last executing test programs:

42.400590204s ago: executing program 0 (id=33):
r0 = epoll_create1(0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x18)
capget(&(0x7f0000002440), 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x38}}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)
r3 = socket(0x1, 0x80802, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r4, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r4)
shutdown(r3, 0x0)

33.280723213s ago: executing program 0 (id=33):
r0 = epoll_create1(0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x18)
capget(&(0x7f0000002440), 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x38}}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)
r3 = socket(0x1, 0x80802, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r4, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r4)
shutdown(r3, 0x0)

24.328091893s ago: executing program 0 (id=33):
r0 = epoll_create1(0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x18)
capget(&(0x7f0000002440), 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x38}}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)
r3 = socket(0x1, 0x80802, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r4, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r4)
shutdown(r3, 0x0)

17.996345794s ago: executing program 0 (id=33):
r0 = epoll_create1(0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x18)
capget(&(0x7f0000002440), 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x38}}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)
r3 = socket(0x1, 0x80802, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r4, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r4)
shutdown(r3, 0x0)

10.46047152s ago: executing program 0 (id=33):
r0 = epoll_create1(0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x18)
capget(&(0x7f0000002440), 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x38}}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)
r3 = socket(0x1, 0x80802, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r4, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r4)
shutdown(r3, 0x0)

5.946724961s ago: executing program 1 (id=510):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x66017, 0x3, 0x0, 0x0, 0x9835}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r4, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001140)={0x150, 0x0, 0x0, [{{0x3, 0x2, 0x37a, 0x6, 0x98, 0x5, {0x0, 0x4, 0x8fb, 0x2000000ec3, 0x7, 0x8, 0x7f, 0xfffff5e3, 0x1, 0x8000, 0x5, r2, r3, 0xfffff057, 0x9}}, {0x4, 0x0, 0x8, 0x800, 'rootmode'}}, {{0x3, 0x10000002, 0x900000000000000, 0x1ff, 0x2, 0x2, {0x6, 0x87, 0x4, 0xffffffffffffffff, 0x2, 0xffffffffffffff81, 0x80, 0xa, 0x402, 0xa000, 0xff, r2, 0x0, 0x4, 0x14a}}, {0x6, 0x10000, 0x8, 0x2, 'rootmode'}}]}, 0x0, 0x0, 0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x13, 0x8, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@mcast2, @in=@dev={0xac, 0x14, 0x14, 0x30}, 0x4e21, 0x6, 0x4e22, 0x9, 0x2, 0x1a0, 0x90, 0x3b}, {0x7, 0x1, 0xe, 0x80000000, 0xfffffffffffffff9, 0x6, 0x4, 0x3}, {0xf3, 0x8, 0x2, 0x7ff}, 0xc, 0x6e6bb9, 0x1, 0x1, 0x2, 0x3}, {{@in=@private=0xa010101, 0x4d5, 0x6c}, 0xa, @in=@loopback, 0x0, 0x1, 0x3, 0x6c, 0xffff, 0x9, 0xfff}}, 0xe4)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = dup(0xffffffffffffffff)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r10 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r10, 0x2)
r11 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r11, 0x1)

5.080814879s ago: executing program 1 (id=513):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000c065}, 0x4008000)

4.990546216s ago: executing program 2 (id=514):
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_ENUM_FREQ_BANDS(0xffffffffffffffff, 0xc0405665, &(0x7f0000000280)={0x7, 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$nl_generic(0x11, 0x3, 0x10)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0xf1, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x200000, 0x800, 0x3, 0x1}, 0x20)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', <r7=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r5, &(0x7f00000001c0)={0x2c, 0xe, r7, 0x16}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x2a3, 0x5, 0x7, 0x3163, r4, 0x0, '\x00', r7, 0xffffffffffffffff, 0x0, 0x4, 0x3, 0xc, @void, @value, @void, @value}, 0x50)
r8 = dup(r3)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = syz_io_uring_setup(0x1c57, &(0x7f0000000600)={0x0, 0xccf8, 0x10000, 0x2, 0xce, 0x0, r8}, &(0x7f00000003c0)=<r10=>0x0, &(0x7f00000001c0)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
io_uring_enter(r9, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x2, 0xfffffffffffffffd, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0)

4.839933471s ago: executing program 3 (id=515):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000400)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x371d, 0x0, &(0x7f0000000380), &(0x7f0000000400))
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0)
move_mount(r5, 0x0, 0xffffffffffffffff, 0x0, 0x154)
write$RDMA_USER_CM_CMD_QUERY(r4, 0x0, 0x0)
openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x5, 0x4800)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r6, 0x40405515, &(0x7f00000000c0)={0x4, 0x0, 0x5, 0x2, 'syz1\x00', 0x7})
chdir(&(0x7f0000000100)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)

4.790539486s ago: executing program 1 (id=516):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
socket$inet6(0xa, 0x800, 0x3a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000140), 0x3, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r1, 0xc0405665, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x1c57, &(0x7f0000000600)={0x0, 0xccf8, 0x10000, 0x2, 0xce, 0x0, r3}, &(0x7f00000003c0)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x2, 0xfffffffffffffffd, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

4.479132274s ago: executing program 3 (id=517):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x81, 0x303040)
ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000040)={<r2=>0x0, 0x3, 0x20, 0x7, 0x200}, &(0x7f0000000080)=0x18)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={r2, 0x80}, 0x8)
r3 = syz_open_dev$usbmon(&(0x7f0000000100), 0x5, 0x100)
ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x1045)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='virtiofs\x00', 0x200020, 0x0)
r4 = openat2$dir(0xffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x54041, 0x4, 0x10}, 0x18)
r5 = open_tree(r4, &(0x7f0000000280)='./file0\x00', 0x8000)
r6 = openat$apparmor_thread_exec(0xffffff9c, &(0x7f00000002c0), 0x2, 0x0)
r7 = socket$phonet(0x23, 0x2, 0x1)
ppoll(&(0x7f0000000300)=[{r6, 0x28}, {r3, 0xe008}, {r7, 0x8500}, {r3, 0x1000}, {r3, 0x40}], 0x5, &(0x7f0000000340), &(0x7f0000000380)={[0x6, 0x5b]}, 0x8)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000013, 0x100010, r5, 0xaadb3000)
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82187202, &(0x7f00000003c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
socket$alg(0x26, 0x5, 0x0)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000640), r5)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x38, r8, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@L2TP_ATTR_FD={0x8, 0x17, @l2tp=r5}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x6}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x4}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp=r5}]}, 0x38}}, 0x20000000)
mmap$usbfs(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r5, 0x3)
stat64(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780))
getsockopt$inet_mreqn(r5, 0x0, 0x20, &(0x7f0000000800)={@broadcast, @local, <r9=>0x0}, &(0x7f0000000840)=0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x2, 0x80000000, 0x3, 0x1, 0x10000, r5, 0x8, '\x00', r9, 0xffffffffffffffff, 0x4, 0x1, 0x2, 0x0, @void, @value, @value=r5}, 0x50)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r5, 0x7ac, &(0x7f0000000d40)={&(0x7f0000000900)={{@host, 0x3}, {@hyper, 0x1}, 0x400, "f1ad7bf57ec756dce557926f5f4c132a33d8cad7e0b15750e702c728412b5b27e8f83f5be37517feedda7bbe62f1268a7f7b52d5c952dd3671015b001ce05e5007f9e011c7b92bfdf9d4d8dfd9bf55f91f9ad6c0b833a9872b61eaa7cc1ae6fa2f193e81c7ac5fd6f264aad6d444c6177d819502a8a770de14c0c9a24aee926e10c7d4d1893ffb161ddbca14be0d9251029fe522332b73f517cf53fa21527a6a4e4592c17d88dd35a77dced19bb317294ebb33cefc604910bcd234aacc78dd65b52f3611c9659b9c00a3df38338d39d6438693792dddba31613d37d2a77475f38dc35e4138b3faf89c1b8397bfc577195ab1481adc1cc66c7a9f5777247fd88e914628712b8c554c4c59051d3512af58a1e16730179659c7c4a84544d7c38a8fc76771adabc6212b5b00a97c8bbc9ca4d2fc2a2073be545e6b83308c76e54752305853cf1f348b5ac150287d3bc35f72467163bb649c82702c0f93359b84d2b54c9564beab97d5c919dac15d55cf73bb4059ec687cd3aa0556aabc053f63829c413a9268730e70f192667218a80fe575bc75e6e465822173858d3b269153f0993bab4d4af4677ef8efc7d7cd834eac1669754d3d7b813f26833ee178a2fbba6e464cfd73a8fc62cf6778b6027b1e3025c0d195bfea786307cc62eea73ab80486d0228fbd33c391199328d2809dea5322da627296c1e7dd2ec2e91aafe760bb2bbc0302ae1cf2587dc1742ea3796ebb7c5eaeeca9675625c8ffa5c135b4972e8974c675312e1cc09fb498892ecf7604c5e6e9fca7e6067b79a70e43f990b60f4027db97c633fb869ad2347998975ae2f156b99c3de364a2233f260bd42791625020c167e282bb7868c7be7ff381afae068e166c456f02e7bccbe0030289b1f75cb47fb5cfdd94d297e0d2681ff666ee011794105bba5144e2f2ed678ef8075fec6f9c87ae9e917f1a475e6c15e5e74d0f33126c067e9eeea95ada6ea4e86948dc2fa7f715eada58318b2d15b6bd681237efdb4ea61b19da768f311b00f10d8d41ed95a21effe58e80e29677acb4cd090725b644c2e8a7b8a9e8e723f3d21854a1686c23ef1f9f1d85ab91bab563fe8909e7efd2ff0e6503144ff61ffa1b57d371ac95c0b60f03f2266bdfdef5c3ed6e7210083fa30fe84e22ddeb6b31a344699289442a345be0ff18942ba502bf08d06af26ff573e2f96800392aab9d1870e874377e2bc7ca39b0ef7d444440e7d7e9043287f17e78dc823d100c0356b70c3f756e00c4170b902e43bc745d8ebe2556ca58de9f298e31f23d1a115ede043eb81f596a63308f46ab06331b6aa2525779a65ed358eb4a2101ab2adb930899b89c99a498d0179d536708831c37c4745b2589361b0f73e994e0afdc4832551a3f0553728143c2b48c0a6cdd0249c310d6834ab7d37908a12058130d1dbc0800a46745"}, 0x418, 0x8})
sendfile(r4, r0, &(0x7f0000000d80), 0xfff)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
lstat(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000e00))
r11 = openat$sndseq(0xffffff9c, &(0x7f0000000e80), 0x0)
write$sndseq(r11, &(0x7f0000001000)=[{0x3, 0x0, 0x42, 0x3, @tick=0x3e3, {0xfd, 0x2}, {0x5c, 0x1}, @ext={0x47, &(0x7f0000000ec0)="222428921eef01af943e79f8d815615dcaa7b9209a397b37d69a3bd2ccbcd2255e6aa7aa1e870ad551006eed45ce657da5efa5d22415ccc57293a9f539e6300ed9f5a84794326a"}}, {0x3, 0x4f, 0x3, 0x3, @tick=0xffffffff, {0x5, 0xd}, {0xa2, 0x6}, @ext={0x44, &(0x7f0000000f40)="6729bb08401ce882ddfe13f96efc5a459041ca70c3f2e73e82189a203ba0727a33a2f04db49a571f7a7ed71811fa81df659c118a5b5f650dcb947ac99051ced944c8c5c3"}}, {0x8, 0x0, 0x80, 0x5, @tick=0x9, {0x9, 0x1}, {0x9, 0x8}, @result={0x3402, 0x7}}, {0x3, 0x7, 0xe, 0x2, @time={0xffffffff, 0x3bd}, {0x9e, 0x1}, {0x9, 0x1}, @quote={{0x0, 0xd}, 0x7, &(0x7f0000000fc0)={0x40, 0xfa, 0x81, 0x7, @tick=0xa9c, {0x1, 0x6}, {0x40, 0x7}, @note={0x0, 0xba, 0x7, 0x6, 0x4}}}}, {0x5, 0x0, 0x6, 0x6, @tick=0x39bc, {0xf0, 0xdb}, {0x0, 0xd}, @raw8={"7481b4295b786c99012e5e07"}}, {0x2, 0x1, 0x5, 0x9, @tick=0x8000, {0x2, 0x9}, {0x65, 0x9}, @control={0x3, 0x1, 0x7f}}, {0x5, 0x8, 0xf8, 0x3, @tick=0x9, {0x0, 0x8}, {0x6, 0x90}, @time=@tick=0x5}], 0xc4)
r12 = open(&(0x7f0000001100)='./file0\x00', 0x40102, 0xc4)
sendfile(r10, r12, &(0x7f0000001140)=0x1, 0x80000001)

4.377377148s ago: executing program 3 (id=518):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket(0x10, 0x3, 0x0)
r2 = inotify_init()
close_range(r1, r2, 0x6)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = syz_io_uring_setup(0x893, &(0x7f00000003c0)={0x0, 0xaee1, 0x400, 0x0, 0xb}, &(0x7f0000000340)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000100)=@IORING_OP_TEE={0x21, 0x14, 0x0, @fd, 0x0, 0x0, 0x7, 0x2})
io_uring_enter(r5, 0x5361, 0xfffffffd, 0x2, 0x0, 0x0)

4.116476287s ago: executing program 2 (id=519):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
socket$inet6(0xa, 0x800, 0x3a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000140), 0x3, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r1, 0xc0405665, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x1c57, &(0x7f0000000600)={0x0, 0xccf8, 0x10000, 0x2, 0xce, 0x0, r3}, &(0x7f00000003c0)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x2, 0xfffffffffffffffd, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) (fail_nth: 1)

3.845536157s ago: executing program 1 (id=520):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$radio(&(0x7f0000000140), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f00000000c0)={0x0, 0x1, 0x7, 0x8, 0x2, 0x100059a, 0xbfc4bb97dfede4bd})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000780)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)={0x68, r2, 0x4, 0x0, 0x0, {{0x11}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x9, 0x13, [{0x60}, {0x18}, {0x49, 0x1}, {0x5}, {0x36}]}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x2}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x4}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_FLAGS={0xc, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_ASSOCIATED={0x4}, @NL80211_STA_FLAG_AUTHENTICATED={0x4}]}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x557}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x2}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x28d}]}, 0x68}, 0x1, 0x0, 0x0, 0x811}, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x4)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)=0x30)
fsopen(&(0x7f0000000180)='gfs2meta\x00', 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1802000000000000000000000600000085000000530000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000460000850000007b00000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000180)="00feffffff000000000051229dc9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020782500000000f01f20207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000500)='virtio_transport_alloc_pkt\x00', r7}, 0x9)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000000240)=<r9=>0x0)
syz_open_procfs(r9, &(0x7f0000000380)='comm\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newlink={0x38, 0x10, 0x421, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x900, 0x100}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x200004}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x1c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r10, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r11, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000040)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x20, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@add_addr={0x1e, 0xa, 0x0, 0xa, 0x0, @dev}]}}}}}}}}, 0x0)

3.845223344s ago: executing program 2 (id=521):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x66017, 0x3, 0x0, 0x0, 0x9835}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r4, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001140)={0x150, 0x0, 0x0, [{{0x3, 0x2, 0x37a, 0x6, 0x98, 0x5, {0x0, 0x4, 0x8fb, 0x2000000ec3, 0x7, 0x8, 0x7f, 0xfffff5e3, 0x1, 0x8000, 0x5, r2, r3, 0xfffff057, 0x9}}, {0x4, 0x0, 0x8, 0x800, 'rootmode'}}, {{0x3, 0x10000002, 0x900000000000000, 0x1ff, 0x2, 0x2, {0x6, 0x87, 0x4, 0xffffffffffffffff, 0x2, 0xffffffffffffff81, 0x80, 0xa, 0x402, 0xa000, 0xff, r2, 0x0, 0x4, 0x14a}}, {0x6, 0x10000, 0x8, 0x2, 'rootmode'}}]}, 0x0, 0x0, 0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x13, 0x8, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@mcast2, @in=@dev={0xac, 0x14, 0x14, 0x30}, 0x4e21, 0x6, 0x4e22, 0x9, 0x2, 0x1a0, 0x90, 0x3b}, {0x7, 0x1, 0xe, 0x80000000, 0xfffffffffffffff9, 0x6, 0x4, 0x3}, {0xf3, 0x8, 0x2, 0x7ff}, 0xc, 0x6e6bb9, 0x1, 0x1, 0x2, 0x3}, {{@in=@private=0xa010101, 0x4d5, 0x6c}, 0xa, @in=@loopback, 0x0, 0x1, 0x3, 0x6c, 0xffff, 0x9, 0xfff}}, 0xe4)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = dup(0xffffffffffffffff)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r10 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r10, 0x2)
r11 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r11, 0x1)

3.420464317s ago: executing program 3 (id=522):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x27)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
lseek(0xffffffffffffffff, 0xe, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xfffffd76)
socket(0x200000000000011, 0x2, 0xfffffffe)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, 0x0, 0x0)
accept4(r3, 0x0, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)='no,e\x00')
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendfile(r5, r5, 0x0, 0xffffffff)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
socket$inet6(0xa, 0x800, 0x3a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

3.000383798s ago: executing program 2 (id=523):
socket$nl_route(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000080)={0x1a0003, 0x0, [0x8, 0xff, 0xfffffffffffffffb, 0x3e00000000000000, 0x7fffffff, 0x7, 0x9, 0xa]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000009f00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x401)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x0, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/88, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001c40))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000)
write$eventfd(r2, &(0x7f00000000c0)=0xfffffffffffffffe, 0x8)

2.540634791s ago: executing program 3 (id=524):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000c065}, 0x4008000)

2.517065965s ago: executing program 0 (id=33):
r0 = epoll_create1(0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x18)
capget(&(0x7f0000002440), 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x38}}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)
r3 = socket(0x1, 0x80802, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r4, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r4)
shutdown(r3, 0x0)

507.783524ms ago: executing program 1 (id=525):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000400)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x371d, 0x0, &(0x7f0000000380), &(0x7f0000000400))
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0)
move_mount(r5, 0x0, 0xffffffffffffffff, 0x0, 0x154)
write$RDMA_USER_CM_CMD_QUERY(r4, 0x0, 0x0)
openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x5, 0x4800)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r6, 0x40405515, &(0x7f00000000c0)={0x4, 0x0, 0x5, 0x2, 'syz1\x00', 0x7})
chdir(&(0x7f0000000100)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)

507.072648ms ago: executing program 2 (id=526):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e25, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}, 0x1c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x700, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000206011200000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000a00000500050002000000050004000000000016000300686173683a6e6574"], 0x64}}, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xb, 0x2, [@union]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
mount(&(0x7f0000000300), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r2}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="10000000000000000000000000000000950000527e368e5e52d2657d5f62a2b25b07000000000e"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r4, 0x4068aea3, &(0x7f00000005c0)={0xa8, 0x0, 0x2})
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000180)="8369b66f64e629edea35dce6979875dc5490ff72d54c9ec6", 0x18, 0x0, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
creat(&(0x7f0000000100)='./file0\x00', 0x40)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz1\x00', {0x6fc9, 0x7, 0x5, 0x5}, 0x3e, [0x9, 0x3, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf6, 0x9, 0x39, 0x747d5a13, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x5184, 0x4, 0x4, 0xf252, 0x4, 0x800, 0x300000, 0x7, 0xe, 0x4623b, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0xd, 0x4, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x8, 0xe, 0x4, 0x2, 0xde, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0x1, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0x7, 0x1], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x5, 0x7, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0xc32, 0x3, 0x9, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x297, 0x5, 0x80, 0x981, 0x4, 0x100, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x8, 0x10, 0xfffffff9, 0xf, 0x2, 0x1, 0x0, 0x2, 0x5, 0x800, 0xffff, 0x6, 0x96, 0xfffffff9, 0x101, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0xa0, 0x3], [0xffff, 0xc584, 0xffff, 0xcd4, 0x7, 0x20, 0x7, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x7, 0xfffffffc, 0x1000, 0x2, 0x10, 0x1, 0xfffffff9, 0xe55, 0x10, 0x80000001, 0x4, 0x4, 0x5, 0x9, 0x2, 0x5, 0x80, 0x9, 0x9, 0x47, 0x2, 0x2003, 0x1, 0x7, 0x6d7e, 0x3, 0x8, 0x8001, 0xbf23, 0x1, 0x8, 0x0, 0x0, 0x3ff, 0x3, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xea, 0x9, 0x5, 0x6, 0xd9, 0x0, 0x7d, 0x401, 0x5], [0x8, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x2, 0x4, 0x0, 0x2, 0x763, 0xb, 0x402, 0x800, 0x4, 0x1000, 0x7f, 0x472d, 0x3fa6, 0x4, 0x0, 0x5, 0x1de, 0x4, 0xe47, 0x3, 0x3, 0x8004, 0x200, 0x1000, 0x3b, 0x3, 0x5, 0x802, 0xa80a, 0x65f413f9, 0x2, 0x8, 0x8a8, 0x2, 0x3d, 0x7, 0x2, 0x4, 0x4, 0x10, 0x340a, 0x0, 0x7fff, 0xffffffff, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0x7, 0xe, 0x2, 0xe, 0xf, 0x133, 0x10000006]}, 0x45c)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r9 = dup(r8)
write$FUSE_BMAP(r9, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r9, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r6}, 0x18)
close(r10)
fallocate(r10, 0x40, 0x1, 0x7)
write$binfmt_script(r5, 0x0, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)

506.745057ms ago: executing program 3 (id=527):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x50313134, 0x0, 0xa, [{}, {0x10}, {}, {}, {0x6}]}})
socket(0x2c, 0x803, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', '\x918s\x89X', 0x20, 0xffd}, 0x2f, 0x0)
request_key(&(0x7f0000000100)='big_key\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='syz', 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f0000000000)="224c1a2ad8c298259f72a5f7212bc7ed2d68abd2bb20639c59f501d93f283cc1d060cfbe043351c323a150e8f064", 0x2e, 0xfffffffffffffffe)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='load user:'], 0x32, 0xfffffffffffffffc)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0xb9)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x101442, 0x0)
pwrite64(r5, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)

280.338483ms ago: executing program 2 (id=528):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x50313134, 0x0, 0xa, [{}, {0x10}, {}, {}, {0x6}]}})
socket(0x2c, 0x803, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', '\x918s\x89X', 0x20, 0xffd}, 0x2f, 0x0)
request_key(&(0x7f0000000100)='big_key\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='syz', 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f0000000000)="224c1a2ad8c298259f72a5f7212bc7ed2d68abd2bb20639c59f501d93f283cc1d060cfbe043351c323a150e8f064", 0x2e, 0xfffffffffffffffe)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='load user:'], 0x32, 0xfffffffffffffffc)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (fail_nth: 1)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0xb9)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x101442, 0x0)
pwrite64(r5, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)

0s ago: executing program 1 (id=529):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
eventfd(0xc)
ioctl(r0, 0x9, &(0x7f0000000440)="0c99e3d74c2cb1c02701695e8bfd2d01fd68668ed6605471c98bdb07d92305bb40a12fbd4e55765a0bd9665fc66402afbdda78de7b4e995920906ea5")
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000380)={0xb, 0x1000090}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000005c0)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x1, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f00000002c0)={0x3ff, 0x3, 0x0, 0xb, 0x0, 0xf, 0x80000002, 0x5}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffff0000000004000800470f003c0064000005069078000000000000000044048433940400040000000000000006000000000000000000004e2300004e210000000300000003"], 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000480), 0x3, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x4, 0x0, 0x16, 0x42, 0x100, &(0x7f0000000040)="387ed7626d850509a2d6c1aa38f15cd0c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
socket$netlink(0x10, 0x3, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = getpid()
syz_pidfd_open(r4, 0x0)
syz_open_procfs$namespace(r4, &(0x7f0000000400)='ns/uts\x00')
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r5, &(0x7f0000001340)={0x0, 0x1f, &(0x7f0000000500)={0xfffffffffffffffe, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x40800)
r6 = dup(0xffffffffffffffff)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd74)

kernel console output (not intermixed with test programs):

 netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.113356][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  117.117091][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  117.120035][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  117.123447][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  117.126133][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  117.147999][ T7286] lo speed is unknown, defaulting to 1000
[  117.153465][ T7291] netlink: 4 bytes leftover after parsing attributes in process `syz.1.228'.
[  117.163964][ T7291] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  117.166444][ T7291] macvtap1: entered promiscuous mode
[  117.172886][ T7291] mac80211_hwsim hwsim7 wlan1: left promiscuous mode
[  117.278801][ T7286] chnl_net:caif_netlink_parms(): no params data found
[  117.440766][ T1139] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.476074][ T7286] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.478984][ T7286] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.481295][ T7286] bridge_slave_0: entered allmulticast mode
[  117.487449][ T7286] bridge_slave_0: entered promiscuous mode
[  117.490698][ T7286] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.493970][ T7286] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.497290][ T7286] bridge_slave_1: entered allmulticast mode
[  117.500073][ T7286] bridge_slave_1: entered promiscuous mode
[  117.511359][ T1139] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.562183][ T7286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.568846][ T7286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.728547][ T1139] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.049136][ T7286] team0: Port device team_slave_0 added
[  118.060809][ T7286] team0: Port device team_slave_1 added
[  118.122192][ T7286] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.127929][ T7286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.137643][ T7286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.145041][ T7286] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.147603][ T7286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.156351][ T7286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.262694][ T1139] bridge_slave_1: left allmulticast mode
[  118.265404][ T1139] bridge_slave_1: left promiscuous mode
[  118.268049][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.277128][ T1139] bridge_slave_0: left allmulticast mode
[  118.279646][ T1139] bridge_slave_0: left promiscuous mode
[  118.282379][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.307149][ T7323] FAULT_INJECTION: forcing a failure.
[  118.307149][ T7323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.311468][ T7323] CPU: 1 UID: 0 PID: 7323 Comm: syz.1.236 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  118.311495][ T7323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.311502][ T7323] Call Trace:
[  118.311506][ T7323]  <TASK>
[  118.311511][ T7323]  dump_stack_lvl+0x16c/0x1f0
[  118.311533][ T7323]  should_fail_ex+0x512/0x640
[  118.311552][ T7323]  _copy_from_user+0x2e/0xd0
[  118.311570][ T7323]  get_old_timespec32+0x82/0x130
[  118.311585][ T7323]  ? __pfx_get_old_timespec32+0x10/0x10
[  118.311599][ T7323]  ? __fget_files+0x20e/0x3c0
[  118.311613][ T7323]  ? handle_mm_fault+0x1f0/0xd10
[  118.311629][ T7323]  __ia32_compat_sys_ppoll_time32+0x17a/0x2c0
[  118.311646][ T7323]  ? __pfx___ia32_compat_sys_ppoll_time32+0x10/0x10
[  118.311662][ T7323]  ? ksys_write+0x1ac/0x250
[  118.311678][ T7323]  ? __pfx_ksys_write+0x10/0x10
[  118.311694][ T7323]  ? rcu_is_watching+0x12/0xc0
[  118.311707][ T7323]  __do_fast_syscall_32+0x7c/0x3a0
[  118.311719][ T7323]  do_fast_syscall_32+0x32/0x80
[  118.311729][ T7323]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  118.311743][ T7323] RIP: 0023:0xf7fa3579
[  118.311752][ T7323] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  118.311762][ T7323] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000135
[  118.311772][ T7323] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 0000000000000001
[  118.311779][ T7323] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  118.311785][ T7323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  118.311791][ T7323] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  118.311797][ T7323] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  118.311811][ T7323]  </TASK>
[  118.489812][ T7329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.238'.
[  118.492861][ T7329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.238'.
[  118.602627][ T1139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.607189][ T1139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.610694][ T1139] bond0 (unregistering): Released all slaves
[  118.636743][ T7286] hsr_slave_0: entered promiscuous mode
[  118.639005][ T7286] hsr_slave_1: entered promiscuous mode
[  118.641096][ T7286] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  118.643802][ T7286] Cannot create hsr debugfs directory
[  118.900283][ T1139] hsr_slave_0: left promiscuous mode
[  118.902529][ T1139] hsr_slave_1: left promiscuous mode
[  118.904608][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.906996][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.919213][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.921495][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.937274][ T7346] netlink: 4 bytes leftover after parsing attributes in process `syz.3.241'.
[  118.971521][ T1139] veth1_macvtap: left promiscuous mode
[  118.973889][ T1139] veth0_macvtap: left promiscuous mode
[  118.975674][ T1139] veth1_vlan: left promiscuous mode
[  118.977294][ T1139] veth0_vlan: left promiscuous mode
[  119.204294][ T5948] Bluetooth: hci2: command tx timeout
[  119.385735][ T7358] netlink: 4 bytes leftover after parsing attributes in process `syz.1.243'.
[  119.599167][ T1139] team0 (unregistering): Port device team_slave_1 removed
[  119.687258][ T1139] team0 (unregistering): Port device team_slave_0 removed
[  120.193016][ T7346] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  120.197490][ T7346] macvtap1: entered promiscuous mode
[  120.201900][ T7346] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  120.425230][ T7378] netlink: 40 bytes leftover after parsing attributes in process `syz.3.247'.
[  120.690499][ T7286] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  120.702594][ T7286] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  120.707328][ T7286] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  120.712147][ T7286] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  120.765704][ T7286] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.778543][ T7286] 8021q: adding VLAN 0 to HW filter on device team0
[  120.786291][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.788584][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.802599][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.804860][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.948889][ T7286] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.972586][ T7286] veth0_vlan: entered promiscuous mode
[  120.978544][ T7286] veth1_vlan: entered promiscuous mode
[  120.996204][ T7286] veth0_macvtap: entered promiscuous mode
[  121.002465][ T7286] veth1_macvtap: entered promiscuous mode
[  121.015612][ T7286] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.025165][ T7286] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.030326][ T7286] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.032960][ T7286] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.035814][ T7286] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.038408][ T7286] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.068445][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.071046][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.082811][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.085552][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.538087][ T7418] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  121.540233][ T7418] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  121.545501][ T7418] vhci_hcd vhci_hcd.0: Device attached
[  121.562340][ T7418] netdevsim netdevsim3: Direct firmware load for @ failed with error -2
[  121.565207][ T7418] netdevsim netdevsim3: Falling back to sysfs fallback for: @
[  121.813184][   T60] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  122.114553][ T7427] FAULT_INJECTION: forcing a failure.
[  122.114553][ T7427] name failslab, interval 1, probability 0, space 0, times 0
[  122.118542][ T7427] CPU: 3 UID: 0 PID: 7427 Comm: syz.1.253 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  122.118568][ T7427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.118575][ T7427] Call Trace:
[  122.118580][ T7427]  <TASK>
[  122.118584][ T7427]  dump_stack_lvl+0x16c/0x1f0
[  122.118605][ T7427]  should_fail_ex+0x512/0x640
[  122.118621][ T7427]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  122.118639][ T7427]  should_failslab+0xc2/0x120
[  122.118650][ T7427]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  122.118666][ T7427]  ? getname_flags.part.0+0x4c/0x550
[  122.118681][ T7427]  getname_flags.part.0+0x4c/0x550
[  122.118695][ T7427]  getname_flags+0x93/0xf0
[  122.118710][ T7427]  do_sys_openat2+0xb8/0x1d0
[  122.118722][ T7427]  ? __pfx_do_sys_openat2+0x10/0x10
[  122.118735][ T7427]  ? __fget_files+0x20e/0x3c0
[  122.118753][ T7427]  __ia32_compat_sys_openat+0x16d/0x210
[  122.118766][ T7427]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  122.118779][ T7427]  ? ksys_write+0x1ac/0x250
[  122.118796][ T7427]  ? rcu_is_watching+0x12/0xc0
[  122.118809][ T7427]  __do_fast_syscall_32+0x7c/0x3a0
[  122.118822][ T7427]  do_fast_syscall_32+0x32/0x80
[  122.118832][ T7427]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  122.118846][ T7427] RIP: 0023:0xf7fa3579
[  122.118854][ T7427] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  122.118865][ T7427] RSP: 002b:00000000f50a54f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  122.118875][ T7427] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f72b69e0
[  122.118882][ T7427] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7432ff4
[  122.118888][ T7427] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  122.118894][ T7427] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  122.118900][ T7427] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  122.118914][ T7427]  </TASK>
[  122.186494][ T7428] netlink: 40 bytes leftover after parsing attributes in process `syz.1.253'.
[  122.190513][ T7419] vhci_hcd: connection reset by peer
[  122.198963][   T81] vhci_hcd: stop threads
[  122.200660][   T81] vhci_hcd: release socket
[  122.206334][   T81] vhci_hcd: disconnect device
[  122.387210][ T7432] netlink: 4 bytes leftover after parsing attributes in process `syz.1.255'.
[  122.393955][ T7432] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  122.396180][ T7432] macvtap1: entered promiscuous mode
[  122.399535][ T7432] mac80211_hwsim hwsim7 wlan1: left promiscuous mode
[  122.972488][ T7443] netlink: 40 bytes leftover after parsing attributes in process `syz.2.258'.
[  124.818024][ T1138] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.794606][ T7463] FAULT_INJECTION: forcing a failure.
[  125.794606][ T7463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.799602][ T7463] CPU: 3 UID: 0 PID: 7463 Comm: syz.3.265 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  125.799631][ T7463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.799641][ T7463] Call Trace:
[  125.799648][ T7463]  <TASK>
[  125.799654][ T7463]  dump_stack_lvl+0x16c/0x1f0
[  125.799686][ T7463]  should_fail_ex+0x512/0x640
[  125.799714][ T7463]  _copy_from_user+0x2e/0xd0
[  125.799741][ T7463]  get_compat_msghdr+0xa7/0x170
[  125.799761][ T7463]  ? __pfx_get_compat_msghdr+0x10/0x10
[  125.799786][ T7463]  ___sys_sendmsg+0x1ae/0x1d0
[  125.799815][ T7463]  ? __pfx____sys_sendmsg+0x10/0x10
[  125.799853][ T7463]  ? find_held_lock+0x2b/0x80
[  125.799886][ T7463]  __sys_sendmsg+0x16d/0x220
[  125.799912][ T7463]  ? __pfx___sys_sendmsg+0x10/0x10
[  125.799950][ T7463]  ? rcu_is_watching+0x12/0xc0
[  125.799971][ T7463]  __do_fast_syscall_32+0x7c/0x3a0
[  125.799990][ T7463]  do_fast_syscall_32+0x32/0x80
[  125.800008][ T7463]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  125.800029][ T7463] RIP: 0023:0xf7fc1579
[  125.800042][ T7463] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  125.800060][ T7463] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  125.800077][ T7463] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  125.800088][ T7463] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  125.800097][ T7463] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  125.800108][ T7463] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  125.800117][ T7463] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  125.800140][ T7463]  </TASK>
[  125.828731][ T5305] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  125.878059][ T5305] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  125.881645][ T5305] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  125.886038][ T5305] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  125.889547][ T5305] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  125.930274][ T7464] lo speed is unknown, defaulting to 1000
[  126.028494][ T7464] chnl_net:caif_netlink_parms(): no params data found
[  126.111887][ T7464] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.115136][ T7464] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.118213][ T7464] bridge_slave_0: entered allmulticast mode
[  126.122724][ T7464] bridge_slave_0: entered promiscuous mode
[  126.129617][ T7464] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.132719][ T7464] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.136118][ T7464] bridge_slave_1: entered allmulticast mode
[  126.139733][ T7464] bridge_slave_1: entered promiscuous mode
[  126.229978][ T7464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  126.237053][ T7464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  126.298145][ T7464] team0: Port device team_slave_0 added
[  126.306770][ T7464] team0: Port device team_slave_1 added
[  126.361294][ T7464] batman_adv: batadv0: Adding interface: batadv_slave_0
[  126.364319][ T7464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.374898][ T7464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  126.381140][ T7464] batman_adv: batadv0: Adding interface: batadv_slave_1
[  126.384244][ T7464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.395127][ T7464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  126.463442][ T7464] hsr_slave_0: entered promiscuous mode
[  126.465983][ T7464] hsr_slave_1: entered promiscuous mode
[  126.468106][ T7464] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  126.470656][ T7464] Cannot create hsr debugfs directory
[  126.638344][ T7480] lo speed is unknown, defaulting to 1000
[  126.658159][ T1138] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.738853][ T1138] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.812453][ T1138] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.953283][   T60] vhci_hcd: vhci_device speed not set
[  126.967216][ T1138] bridge_slave_1: left allmulticast mode
[  126.974859][ T1138] bridge_slave_1: left promiscuous mode
[  126.977703][ T1138] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.986958][ T1138] bridge_slave_0: left allmulticast mode
[  126.989368][ T1138] bridge_slave_0: left promiscuous mode
[  126.992539][ T1138] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.385628][ T1138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  127.419963][ T1138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  127.441684][ T1138] bond0 (unregistering): Released all slaves
[  127.795000][ T7508] =======================================================
[  127.795000][ T7508] WARNING: The mand mount option has been deprecated and
[  127.795000][ T7508]          and is ignored by this kernel. Remove the mand
[  127.795000][ T7508]          option from the mount to silence this warning.
[  127.795000][ T7508] =======================================================
[  127.934258][ T5948] Bluetooth: hci2: command tx timeout
[  127.946901][ T1138] hsr_slave_0: left promiscuous mode
[  127.950169][ T1138] hsr_slave_1: left promiscuous mode
[  127.953670][ T1138] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  127.956764][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  127.961844][ T1138] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  127.965753][ T1138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  127.984276][ T1138] veth1_macvtap: left promiscuous mode
[  127.986103][ T1138] veth0_macvtap: left promiscuous mode
[  127.987971][ T1138] veth1_vlan: left promiscuous mode
[  127.989670][ T1138] veth0_vlan: left promiscuous mode
[  128.687582][ T1138] team0 (unregistering): Port device team_slave_1 removed
[  128.767710][ T1138] team0 (unregistering): Port device team_slave_0 removed
[  129.009783][ T7545] FAULT_INJECTION: forcing a failure.
[  129.009783][ T7545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.015594][ T7545] CPU: 1 UID: 0 PID: 7545 Comm: syz.1.281 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  129.015609][ T7545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.015616][ T7545] Call Trace:
[  129.015620][ T7545]  <TASK>
[  129.015624][ T7545]  dump_stack_lvl+0x16c/0x1f0
[  129.015645][ T7545]  should_fail_ex+0x512/0x640
[  129.015664][ T7545]  _copy_from_user+0x2e/0xd0
[  129.015681][ T7545]  get_compat_msghdr+0xa7/0x170
[  129.015694][ T7545]  ? __pfx_get_compat_msghdr+0x10/0x10
[  129.015709][ T7545]  ___sys_sendmsg+0x1ae/0x1d0
[  129.015734][ T7545]  ? __pfx____sys_sendmsg+0x10/0x10
[  129.015772][ T7545]  ? find_held_lock+0x2b/0x80
[  129.015806][ T7545]  __sys_sendmsg+0x16d/0x220
[  129.015833][ T7545]  ? __pfx___sys_sendmsg+0x10/0x10
[  129.015871][ T7545]  ? rcu_is_watching+0x12/0xc0
[  129.015894][ T7545]  __do_fast_syscall_32+0x7c/0x3a0
[  129.015912][ T7545]  do_fast_syscall_32+0x32/0x80
[  129.015930][ T7545]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.015954][ T7545] RIP: 0023:0xf7fa3579
[  129.015969][ T7545] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  129.015985][ T7545] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  129.016003][ T7545] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  129.016015][ T7545] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  129.016026][ T7545] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  129.016035][ T7545] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  129.016044][ T7545] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.016059][ T7545]  </TASK>
[  129.424096][ T7464] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  129.429260][ T7464] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  129.438530][ T7464] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  129.452987][ T7464] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  129.531313][ T7464] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.539691][ T7464] 8021q: adding VLAN 0 to HW filter on device team0
[  129.550215][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.552482][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.558176][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.560411][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.711659][ T7464] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.745040][ T7464] veth0_vlan: entered promiscuous mode
[  129.752337][ T7464] veth1_vlan: entered promiscuous mode
[  129.796560][ T7464] veth0_macvtap: entered promiscuous mode
[  129.800494][ T7464] veth1_macvtap: entered promiscuous mode
[  129.816723][ T7464] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.823140][ T7464] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.827433][ T7464] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.830237][ T7464] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.832930][ T7464] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.836245][ T7464] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.916685][ T7591] lo speed is unknown, defaulting to 1000
[  130.003200][ T5948] Bluetooth: hci2: command tx timeout
[  130.044404][ T7593] FAULT_INJECTION: forcing a failure.
[  130.044404][ T7593] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.049667][ T7593] CPU: 3 UID: 0 PID: 7593 Comm: syz.1.289 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  130.049691][ T7593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  130.049702][ T7593] Call Trace:
[  130.049708][ T7593]  <TASK>
[  130.049716][ T7593]  dump_stack_lvl+0x16c/0x1f0
[  130.049748][ T7593]  should_fail_ex+0x512/0x640
[  130.049776][ T7593]  _copy_from_user+0x2e/0xd0
[  130.049804][ T7593]  get_compat_msghdr+0xa7/0x170
[  130.049822][ T7593]  ? __pfx_get_compat_msghdr+0x10/0x10
[  130.049849][ T7593]  ___sys_sendmsg+0x1ae/0x1d0
[  130.049879][ T7593]  ? __pfx____sys_sendmsg+0x10/0x10
[  130.049918][ T7593]  ? find_held_lock+0x2b/0x80
[  130.049953][ T7593]  __sys_sendmsg+0x16d/0x220
[  130.049981][ T7593]  ? __pfx___sys_sendmsg+0x10/0x10
[  130.050019][ T7593]  ? rcu_is_watching+0x12/0xc0
[  130.050040][ T7593]  __do_fast_syscall_32+0x7c/0x3a0
[  130.050059][ T7593]  do_fast_syscall_32+0x32/0x80
[  130.050075][ T7593]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  130.050118][ T7593] RIP: 0023:0xf7fa3579
[  130.050133][ T7593] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  130.050150][ T7593] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  130.050167][ T7593] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  130.050178][ T7593] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  130.050188][ T7593] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  130.050199][ T7593] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  130.050210][ T7593] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  130.050233][ T7593]  </TASK>
[  130.140621][   T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.153512][   T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.167542][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.170754][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.602180][ T7604] overlayfs: failed to resolve './file0': -2
[  130.776946][ T1147] Bluetooth: hci2: Frame reassembly failed (-84)
[  130.779960][ T1138] Bluetooth: hci2: received HCILL_GO_TO_SLEEP_ACK in state 0
[  131.105737][ T7613] FAULT_INJECTION: forcing a failure.
[  131.105737][ T7613] name failslab, interval 1, probability 0, space 0, times 0
[  131.110721][ T7613] CPU: 0 UID: 0 PID: 7613 Comm: syz.1.297 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  131.110745][ T7613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.110755][ T7613] Call Trace:
[  131.110762][ T7613]  <TASK>
[  131.110768][ T7613]  dump_stack_lvl+0x16c/0x1f0
[  131.110798][ T7613]  should_fail_ex+0x512/0x640
[  131.110821][ T7613]  ? fs_reclaim_acquire+0xae/0x150
[  131.110842][ T7613]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  131.110864][ T7613]  should_failslab+0xc2/0x120
[  131.110880][ T7613]  __kmalloc_noprof+0xd2/0x510
[  131.110908][ T7613]  tomoyo_realpath_from_path+0xc2/0x6e0
[  131.110933][ T7613]  ? tomoyo_profile+0x47/0x60
[  131.110959][ T7613]  tomoyo_path_number_perm+0x245/0x580
[  131.110976][ T7613]  ? tomoyo_path_number_perm+0x237/0x580
[  131.110998][ T7613]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  131.111043][ T7613]  ? find_held_lock+0x2b/0x80
[  131.111059][ T7613]  ? hook_file_ioctl_common+0x145/0x410
[  131.111081][ T7613]  ? __fget_files+0x20e/0x3c0
[  131.111101][ T7613]  ? fput+0x60/0xf0
[  131.111120][ T7613]  security_file_ioctl_compat+0x9b/0x240
[  131.111142][ T7613]  __ia32_compat_sys_ioctl+0xc3/0x370
[  131.111164][ T7613]  __do_fast_syscall_32+0x7c/0x3a0
[  131.111182][ T7613]  do_fast_syscall_32+0x32/0x80
[  131.111197][ T7613]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.111217][ T7613] RIP: 0023:0xf7fa3579
[  131.111230][ T7613] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  131.111246][ T7613] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  131.111262][ T7613] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040047452
[  131.111273][ T7613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  131.111282][ T7613] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.111291][ T7613] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  131.111301][ T7613] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.111333][ T7613]  </TASK>
[  131.111341][ T7613] ERROR: Out of memory at tomoyo_realpath_from_path.
[  131.662131][ T7609] kexec: Could not allocate control_code_buffer
[  131.753148][ T7625] FAULT_INJECTION: forcing a failure.
[  131.753148][ T7625] name failslab, interval 1, probability 0, space 0, times 0
[  131.758256][ T7625] CPU: 3 UID: 0 PID: 7625 Comm: syz.2.300 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  131.758281][ T7625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.758292][ T7625] Call Trace:
[  131.758298][ T7625]  <TASK>
[  131.758304][ T7625]  dump_stack_lvl+0x16c/0x1f0
[  131.758335][ T7625]  should_fail_ex+0x512/0x640
[  131.758359][ T7625]  ? fs_reclaim_acquire+0xae/0x150
[  131.758380][ T7625]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  131.758404][ T7625]  should_failslab+0xc2/0x120
[  131.758421][ T7625]  __kmalloc_noprof+0xd2/0x510
[  131.758450][ T7625]  tomoyo_realpath_from_path+0xc2/0x6e0
[  131.758477][ T7625]  ? tomoyo_profile+0x47/0x60
[  131.758502][ T7625]  tomoyo_path_number_perm+0x245/0x580
[  131.758514][ T7625]  ? tomoyo_path_number_perm+0x237/0x580
[  131.758528][ T7625]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  131.758561][ T7625]  ? find_held_lock+0x2b/0x80
[  131.758572][ T7625]  ? hook_file_ioctl_common+0x145/0x410
[  131.758587][ T7625]  ? __fget_files+0x20e/0x3c0
[  131.758601][ T7625]  ? fput+0x60/0xf0
[  131.758613][ T7625]  security_file_ioctl_compat+0x9b/0x240
[  131.758628][ T7625]  __ia32_compat_sys_ioctl+0xc3/0x370
[  131.758643][ T7625]  __do_fast_syscall_32+0x7c/0x3a0
[  131.758655][ T7625]  do_fast_syscall_32+0x32/0x80
[  131.758665][ T7625]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.758679][ T7625] RIP: 0023:0xf710e579
[  131.758688][ T7625] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  131.758698][ T7625] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  131.758708][ T7625] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c008ae67
[  131.758715][ T7625] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  131.758721][ T7625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.758727][ T7625] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  131.758734][ T7625] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.758747][ T7625]  </TASK>
[  131.758751][ T7625] ERROR: Out of memory at tomoyo_realpath_from_path.
[  131.795018][ T7623] lo speed is unknown, defaulting to 1000
[  132.077389][ T7628] program syz.2.301 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  132.257184][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  132.259776][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  132.415437][   T81] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.813246][ T5948] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  132.813309][ T5305] Bluetooth: hci2: command 0x1003 tx timeout
[  133.530933][ T5305] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  133.535584][ T5305] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  133.539369][ T5305] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  133.543333][ T5305] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  133.546816][ T5305] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  133.592385][ T7644] lo speed is unknown, defaulting to 1000
[  133.644789][ T7649] netlink: 292 bytes leftover after parsing attributes in process `syz.2.307'.
[  133.798753][ T7644] chnl_net:caif_netlink_parms(): no params data found
[  133.901619][ T7657] FAULT_INJECTION: forcing a failure.
[  133.901619][ T7657] name failslab, interval 1, probability 0, space 0, times 0
[  133.909989][ T7657] CPU: 3 UID: 0 PID: 7657 Comm: syz.2.309 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  133.910006][ T7657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  133.910013][ T7657] Call Trace:
[  133.910017][ T7657]  <TASK>
[  133.910021][ T7657]  dump_stack_lvl+0x16c/0x1f0
[  133.910043][ T7657]  should_fail_ex+0x512/0x640
[  133.910095][ T7657]  ? fs_reclaim_acquire+0xae/0x150
[  133.910111][ T7657]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  133.910127][ T7657]  should_failslab+0xc2/0x120
[  133.910137][ T7657]  __kmalloc_noprof+0xd2/0x510
[  133.910157][ T7657]  tomoyo_realpath_from_path+0xc2/0x6e0
[  133.910174][ T7657]  ? tomoyo_profile+0x47/0x60
[  133.910192][ T7657]  tomoyo_path_number_perm+0x245/0x580
[  133.910204][ T7657]  ? tomoyo_path_number_perm+0x237/0x580
[  133.910218][ T7657]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  133.910245][ T7657]  ? find_held_lock+0x2b/0x80
[  133.910257][ T7657]  ? hook_file_ioctl_common+0x145/0x410
[  133.910272][ T7657]  ? __fget_files+0x20e/0x3c0
[  133.910285][ T7657]  ? fput+0x60/0xf0
[  133.910297][ T7657]  security_file_ioctl_compat+0x9b/0x240
[  133.910313][ T7657]  __ia32_compat_sys_ioctl+0xc3/0x370
[  133.910330][ T7657]  __do_fast_syscall_32+0x7c/0x3a0
[  133.910342][ T7657]  do_fast_syscall_32+0x32/0x80
[  133.910352][ T7657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  133.910366][ T7657] RIP: 0023:0xf710e579
[  133.910375][ T7657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  133.910386][ T7657] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  133.910396][ T7657] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c008ae67
[  133.910403][ T7657] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  133.910409][ T7657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  133.910415][ T7657] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  133.910421][ T7657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  133.910435][ T7657]  </TASK>
[  133.910475][ T7657] ERROR: Out of memory at tomoyo_realpath_from_path.
[  134.000441][   T81] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.079903][   T81] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.087122][ T7644] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.090104][ T7644] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.093041][ T7644] bridge_slave_0: entered allmulticast mode
[  134.097534][ T7644] bridge_slave_0: entered promiscuous mode
[  134.100643][ T7644] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.102938][ T7644] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.105736][ T7644] bridge_slave_1: entered allmulticast mode
[  134.110656][ T7644] bridge_slave_1: entered promiscuous mode
[  134.166167][ T7644] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  134.177165][ T7644] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  134.189510][   T81] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.230808][ T7644] team0: Port device team_slave_0 added
[  134.236598][ T7644] team0: Port device team_slave_1 added
[  134.284524][ T7644] batman_adv: batadv0: Adding interface: batadv_slave_0
[  134.286879][ T7644] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.295892][ T7644] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  134.300122][ T7644] batman_adv: batadv0: Adding interface: batadv_slave_1
[  134.302502][ T7644] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.310793][ T7644] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  134.376886][ T7644] hsr_slave_0: entered promiscuous mode
[  134.379690][ T7644] hsr_slave_1: entered promiscuous mode
[  134.382271][ T7644] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  134.385214][ T7644] Cannot create hsr debugfs directory
[  134.471098][ T7669] FAULT_INJECTION: forcing a failure.
[  134.471098][ T7669] name failslab, interval 1, probability 0, space 0, times 0
[  134.481976][ T7669] CPU: 0 UID: 0 PID: 7669 Comm: syz.3.312 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  134.482003][ T7669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.482016][ T7669] Call Trace:
[  134.482022][ T7669]  <TASK>
[  134.482030][ T7669]  dump_stack_lvl+0x16c/0x1f0
[  134.482093][ T7669]  should_fail_ex+0x512/0x640
[  134.482120][ T7669]  ? fs_reclaim_acquire+0xae/0x150
[  134.482144][ T7669]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  134.482170][ T7669]  should_failslab+0xc2/0x120
[  134.482189][ T7669]  __kmalloc_noprof+0xd2/0x510
[  134.482221][ T7669]  tomoyo_realpath_from_path+0xc2/0x6e0
[  134.482255][ T7669]  ? tomoyo_profile+0x47/0x60
[  134.482284][ T7669]  tomoyo_path_number_perm+0x245/0x580
[  134.482304][ T7669]  ? tomoyo_path_number_perm+0x237/0x580
[  134.482328][ T7669]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  134.482381][ T7669]  ? find_held_lock+0x2b/0x80
[  134.482400][ T7669]  ? hook_file_ioctl_common+0x145/0x410
[  134.482427][ T7669]  ? __fget_files+0x20e/0x3c0
[  134.482449][ T7669]  ? fput+0x60/0xf0
[  134.482471][ T7669]  security_file_ioctl_compat+0x9b/0x240
[  134.482496][ T7669]  __ia32_compat_sys_ioctl+0xc3/0x370
[  134.482523][ T7669]  __do_fast_syscall_32+0x7c/0x3a0
[  134.482544][ T7669]  do_fast_syscall_32+0x32/0x80
[  134.482561][ T7669]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.482583][ T7669] RIP: 0023:0xf7fc1579
[  134.482598][ T7669] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.482616][ T7669] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  134.482635][ T7669] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c008ae88
[  134.482646][ T7669] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  134.482657][ T7669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  134.482667][ T7669] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.482678][ T7669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.482702][ T7669]  </TASK>
[  134.482724][ T7669] ERROR: Out of memory at tomoyo_realpath_from_path.
[  134.571265][   T81] bridge_slave_1: left allmulticast mode
[  134.573350][   T81] bridge_slave_1: left promiscuous mode
[  134.575269][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.579163][   T81] bridge_slave_0: left allmulticast mode
[  134.581082][   T81] bridge_slave_0: left promiscuous mode
[  134.583780][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.848164][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.853762][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  134.858349][   T81] bond0 (unregistering): Released all slaves
[  134.923216][ T7674] lo speed is unknown, defaulting to 1000
[  134.965245][ T7681] vlan2: entered allmulticast mode
[  134.966920][ T7681] bridge0: entered allmulticast mode
[  135.251880][   T81] hsr_slave_0: left promiscuous mode
[  135.254246][   T81] hsr_slave_1: left promiscuous mode
[  135.256347][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.258765][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.261659][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.264324][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.285687][   T81] veth1_macvtap: left promiscuous mode
[  135.287507][   T81] veth0_macvtap: left promiscuous mode
[  135.289331][   T81] veth1_vlan: left promiscuous mode
[  135.291020][   T81] veth0_vlan: left promiscuous mode
[  135.613496][ T5305] Bluetooth: hci2: command tx timeout
[  135.633004][ T7702] FAULT_INJECTION: forcing a failure.
[  135.633004][ T7702] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.637793][ T7702] CPU: 3 UID: 0 PID: 7702 Comm: syz.2.317 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  135.637814][ T7702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.637825][ T7702] Call Trace:
[  135.637830][ T7702]  <TASK>
[  135.637835][ T7702]  dump_stack_lvl+0x16c/0x1f0
[  135.637856][ T7702]  should_fail_ex+0x512/0x640
[  135.637874][ T7702]  _copy_from_user+0x2e/0xd0
[  135.637892][ T7702]  move_addr_to_kernel+0x65/0x170
[  135.637908][ T7702]  __sys_sendto+0x1be/0x520
[  135.637924][ T7702]  ? __pfx___sys_sendto+0x10/0x10
[  135.637951][ T7702]  ? ksys_write+0x1ac/0x250
[  135.637966][ T7702]  ? __pfx_ksys_write+0x10/0x10
[  135.637983][ T7702]  __ia32_sys_sendto+0xdd/0x1b0
[  135.637999][ T7702]  ? lockdep_hardirqs_on+0x7c/0x110
[  135.638015][ T7702]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  135.638033][ T7702]  __do_fast_syscall_32+0x7c/0x3a0
[  135.638071][ T7702]  do_fast_syscall_32+0x32/0x80
[  135.638081][ T7702]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.638095][ T7702] RIP: 0023:0xf710e579
[  135.638104][ T7702] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.638115][ T7702] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  135.638126][ T7702] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  135.638133][ T7702] RDX: 0000000000000001 RSI: 00000000000000c1 RDI: 0000000080000180
[  135.638151][ T7702] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  135.638157][ T7702] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.638164][ T7702] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.638177][ T7702]  </TASK>
[  135.829683][   T40] audit: type=1326 audit(1750022136.493:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.839725][   T40] audit: type=1326 audit(1750022136.503:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.850580][   T40] audit: type=1326 audit(1750022136.503:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.859125][   T40] audit: type=1326 audit(1750022136.503:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.867264][   T40] audit: type=1326 audit(1750022136.503:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.874211][   T40] audit: type=1326 audit(1750022136.503:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.881721][   T40] audit: type=1326 audit(1750022136.503:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.891023][   T40] audit: type=1326 audit(1750022136.503:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.899111][   T40] audit: type=1326 audit(1750022136.503:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  135.906095][   T40] audit: type=1326 audit(1750022136.503:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7680 comm="syz.3.314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000
[  136.115674][   T81] team0 (unregistering): Port device team_slave_1 removed
[  136.182174][   T81] team0 (unregistering): Port device team_slave_0 removed
[  136.617795][ T7711] FAULT_INJECTION: forcing a failure.
[  136.617795][ T7711] name failslab, interval 1, probability 0, space 0, times 0
[  136.621911][ T7711] CPU: 2 UID: 0 PID: 7711 Comm: syz.2.320 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  136.621927][ T7711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.621935][ T7711] Call Trace:
[  136.621939][ T7711]  <TASK>
[  136.621944][ T7711]  dump_stack_lvl+0x16c/0x1f0
[  136.621966][ T7711]  should_fail_ex+0x512/0x640
[  136.621982][ T7711]  ? fs_reclaim_acquire+0xae/0x150
[  136.621996][ T7711]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  136.622012][ T7711]  should_failslab+0xc2/0x120
[  136.622022][ T7711]  __kmalloc_noprof+0xd2/0x510
[  136.622068][ T7711]  tomoyo_realpath_from_path+0xc2/0x6e0
[  136.622085][ T7711]  ? tomoyo_profile+0x47/0x60
[  136.622104][ T7711]  tomoyo_path_number_perm+0x245/0x580
[  136.622117][ T7711]  ? tomoyo_path_number_perm+0x237/0x580
[  136.622130][ T7711]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  136.622158][ T7711]  ? find_held_lock+0x2b/0x80
[  136.622169][ T7711]  ? hook_file_ioctl_common+0x145/0x410
[  136.622184][ T7711]  ? __fget_files+0x20e/0x3c0
[  136.622198][ T7711]  ? fput+0x60/0xf0
[  136.622210][ T7711]  security_file_ioctl_compat+0x9b/0x240
[  136.622226][ T7711]  __ia32_compat_sys_ioctl+0xc3/0x370
[  136.622242][ T7711]  __do_fast_syscall_32+0x7c/0x3a0
[  136.622254][ T7711]  do_fast_syscall_32+0x32/0x80
[  136.622264][ T7711]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  136.622278][ T7711] RIP: 0023:0xf710e579
[  136.622286][ T7711] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  136.622298][ T7711] RSP: 002b:00000000f50bc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  136.622309][ T7711] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c008551a
[  136.622315][ T7711] RDX: 0000000080000880 RSI: 0000000000000000 RDI: 0000000000000000
[  136.622321][ T7711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  136.622328][ T7711] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  136.622336][ T7711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  136.622349][ T7711]  </TASK>
[  136.622354][ T7711] ERROR: Out of memory at tomoyo_realpath_from_path.
[  137.402570][ T7644] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  137.420758][ T7644] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  137.428370][ T7644] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  137.434848][ T7644] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  137.448447][ T7726] FAULT_INJECTION: forcing a failure.
[  137.448447][ T7726] name failslab, interval 1, probability 0, space 0, times 0
[  137.454339][ T7726] CPU: 0 UID: 0 PID: 7726 Comm: syz.3.325 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  137.454360][ T7726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.454368][ T7726] Call Trace:
[  137.454373][ T7726]  <TASK>
[  137.454378][ T7726]  dump_stack_lvl+0x16c/0x1f0
[  137.454400][ T7726]  should_fail_ex+0x512/0x640
[  137.454418][ T7726]  ? __kmalloc_noprof+0xbf/0x510
[  137.454436][ T7726]  ? kernfs_fop_write_iter+0x237/0x510
[  137.454448][ T7726]  should_failslab+0xc2/0x120
[  137.454459][ T7726]  __kmalloc_noprof+0xd2/0x510
[  137.454479][ T7726]  kernfs_fop_write_iter+0x237/0x510
[  137.454494][ T7726]  vfs_write+0x6c4/0x1150
[  137.454511][ T7726]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  137.454526][ T7726]  ? __pfx_vfs_write+0x10/0x10
[  137.454541][ T7726]  ? find_held_lock+0x2b/0x80
[  137.454563][ T7726]  ksys_write+0x12a/0x250
[  137.454578][ T7726]  ? __pfx_ksys_write+0x10/0x10
[  137.454596][ T7726]  ? rcu_is_watching+0x12/0xc0
[  137.454610][ T7726]  __do_fast_syscall_32+0x7c/0x3a0
[  137.454623][ T7726]  do_fast_syscall_32+0x32/0x80
[  137.454633][ T7726]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.454648][ T7726] RIP: 0023:0xf7fc1579
[  137.454659][ T7726] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  137.454670][ T7726] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  137.454681][ T7726] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  137.454688][ T7726] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[  137.454695][ T7726] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  137.454701][ T7726] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  137.454708][ T7726] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  137.454722][ T7726]  </TASK>
[  137.585342][ T7644] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.598349][ T7644] 8021q: adding VLAN 0 to HW filter on device team0
[  137.605128][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.607975][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.616056][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.618328][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.651947][ T7644] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  137.659879][ T7644] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  137.683657][ T5305] Bluetooth: hci2: command tx timeout
[  138.074958][ T7644] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.106452][ T7644] veth0_vlan: entered promiscuous mode
[  138.111192][ T7644] veth1_vlan: entered promiscuous mode
[  138.132395][ T7644] veth0_macvtap: entered promiscuous mode
[  138.151838][ T7644] veth1_macvtap: entered promiscuous mode
[  138.169172][ T7644] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.180522][ T7644] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.218616][ T7644] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.221447][ T7644] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.226090][ T7644] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.234376][ T7644] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.317685][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.320980][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.454007][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.457248][ T7760] lo speed is unknown, defaulting to 1000
[  138.458597][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.784794][ T7775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.332'.
[  138.830724][ T7777] FAULT_INJECTION: forcing a failure.
[  138.830724][ T7777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.834930][ T7777] CPU: 0 UID: 0 PID: 7777 Comm: syz.2.333 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  138.834946][ T7777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  138.834953][ T7777] Call Trace:
[  138.834957][ T7777]  <TASK>
[  138.834962][ T7777]  dump_stack_lvl+0x16c/0x1f0
[  138.834983][ T7777]  should_fail_ex+0x512/0x640
[  138.835002][ T7777]  _copy_from_user+0x2e/0xd0
[  138.835020][ T7777]  get_compat_msghdr+0xa7/0x170
[  138.835032][ T7777]  ? __pfx_get_compat_msghdr+0x10/0x10
[  138.835047][ T7777]  ___sys_sendmsg+0x1ae/0x1d0
[  138.835066][ T7777]  ? __pfx____sys_sendmsg+0x10/0x10
[  138.835090][ T7777]  ? find_held_lock+0x2b/0x80
[  138.835110][ T7777]  __sys_sendmsg+0x16d/0x220
[  138.835128][ T7777]  ? __pfx___sys_sendmsg+0x10/0x10
[  138.835151][ T7777]  ? rcu_is_watching+0x12/0xc0
[  138.835165][ T7777]  __do_fast_syscall_32+0x7c/0x3a0
[  138.835177][ T7777]  do_fast_syscall_32+0x32/0x80
[  138.835187][ T7777]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  138.835201][ T7777] RIP: 0023:0xf710e579
[  138.835210][ T7777] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  138.835221][ T7777] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  138.835232][ T7777] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  138.835242][ T7777] RDX: 0000000000040084 RSI: 0000000000000000 RDI: 0000000000000000
[  138.835249][ T7777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  138.835255][ T7777] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  138.835261][ T7777] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  138.835274][ T7777]  </TASK>
[  140.075980][   T81] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.114858][ T7797] FAULT_INJECTION: forcing a failure.
[  140.114858][ T7797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.118923][ T7797] CPU: 2 UID: 0 PID: 7797 Comm: syz.1.340 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  140.118939][ T7797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.118946][ T7797] Call Trace:
[  140.118950][ T7797]  <TASK>
[  140.118954][ T7797]  dump_stack_lvl+0x16c/0x1f0
[  140.118975][ T7797]  should_fail_ex+0x512/0x640
[  140.118994][ T7797]  _copy_from_iter+0x29f/0x16f0
[  140.119015][ T7797]  ? __pfx__copy_from_iter+0x10/0x10
[  140.119035][ T7797]  ? find_held_lock+0x2b/0x80
[  140.119049][ T7797]  tun_get_user+0x240/0x3b80
[  140.119066][ T7797]  ? __pfx_tun_get_user+0x10/0x10
[  140.119076][ T7797]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  140.119097][ T7797]  ? find_held_lock+0x2b/0x80
[  140.119108][ T7797]  ? tun_get+0x191/0x370
[  140.119127][ T7797]  tun_chr_write_iter+0xdc/0x210
[  140.119138][ T7797]  vfs_write+0x6c4/0x1150
[  140.119155][ T7797]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  140.119167][ T7797]  ? __pfx_vfs_write+0x10/0x10
[  140.119181][ T7797]  ? find_held_lock+0x2b/0x80
[  140.119200][ T7797]  ksys_write+0x12a/0x250
[  140.119219][ T7797]  ? __pfx_ksys_write+0x10/0x10
[  140.119235][ T7797]  ? rcu_is_watching+0x12/0xc0
[  140.119248][ T7797]  __do_fast_syscall_32+0x7c/0x3a0
[  140.119261][ T7797]  do_fast_syscall_32+0x32/0x80
[  140.119271][ T7797]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.119285][ T7797] RIP: 0023:0xf7fa3579
[  140.119294][ T7797] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.119304][ T7797] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  140.119315][ T7797] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800014c0
[  140.119321][ T7797] RDX: 0000000000000042 RSI: 0000000000000000 RDI: 0000000000000000
[  140.119328][ T7797] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.119333][ T7797] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  140.119340][ T7797] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.119353][ T7797]  </TASK>
[  141.486898][ T7804] vlan0: entered promiscuous mode
[  141.491761][ T7800] netlink: 32 bytes leftover after parsing attributes in process `syz.2.342'.
[  141.501268][ T7804] team0: Port device vlan0 added
[  141.562855][ T7807] FAULT_INJECTION: forcing a failure.
[  141.562855][ T7807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.579600][ T7807] CPU: 3 UID: 0 PID: 7807 Comm: syz.3.344 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  141.579618][ T7807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  141.579625][ T7807] Call Trace:
[  141.579628][ T7807]  <TASK>
[  141.579633][ T7807]  dump_stack_lvl+0x16c/0x1f0
[  141.579654][ T7807]  should_fail_ex+0x512/0x640
[  141.579672][ T7807]  _copy_from_user+0x2e/0xd0
[  141.579690][ T7807]  get_compat_msghdr+0xa7/0x170
[  141.579702][ T7807]  ? __pfx_get_compat_msghdr+0x10/0x10
[  141.579718][ T7807]  ___sys_sendmsg+0x1ae/0x1d0
[  141.579736][ T7807]  ? __pfx____sys_sendmsg+0x10/0x10
[  141.579759][ T7807]  ? find_held_lock+0x2b/0x80
[  141.579779][ T7807]  __sys_sendmsg+0x16d/0x220
[  141.579796][ T7807]  ? __pfx___sys_sendmsg+0x10/0x10
[  141.579819][ T7807]  ? rcu_is_watching+0x12/0xc0
[  141.579832][ T7807]  __do_fast_syscall_32+0x7c/0x3a0
[  141.579844][ T7807]  do_fast_syscall_32+0x32/0x80
[  141.579854][ T7807]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  141.579868][ T7807] RIP: 0023:0xf7fc1579
[  141.579877][ T7807] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  141.579901][ T7807] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  141.579913][ T7807] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[  141.579920][ T7807] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  141.579926][ T7807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  141.579932][ T7807] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  141.579938][ T7807] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  141.579952][ T7807]  </TASK>
[  141.716493][   T81] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.747072][ T7812] netlink: 4 bytes leftover after parsing attributes in process `syz.3.346'.
[  141.753317][ T7812] netlink: 4 bytes leftover after parsing attributes in process `syz.3.346'.
[  141.794892][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  141.799087][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  141.803626][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  141.807585][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  141.811505][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  141.844354][   T81] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.875616][ T7816] lo speed is unknown, defaulting to 1000
[  141.977628][   T81] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.138372][   T81] bridge_slave_1: left allmulticast mode
[  142.140555][   T81] bridge_slave_1: left promiscuous mode
[  142.142432][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.151062][   T81] bridge_slave_0: left allmulticast mode
[  142.153973][   T81] bridge_slave_0: left promiscuous mode
[  142.156479][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.766647][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.806214][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.816889][   T81] bond0 (unregistering): Released all slaves
[  142.875466][ T7822] vlan0: entered promiscuous mode
[  142.886939][ T7822] team0: Port device vlan0 added
[  142.903205][ T7816] chnl_net:caif_netlink_parms(): no params data found
[  143.386972][ T7816] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.412485][ T7816] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.415500][ T7816] bridge_slave_0: entered allmulticast mode
[  143.422817][ T7816] bridge_slave_0: entered promiscuous mode
[  143.470370][ T7834] FAULT_INJECTION: forcing a failure.
[  143.470370][ T7834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.483200][ T7834] CPU: 2 UID: 0 PID: 7834 Comm: syz.2.350 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  143.483219][ T7834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  143.483226][ T7834] Call Trace:
[  143.483230][ T7834]  <TASK>
[  143.483240][ T7834]  dump_stack_lvl+0x16c/0x1f0
[  143.483261][ T7834]  should_fail_ex+0x512/0x640
[  143.483280][ T7834]  _copy_from_user+0x2e/0xd0
[  143.483298][ T7834]  get_compat_msghdr+0xa7/0x170
[  143.483310][ T7834]  ? __pfx_get_compat_msghdr+0x10/0x10
[  143.483325][ T7834]  ___sys_sendmsg+0x1ae/0x1d0
[  143.483344][ T7834]  ? __pfx____sys_sendmsg+0x10/0x10
[  143.483368][ T7834]  ? find_held_lock+0x2b/0x80
[  143.483387][ T7834]  __sys_sendmsg+0x16d/0x220
[  143.483405][ T7834]  ? __pfx___sys_sendmsg+0x10/0x10
[  143.483428][ T7834]  ? rcu_is_watching+0x12/0xc0
[  143.483441][ T7834]  __do_fast_syscall_32+0x7c/0x3a0
[  143.483453][ T7834]  do_fast_syscall_32+0x32/0x80
[  143.483463][ T7834]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  143.483477][ T7834] RIP: 0023:0xf710e579
[  143.483488][ T7834] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  143.483499][ T7834] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  143.483511][ T7834] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[  143.483517][ T7834] RDX: 0000000000040084 RSI: 0000000000000000 RDI: 0000000000000000
[  143.483524][ T7834] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  143.483530][ T7834] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  143.483536][ T7834] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  143.483549][ T7834]  </TASK>
[  143.491347][ T7816] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.585097][ T7816] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.603651][ T7816] bridge_slave_1: entered allmulticast mode
[  143.606950][ T7816] bridge_slave_1: entered promiscuous mode
[  143.792102][ T7816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  143.839277][   T81] hsr_slave_0: left promiscuous mode
[  143.843985][ T5305] Bluetooth: hci2: command tx timeout
[  143.851988][   T81] hsr_slave_1: left promiscuous mode
[  143.871821][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.875279][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.880291][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.883470][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.918848][   T81] veth1_macvtap: left promiscuous mode
[  143.921270][   T81] veth0_macvtap: left promiscuous mode
[  143.927007][   T81] veth1_vlan: left promiscuous mode
[  143.929267][   T81] veth0_vlan: left promiscuous mode
[  144.085844][ T7842] overlayfs: failed to resolve './file0': -2
[  144.684342][ T7815] Set syz1 is full, maxelem 65536 reached
[  144.994706][   T81] team0 (unregistering): Port device team_slave_1 removed
[  145.061777][ T7843] kexec: Could not allocate control_code_buffer
[  145.069747][   T81] team0 (unregistering): Port device team_slave_0 removed
[  145.596379][ T7816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  145.675837][ T7861] netlink: 4 bytes leftover after parsing attributes in process `syz.2.358'.
[  145.690479][ T7859] lo speed is unknown, defaulting to 1000
[  145.769033][ T7861] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  145.772356][ T7861] macvtap1: entered promiscuous mode
[  145.776281][ T7866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.359'.
[  145.781901][ T7861] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  145.798482][ T7816] team0: Port device team_slave_0 added
[  145.807439][ T7866] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  145.812908][ T7866] macvtap1: entered promiscuous mode
[  145.819959][ T7866] mac80211_hwsim hwsim7 wlan1: left promiscuous mode
[  145.837363][ T7816] team0: Port device team_slave_1 added
[  145.873831][ T7816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.876664][ T7816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.884777][ T7816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.890828][ T7816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.892965][ T7816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.903446][ T7816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.923309][ T5305] Bluetooth: hci2: command tx timeout
[  146.008401][ T7816] hsr_slave_0: entered promiscuous mode
[  146.011592][ T7816] hsr_slave_1: entered promiscuous mode
[  146.015843][ T7816] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  146.018988][ T7816] Cannot create hsr debugfs directory
[  146.739500][ T7877] lo speed is unknown, defaulting to 1000
[  146.927616][ T7816] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  146.931681][ T7816] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  146.935696][ T7816] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  146.939630][ T7816] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  146.986881][ T7816] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.000507][ T7816] 8021q: adding VLAN 0 to HW filter on device team0
[  147.006706][ T7886] input: syz1 as /devices/virtual/input/input6
[  147.008000][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.011202][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.021187][ T7886] program syz.1.362 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  147.022172][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.026572][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.204564][ T7816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.278984][ T7816] veth0_vlan: entered promiscuous mode
[  147.294263][ T7816] veth1_vlan: entered promiscuous mode
[  147.320361][ T7816] veth0_macvtap: entered promiscuous mode
[  147.328706][ T7816] veth1_macvtap: entered promiscuous mode
[  147.338073][ T7816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.344038][ T7816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.347852][ T7816] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.350587][ T7816] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.354406][ T7816] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.357240][ T7816] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.454563][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.456750][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.472835][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.484000][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.799683][ T7912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.368'.
[  147.810017][ T7912] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  147.812974][ T7912] macvtap1: entered promiscuous mode
[  147.819066][ T7912] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  148.388705][ T7923] lo speed is unknown, defaulting to 1000
[  149.238947][ T7928] FAULT_INJECTION: forcing a failure.
[  149.238947][ T7928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.244618][ T7928] CPU: 1 UID: 0 PID: 7928 Comm: syz.2.373 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  149.244634][ T7928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.244642][ T7928] Call Trace:
[  149.244646][ T7928]  <TASK>
[  149.244650][ T7928]  dump_stack_lvl+0x16c/0x1f0
[  149.244671][ T7928]  should_fail_ex+0x512/0x640
[  149.244690][ T7928]  _copy_from_user+0x2e/0xd0
[  149.244708][ T7928]  get_compat_msghdr+0xa7/0x170
[  149.244720][ T7928]  ? __pfx_get_compat_msghdr+0x10/0x10
[  149.244735][ T7928]  ___sys_sendmsg+0x1ae/0x1d0
[  149.244753][ T7928]  ? __pfx____sys_sendmsg+0x10/0x10
[  149.244777][ T7928]  ? find_held_lock+0x2b/0x80
[  149.244796][ T7928]  __sys_sendmsg+0x16d/0x220
[  149.244814][ T7928]  ? __pfx___sys_sendmsg+0x10/0x10
[  149.244837][ T7928]  ? rcu_is_watching+0x12/0xc0
[  149.244850][ T7928]  __do_fast_syscall_32+0x7c/0x3a0
[  149.244862][ T7928]  do_fast_syscall_32+0x32/0x80
[  149.244872][ T7928]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  149.244886][ T7928] RIP: 0023:0xf710e579
[  149.244894][ T7928] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  149.244905][ T7928] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  149.244916][ T7928] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800009c0
[  149.244923][ T7928] RDX: 0000000020048000 RSI: 0000000000000000 RDI: 0000000000000000
[  149.244929][ T7928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  149.244935][ T7928] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  149.244941][ T7928] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  149.244954][ T7928]  </TASK>
[  149.475511][ T1139] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.589356][ T7936] loop6: detected capacity change from 0 to 524287999
[  150.993350][ T7941] netlink: 4 bytes leftover after parsing attributes in process `syz.3.378'.
[  151.009200][ T7941] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  151.015518][ T7941] macvtap1: entered promiscuous mode
[  151.726037][ T7941] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  151.884668][ T1139] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.891818][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  151.895457][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  151.898162][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  151.900900][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  151.913678][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  151.934779][ T7952] lo speed is unknown, defaulting to 1000
[  152.031878][ T7952] chnl_net:caif_netlink_parms(): no params data found
[  152.075693][ T1139] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.145271][ T7952] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.147566][ T7952] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.149781][ T7952] bridge_slave_0: entered allmulticast mode
[  152.152334][ T7952] bridge_slave_0: entered promiscuous mode
[  152.158710][ T7952] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.160961][ T7952] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.163520][ T7952] bridge_slave_1: entered allmulticast mode
[  152.166222][ T7952] bridge_slave_1: entered promiscuous mode
[  152.198382][ T1139] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.220279][ T7952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.224794][ T7952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.269289][ T7952] team0: Port device team_slave_0 added
[  152.271321][ T7966] lo speed is unknown, defaulting to 1000
[  152.273010][ T7952] team0: Port device team_slave_1 added
[  152.334041][ T7952] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.336238][ T7952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.344141][ T7952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.350294][ T7952] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.352422][ T7952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.361126][ T7952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  152.422662][ T7952] hsr_slave_0: entered promiscuous mode
[  152.426169][ T7952] hsr_slave_1: entered promiscuous mode
[  152.429102][ T7952] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  152.432247][ T7952] Cannot create hsr debugfs directory
[  152.485477][ T1139] bridge_slave_1: left allmulticast mode
[  152.487805][ T1139] bridge_slave_1: left promiscuous mode
[  152.490222][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.495260][ T1139] bridge_slave_0: left allmulticast mode
[  152.497248][ T1139] bridge_slave_0: left promiscuous mode
[  152.499685][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.694786][ T1139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.698964][ T1139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.702578][ T1139] bond0 (unregistering): Released all slaves
[  153.774416][ T1139] hsr_slave_0: left promiscuous mode
[  153.777032][ T1139] hsr_slave_1: left promiscuous mode
[  153.780035][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  153.782402][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.789225][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  153.791547][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.809474][ T1139] veth1_macvtap: left promiscuous mode
[  153.811439][ T1139] veth0_macvtap: left promiscuous mode
[  153.815036][ T1139] veth1_vlan: left promiscuous mode
[  153.816798][ T1139] veth0_vlan: left promiscuous mode
[  154.008151][ T5305] Bluetooth: hci2: command tx timeout
[  154.535307][ T1139] team0 (unregistering): Port device team_slave_1 removed
[  154.600451][ T1139] team0 (unregistering): Port device team_slave_0 removed
[  154.818349][ T8005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.392'.
[  155.262481][ T8005] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  155.265824][ T8005] macvtap1: entered promiscuous mode
[  155.271066][ T8005] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  155.349025][ T8003] lo speed is unknown, defaulting to 1000
[  155.502676][ T8016] FAULT_INJECTION: forcing a failure.
[  155.502676][ T8016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.511469][ T8016] CPU: 2 UID: 0 PID: 8016 Comm: syz.2.394 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  155.511507][ T8016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.511518][ T8016] Call Trace:
[  155.511523][ T8016]  <TASK>
[  155.511530][ T8016]  dump_stack_lvl+0x16c/0x1f0
[  155.511561][ T8016]  should_fail_ex+0x512/0x640
[  155.511589][ T8016]  _copy_from_user+0x2e/0xd0
[  155.511616][ T8016]  get_compat_msghdr+0xa7/0x170
[  155.511633][ T8016]  ? __pfx_get_compat_msghdr+0x10/0x10
[  155.511659][ T8016]  ___sys_sendmsg+0x1ae/0x1d0
[  155.511687][ T8016]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.511726][ T8016]  ? find_held_lock+0x2b/0x80
[  155.511761][ T8016]  __sys_sendmsg+0x16d/0x220
[  155.511786][ T8016]  ? __pfx___sys_sendmsg+0x10/0x10
[  155.511823][ T8016]  ? rcu_is_watching+0x12/0xc0
[  155.511843][ T8016]  __do_fast_syscall_32+0x7c/0x3a0
[  155.511861][ T8016]  do_fast_syscall_32+0x32/0x80
[  155.511876][ T8016]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.511895][ T8016] RIP: 0023:0xf710e579
[  155.511909][ T8016] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.511924][ T8016] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  155.511941][ T8016] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  155.511952][ T8016] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  155.511962][ T8016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.511971][ T8016] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.511981][ T8016] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.512004][ T8016]  </TASK>
[  155.522858][ T7952] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  155.579816][ T7952] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  155.586007][ T7952] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  155.596192][ T7952] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  155.702530][ T8027] netlink: 24 bytes leftover after parsing attributes in process `syz.3.396'.
[  155.704188][ T7952] 8021q: adding VLAN 0 to HW filter on device bond0
[  155.736824][ T7952] 8021q: adding VLAN 0 to HW filter on device team0
[  155.741635][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.743971][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.751912][  T214] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.754242][  T214] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.785138][ T7952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  155.876402][ T7952] 8021q: adding VLAN 0 to HW filter on device batadv0
[  155.905201][ T7952] veth0_vlan: entered promiscuous mode
[  155.910826][ T7952] veth1_vlan: entered promiscuous mode
[  155.938775][ T7952] veth0_macvtap: entered promiscuous mode
[  155.944043][ T7952] veth1_macvtap: entered promiscuous mode
[  155.952817][ T7952] batman_adv: batadv0: Interface activated: batadv_slave_0
[  155.988521][ T7952] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.995009][ T7952] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.997752][ T7952] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.001172][ T7952] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.010322][ T7952] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.062189][  T214] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.072248][  T214] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.083351][ T5305] Bluetooth: hci2: command tx timeout
[  156.099455][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.102015][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.557150][ T8053] FAULT_INJECTION: forcing a failure.
[  156.557150][ T8053] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.561321][ T8053] CPU: 0 UID: 0 PID: 8053 Comm: syz.1.403 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  156.561348][ T8053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.561355][ T8053] Call Trace:
[  156.561359][ T8053]  <TASK>
[  156.561364][ T8053]  dump_stack_lvl+0x16c/0x1f0
[  156.561384][ T8053]  should_fail_ex+0x512/0x640
[  156.561403][ T8053]  _copy_from_user+0x2e/0xd0
[  156.561421][ T8053]  get_compat_msghdr+0xa7/0x170
[  156.561433][ T8053]  ? __pfx_get_compat_msghdr+0x10/0x10
[  156.561448][ T8053]  ___sys_sendmsg+0x1ae/0x1d0
[  156.561467][ T8053]  ? __pfx____sys_sendmsg+0x10/0x10
[  156.561491][ T8053]  ? find_held_lock+0x2b/0x80
[  156.561511][ T8053]  __sys_sendmsg+0x16d/0x220
[  156.561529][ T8053]  ? __pfx___sys_sendmsg+0x10/0x10
[  156.561552][ T8053]  ? rcu_is_watching+0x12/0xc0
[  156.561565][ T8053]  __do_fast_syscall_32+0x7c/0x3a0
[  156.561577][ T8053]  do_fast_syscall_32+0x32/0x80
[  156.561588][ T8053]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.561602][ T8053] RIP: 0023:0xf7fa3579
[  156.561611][ T8053] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.561621][ T8053] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  156.561632][ T8053] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800009c0
[  156.561638][ T8053] RDX: 0000000020048000 RSI: 0000000000000000 RDI: 0000000000000000
[  156.561645][ T8053] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  156.561651][ T8053] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  156.561657][ T8053] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.561670][ T8053]  </TASK>
[  156.663833][ T8055] netlink: 4 bytes leftover after parsing attributes in process `syz.1.404'.
[  156.676259][ T8055] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  156.679315][ T8055] macvtap1: entered promiscuous mode
[  156.683044][ T8055] mac80211_hwsim hwsim7 wlan1: left promiscuous mode
[  156.993228][ T8062] lo speed is unknown, defaulting to 1000
[  157.639946][ T8066] lo speed is unknown, defaulting to 1000
[  157.990830][ T8094] netlink: 4 bytes leftover after parsing attributes in process `syz.2.414'.
[  157.998974][ T8094] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  158.001339][ T8094] macvtap1: entered promiscuous mode
[  158.006575][ T8094] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  158.567095][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.644703][ T8109] lo speed is unknown, defaulting to 1000
[  158.716146][ T8111] lo speed is unknown, defaulting to 1000
[  160.158578][ T8123] FAULT_INJECTION: forcing a failure.
[  160.158578][ T8123] name failslab, interval 1, probability 0, space 0, times 0
[  160.164916][ T8123] CPU: 1 UID: 0 PID: 8123 Comm: syz.1.421 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  160.164933][ T8123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.164940][ T8123] Call Trace:
[  160.164944][ T8123]  <TASK>
[  160.164949][ T8123]  dump_stack_lvl+0x16c/0x1f0
[  160.164970][ T8123]  should_fail_ex+0x512/0x640
[  160.164986][ T8123]  ? fs_reclaim_acquire+0xae/0x150
[  160.165000][ T8123]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  160.165016][ T8123]  should_failslab+0xc2/0x120
[  160.165027][ T8123]  __kmalloc_noprof+0xd2/0x510
[  160.165046][ T8123]  tomoyo_realpath_from_path+0xc2/0x6e0
[  160.165063][ T8123]  ? tomoyo_profile+0x47/0x60
[  160.165081][ T8123]  tomoyo_path_perm+0x274/0x460
[  160.165093][ T8123]  ? tomoyo_path_perm+0x260/0x460
[  160.165106][ T8123]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  160.165134][ T8123]  ? __kernel_text_address+0xd/0x40
[  160.165151][ T8123]  ? unwind_get_return_address+0x59/0xa0
[  160.165168][ T8123]  ? arch_stack_walk+0xa6/0x100
[  160.165188][ T8123]  security_inode_getattr+0x116/0x290
[  160.165202][ T8123]  vfs_getattr+0x25/0x60
[  160.165213][ T8123]  ovl_iterate_real+0x39f/0x1630
[  160.165230][ T8123]  ? _kstrtoull+0x145/0x200
[  160.165242][ T8123]  ? __pfx__kstrtoull+0x10/0x10
[  160.165256][ T8123]  ? __pfx_ovl_iterate_real+0x10/0x10
[  160.165272][ T8123]  ? __pfx_ovl_fill_real+0x10/0x10
[  160.165289][ T8123]  ? look_up_lock_class+0x59/0x150
[  160.165311][ T8123]  ? register_lock_class+0x41/0x4c0
[  160.165327][ T8123]  ? find_held_lock+0x2b/0x80
[  160.165348][ T8123]  ? __pfx___might_resched+0x10/0x10
[  160.165359][ T8123]  ? __pfx___might_resched+0x10/0x10
[  160.165372][ T8123]  ovl_iterate+0x6c6/0xe40
[  160.165387][ T8123]  ? __pfx_down_write+0x10/0x10
[  160.165399][ T8123]  ? __pfx_down_read_killable+0x10/0x10
[  160.165412][ T8123]  ? __pfx_ovl_iterate+0x10/0x10
[  160.165426][ T8123]  wrap_directory_iterator+0x9f/0xe0
[  160.165441][ T8123]  iterate_dir+0x296/0xb40
[  160.165456][ T8123]  __ia32_sys_getdents64+0x13b/0x2c0
[  160.165470][ T8123]  ? __pfx___ia32_sys_getdents64+0x10/0x10
[  160.165483][ T8123]  ? fput+0x70/0xf0
[  160.165493][ T8123]  ? __pfx_filldir64+0x10/0x10
[  160.165508][ T8123]  ? rcu_is_watching+0x12/0xc0
[  160.165521][ T8123]  __do_fast_syscall_32+0x7c/0x3a0
[  160.165532][ T8123]  do_fast_syscall_32+0x32/0x80
[  160.165543][ T8123]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  160.165556][ T8123] RIP: 0023:0xf7fa3579
[  160.165565][ T8123] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  160.165575][ T8123] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 00000000000000dc
[  160.165587][ T8123] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080001f80
[  160.165593][ T8123] RDX: 000000000000100c RSI: 0000000000000000 RDI: 0000000000000000
[  160.165600][ T8123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  160.165606][ T8123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  160.165612][ T8123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  160.165626][ T8123]  </TASK>
[  160.165630][ T8123] ERROR: Out of memory at tomoyo_realpath_from_path.
[  160.262073][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  160.280459][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  160.284097][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  160.284796][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.289276][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  160.295989][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  160.314910][ T8124] lo speed is unknown, defaulting to 1000
[  160.353639][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.422950][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.454646][ T8124] chnl_net:caif_netlink_parms(): no params data found
[  160.482093][ T8141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.425'.
[  160.495298][ T8141] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  160.497628][ T8141] macvtap1: entered promiscuous mode
[  160.501216][ T8141] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  160.633961][   T12] bridge_slave_1: left allmulticast mode
[  160.635976][   T12] bridge_slave_1: left promiscuous mode
[  160.637923][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.642379][   T12] bridge_slave_0: left allmulticast mode
[  160.644859][   T12] bridge_slave_0: left promiscuous mode
[  160.646873][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.907242][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.911390][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.915566][   T12] bond0 (unregistering): Released all slaves
[  160.921516][ T8124] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.923842][ T8124] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.926175][ T8124] bridge_slave_0: entered allmulticast mode
[  160.928787][ T8124] bridge_slave_0: entered promiscuous mode
[  160.938601][ T8124] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.941426][ T8124] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.944360][ T8124] bridge_slave_1: entered allmulticast mode
[  160.947506][ T8124] bridge_slave_1: entered promiscuous mode
[  160.983448][ T8124] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  160.988698][ T8124] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.027715][ T8124] team0: Port device team_slave_0 added
[  161.032126][ T8124] team0: Port device team_slave_1 added
[  161.067229][ T8124] batman_adv: batadv0: Adding interface: batadv_slave_0
[  161.069424][ T8124] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.079087][ T8124] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  161.083357][ T8124] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.085521][ T8124] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.095054][ T8124] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.131885][ T8124] hsr_slave_0: entered promiscuous mode
[  161.134672][ T8124] hsr_slave_1: entered promiscuous mode
[  161.137230][ T8124] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.140598][ T8124] Cannot create hsr debugfs directory
[  161.205719][ T8156] lo speed is unknown, defaulting to 1000
[  161.260133][ T8157] lo speed is unknown, defaulting to 1000
[  161.398006][   T12] hsr_slave_0: left promiscuous mode
[  161.401825][   T12] hsr_slave_1: left promiscuous mode
[  161.404255][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.407709][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.412962][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.416204][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.459215][   T12] veth1_macvtap: left promiscuous mode
[  161.461043][   T12] veth0_macvtap: left promiscuous mode
[  161.463761][   T12] veth1_vlan: left promiscuous mode
[  161.465565][   T12] veth0_vlan: left promiscuous mode
[  162.091905][   T12] team0 (unregistering): Port device team_slave_1 removed
[  162.149433][   T12] team0 (unregistering): Port device team_slave_0 removed
[  162.329474][ T5948] Bluetooth: hci2: command tx timeout
[  162.665692][ T8173] lo speed is unknown, defaulting to 1000
[  162.869011][ T8189] netlink: 4 bytes leftover after parsing attributes in process `syz.3.434'.
[  162.876017][ T8189] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  162.878476][ T8189] macvtap1: entered promiscuous mode
[  162.885820][ T8189] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  163.069655][ T8124] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  163.073862][ T8124] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  163.085431][ T8124] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  163.090930][ T8124] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  163.223612][ T8124] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.351053][ T8208] lo speed is unknown, defaulting to 1000
[  163.484759][ T8124] 8021q: adding VLAN 0 to HW filter on device team0
[  163.490465][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.492726][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.500940][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.503257][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.613475][   T12] bridge_slave_1: left allmulticast mode
[  163.617521][   T12] bridge_slave_1: left promiscuous mode
[  163.621566][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.629781][   T12] bridge_slave_0: left allmulticast mode
[  163.631658][   T12] bridge_slave_0: left promiscuous mode
[  163.633818][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.824745][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  163.829016][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  163.832527][   T12] bond0 (unregistering): Released all slaves
[  164.082172][ T8226] tipc: Enabled bearer <eth:team0>, priority 0
[  164.137094][ T8124] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.153856][ T8124] veth0_vlan: entered promiscuous mode
[  164.158827][ T8124] veth1_vlan: entered promiscuous mode
[  164.163760][ T8228] FAULT_INJECTION: forcing a failure.
[  164.163760][ T8228] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.167830][ T8228] CPU: 3 UID: 0 PID: 8228 Comm: syz.3.443 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  164.167846][ T8228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.167853][ T8228] Call Trace:
[  164.167857][ T8228]  <TASK>
[  164.167862][ T8228]  dump_stack_lvl+0x16c/0x1f0
[  164.167883][ T8228]  should_fail_ex+0x512/0x640
[  164.167901][ T8228]  _copy_from_user+0x2e/0xd0
[  164.167919][ T8228]  get_compat_msghdr+0xa7/0x170
[  164.167931][ T8228]  ? __pfx_get_compat_msghdr+0x10/0x10
[  164.167947][ T8228]  ___sys_sendmsg+0x1ae/0x1d0
[  164.167966][ T8228]  ? __pfx____sys_sendmsg+0x10/0x10
[  164.167990][ T8228]  ? find_held_lock+0x2b/0x80
[  164.168014][ T8228]  __sys_sendmsg+0x16d/0x220
[  164.168031][ T8228]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.168055][ T8228]  ? rcu_is_watching+0x12/0xc0
[  164.168068][ T8228]  __do_fast_syscall_32+0x7c/0x3a0
[  164.168080][ T8228]  do_fast_syscall_32+0x32/0x80
[  164.168090][ T8228]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  164.168106][ T8228] RIP: 0023:0xf7fc1579
[  164.168115][ T8228] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  164.168125][ T8228] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  164.168136][ T8228] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000440
[  164.168143][ T8228] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  164.168149][ T8228] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  164.168155][ T8228] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  164.168161][ T8228] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  164.168175][ T8228]  </TASK>
[  164.229626][ T8124] veth0_macvtap: entered promiscuous mode
[  164.238010][ T8231] vlan2: entered promiscuous mode
[  164.239764][ T8231] bridge0: entered promiscuous mode
[  164.257501][ T8233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.445'.
[  164.262260][ T8124] veth1_macvtap: entered promiscuous mode
[  164.272317][ T8233] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  164.275699][ T8233] macvtap1: entered promiscuous mode
[  164.279405][ T8233] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  164.302902][ T8124] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.344810][ T8124] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.351413][   T12] hsr_slave_0: left promiscuous mode
[  164.353625][   T12] hsr_slave_1: left promiscuous mode
[  164.355644][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.357939][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.360598][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.362892][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.379358][   T12] veth1_macvtap: left promiscuous mode
[  164.381247][   T12] veth0_macvtap: left promiscuous mode
[  164.383017][   T12] veth1_vlan: left promiscuous mode
[  164.386871][   T12] veth0_vlan: left promiscuous mode
[  164.403322][ T5948] Bluetooth: hci2: command tx timeout
[  165.110000][   T60] tipc: Node number set to 2886997162
[  165.347303][   T12] team0 (unregistering): Port device team_slave_1 removed
[  165.402665][   T12] team0 (unregistering): Port device team_slave_0 removed
[  165.959863][ T1138] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0
[  165.964795][ T1138] Bluetooth: hci4: Frame reassembly failed (-84)
[  166.016575][ T8124] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  166.019241][ T8124] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  166.021790][ T8124] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  166.025655][ T8124] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  166.068883][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  166.071420][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.096597][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  166.099540][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.459014][ T8268] lo speed is unknown, defaulting to 1000
[  167.517222][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.004493][ T5948] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  168.007711][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.068111][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.158182][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.236291][   T12] bridge_slave_1: left allmulticast mode
[  168.238056][   T12] bridge_slave_1: left promiscuous mode
[  168.239868][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.243566][   T12] bridge_slave_0: left allmulticast mode
[  168.246032][   T12] bridge_slave_0: left promiscuous mode
[  168.248518][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.464059][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.468260][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.471735][   T12] bond0 (unregistering): Released all slaves
[  168.752565][   T12] hsr_slave_0: left promiscuous mode
[  168.754788][   T12] hsr_slave_1: left promiscuous mode
[  168.756754][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.759111][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  168.761841][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.764411][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  168.778499][   T12] veth1_macvtap: left promiscuous mode
[  168.780290][   T12] veth0_macvtap: left promiscuous mode
[  168.782077][   T12] veth1_vlan: left promiscuous mode
[  168.783851][   T12] veth0_vlan: left promiscuous mode
[  169.339817][   T12] team0 (unregistering): Port device team_slave_1 removed
[  169.354570][ T5954] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  169.360388][ T5954] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  169.363948][ T5954] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  169.374282][ T5954] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  169.384803][ T5954] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  169.442014][   T12] team0 (unregistering): Port device team_slave_0 removed
[  169.901642][ T8287] lo speed is unknown, defaulting to 1000
[  169.984145][ T8298] lo speed is unknown, defaulting to 1000
[  170.002538][ T8302] netlink: 52 bytes leftover after parsing attributes in process `syz.2.462'.
[  170.084617][ T8287] chnl_net:caif_netlink_parms(): no params data found
[  170.163361][ T5944] Bluetooth: hci0: command 0x0406 tx timeout
[  170.164918][ T5954] Bluetooth: hci3: command 0x0405 tx timeout
[  170.164933][   T63] Bluetooth: hci1: command 0x0406 tx timeout
[  170.179908][ T8287] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.182226][ T8287] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.184755][ T8287] bridge_slave_0: entered allmulticast mode
[  170.187471][ T8287] bridge_slave_0: entered promiscuous mode
[  170.207319][ T8287] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.214183][ T8287] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.216505][ T8287] bridge_slave_1: entered allmulticast mode
[  170.219101][ T8287] bridge_slave_1: entered promiscuous mode
[  170.257237][ T8287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.261840][ T8287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.298114][ T8287] team0: Port device team_slave_0 added
[  170.305309][ T8287] team0: Port device team_slave_1 added
[  170.339627][ T8287] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.341833][ T8287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.349961][ T8287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.356838][ T8287] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.359029][ T8287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.368353][ T8287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.430007][ T8287] hsr_slave_0: entered promiscuous mode
[  170.432691][ T8287] hsr_slave_1: entered promiscuous mode
[  170.437579][ T8287] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  170.440559][ T8287] Cannot create hsr debugfs directory
[  170.584000][ T8320] lo speed is unknown, defaulting to 1000
[  171.000798][ T1139] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0
[  171.009195][ T8287] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  171.017513][ T8287] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  171.022183][ T8287] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  171.028983][ T8287] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  171.082427][ T8287] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.092127][ T8287] 8021q: adding VLAN 0 to HW filter on device team0
[  171.098478][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.100715][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.106930][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.109267][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.256570][ T8287] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.279147][ T8287] veth0_vlan: entered promiscuous mode
[  171.288017][ T8287] veth1_vlan: entered promiscuous mode
[  171.300782][ T8287] veth0_macvtap: entered promiscuous mode
[  171.305254][ T8287] veth1_macvtap: entered promiscuous mode
[  171.313695][ T8287] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.320462][ T8287] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.330054][ T8287] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.332741][ T8287] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.336334][ T8287] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.339041][ T8287] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.372737][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.376255][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.389653][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.393235][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.043247][ T5305] Bluetooth: hci4: command 0x1003 tx timeout
[  173.045762][ T5948] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  173.632769][ T8361] lo speed is unknown, defaulting to 1000
[  173.861740][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.371830][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.428684][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.507162][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.616075][   T12] bridge_slave_1: left allmulticast mode
[  175.618459][   T12] bridge_slave_1: left promiscuous mode
[  175.620872][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.636490][   T12] bridge_slave_0: left allmulticast mode
[  175.640208][   T12] bridge_slave_0: left promiscuous mode
[  175.648556][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.734809][ T5305] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  175.738473][ T5305] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  175.741141][ T5305] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  175.744502][ T5305] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  175.747864][ T5305] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  175.998883][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.003751][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.008322][   T12] bond0 (unregistering): Released all slaves
[  176.038157][ T8378] lo speed is unknown, defaulting to 1000
[  176.052693][ T8373] lo speed is unknown, defaulting to 1000
[  176.207324][ T8373] chnl_net:caif_netlink_parms(): no params data found
[  176.406676][ T8373] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.411349][ T8373] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.414000][ T8373] bridge_slave_0: entered allmulticast mode
[  176.416715][ T8373] bridge_slave_0: entered promiscuous mode
[  176.419943][ T8373] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.422218][ T8373] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.433413][ T8373] bridge_slave_1: entered allmulticast mode
[  176.436106][ T8373] bridge_slave_1: entered promiscuous mode
[  176.446109][   T12] hsr_slave_0: left promiscuous mode
[  176.448176][   T12] hsr_slave_1: left promiscuous mode
[  176.450118][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  176.452344][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  176.460747][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  176.463048][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  176.477137][   T12] veth1_macvtap: left promiscuous mode
[  176.478850][   T12] veth0_macvtap: left promiscuous mode
[  176.480582][   T12] veth1_vlan: left promiscuous mode
[  176.482200][   T12] veth0_vlan: left promiscuous mode
[  176.557467][ T8389] netlink: 4 bytes leftover after parsing attributes in process `syz.3.479'.
[  177.101067][   T12] team0 (unregistering): Port device team_slave_1 removed
[  177.161470][   T12] team0 (unregistering): Port device team_slave_0 removed
[  177.626059][ T8389] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  177.628928][ T8389] macvtap1: entered promiscuous mode
[  177.637277][ T8389] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  177.691318][ T8373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.698536][ T8373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.731335][ T8373] team0: Port device team_slave_0 added
[  177.735711][ T8373] team0: Port device team_slave_1 added
[  177.764299][ T8373] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.766419][ T8373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.773205][ T5305] Bluetooth: hci2: command tx timeout
[  177.774293][ T8373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.783254][ T8373] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.785411][ T8373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.794663][ T8373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.917004][ T8373] hsr_slave_0: entered promiscuous mode
[  177.922710][ T8373] hsr_slave_1: entered promiscuous mode
[  177.925804][ T8373] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  177.928091][ T8373] Cannot create hsr debugfs directory
[  178.535823][ T8373] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  178.541277][ T8373] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  178.547663][ T8373] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  178.551586][ T8373] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  178.599425][ T8373] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.617715][ T8373] 8021q: adding VLAN 0 to HW filter on device team0
[  178.626572][   T81] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.628753][   T81] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.639969][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.642933][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.781962][ T8373] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.784587][   T12] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0
[  178.787027][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  178.810015][ T8373] veth0_vlan: entered promiscuous mode
[  178.816860][ T8373] veth1_vlan: entered promiscuous mode
[  178.831253][ T8373] veth0_macvtap: entered promiscuous mode
[  178.836825][ T8373] veth1_macvtap: entered promiscuous mode
[  178.847103][ T8373] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.854987][ T8373] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.860455][ T8373] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.863390][ T8373] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.866296][ T8373] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.869034][ T8373] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.899083][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.901467][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.913836][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.916413][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.407562][ T8443] netlink: 4 bytes leftover after parsing attributes in process `syz.1.491'.
[  179.416787][ T8443] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  179.419625][ T8443] macvtap1: entered promiscuous mode
[  179.424446][ T8443] mac80211_hwsim hwsim7 wlan1: left promiscuous mode
[  180.413924][ T8459] fuse: root generation should be zero
[  180.813288][ T5305] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  181.215487][ T8474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.500'.
[  181.221676][ T8474] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  181.224031][ T8474] macvtap1: entered promiscuous mode
[  181.227596][ T8474] mac80211_hwsim hwsim7 wlan1: left promiscuous mode
[  181.447840][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.125706][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.212642][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.287005][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.405660][   T13] bridge_slave_1: left allmulticast mode
[  183.407603][   T13] bridge_slave_1: left promiscuous mode
[  183.409425][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.413900][   T13] bridge_slave_0: left allmulticast mode
[  183.415803][   T13] bridge_slave_0: left promiscuous mode
[  183.417559][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.487376][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  183.495307][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  183.501352][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  183.508040][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  183.516037][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  183.611145][ T8492] FAULT_INJECTION: forcing a failure.
[  183.611145][ T8492] name failslab, interval 1, probability 0, space 0, times 0
[  183.615118][ T8492] CPU: 1 UID: 0 PID: 8492 Comm: syz.2.502 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  183.615145][ T8492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.615153][ T8492] Call Trace:
[  183.615157][ T8492]  <TASK>
[  183.615161][ T8492]  dump_stack_lvl+0x16c/0x1f0
[  183.615182][ T8492]  should_fail_ex+0x512/0x640
[  183.615198][ T8492]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  183.615216][ T8492]  should_failslab+0xc2/0x120
[  183.615227][ T8492]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  183.615243][ T8492]  ? trace_sched_exit_tp+0xde/0x130
[  183.615255][ T8492]  ? getname_flags.part.0+0x4c/0x550
[  183.615269][ T8492]  ? __schedule+0x1181/0x5de0
[  183.615285][ T8492]  getname_flags.part.0+0x4c/0x550
[  183.615299][ T8492]  getname_flags+0x93/0xf0
[  183.615313][ T8492]  do_sys_openat2+0xb8/0x1d0
[  183.615326][ T8492]  ? __pfx_do_sys_openat2+0x10/0x10
[  183.615338][ T8492]  ? __pfx___schedule+0x10/0x10
[  183.615353][ T8492]  ? __fget_files+0x20e/0x3c0
[  183.615370][ T8492]  __ia32_compat_sys_openat+0x16d/0x210
[  183.615383][ T8492]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  183.615396][ T8492]  ? ksys_write+0x1ac/0x250
[  183.615413][ T8492]  ? rcu_is_watching+0x12/0xc0
[  183.615426][ T8492]  __do_fast_syscall_32+0x7c/0x3a0
[  183.615438][ T8492]  do_fast_syscall_32+0x32/0x80
[  183.615448][ T8492]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  183.615462][ T8492] RIP: 0023:0xf710e579
[  183.615471][ T8492] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  183.615482][ T8492] RSP: 002b:00000000f50bc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  183.615493][ T8492] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000180
[  183.615499][ T8492] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  183.615505][ T8492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  183.615511][ T8492] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  183.615517][ T8492] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  183.615531][ T8492]  </TASK>
[  183.622570][ T8492] trusted_key: encrypted_key: master key parameter 'cœYõ
Ù?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid
[  183.748937][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  183.754058][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  183.758663][   T13] bond0 (unregistering): Released all slaves
[  183.784733][ T8484] lo speed is unknown, defaulting to 1000
[  183.874956][ T8484] chnl_net:caif_netlink_parms(): no params data found
[  183.917861][ T1139] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1
[  184.013970][ T8484] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.017054][ T8484] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.020024][ T8484] bridge_slave_0: entered allmulticast mode
[  184.023895][ T8484] bridge_slave_0: entered promiscuous mode
[  184.028430][ T8484] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.031404][ T8484] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.034637][ T8484] bridge_slave_1: entered allmulticast mode
[  184.038593][ T8484] bridge_slave_1: entered promiscuous mode
[  184.085274][ T8484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.090050][ T8484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  184.132769][ T8484] team0: Port device team_slave_0 added
[  184.137089][ T8484] team0: Port device team_slave_1 added
[  184.141844][   T13] hsr_slave_0: left promiscuous mode
[  184.145257][   T13] hsr_slave_1: left promiscuous mode
[  184.147607][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  184.149941][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  184.152983][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  184.155867][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.170117][   T13] veth1_macvtap: left promiscuous mode
[  184.171846][   T13] veth0_macvtap: left promiscuous mode
[  184.174889][   T13] veth1_vlan: left promiscuous mode
[  184.176714][   T13] veth0_vlan: left promiscuous mode
[  184.178217][ T8506] trusted_key: encrypted_key: master key parameter 'cœYõ
Ù?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid
[  184.825572][   T13] team0 (unregistering): Port device team_slave_1 removed
[  184.945839][   T13] team0 (unregistering): Port device team_slave_0 removed
[  185.025203][ T8520] trusted_key: encrypted_key: master key parameter 'cœYõ
Ù?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid
[  185.615472][ T5948] Bluetooth: hci2: command tx timeout
[  185.856598][ T8484] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.858554][ T8484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.867806][ T8484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  185.871795][ T8484] batman_adv: batadv0: Adding interface: batadv_slave_1
[  185.873965][ T8484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.881033][ T8484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  185.923841][ T5305] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  185.926930][ T8484] hsr_slave_0: entered promiscuous mode
[  185.929200][ T8484] hsr_slave_1: entered promiscuous mode
[  185.931239][ T8484] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  185.936382][ T8484] Cannot create hsr debugfs directory
[  186.474912][ T8484] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  186.479447][ T8484] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  186.490550][ T8484] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  186.495141][ T8484] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  186.539824][ T8484] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.552980][ T8484] 8021q: adding VLAN 0 to HW filter on device team0
[  186.560182][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.563135][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.570057][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.572388][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.769252][ T8484] 8021q: adding VLAN 0 to HW filter on device batadv0
[  186.888541][ T8484] veth0_vlan: entered promiscuous mode
[  186.895639][ T8484] veth1_vlan: entered promiscuous mode
[  186.922808][ T8484] veth0_macvtap: entered promiscuous mode
[  186.928088][ T8484] veth1_macvtap: entered promiscuous mode
[  186.936402][ T8484] batman_adv: batadv0: Interface activated: batadv_slave_0
[  186.944074][ T8484] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.950563][ T8484] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  186.956282][ T8484] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  186.959327][ T8484] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  186.962328][ T8484] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.008462][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.011450][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.025854][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.028266][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.776902][ T8561] FAULT_INJECTION: forcing a failure.
[  187.776902][ T8561] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.781901][ T8561] CPU: 0 UID: 0 PID: 8561 Comm: syz.2.519 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  187.781917][ T8561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.781924][ T8561] Call Trace:
[  187.781929][ T8561]  <TASK>
[  187.781933][ T8561]  dump_stack_lvl+0x16c/0x1f0
[  187.781955][ T8561]  should_fail_ex+0x512/0x640
[  187.781974][ T8561]  _copy_to_user+0x32/0xd0
[  187.781992][ T8561]  simple_read_from_buffer+0xcb/0x170
[  187.782009][ T8561]  proc_fail_nth_read+0x197/0x270
[  187.782022][ T8561]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.782036][ T8561]  ? rw_verify_area+0xcf/0x680
[  187.782049][ T8561]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.782062][ T8561]  vfs_read+0x1e1/0xc60
[  187.782077][ T8561]  ? fdget_pos+0x2a2/0x370
[  187.782095][ T8561]  ? __pfx_vfs_read+0x10/0x10
[  187.782110][ T8561]  ? find_held_lock+0x2b/0x80
[  187.782125][ T8561]  ? __fget_files+0x20e/0x3c0
[  187.782143][ T8561]  ksys_read+0x12a/0x250
[  187.782158][ T8561]  ? __pfx_ksys_read+0x10/0x10
[  187.782174][ T8561]  ? rcu_is_watching+0x12/0xc0
[  187.782187][ T8561]  __do_fast_syscall_32+0x7c/0x3a0
[  187.782199][ T8561]  do_fast_syscall_32+0x32/0x80
[  187.782223][ T8561]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.782238][ T8561] RIP: 0023:0xf710e579
[  187.782247][ T8561] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  187.782258][ T8561] RSP: 002b:00000000f50fe590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  187.782269][ T8561] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f50fe620
[  187.782275][ T8561] RDX: 000000000000000f RSI: 00000000f7472ff4 RDI: 0000000000000000
[  187.782282][ T8561] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  187.782288][ T8561] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  187.782294][ T8561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.782308][ T8561]  </TASK>
[  188.012576][ T1147] Bluetooth: hci2: received HCILL_GO_TO_SLEEP_ACK in state 0
[  189.365101][   T81] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.093263][ T5948] Bluetooth: hci2: command 0x1003 tx timeout
[  190.093337][ T5305] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  190.964829][   T81] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.072757][   T81] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.165847][   T81] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.261202][   T81] bridge_slave_1: left allmulticast mode
[  191.263050][   T81] bridge_slave_1: left promiscuous mode
[  191.265098][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.270496][   T81] bridge_slave_0: left allmulticast mode
[  191.272806][   T81] bridge_slave_0: left promiscuous mode
[  191.275695][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.333757][ T8586] No source specified
[  191.460255][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  191.465219][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  191.468930][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  191.472617][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  191.476791][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  191.592899][ T8596] trusted_key: encrypted_key: master key parameter 'cœYõ
Ù?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid
[  191.642444][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.648469][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.653669][   T81] bond0 (unregistering): Released all slaves
[  191.696982][ T8590] lo speed is unknown, defaulting to 1000
[  191.902980][ T8590] chnl_net:caif_netlink_parms(): no params data found
[  191.903346][ T8603] trusted_key: encrypted_key: master key parameter 'cœYõ
Ù?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid
[  191.914570][ T8603] FAULT_INJECTION: forcing a failure.
[  191.914570][ T8603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.915455][ T8603] 
[  191.915460][ T8603] ======================================================
[  191.915463][ T8603] WARNING: possible circular locking dependency detected
[  191.915468][ T8603] 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 Not tainted
[  191.915475][ T8603] ------------------------------------------------------
[  191.915478][ T8603] syz.2.528/8603 is trying to acquire lock:
[  191.915483][ T8603] ffffffff8e4d1c40 (console_owner){-...}-{0:0}, at: console_lock_spinning_enable+0x9f/0xd0
[  191.915517][ T8603] 
[  191.915517][ T8603] but task is already holding lock:
[  191.915521][ T8603] ffff88802b23bdd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  191.915560][ T8603] 
[  191.915560][ T8603] which lock already depends on the new lock.
[  191.915560][ T8603] 
[  191.915564][ T8603] 
[  191.915564][ T8603] the existing dependency chain (in reverse order) is:
[  191.915568][ T8603] 
[  191.915568][ T8603] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  191.915580][ T8603]        _raw_spin_lock_nested+0x31/0x40
[  191.915596][ T8603]        raw_spin_rq_lock_nested+0x29/0x130
[  191.915605][ T8603]        task_rq_lock+0xcf/0x490
[  191.915614][ T8603]        cgroup_move_task+0x81/0x2a0
[  191.915625][ T8603]        css_set_move_task+0x288/0x5f0
[  191.915638][ T8603]        cgroup_post_fork+0x201/0x9e0
[  191.915646][ T8603]        copy_process+0x5cfc/0x76a0
[  191.915658][ T8603]        kernel_clone+0xfc/0x960
[  191.915669][ T8603]        user_mode_thread+0xc7/0x110
[  191.915680][ T8603]        rest_init+0x23/0x2b0
[  191.915691][ T8603]        start_kernel+0x3ee/0x4d0
[  191.915704][ T8603]        x86_64_start_reservations+0x18/0x30
[  191.915716][ T8603]        x86_64_start_kernel+0x130/0x190
[  191.915728][ T8603]        common_startup_64+0x13e/0x148
[  191.915745][ T8603] 
[  191.915745][ T8603] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  191.915757][ T8603]        _raw_spin_lock_irqsave+0x3a/0x60
[  191.915771][ T8603]        try_to_wake_up+0xb2/0x1680
[  191.915779][ T8603]        __wake_up_common+0x132/0x1f0
[  191.915797][ T8603]        __wake_up+0x31/0x60
[  191.915807][ T8603]        tty_port_default_wakeup+0x2a/0x40
[  191.915817][ T8603]        serial8250_tx_chars+0x68e/0x860
[  191.915827][ T8603]        serial8250_handle_irq+0x761/0xcb0
[  191.915838][ T8603]        serial8250_default_handle_irq+0x9a/0x210
[  191.915849][ T8603]        serial8250_interrupt+0x103/0x210
[  191.915860][ T8603]        __handle_irq_event_percpu+0x22c/0x7d0
[  191.915870][ T8603]        handle_irq_event+0xab/0x1e0
[  191.915878][ T8603]        handle_edge_irq+0x28e/0xab0
[  191.915894][ T8603]        __common_interrupt+0xdf/0x250
[  191.915905][ T8603]        common_interrupt+0xba/0xe0
[  191.915916][ T8603]        asm_common_interrupt+0x26/0x40
[  191.915926][ T8603]        pv_native_safe_halt+0xf/0x20
[  191.915940][ T8603]        default_idle+0x13/0x20
[  191.915949][ T8603]        default_idle_call+0x6d/0xb0
[  191.915959][ T8603]        do_idle+0x391/0x510
[  191.915967][ T8603]        cpu_startup_entry+0x4f/0x60
[  191.915977][ T8603]        start_secondary+0x21d/0x2b0
[  191.915988][ T8603]        common_startup_64+0x13e/0x148
[  191.916004][ T8603] 
[  191.916004][ T8603] -> #2 (&tty->write_wait){-...}-{3:3}:
[  191.916016][ T8603]        _raw_spin_lock_irqsave+0x3a/0x60
[  191.916029][ T8603]        __wake_up+0x1c/0x60
[  191.916039][ T8603]        tty_port_default_wakeup+0x2a/0x40
[  191.916048][ T8603]        serial8250_tx_chars+0x68e/0x860
[  191.916058][ T8603]        __start_tx+0x3e9/0x4a0
[  191.916066][ T8603]        serial8250_start_tx+0x368/0x530
[  191.916076][ T8603]        __uart_start+0x292/0x4c0
[  191.916088][ T8603]        uart_write+0x218/0xb30
[  191.916095][ T8603]        n_tty_write+0x40f/0x1160
[  191.916106][ T8603]        file_tty_write.constprop.0+0x504/0x9b0
[  191.916122][ T8603]        redirected_tty_write+0xd4/0x150
[  191.916137][ T8603]        vfs_write+0x6c4/0x1150
[  191.916151][ T8603]        ksys_write+0x12a/0x250
[  191.916164][ T8603]        do_syscall_64+0xcd/0x490
[  191.916172][ T8603]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.916182][ T8603] 
[  191.916182][ T8603] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  191.916194][ T8603]        _raw_spin_lock_irqsave+0x3a/0x60
[  191.916207][ T8603]        serial8250_console_write+0x181/0x1890
[  191.916219][ T8603]        console_flush_all+0x801/0xc60
[  191.916227][ T8603]        console_unlock+0xd8/0x210
[  191.916235][ T8603]        vprintk_emit+0x418/0x6d0
[  191.916244][ T8603]        _printk+0xc7/0x100
[  191.916256][ T8603]        register_console+0xc2d/0x11b0
[  191.916265][ T8603]        univ8250_console_init+0x5f/0x90
[  191.916278][ T8603]        console_init+0x14f/0x680
[  191.916290][ T8603]        start_kernel+0x29f/0x4d0
[  191.916301][ T8603]        x86_64_start_reservations+0x18/0x30
[  191.916314][ T8603]        x86_64_start_kernel+0x130/0x190
[  191.916326][ T8603]        common_startup_64+0x13e/0x148
[  191.916341][ T8603] 
[  191.916341][ T8603] -> #0 (console_owner){-...}-{0:0}:
[  191.916353][ T8603]        __lock_acquire+0x126f/0x1c90
[  191.916366][ T8603]        lock_acquire+0x179/0x350
[  191.916377][ T8603]        console_lock_spinning_enable+0xb0/0xd0
[  191.916393][ T8603]        console_flush_all+0x7aa/0xc60
[  191.916402][ T8603]        console_unlock+0xd8/0x210
[  191.916409][ T8603]        vprintk_emit+0x418/0x6d0
[  191.916418][ T8603]        _printk+0xc7/0x100
[  191.916430][ T8603]        should_fail_ex+0x4e7/0x640
[  191.916445][ T8603]        copy_to_user_nofault+0xac/0x1c0
[  191.916461][ T8603]        bpf_probe_write_user+0xaf/0xf0
[  191.916472][ T8603]        bpf_prog_6303d92f98284ad8+0x44/0x4c
[  191.916479][ T8603]        bpf_trace_run4+0x24c/0x5a0
[  191.916493][ T8603]        __bpf_trace_sched_switch+0x145/0x190
[  191.916509][ T8603]        __traceiter_sched_switch+0x6c/0xc0
[  191.916524][ T8603]        __schedule+0x1bee/0x5de0
[  191.916537][ T8603]        schedule+0xe7/0x3a0
[  191.916550][ T8603]        exit_to_user_mode_loop+0x67/0x110
[  191.916565][ T8603]        __do_fast_syscall_32+0x2ac/0x3a0
[  191.916574][ T8603]        do_fast_syscall_32+0x32/0x80
[  191.916582][ T8603]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.916595][ T8603] 
[  191.916595][ T8603] other info that might help us debug this:
[  191.916595][ T8603] 
[  191.916597][ T8603] Chain exists of:
[  191.916597][ T8603]   console_owner --> &p->pi_lock --> &rq->__lock
[  191.916597][ T8603] 
[  191.916611][ T8603]  Possible unsafe locking scenario:
[  191.916611][ T8603] 
[  191.916614][ T8603]        CPU0                    CPU1
[  191.916617][ T8603]        ----                    ----
[  191.916620][ T8603]   lock(&rq->__lock);
[  191.916625][ T8603]                                lock(&p->pi_lock);
[  191.916632][ T8603]                                lock(&rq->__lock);
[  191.916638][ T8603]   lock(console_owner);
[  191.916644][ T8603] 
[  191.916644][ T8603]  *** DEADLOCK ***
[  191.916644][ T8603] 
[  191.916646][ T8603] 4 locks held by syz.2.528/8603:
[  191.916652][ T8603]  #0: ffff88802b23bdd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  191.916674][ T8603]  #1: ffffffff8e5c46c0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x1cf/0x5a0
[  191.916700][ T8603]  #2: ffffffff8e5b2080 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[  191.916725][ T8603]  #3: ffffffff8e5b20f0 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60
[  191.916746][ T8603] 
[  191.916746][ T8603] stack backtrace:
[  191.916751][ T8603] CPU: 1 UID: 0 PID: 8603 Comm: syz.2.528 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  191.916764][ T8603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.916771][ T8603] Call Trace:
[  191.916775][ T8603]  <TASK>
[  191.916779][ T8603]  dump_stack_lvl+0x116/0x1f0
[  191.916799][ T8603]  print_circular_bug+0x275/0x350
[  191.916813][ T8603]  check_noncircular+0x14c/0x170
[  191.916827][ T8603]  __lock_acquire+0x126f/0x1c90
[  191.916843][ T8603]  lock_acquire+0x179/0x350
[  191.916856][ T8603]  ? console_lock_spinning_enable+0x9f/0xd0
[  191.916873][ T8603]  ? console_lock_spinning_enable+0x88/0xd0
[  191.916892][ T8603]  console_lock_spinning_enable+0xb0/0xd0
[  191.916908][ T8603]  ? console_lock_spinning_enable+0x9f/0xd0
[  191.916925][ T8603]  console_flush_all+0x7aa/0xc60
[  191.916936][ T8603]  ? __pfx_console_flush_all+0x10/0x10
[  191.916948][ T8603]  ? is_printk_cpu_sync_owner+0x32/0x40
[  191.916960][ T8603]  console_unlock+0xd8/0x210
[  191.916969][ T8603]  ? __pfx_console_unlock+0x10/0x10
[  191.916978][ T8603]  ? do_raw_spin_unlock+0xc0/0x230
[  191.916995][ T8603]  ? _printk+0xc7/0x100
[  191.917008][ T8603]  ? __down_trylock_console_sem+0xb0/0x140
[  191.917023][ T8603]  vprintk_emit+0x418/0x6d0
[  191.917034][ T8603]  ? __pfx_vprintk_emit+0x10/0x10
[  191.917044][ T8603]  ? __lock_acquire+0xb8a/0x1c90
[  191.917058][ T8603]  _printk+0xc7/0x100
[  191.917071][ T8603]  ? __pfx__printk+0x10/0x10
[  191.917085][ T8603]  ? __lock_acquire+0x622/0x1c90
[  191.917098][ T8603]  ? __pfx____ratelimit+0x10/0x10
[  191.917115][ T8603]  should_fail_ex+0x4e7/0x640
[  191.917131][ T8603]  copy_to_user_nofault+0xac/0x1c0
[  191.917148][ T8603]  bpf_probe_write_user+0xaf/0xf0
[  191.917160][ T8603]  bpf_prog_6303d92f98284ad8+0x44/0x4c
[  191.917168][ T8603]  bpf_trace_run4+0x24c/0x5a0
[  191.917183][ T8603]  ? __pfx_bpf_trace_run4+0x10/0x10
[  191.917198][ T8603]  ? sched_clock_cpu+0x6c/0x530
[  191.917211][ T8603]  ? lock_acquire+0x179/0x350
[  191.917225][ T8603]  __bpf_trace_sched_switch+0x145/0x190
[  191.917242][ T8603]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  191.917261][ T8603]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  191.917279][ T8603]  __traceiter_sched_switch+0x6c/0xc0
[  191.917295][ T8603]  __schedule+0x1bee/0x5de0
[  191.917313][ T8603]  ? __pfx___schedule+0x10/0x10
[  191.917327][ T8603]  ? __fget_files+0x20e/0x3c0
[  191.917341][ T8603]  ? handle_mm_fault+0x1f0/0xd10
[  191.917355][ T8603]  ? fput+0x70/0xf0
[  191.917364][ T8603]  ? ksys_write+0x1ac/0x250
[  191.917380][ T8603]  schedule+0xe7/0x3a0
[  191.917394][ T8603]  exit_to_user_mode_loop+0x67/0x110
[  191.917410][ T8603]  __do_fast_syscall_32+0x2ac/0x3a0
[  191.917420][ T8603]  do_fast_syscall_32+0x32/0x80
[  191.917429][ T8603]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.917442][ T8603] RIP: 0023:0xf710e579
[  191.917451][ T8603] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  191.917461][ T8603] RSP: 002b:00000000f50bc590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  191.917471][ T8603] RAX: 0000000000000001 RBX: 0000000000000008 RCX: 00000000f50bc610
[  191.917477][ T8603] RDX: 0000000000000001 RSI: 00000000f7472ff4 RDI: 0000000000000000
[  191.917483][ T8603] RBP: 00000000f74a50a0 R08: 0000000000000000 R09: 0000000000000000
[  191.917489][ T8603] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  191.917495][ T8603] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.917504][ T8603]  </TASK>
[  192.252104][ T8603] CPU: 1 UID: 0 PID: 8603 Comm: syz.2.528 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) 
[  192.252120][ T8603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  192.252127][ T8603] Call Trace:
[  192.252133][ T8603]  <TASK>
[  192.252138][ T8603]  dump_stack_lvl+0x116/0x1f0
[  192.252159][ T8603]  should_fail_ex+0x512/0x640
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  192.252176][ T8603]  copy_to_user_nofault+0xac/0x1c0
[  192.252195][ T8603]  bpf_probe_write_user+0xaf/0xf0
[  192.252208][ T8603]  bpf_prog_6303d92f98284ad8+0x44/0x4c
[  192.252218][ T8603]  bpf_trace_run4+0x24c/0x5a0
[  192.252232][ T8603]  ? __pfx_bpf_trace_run4+0x10/0x10
[  192.252248][ T8603]  ? sched_clock_cpu+0x6c/0x530
[  192.252261][ T8603]  ? lock_acquire+0x179/0x350
[  192.252277][ T8603]  __bpf_trace_sched_switch+0x145/0x190
[  192.252295][ T8603]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  192.252314][ T8603]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  192.252332][ T8603]  __traceiter_sched_switch+0x6c/0xc0
[  192.252349][ T8603]  __schedule+0x1bee/0x5de0
[  192.252368][ T8603]  ? __pfx___schedule+0x10/0x10
[  192.252382][ T8603]  ? __fget_files+0x20e/0x3c0
[  192.252395][ T8603]  ? handle_mm_fault+0x1f0/0xd10
[  192.252410][ T8603]  ? fput+0x70/0xf0
[  192.252420][ T8603]  ? ksys_write+0x1ac/0x250
[  192.252435][ T8603]  schedule+0xe7/0x3a0
[  192.252450][ T8603]  exit_to_user_mode_loop+0x67/0x110
[  192.252466][ T8603]  __do_fast_syscall_32+0x2ac/0x3a0
[  192.252477][ T8603]  do_fast_syscall_32+0x32/0x80
[  192.252487][ T8603]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  192.252501][ T8603] RIP: 0023:0xf710e579
[  192.252509][ T8603] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  192.252520][ T8603] RSP: 002b:00000000f50bc590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  192.252530][ T8603] RAX: 0000000000000001 RBX: 0000000000000008 RCX: 00000000f50bc610
[  192.252536][ T8603] RDX: 0000000000000001 RSI: 00000000f7472ff4 RDI: 0000000000000000
[  192.252543][ T8603] RBP: 00000000f74a50a0 R08: 0000000000000000 R09: 0000000000000000
[  192.252549][ T8603] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  192.252555][ T8603] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  192.252564][ T8603]  </TASK>
[  192.371975][ T8590] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg0": -EINTR
[  192.437513][   T81] hsr_slave_0: left promiscuous mode
[  192.454691][   T81] hsr_slave_1: left promiscuous mode
[  192.459475][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  192.461822][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  192.468008][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  192.470347][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  192.479564][   T81] veth1_macvtap: left promiscuous mode
[  192.481353][   T81] veth0_macvtap: left promiscuous mode
[  192.483462][   T81] veth1_vlan: left promiscuous mode
[  192.485250][   T81] veth0_vlan: left promiscuous mode
[  192.684920][   T81] team0 (unregistering): Port device team_slave_1 removed
[  192.735479][   T81] team0 (unregistering): Port device team_slave_0 removed
[  193.457190][   T81] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.516232][   T81] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.576753][   T81] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.615998][   T81] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.687027][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  193.689380][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  193.704329][   T81] bridge_slave_1: left allmulticast mode
[  193.706808][   T81] bridge_slave_1: left promiscuous mode
[  193.709246][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.713757][   T81] bridge_slave_0: left allmulticast mode
[  193.716165][   T81] bridge_slave_0: left promiscuous mode
[  193.718630][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.816756][   T81] bond0 (unregistering): Released all slaves
[  193.903886][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.908344][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.911678][   T81] bond0 (unregistering): Released all slaves
[  194.002634][   T81] : left promiscuous mode
[  194.102155][   T81] tipc: Left network mode
[  194.248062][   T81] hsr_slave_0: left promiscuous mode
[  194.250020][   T81] hsr_slave_1: left promiscuous mode
[  194.251875][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.254320][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.257038][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.259337][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.263415][   T81] veth1_macvtap: left promiscuous mode
[  194.265159][   T81] veth0_macvtap: left promiscuous mode
[  194.267010][   T81] veth1_vlan: left promiscuous mode
[  194.322683][   T81] team0 (unregistering): Port device vlan0 removed
[  194.431517][   T81] team0 (unregistering): Port device team_slave_1 removed
[  194.462911][   T81] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
21:16:32  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff8169e256 RDX=ffff88802395a440
RSI=ffffffff816a12ac RDI=0000000000000000 RBP=ffff88802b23bdc0 RSP=ffffc90006f0f6e0
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000001
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b23cd40 R15=ffffed10056477b8
RIP=ffffffff816a12ad RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097561000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffffffff CR3=000000006f22c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000000d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85582355 RDI=ffffffff9b06da80 RBP=ffffffff9b06da40 RSP=ffffc90006c1f598
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e36312e36
R12=0000000000000000 R13=000000000000000d R14=ffffffff9b06da40 R15=ffffffff855822f0
RIP=ffffffff8558237f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097661000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffffffff CR3=000000006e271000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b23bdc0 RCX=ffffffff8b7efaa6 RDX=ffffed10056477b9
RSI=0000000000000004 RDI=ffff88802b23bdc0 RBP=0000000000000003 RSP=ffffc90000537d00
R8 =0000000000000000 R9 =ffffed10056477b8 R10=ffff88802b23bdc3 R11=0000000000000000
R12=ffffed10056477b8 R13=0000000000000000 R14=ffff88802b43cd40 R15=0000000000000002
RIP=ffffffff8b7efae2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097761000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffffffff CR3=000000005ee19000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ff0000000000 00000000ff000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=ffff8880636b4cf4 RBX=ffff8880636b4c80 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff89517387 RDI=ffff8880636b4cf4 RBP=0000000000000000 RSP=ffffc9000405f768
R8 =0000000000000000 R9 =ffffffff89517180 R10=0000000000000001 R11=0000000000000001
R12=0000000000000000 R13=ffffc9000405fd68 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff895173d1 RFL=00000a03 [-O----C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097861000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffffffff CR3=000000006e271000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000