158.386119][ T8522]  ? down_read+0xc9/0x330
[  158.387480][ T8522]  ? __pfx_down_read+0x10/0x10
[  158.388998][ T8522]  ? rcu_is_watching+0x12/0xc0
[  158.390501][ T8522]  genl_rcv+0x28/0x40
[  158.391752][ T8522]  netlink_unicast+0x53c/0x7f0
[  158.393260][ T8522]  ? __pfx_netlink_unicast+0x10/0x10
[  158.394994][ T8522]  ? __phys_addr_symbol+0x30/0x80
[  158.396642][ T8522]  ? __check_object_size+0x488/0x710
[  158.398302][ T8522]  netlink_sendmsg+0x8b8/0xd70
[  158.399829][ T8522]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.401530][ T8522]  ____sys_sendmsg+0x9ae/0xb40
[  158.403081][ T8522]  ? __pfx_____sys_sendmsg+0x10/0x10
[  158.404761][ T8522]  ? get_compat_msghdr+0x11b/0x170
[  158.406358][ T8522]  ___sys_sendmsg+0x135/0x1e0
[  158.407815][ T8522]  ? __pfx____sys_sendmsg+0x10/0x10
[  158.409506][ T8522]  ? __pfx_lock_release+0x10/0x10
[  158.411100][ T8522]  ? trace_lock_acquire+0x14e/0x1f0
[  158.412759][ T8522]  ? __fget_files+0x206/0x3a0
[  158.414102][ T8522]  __sys_sendmsg+0x16e/0x220
[  158.415599][ T8522]  ? __pfx___sys_sendmsg+0x10/0x10
[  158.417116][ T8522]  __do_fast_syscall_32+0x73/0x120
[  158.418684][ T8522]  do_fast_syscall_32+0x32/0x80
[  158.419954][ T8522]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  158.421566][ T8522] RIP: 0023:0xf7f46579
[  158.422561][ T8522] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  158.427239][ T8522] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  158.429266][ T8522] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  158.431213][ T8522] RDX: 0000000020000044 RSI: 0000000000000000 RDI: 0000000000000000
[  158.433127][ T8522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  158.435118][ T8522] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  158.437143][ T8522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.439196][ T8522]  </TASK>
[  158.475872][ T8521] FAULT_INJECTION: forcing a failure.
[  158.475872][ T8521] name failslab, interval 1, probability 0, space 0, times 0
[  158.486986][ T8521] CPU: 1 UID: 0 PID: 8521 Comm: syz.0.709 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  158.490516][ T8521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.494356][ T8521] Call Trace:
[  158.495574][ T8521]  <TASK>
[  158.496653][ T8521]  dump_stack_lvl+0x16c/0x1f0
[  158.498429][ T8521]  should_fail_ex+0x497/0x5b0
[  158.500251][ T8521]  ? fs_reclaim_acquire+0xae/0x150
[  158.502116][ T8521]  should_failslab+0xc2/0x120
[  158.503853][ T8521]  __kmalloc_noprof+0xce/0x4f0
[  158.505597][ T8521]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  158.507774][ T8521]  ? lockdep_hardirqs_on+0x7c/0x110
[  158.509099][ T8521]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  158.510881][ T8521]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  158.512654][ T8521]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  158.514766][ T8521]  ? genl_get_cmd+0x195/0x580
[  158.516493][ T8521]  ? __radix_tree_lookup+0x21f/0x2c0
[  158.518414][ T8521]  genl_rcv_msg+0x565/0x800
[  158.520100][ T8521]  ? __pfx_genl_rcv_msg+0x10/0x10
[  158.521929][ T8521]  ? __pfx_ethnl_tunnel_info_doit+0x10/0x10
[  158.524023][ T8521]  netlink_rcv_skb+0x165/0x410
[  158.525721][ T8521]  ? __pfx_genl_rcv_msg+0x10/0x10
[  158.527455][ T8521]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  158.529282][ T8521]  ? down_read+0xc9/0x330
[  158.530864][ T8521]  ? __pfx_down_read+0x10/0x10
[  158.532706][ T8521]  ? netlink_deliver_tap+0x1ae/0xca0
[  158.534613][ T8521]  genl_rcv+0x28/0x40
[  158.536069][ T8521]  netlink_unicast+0x53c/0x7f0
[  158.537785][ T8521]  ? __pfx_netlink_unicast+0x10/0x10
[  158.539678][ T8521]  ? __phys_addr_symbol+0x30/0x80
[  158.541483][ T8521]  ? __check_object_size+0x488/0x710
[  158.543364][ T8521]  netlink_sendmsg+0x8b8/0xd70
[  158.544706][ T8521]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.546158][ T8521]  ____sys_sendmsg+0x9ae/0xb40
[  158.547571][ T8521]  ? __pfx_____sys_sendmsg+0x10/0x10
[  158.548953][ T8521]  ? get_compat_msghdr+0x11b/0x170
[  158.550281][ T8521]  ___sys_sendmsg+0x135/0x1e0
[  158.551507][ T8521]  ? __pfx____sys_sendmsg+0x10/0x10
[  158.553057][ T8521]  ? __pfx_lock_release+0x10/0x10
[  158.554398][ T8521]  ? trace_lock_acquire+0x14e/0x1f0
[  158.555809][ T8521]  ? __fget_files+0x206/0x3a0
[  158.557195][ T8521]  __sys_sendmsg+0x16e/0x220
[  158.558898][ T8521]  ? __pfx___sys_sendmsg+0x10/0x10
[  158.560723][ T8521]  __do_fast_syscall_32+0x73/0x120
[  158.562575][ T8521]  do_fast_syscall_32+0x32/0x80
[  158.564330][ T8521]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  158.566582][ T8521] RIP: 0023:0xf7fc3579
[  158.568034][ T8521] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  158.574604][ T8521] RSP: 002b:00000000f514657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  158.576871][ T8521] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0
[  158.579135][ T8521] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  158.581353][ T8521] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  158.583454][ T8521] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  158.585628][ T8521] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.587744][ T8521]  </TASK>
[  158.753685][ T8535] FAULT_INJECTION: forcing a failure.
[  158.753685][ T8535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.757424][ T8535] CPU: 1 UID: 0 PID: 8535 Comm: syz.3.714 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  158.760183][ T8535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.762969][ T8535] Call Trace:
[  158.763841][ T8535]  <TASK>
[  158.764629][ T8535]  dump_stack_lvl+0x16c/0x1f0
[  158.765871][ T8535]  should_fail_ex+0x497/0x5b0
[  158.767109][ T8535]  _copy_from_user+0x2e/0xd0
[  158.768309][ T8535]  get_compat_msghdr+0xa8/0x170
[  158.769612][ T8535]  ? __pfx_get_compat_msghdr+0x10/0x10
[  158.771043][ T8535]  ___sys_sendmsg+0x1b0/0x1e0
[  158.772287][ T8535]  ? __pfx____sys_sendmsg+0x10/0x10
[  158.773686][ T8535]  ? __pfx_lock_release+0x10/0x10
[  158.775022][ T8535]  ? trace_lock_acquire+0x14e/0x1f0
[  158.776386][ T8535]  ? __fget_files+0x206/0x3a0
[  158.777679][ T8535]  __sys_sendmsg+0x16e/0x220
[  158.778966][ T8535]  ? __pfx___sys_sendmsg+0x10/0x10
[  158.780402][ T8535]  __do_fast_syscall_32+0x73/0x120
[  158.781800][ T8535]  do_fast_syscall_32+0x32/0x80
[  158.783080][ T8535]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  158.784740][ T8535] RIP: 0023:0xf7f46579
[  158.785810][ T8535] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  158.790824][ T8535] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  158.793003][ T8535] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000780
[  158.795074][ T8535] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  158.797131][ T8535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  158.799190][ T8535] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  158.801261][ T8535] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.803318][ T8535]  </TASK>
[  159.051082][ T8539] netlink: 24 bytes leftover after parsing attributes in process `syz.3.715'.
[  159.145871][ T8543] binder: 8532:8543 ioctl c0046209 0 returned -22
[  160.727263][ T7272] udevd[7272]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  160.756969][ T8568] binder: 8564:8568 ioctl c0046209 0 returned -22
[  161.094775][ T8574] GUP no longer grows the stack in syz.4.724 (8574): 20004000-2000a000 (20002000)
[  161.097436][ T8574] CPU: 1 UID: 0 PID: 8574 Comm: syz.4.724 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  161.100157][ T8574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.102949][ T8574] Call Trace:
[  161.103827][ T8574]  <TASK>
[  161.104627][ T8574]  dump_stack_lvl+0x16c/0x1f0
[  161.105865][ T8574]  gup_vma_lookup+0x1d2/0x220
[  161.107098][ T8574]  __get_user_pages+0x236/0x3b50
[  161.108391][ T8574]  ? find_held_lock+0x2d/0x110
[  161.109664][ T8574]  ? mtree_load+0x30a/0xa40
[  161.110855][ T8574]  ? __pfx_lock_release+0x10/0x10
[  161.112204][ T8574]  ? __pfx___get_user_pages+0x10/0x10
[  161.113595][ T8574]  get_user_pages_remote+0x25e/0xb30
[  161.114997][ T8574]  ? __pfx_get_user_pages_remote+0x10/0x10
[  161.116536][ T8574]  __access_remote_vm+0x3a5/0x7b0
[  161.117867][ T8574]  ? __pfx___access_remote_vm+0x10/0x10
[  161.119274][ T8574]  ? lock_acquire+0x2f/0xb0
[  161.120456][ T8574]  ? proc_pid_cmdline_read+0x25b/0x8d0
[  161.121900][ T8574]  proc_pid_cmdline_read+0x4f4/0x8d0
[  161.123406][ T8574]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  161.124880][ T8574]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  161.126883][ T8574]  vfs_readv+0x6bf/0x890
[  161.128334][ T8574]  ? __pfx___lock_acquire+0x10/0x10
[  161.130111][ T8574]  ? __pfx_vfs_readv+0x10/0x10
[  161.131739][ T8574]  ? __fget_files+0x1fc/0x3a0
[  161.133377][ T8574]  ? __pfx_lock_release+0x10/0x10
[  161.135119][ T8574]  ? __fget_files+0x206/0x3a0
[  161.136747][ T8574]  ? do_preadv+0x1b1/0x270
[  161.138269][ T8574]  do_preadv+0x1b1/0x270
[  161.139372][ T8572] overlayfs: missing 'lowerdir'
[  161.139705][ T8574]  ? __pfx_do_preadv+0x10/0x10
[  161.143083][ T8574]  __do_fast_syscall_32+0x73/0x120
[  161.144833][ T8574]  do_fast_syscall_32+0x32/0x80
[  161.146479][ T8574]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  161.148622][ T8574] RIP: 0023:0xf7f74579
[  161.149966][ T8574] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  161.156044][ T8574] RSP: 002b:00000000f50f657c EFLAGS: 00000292 ORIG_RAX: 000000000000014d
[  161.158785][ T8574] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[  161.161497][ T8574] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000
[  161.164153][ T8574] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  161.166788][ T8574] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  161.169462][ T8574] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  161.172052][ T8574]  </TASK>
[  161.304712][ T7767] libceph: connect (1)[c::]:6789 error -101
[  161.306707][ T7767] libceph: mon0 (1)[c::]:6789 connect error
[  161.321860][ T8583] netlink: 1268 bytes leftover after parsing attributes in process `syz.2.727'.
[  161.325300][ T8583] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.359123][   T39] audit: type=1400 audit(1733614245.214:82): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=8571 comm="syz.0.722"
[  161.570228][ T7767] libceph: connect (1)[c::]:6789 error -101
[  161.608740][ T7767] libceph: mon0 (1)[c::]:6789 connect error
[  161.652389][ T8599] ax25_connect(): syz.4.731 uses autobind, please contact jreuter@yaina.de
[  162.101794][ T8577] ceph: No mds server is up or the cluster is laggy
[  162.458240][ T8623] binder: 8615:8623 ioctl c0046209 0 returned -22
[  162.466771][ T8626] netlink: 'syz.4.738': attribute type 29 has an invalid length.
[  162.470647][ T8626] netlink: 'syz.4.738': attribute type 29 has an invalid length.
[  162.959868][ T8639] FAULT_INJECTION: forcing a failure.
[  162.959868][ T8639] name failslab, interval 1, probability 0, space 0, times 0
[  162.968182][ T8639] CPU: 0 UID: 0 PID: 8639 Comm: syz.3.743 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  162.970904][ T8639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.973678][ T8639] Call Trace:
[  162.974559][ T8639]  <TASK>
[  162.975319][ T8639]  dump_stack_lvl+0x16c/0x1f0
[  162.976561][ T8639]  should_fail_ex+0x497/0x5b0
[  162.977838][ T8639]  ? fs_reclaim_acquire+0xae/0x150
[  162.979178][ T8639]  should_failslab+0xc2/0x120
[  162.980433][ T8639]  __kmalloc_cache_noprof+0x68/0x420
[  162.981835][ T8639]  ? __pfx___folio_start_writeback+0x10/0x10
[  162.983406][ T8639]  ? do_raw_spin_lock+0x12d/0x2c0
[  162.984717][ T8639]  netfs_buffer_make_space+0x432/0x6b0
[  162.986144][ T8639]  netfs_buffer_append_folio+0x298/0x360
[  162.987617][ T8639]  netfs_write_folio+0x540/0x1930
[  162.988952][ T8639]  netfs_writepages+0x29a/0x9d0
[  162.990222][ T8639]  ? __pfx_netfs_writepages+0x10/0x10
[  162.991623][ T8639]  ? __pfx___lock_acquire+0x10/0x10
[  162.992990][ T8639]  ? hlock_class+0x4e/0x130
[  162.994180][ T8639]  ? mark_lock+0xb5/0xc60
[  162.995336][ T8639]  ? __pfx_netfs_writepages+0x10/0x10
[  162.996740][ T8639]  do_writepages+0x1b3/0x820
[  162.997946][ T8639]  ? __pfx_do_writepages+0x10/0x10
[  162.999442][ T8639]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  163.001008][ T8639]  ? __pfx_lock_release+0x10/0x10
[  163.002327][ T8639]  ? do_raw_spin_lock+0x12d/0x2c0
[  163.003643][ T8639]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  163.005043][ T8639]  ? lock_acquire+0x2f/0xb0
[  163.006235][ T8639]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  163.007782][ T8639]  ? do_raw_spin_unlock+0x172/0x230
[  163.009084][ T8639]  filemap_fdatawrite_wbc+0x104/0x160
[  163.010438][ T8639]  __filemap_fdatawrite_range+0xb3/0xf0
[  163.011874][ T8639]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  163.013511][ T8639]  ? v9fs_fid_lookup+0xe9/0xec0
[  163.014781][ T8639]  ? __pfx_lock_release+0x10/0x10
[  163.016103][ T8639]  v9fs_vfs_setattr+0x93a/0xab0
[  163.017387][ T8639]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  163.018788][ T8639]  ? ktime_get_coarse_real_ts64_mg+0x26e/0x310
[  163.020380][ T8639]  ? evm_inode_setattr+0x65/0x680
[  163.021708][ T8639]  ? __pfx_make_vfsgid+0x10/0x10
[  163.022988][ T8639]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  163.024374][ T8639]  notify_change+0x6a6/0x1230
[  163.025604][ T8639]  vfs_utimes+0x41d/0x850
[  163.026734][ T8639]  ? __pfx_vfs_utimes+0x10/0x10
[  163.028087][ T8639]  ? putname+0x13c/0x180
[  163.029214][ T8639]  __ia32_sys_utime32+0x1e9/0x2d0
[  163.030526][ T8639]  ? __pfx___ia32_sys_utime32+0x10/0x10
[  163.031986][ T8639]  ? ksys_write+0x1ba/0x250
[  163.033183][ T8639]  __do_fast_syscall_32+0x73/0x120
[  163.034515][ T8639]  do_fast_syscall_32+0x32/0x80
[  163.035804][ T8639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  163.037465][ T8639] RIP: 0023:0xf7f46579
[  163.038483][ T8639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  163.043283][ T8639] RSP: 002b:00000000f50a557c EFLAGS: 00000292 ORIG_RAX: 000000000000001e
[  163.045432][ T8639] RAX: ffffffffffffffda RBX: 0000000020003000 RCX: 0000000000000000
[  163.047525][ T8639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  163.049630][ T8639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  163.051662][ T8639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  163.053702][ T8639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  163.055767][ T8639]  </TASK>
[  163.068686][ T8639] ------------[ cut here ]------------
[  163.070158][ T8639] WARNING: CPU: 0 PID: 8639 at lib/iov_iter.c:255 _copy_from_iter+0x39b/0x1400
[  163.072574][ T8639] Modules linked in:
[  163.073768][ T8639] CPU: 0 UID: 0 PID: 8639 Comm: syz.3.743 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  163.077475][ T8639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.080479][ T8639] RIP: 0010:_copy_from_iter+0x39b/0x1400
[  163.082062][ T8639] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 d6 42 01 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 c8 42 01 fd 89 de bf 01 00 00 00 e8 9c
[  163.086971][ T8639] RSP: 0018:ffffc900044ceef8 EFLAGS: 00010293
[  163.088540][ T8639] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8497fac8
[  163.090542][ T8639] RDX: ffff8880205f2440 RSI: ffffffff8497fdaa RDI: 0000000000000001
[  163.092729][ T8639] RBP: 0000000000007fec R08: 0000000000000001 R09: 0000000000000000
[  163.094716][ T8639] R10: 0000000000000000 R11: 0000000000000003 R12: ffff88806ade8060
[  163.097225][ T8639] R13: ffff8880696beb00 R14: ffff88806ade8060 R15: 0000000000007fec
[  163.099233][ T8639] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f50a5b40
[  163.102232][ T8639] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  163.104415][ T8639] CR2: 000000000c320606 CR3: 0000000063406000 CR4: 0000000000352ef0
[  163.106533][ T8639] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  163.108788][ T8639] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  163.111355][ T8639] Call Trace:
[  163.112539][ T8639]  <TASK>
[  163.113592][ T8639]  ? __warn+0xea/0x3c0
[  163.115022][ T8639]  ? _copy_from_iter+0x39b/0x1400
[  163.116729][ T8639]  ? report_bug+0x3c0/0x580
[  163.118275][ T8639]  ? handle_bug+0x54/0xa0
[  163.119690][ T8639]  ? exc_invalid_op+0x17/0x50
[  163.121234][ T8639]  ? asm_exc_invalid_op+0x1a/0x20
[  163.123047][ T8639]  ? _copy_from_iter+0xb8/0x1400
[  163.124724][ T8639]  ? _copy_from_iter+0x39a/0x1400
[  163.126421][ T8639]  ? _copy_from_iter+0x39b/0x1400
[  163.127993][ T8639]  ? _copy_from_iter+0x39a/0x1400
[  163.129321][ T8639]  ? __pfx_lock_release+0x10/0x10
[  163.130995][ T8639]  ? trace_lock_acquire+0x14e/0x1f0
[  163.132443][ T8639]  ? __pfx__copy_from_iter+0x10/0x10
[  163.134077][ T8639]  ? __virt_addr_valid+0x1a4/0x590
[  163.135711][ T8639]  ? __virt_addr_valid+0x5e/0x590
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  163.137364][ T8639]  ? const_folio_flags.constprop.0+0x56/0x150
[  163.139283][ T8639]  ? __phys_addr_symbol+0x30/0x80
[  163.140629][ T8639]  ? __check_object_size+0x488/0x710
[  163.142034][ T8639]  p9pdu_vwritef+0x2cb/0x21d0
[  163.143244][ T8639]  ? p9pdu_writef+0xc4/0x100
[  163.144402][ T8639]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  163.146055][ T8639]  ? __pfx_p9_tag_alloc+0x10/0x10
[  163.147480][ T8639]  ? mark_lock+0xb5/0xc60
[  163.148625][ T8639]  p9_client_prepare_req+0x244/0x4d0
[  163.150430][ T8639]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  163.152477][ T8639]  ? find_held_lock+0x2d/0x110
[  163.154070][ T8639]  ? stack_depot_save_flags+0x31b/0x900
[  163.155963][ T8639]  p9_client_rpc+0x1c3/0xc10
[  163.157568][ T8639]  ? __pfx_p9_client_rpc+0x10/0x10
[  163.159328][ T8639]  ? hlock_class+0x4e/0x130
[  163.160813][ T8639]  ? mark_lock+0xb5/0xc60
[  163.162048][ T8639]  p9_client_write+0x31f/0x680
[  163.163261][ T8639]  ? __pfx_p9_client_write+0x10/0x10
[  163.164615][ T8639]  ? mark_held_locks+0x9f/0xe0
[  163.165846][ T8639]  v9fs_issue_write+0xe2/0x180
[  163.167239][ T8639]  ? __pfx_v9fs_issue_write+0x10/0x10
[  163.168985][ T8639]  ? rcu_is_watching+0x12/0xc0
[  163.170317][ T8639]  ? trace_netfs_sreq+0x198/0x220
[  163.171722][ T8639]  netfs_do_issue_write+0x92/0x110
[  163.173061][ T8639]  netfs_advance_write+0x384/0xc80
[  163.174415][ T8639]  ? netfs_buffer_append_folio+0x276/0x360
[  163.175945][ T8639]  netfs_write_folio+0xc19/0x1930
[  163.177307][ T8639]  netfs_writepages+0x29a/0x9d0
[  163.178595][ T8639]  ? __pfx_netfs_writepages+0x10/0x10
[  163.180000][ T8639]  ? __pfx___lock_acquire+0x10/0x10
[  163.181384][ T8639]  ? hlock_class+0x4e/0x130
[  163.182608][ T8639]  ? mark_lock+0xb5/0xc60
[  163.183743][ T8639]  ? __pfx_netfs_writepages+0x10/0x10
[  163.185152][ T8639]  do_writepages+0x1b3/0x820
[  163.186364][ T8639]  ? __pfx_do_writepages+0x10/0x10
[  163.187697][ T8639]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  163.189279][ T8639]  ? __pfx_lock_release+0x10/0x10
[  163.190595][ T8639]  ? do_raw_spin_lock+0x12d/0x2c0
[  163.192001][ T8639]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  163.193439][ T8639]  ? lock_acquire+0x2f/0xb0
[  163.194617][ T8639]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  163.196174][ T8639]  ? do_raw_spin_unlock+0x172/0x230
[  163.197554][ T8639]  filemap_fdatawrite_wbc+0x104/0x160
[  163.198960][ T8639]  __filemap_fdatawrite_range+0xb3/0xf0
[  163.200400][ T8639]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  163.202098][ T8639]  ? v9fs_fid_lookup+0xe9/0xec0
[  163.203384][ T8639]  ? __pfx_lock_release+0x10/0x10
[  163.204697][ T8639]  v9fs_vfs_setattr+0x93a/0xab0
[  163.205966][ T8639]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  163.207357][ T8639]  ? ktime_get_coarse_real_ts64_mg+0x26e/0x310
[  163.208983][ T8639]  ? evm_inode_setattr+0x65/0x680
[  163.210303][ T8639]  ? __pfx_make_vfsgid+0x10/0x10
[  163.211646][ T8639]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  163.213046][ T8639]  notify_change+0x6a6/0x1230
[  163.214275][ T8639]  vfs_utimes+0x41d/0x850
[  163.215438][ T8639]  ? __pfx_vfs_utimes+0x10/0x10
[  163.216731][ T8639]  ? putname+0x13c/0x180
[  163.217847][ T8639]  __ia32_sys_utime32+0x1e9/0x2d0
[  163.219165][ T8639]  ? __pfx___ia32_sys_utime32+0x10/0x10
[  163.220615][ T8639]  ? ksys_write+0x1ba/0x250
[  163.221892][ T8639]  __do_fast_syscall_32+0x73/0x120
[  163.223228][ T8639]  do_fast_syscall_32+0x32/0x80
[  163.224505][ T8639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  163.226163][ T8639] RIP: 0023:0xf7f46579
[  163.227240][ T8639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  163.232158][ T8639] RSP: 002b:00000000f50a557c EFLAGS: 00000292 ORIG_RAX: 000000000000001e
[  163.234255][ T8639] RAX: ffffffffffffffda RBX: 0000000020003000 RCX: 0000000000000000
[  163.236245][ T8639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  163.238702][ T8639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  163.241363][ T8639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  163.244028][ T8639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  163.246623][ T8639]  </TASK>
[  163.247691][ T8639] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  163.250080][ T8639] CPU: 0 UID: 0 PID: 8639 Comm: syz.3.743 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  163.253489][ T8639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.256261][ T8639] Call Trace:
[  163.257147][ T8639]  <TASK>
[  163.258094][ T8639]  dump_stack_lvl+0x3d/0x1f0
[  163.259658][ T8639]  panic+0x71d/0x800
[  163.261005][ T8639]  ? __pfx_panic+0x10/0x10
[  163.262541][ T8639]  ? show_trace_log_lvl+0x29d/0x3d0
[  163.264289][ T8639]  ? check_panic_on_warn+0x1f/0xb0
[  163.265924][ T8639]  ? _copy_from_iter+0x39b/0x1400
[  163.267595][ T8639]  check_panic_on_warn+0xab/0xb0
[  163.269051][ T8639]  __warn+0xf6/0x3c0
[  163.270343][ T8639]  ? _copy_from_iter+0x39b/0x1400
[  163.271743][ T8639]  report_bug+0x3c0/0x580
[  163.272870][ T8639]  handle_bug+0x54/0xa0
[  163.274035][ T8639]  exc_invalid_op+0x17/0x50
[  163.275482][ T8639]  asm_exc_invalid_op+0x1a/0x20
[  163.277056][ T8639] RIP: 0010:_copy_from_iter+0x39b/0x1400
[  163.278676][ T8639] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 d6 42 01 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 c8 42 01 fd 89 de bf 01 00 00 00 e8 9c
[  163.283535][ T8639] RSP: 0018:ffffc900044ceef8 EFLAGS: 00010293
[  163.285074][ T8639] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8497fac8
[  163.286996][ T8639] RDX: ffff8880205f2440 RSI: ffffffff8497fdaa RDI: 0000000000000001
[  163.289317][ T8639] RBP: 0000000000007fec R08: 0000000000000001 R09: 0000000000000000
[  163.291457][ T8639] R10: 0000000000000000 R11: 0000000000000003 R12: ffff88806ade8060
[  163.293963][ T8639] R13: ffff8880696beb00 R14: ffff88806ade8060 R15: 0000000000007fec
[  163.296468][ T8639]  ? _copy_from_iter+0xb8/0x1400
[  163.297946][ T8639]  ? _copy_from_iter+0x39a/0x1400
[  163.299280][ T8639]  ? _copy_from_iter+0x39a/0x1400
[  163.300621][ T8639]  ? __pfx_lock_release+0x10/0x10
[  163.301941][ T8639]  ? trace_lock_acquire+0x14e/0x1f0
[  163.303300][ T8639]  ? __pfx__copy_from_iter+0x10/0x10
[  163.304701][ T8639]  ? __virt_addr_valid+0x1a4/0x590
[  163.306044][ T8639]  ? __virt_addr_valid+0x5e/0x590
[  163.307492][ T8639]  ? const_folio_flags.constprop.0+0x56/0x150
[  163.309504][ T8639]  ? __phys_addr_symbol+0x30/0x80
[  163.311176][ T8639]  ? __check_object_size+0x488/0x710
[  163.312863][ T8639]  p9pdu_vwritef+0x2cb/0x21d0
[  163.314109][ T8639]  ? p9pdu_writef+0xc4/0x100
[  163.315352][ T8639]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  163.316683][ T8639]  ? __pfx_p9_tag_alloc+0x10/0x10
[  163.318369][ T8639]  ? mark_lock+0xb5/0xc60
[  163.319745][ T8639]  p9_client_prepare_req+0x244/0x4d0
[  163.321307][ T8639]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  163.323216][ T8639]  ? find_held_lock+0x2d/0x110
[  163.324799][ T8639]  ? stack_depot_save_flags+0x31b/0x900
[  163.326664][ T8639]  p9_client_rpc+0x1c3/0xc10
[  163.328206][ T8639]  ? __pfx_p9_client_rpc+0x10/0x10
[  163.329804][ T8639]  ? hlock_class+0x4e/0x130
[  163.331325][ T8639]  ? mark_lock+0xb5/0xc60
[  163.332861][ T8639]  p9_client_write+0x31f/0x680
[  163.334172][ T8639]  ? __pfx_p9_client_write+0x10/0x10
[  163.335569][ T8639]  ? mark_held_locks+0x9f/0xe0
[  163.336844][ T8639]  v9fs_issue_write+0xe2/0x180
[  163.338098][ T8639]  ? __pfx_v9fs_issue_write+0x10/0x10
[  163.339488][ T8639]  ? rcu_is_watching+0x12/0xc0
[  163.340700][ T8639]  ? trace_netfs_sreq+0x198/0x220
[  163.342014][ T8639]  netfs_do_issue_write+0x92/0x110
[  163.343354][ T8639]  netfs_advance_write+0x384/0xc80
[  163.344716][ T8639]  ? netfs_buffer_append_folio+0x276/0x360
[  163.346244][ T8639]  netfs_write_folio+0xc19/0x1930
[  163.347568][ T8639]  netfs_writepages+0x29a/0x9d0
[  163.348857][ T8639]  ? __pfx_netfs_writepages+0x10/0x10
[  163.350259][ T8639]  ? __pfx___lock_acquire+0x10/0x10
[  163.351619][ T8639]  ? hlock_class+0x4e/0x130
[  163.352815][ T8639]  ? mark_lock+0xb5/0xc60
[  163.353949][ T8639]  ? __pfx_netfs_writepages+0x10/0x10
[  163.355369][ T8639]  do_writepages+0x1b3/0x820
[  163.356604][ T8639]  ? __pfx_do_writepages+0x10/0x10
[  163.357955][ T8639]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  163.359523][ T8639]  ? __pfx_lock_release+0x10/0x10
[  163.360840][ T8639]  ? do_raw_spin_lock+0x12d/0x2c0
[  163.362163][ T8639]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  163.363575][ T8639]  ? lock_acquire+0x2f/0xb0
[  163.364776][ T8639]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  163.366317][ T8639]  ? do_raw_spin_unlock+0x172/0x230
[  163.367670][ T8639]  filemap_fdatawrite_wbc+0x104/0x160
[  163.369080][ T8639]  __filemap_fdatawrite_range+0xb3/0xf0
[  163.370524][ T8639]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  163.372156][ T8639]  ? v9fs_fid_lookup+0xe9/0xec0
[  163.373443][ T8639]  ? __pfx_lock_release+0x10/0x10
[  163.374757][ T8639]  v9fs_vfs_setattr+0x93a/0xab0
[  163.376046][ T8639]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  163.377472][ T8639]  ? ktime_get_coarse_real_ts64_mg+0x26e/0x310
[  163.379117][ T8639]  ? evm_inode_setattr+0x65/0x680
[  163.380515][ T8639]  ? __pfx_make_vfsgid+0x10/0x10
[  163.381882][ T8639]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  163.383328][ T8639]  notify_change+0x6a6/0x1230
[  163.384630][ T8639]  vfs_utimes+0x41d/0x850
[  163.385773][ T8639]  ? __pfx_vfs_utimes+0x10/0x10
[  163.387037][ T8639]  ? putname+0x13c/0x180
[  163.388150][ T8639]  __ia32_sys_utime32+0x1e9/0x2d0
[  163.389470][ T8639]  ? __pfx___ia32_sys_utime32+0x10/0x10
[  163.390907][ T8639]  ? ksys_write+0x1ba/0x250
[  163.392109][ T8639]  __do_fast_syscall_32+0x73/0x120
[  163.393461][ T8639]  do_fast_syscall_32+0x32/0x80
[  163.394737][ T8639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  163.396405][ T8639] RIP: 0023:0xf7f46579
[  163.397480][ T8639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  163.402469][ T8639] RSP: 002b:00000000f50a557c EFLAGS: 00000292 ORIG_RAX: 000000000000001e
[  163.404625][ T8639] RAX: ffffffffffffffda RBX: 0000000020003000 RCX: 0000000000000000
[  163.406644][ T8639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  163.408714][ T8639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  163.410764][ T8639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  163.412823][ T8639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  163.414881][ T8639]  </TASK>
[  163.416191][ T8639] Kernel Offset: disabled
[  163.417400][ T8639] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:30:47  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85153995 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc900044ce858
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007
R12=0000000000000000 R13=0000000000000034 R14=ffffffff85153930 R15=0000000000000000
RIP=ffffffff851539bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c320606 CR3=0000000063406000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88802b446720 RCX=ffffffff818d43fc RDX=ffff88801bbc4880
RSI=ffffffff818d43d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90006bbf998
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000006
R12=ffffed1005688ce5 R13=0000000000000001 R14=ffff88802b446728 R15=ffff88802b53ff80
RIP=ffffffff819940c1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c359e9f CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000010000000 Opmask01=00000000fffffff8 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff18aadd20 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000a3020
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000002fcdc1 RBX=0000000000000002 RCX=ffffffff8b1ae889 RDX=0000000000000000
RSI=ffffffff8b4cd0e0 RDI=ffffffff8bb13800 RBP=ffffed10039df000 RSP=ffffc9000048fe08
R8 =0000000000000001 R9 =ffffed10056c6fed R10=ffff88802b637f6b R11=0000000000000000
R12=0000000000000002 R13=ffff88801cef8000 R14=ffffffff901cbd10 R15=0000000000000000
RIP=ffffffff8b1afc6f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020b3d000 CR3=0000000070658000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=ecec7616ecec7616 ecec7616ecec7616 ecec7616ecec7616 ecec7616ecec7616 ecec7616ecec7616 ecec7616ecec7616 ecec7616ecec7616 ecec7616ecec7616
ZMM22=e63fb849e63fb849 e63fb849e63fb849 e63fb849e63fb849 e63fb849e63fb849 e63fb849e63fb849 e63fb849e63fb849 e63fb849e63fb849 e63fb849e63fb849
ZMM23=280d4e45280d4e45 280d4e45280d4e45 280d4e45280d4e45 280d4e45280d4e45 280d4e45280d4e45 280d4e45280d4e45 280d4e45280d4e45 280d4e45280d4e45
ZMM24=500a7bd1500a7bd1 500a7bd1500a7bd1 500a7bd1500a7bd1 500a7bd1500a7bd1 500a7bd1500a7bd1 500a7bd1500a7bd1 500a7bd1500a7bd1 500a7bd1500a7bd1
ZMM25=b2e6e60ab2e6e60a b2e6e60ab2e6e60a b2e6e60ab2e6e60a b2e6e60ab2e6e60a b2e6e60ab2e6e60a b2e6e60ab2e6e60a b2e6e60ab2e6e60a b2e6e60ab2e6e60a
ZMM26=e1746246e1746246 e1746246e1746246 e1746246e1746246 e1746246e1746246 e1746246e1746246 e1746246e1746246 e1746246e1746246 e1746246e1746246
ZMM27=fa169471fa169471 fa169471fa169471 fa169471fa169471 fa169471fa169471 fa169471fa169471 fa169471fa169471 fa169471fa169471 fa169471fa169471
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=bc060000bc060000 bc060000bc060000 bc060000bc060000 bc060000bc060000 bc060000bc060000 bc060000bc060000 bc060000bc060000 bc060000bc060000
info registers vcpu 3

CPU#3
RAX=0000000000080000 RBX=0000000000106000 RCX=ffffc90007b31000 RDX=0000000000080000
RSI=ffffc9000494f048 RDI=0000000000106000 RBP=fffffffffffffffe RSP=ffffc9000494ef48
R8 =0000000000000007 R9 =fffffffffffff000 R10=fffffffffffffffe R11=0000000000000001
R12=00000000000fa000 R13=00000ffffd1fffff R14=0000000000000009 R15=00000000000049fd
RIP=ffffffff8269b7bc RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000582904c0 CR3=000000006bf8e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c67178f2bef9a3f7 c67178f2bef9a3f7
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3e5a10349fcdf767 28028dad96e3de1d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a568c055f00df551 4538693f267f8c17
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 267f8c174538693f 96e3de1d28028dad
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c0d0e0f08090a0b 0405060700010203
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a047b7c37998266d 596d6e71e4fc60b1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a03c6345fae38897 6bd89132851f99cd
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000