last executing test programs:

5.092569983s ago: executing program 0 (id=2908):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r2, 0x0, 0x0)
fsopen(0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = socket(0x21, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x3a)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x10, 0x110, 0x1}], 0x10, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0xf000, 0x10002, 0x0)

4.139000048s ago: executing program 0 (id=2910):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x38}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="100000000d000000080000000700000000000000", @ANYRES32, @ANYBLOB="040100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/13], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x30, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_FLAGS={0x6}}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
getpgid(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[], 0xd)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, 0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x402c5828, &(0x7f0000000340)={0x0, 0x4, 0x6, 0x200})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], 0x4, 0xe8686b39611295a, 0x0, <r4=>0xffffffffffffffff})
syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r4)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffed9)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000063ddf854ac61", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)

3.677925139s ago: executing program 0 (id=2913):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
r2 = syz_open_dev$sndctrl(0x0, 0x580d, 0x501c00)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) (async)
ioctl$int_in(0xffffffffffffffff, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) (async)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x6, 0x573381)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x1d, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f00000008c0)={0x0, 0x1, &(0x7f00000000c0)=[r6], 0x0, 0x0, 0x0}) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, 0x0) (async)
syz_open_dev$dmmidi(0x0, 0x200, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) (async)
r7 = fcntl$dupfd(r1, 0x0, r3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x6, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000062010000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async, rerun: 32)
ioctl$TCFLSH(r1, 0x400455c8, 0x20000000009) (async, rerun: 32)
ioctl$TCGETS2(r7, 0x800455c9, 0x0) (async)
syz_usb_connect(0x3, 0x2d, 0x0, 0x0) (async, rerun: 32)
close_range(r0, 0xffffffffffffffff, 0x0) (rerun: 32)

2.592589093s ago: executing program 3 (id=2920):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
write(r0, &(0x7f00000004c0), 0x0)

2.5203003s ago: executing program 3 (id=2921):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r1)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(nhpoly1305-sse2)\x00'}, 0x20)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, r2, 0x4, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x4, @bearer=@l2={'ib', 0x3a, 'geneve0\x00'}}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x83cfb64f62a00a68}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000009b, &(0x7f0000000680)=ANY=[@ANYBLOB="1880000000000000000000000000001811000000", @ANYRES16=r2, @ANYBLOB="0000000000000000b608000000000000798af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b703f900000000008500000058000000958fefee1235182405"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'geneve1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
bind$packet(r1, &(0x7f0000000400)={0x11, 0x1c, r5, 0x1, 0xc, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='xs_stream_read_data\x00', r1, 0x0, 0x1000}, 0x18)
ftruncate(r1, 0x8012007ffb)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f0000000540)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f0000001300)=@delchain={0x90, 0x65, 0x4, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xffe0}, {0x8, 0x5}, {0xffff}}, [@filter_kind_options=@f_fw={{0x7}, {0x30, 0x2, [@TCA_FW_POLICE={0x18, 0x2, [@TCA_POLICE_RATE64={0xc, 0x8, 0x2}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}]}, @TCA_FW_POLICE={0xc, 0x2, [@TCA_POLICE_RESULT={0x8, 0x5, 0x3}]}, @TCA_FW_MASK={0x8, 0x5, 0x9}]}}, @TCA_CHAIN={0x8, 0xb, 0x7}, @filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ARP_THA_MASK={0xa, 0x42, [0xff, 0x0, 0x0, 0xff, 0xff, 0xff]}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x5}}]}, 0x90}, 0x1, 0x0, 0x0, 0x48040}, 0x4000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r6, &(0x7f00000000c0)='$', 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000100)='bic\x00', 0x4)
sendto$inet6(r6, &(0x7f0000000140)='/', 0x1, 0x0, 0x0, 0x0)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockname(r7, 0x0, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000080)={0x4, <r8=>r0})
ioctl$TIOCL_SETSEL(r8, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x8, 0xf7eb, 0x2, 0xe163}})

2.429132819s ago: executing program 3 (id=2922):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000000c0), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2df0, 0x9b50, 0x3, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$inet6(0xa, 0x1, 0x84)
add_key(&(0x7f0000000000)='pkcs7_test\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, 0x0, 0x0)
bind$inet6(r2, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000006080)=@newtaction={0x429c, 0x30, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [{0x4288, 0x1, [@m_skbedit={0xf4, 0x1c, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x5}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x10000, 0x2, 0x4, 0x333bb3c9, 0x8001}}]}, {0xa5, 0x6, "8fb3557ba6e299d84e7d241e2abf5411501bf2991c0039897eadb758973ea0d2cdd47f364c4abfc5c73d172ec935928bc8d0ab493b114559c47d7d2fb7165be4c0d323fcd45f7798c045217c6cbd5c29fde3f0054c2795c48761be8b383e4cb776ddee981f6fdb03df7ce7c98abf9747543246a2c4ba910baa1aa61710c77bc9cf9b6fc3c75dd92f2876764de37f75f010de8843f2fc520f52c3ee960ebd5ab1e6"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_police={0x2b4c, 0x5, 0x0, 0x0, {{0xb}, {0x2abc, 0x2, 0x0, 0x1, [[@TCA_POLICE_AVRATE={0x8, 0x4, 0x100}, @TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x4, 0x4, 0x0, 0xa, 0xb1, 0x101, 0xff, 0x5, 0x72, 0x2, 0x7f, 0x7, 0x2, 0x4, 0x671, 0x3, 0x0, 0x86, 0x2, 0x1, 0x6, 0xc, 0x4000000, 0x7, 0xfffffffe, 0x230, 0xdcb, 0x0, 0xddd, 0x3, 0x5, 0xffffb44d, 0x396, 0x1, 0x1, 0x1a04, 0x800, 0x3ff, 0x10, 0x0, 0x9, 0x6, 0xfffffff7, 0x2, 0x200, 0x10000, 0x0, 0x6, 0xffffffff, 0xfffffeff, 0xc, 0x2, 0x9, 0x3, 0x6, 0x2, 0x5, 0x9, 0x7f, 0x5, 0x3, 0x9, 0x135, 0x1, 0x0, 0xfff, 0x5, 0x8, 0xa0, 0x8, 0x5, 0x9, 0x9, 0x62, 0x4, 0x1c84, 0x22, 0x7, 0xb312, 0xfc, 0x2779, 0x629, 0x3, 0x1, 0xed, 0x5, 0x8, 0xd9e, 0x0, 0x81, 0x6, 0xc, 0x6d1, 0x9, 0xfffffffb, 0x5, 0x8b, 0xe03, 0x2, 0xe54, 0x81, 0xeafb, 0x80000000, 0x80, 0xb, 0x7, 0x6440, 0xa, 0xb12, 0x7829, 0x6, 0x10000, 0xfffffff9, 0xda, 0x8000, 0x3, 0xfff, 0x1a5, 0x8, 0x9, 0x9, 0x6, 0x7, 0x80000000, 0xbcde, 0x80000000, 0x9, 0x9, 0x10001, 0x8, 0x3, 0x1, 0x6, 0x80, 0x4, 0xe0, 0xc05, 0xffffffff, 0x10000, 0x3, 0xb4b, 0x2, 0x4, 0x5a8, 0x36, 0x0, 0x6, 0x4, 0xffffffff, 0x2, 0x3, 0x3, 0x9, 0x8, 0x5, 0x80000000, 0x6, 0xa, 0x2c7485f7, 0xfffffff9, 0xffffffb2, 0x29e0, 0x6, 0x2, 0x1, 0x5, 0x4, 0x6, 0xd, 0x800, 0x1, 0x3, 0x6, 0x8, 0x8000, 0x2, 0x3, 0x7, 0x3, 0x8, 0x5d, 0x9, 0x1, 0x3ff, 0x3, 0x4, 0x401, 0x7fff, 0x6, 0x7, 0x2, 0x41, 0x5c6, 0x1, 0xcc47, 0x80000001, 0x9c4c, 0x7, 0x7f, 0x9, 0x2, 0xca, 0x7, 0x1, 0x8, 0x7fff, 0x8, 0x500, 0x7, 0x9, 0x7, 0x7, 0x2, 0x8b, 0x4, 0x5, 0x8f4, 0x3, 0x70b8, 0x900000, 0xfffffff1, 0x0, 0x2, 0xfffff800, 0x4, 0x5, 0x5, 0x4, 0x8, 0x7fff, 0x40, 0x3, 0x3, 0x0, 0xfffffff9, 0x8, 0x8, 0x2, 0x1, 0x2, 0x9a1, 0x6, 0x0, 0x8, 0x8, 0x1, 0xfff, 0x80, 0x9, 0x4, 0x0, 0x101, 0xff, 0x8, 0xd]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8000, 0x54, 0x4, 0x1, 0x7, 0x5, 0x4, 0x40, 0x4, 0x6, 0x4, 0x7, 0x2, 0x6, 0x1000, 0x8, 0x101, 0xe, 0x9, 0x5, 0x9, 0x6, 0x8, 0x8, 0x2, 0x3, 0x3, 0x4, 0xa111, 0x8f1, 0x4, 0xfffff369, 0x3ff, 0x656, 0x7eec00, 0x0, 0x0, 0x0, 0x3, 0x8, 0x4, 0x9, 0x0, 0x4, 0x4, 0x1, 0xf43, 0x7fffffff, 0xffff, 0x9, 0x1, 0x3, 0x2, 0x2, 0x5, 0x3, 0x7, 0x2, 0x80000000, 0x5, 0x2, 0x4, 0x4, 0x8, 0x7f, 0x9, 0x8, 0xd7, 0x1, 0x7, 0x5, 0x40, 0x9, 0x3, 0x9, 0x5, 0x8, 0x5, 0x800, 0x0, 0x4, 0x7, 0x9, 0x1d, 0x3, 0xc, 0x3, 0x7, 0x4, 0xd7c, 0x7, 0x1, 0x0, 0x40, 0x2, 0x5, 0x7ff, 0xdd51, 0x7, 0x9, 0x9, 0x4, 0xcb9, 0x8, 0x97a, 0x0, 0xff, 0xfffffff7, 0x1, 0x8, 0x8, 0x5, 0x6b0a0f54, 0x5, 0x8c4, 0x40, 0xa5, 0xe2, 0x0, 0x6, 0x1107951f, 0x4, 0x164, 0x5, 0xffffd08f, 0x4, 0x6, 0xff, 0x1, 0x3, 0x3, 0x3ff, 0xffffdcb5, 0x0, 0x1, 0x1, 0x401, 0x4, 0x0, 0x8c55, 0xa3, 0x7, 0x3, 0x3, 0x4, 0x6, 0x1000, 0x6, 0x4, 0x6, 0x3, 0x4, 0x1, 0x5adc, 0xf09, 0x380, 0x8, 0x48, 0x1a5b2e77, 0xdec, 0x8, 0x5, 0xd, 0x4d0, 0x6, 0xf6f0, 0x7fff, 0x800, 0xacf, 0xf6, 0x0, 0x40, 0xff, 0x7, 0x101, 0x5, 0x9af1, 0x3ff, 0x3, 0x8, 0x3, 0x7, 0x5, 0x2, 0x59, 0x9, 0x6, 0x9a7, 0x5, 0x0, 0x3, 0x1, 0x100, 0x0, 0xfffffff9, 0xda, 0xfffff800, 0xd6, 0x1ff, 0x100, 0x3, 0x401, 0x6, 0x15cf, 0x800, 0x400, 0x9, 0xa, 0x9a3, 0x6, 0x1, 0x9, 0x9, 0x6, 0xa, 0xd, 0x4, 0x4, 0x1, 0x6, 0x17, 0x4, 0x7, 0x7fff, 0x68, 0xfffffff9, 0x81, 0x5, 0x1, 0xfffffff9, 0x8000, 0x9, 0xbb, 0x9, 0x5, 0x81, 0x10000, 0x4, 0x9, 0x4, 0x5, 0x0, 0x0, 0x6, 0xffffe000, 0x800, 0x4, 0x6, 0x3, 0x95, 0x4, 0x3, 0x8000, 0x5, 0x3, 0x10000]}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x9c, 0x0, 0x1, 0x1ff, 0x400, 0xe, 0x2, 0x8, 0x3, 0x7ff, 0x40004, 0x10, 0x3, 0x8, 0xa, 0x3, 0xffffffff, 0x7fffffff, 0x4, 0x9be, 0x3, 0x3, 0x8, 0x8000, 0x0, 0x0, 0x3, 0x2b, 0x4, 0xe21, 0xe, 0x7, 0x81, 0x3, 0x3, 0x9539, 0x2, 0x6, 0x80000001, 0x4, 0x3, 0x3c2, 0x8, 0x48d0, 0x2, 0x5, 0x0, 0x4, 0x95f, 0x3, 0x400, 0x39, 0x10001, 0x154b, 0x9, 0x800, 0x10001, 0x8, 0x7, 0x7fff, 0x1, 0x1, 0x80, 0x0, 0x2, 0x0, 0x9, 0x3ef, 0x2be, 0x6, 0x9a2, 0x7, 0x7, 0x0, 0xc7, 0x7, 0x6, 0x9, 0x7, 0x0, 0x5, 0x6, 0x5, 0x2, 0xa5e, 0x2, 0x6, 0x0, 0xea, 0x1000, 0x9, 0x6, 0x1ff, 0xd7, 0x27, 0x6, 0x2, 0x400, 0x3, 0x0, 0x9, 0x7fff, 0x1, 0x7, 0x8, 0x4, 0xfffffff4, 0x14000000, 0x6, 0x7, 0x8, 0xff, 0x9, 0x3, 0x1, 0x988dc218, 0x2, 0xfffffff3, 0x10000, 0xd, 0x9, 0x100, 0x8000, 0x9, 0x800, 0xa6, 0x0, 0x7fff, 0x8, 0xfffffffb, 0x0, 0xe0f, 0xe, 0x8, 0x3, 0x0, 0x1, 0x5, 0x8f, 0xffffffff, 0x4a6, 0xf, 0x2, 0x1ff, 0x78f, 0x4, 0xfffffffb, 0x67, 0x1, 0x9, 0x10001, 0x3, 0x5, 0x1, 0xfffffffc, 0x8000, 0xc, 0x8, 0x1, 0x200, 0x9, 0x4, 0x400, 0x81, 0x3, 0xa8a, 0x2, 0xb, 0x2, 0x5, 0x3, 0x8, 0x0, 0x4, 0xdc, 0x7ff, 0x2, 0x6, 0x80000001, 0xc5, 0x7f, 0x9a6, 0x4, 0xfff, 0x5, 0x9, 0xffffffff, 0x7, 0xfffffff9, 0x5, 0x400, 0x4, 0x8, 0x400, 0x1, 0x9, 0x100, 0x78fb9eb9, 0x9, 0x7, 0xdb9, 0x80, 0x8, 0x2, 0x7, 0x3, 0xd5de, 0x0, 0x8, 0x3, 0x15, 0x9, 0x7, 0x3000, 0x1000, 0xfff, 0x2, 0x2, 0x7c84, 0x8, 0x1, 0x274, 0x2, 0x922, 0x0, 0x8, 0x9, 0x8, 0x3, 0x4, 0x6, 0x3, 0x9, 0x7, 0x3, 0x8, 0x6, 0x0, 0x1a4, 0xe, 0x1, 0x101, 0x4, 0x5, 0xff, 0x4, 0x101, 0x6, 0x0, 0x3, 0xd, 0x6, 0x29, 0x8, 0xff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x10, 0x680f1ac03817e2b, 0xf53, 0x275, 0xe9e9, {0x5, 0x2, 0x80, 0x7fff, 0x4, 0x5}, {0x0, 0x0, 0x1ff, 0x800, 0xfffd, 0x40}, 0x7, 0xd14, 0xe74}}, @TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x0, 0x23a, 0x13c8, 0x1, 0x11a, 0x1, 0x2, 0x4, 0x3, 0x6, 0x5, 0x1, 0x3, 0x8, 0x7fffffff, 0x4, 0x2, 0x3ff, 0x2, 0x10f8298c, 0xfffffff7, 0x80, 0x6, 0x7, 0x6, 0x9, 0x5, 0x5, 0x10000, 0x400, 0x6, 0x1, 0x1, 0x7e3, 0x1, 0x1, 0x2, 0x1, 0xb, 0x2, 0x3, 0x7fffffff, 0x6, 0x401, 0xc000, 0x401, 0x1a, 0x7, 0x4, 0x80000001, 0x3, 0x8, 0x2, 0x10, 0x8, 0x1, 0x2, 0x0, 0x4, 0x6c0, 0x5, 0x10000, 0xe, 0xa008, 0x7, 0x5, 0x80000001, 0x6, 0x0, 0x3, 0xfffffff6, 0x999, 0x6, 0x7700000, 0x2, 0x7, 0x6, 0xd, 0x6, 0x8, 0x2, 0x4, 0x7fffffff, 0x7, 0xb6, 0x7, 0x2, 0x2, 0x5, 0x10, 0xab3d, 0x5, 0x85, 0x7a7, 0x10001, 0x9, 0x8, 0x8, 0xc, 0x1, 0x10001, 0xfffffff9, 0x2, 0x2ac9e58e, 0x792, 0x9, 0x8c7, 0x400, 0x1ff, 0x9, 0x8, 0x200, 0xac, 0xf4, 0x8, 0x9, 0xbb9, 0x4, 0x8, 0x81, 0x9, 0x1, 0x9f, 0x2, 0x2, 0x1ff, 0x1, 0x2, 0x6, 0xf, 0x9, 0x0, 0x9, 0x3, 0x4, 0x81, 0x2, 0x7, 0xd4, 0x7, 0xfffffc00, 0x1000, 0x1, 0x4, 0xfff, 0x2, 0x7f, 0x4, 0xfffffffe, 0x8, 0xffffffff, 0x1, 0x8001, 0x0, 0xfffffff8, 0x81, 0x8001, 0x8, 0x101, 0xc, 0x7, 0x9, 0x2, 0x2, 0xffffffff, 0x5, 0x0, 0x7, 0x52, 0x8, 0x5, 0x9, 0x400, 0x3, 0xfffffffe, 0xf6, 0x3, 0x6, 0x5, 0x0, 0x1864, 0x4, 0xa, 0x3ff, 0x1, 0x2, 0x6, 0x5, 0x9, 0x8, 0xb6, 0x2170, 0x0, 0xfffffbfc, 0xfffffcaf, 0x4518, 0x0, 0x8, 0x9, 0x9, 0x3, 0xafe, 0x2e4e224, 0x9, 0x9, 0x45ea, 0x0, 0x112414e, 0x7, 0x8, 0xff, 0xfffffe00, 0x6, 0x1, 0x1, 0x7f, 0x0, 0xfffffff9, 0x200, 0xd92b, 0x2, 0x7, 0x1ff, 0x2, 0x2, 0x2, 0x10000, 0xea, 0x8, 0x5, 0x7, 0xfffffffb, 0x792ea6fe, 0x64f2, 0x5, 0x10, 0xa13, 0xdf4, 0x5, 0x96c, 0x3, 0x5, 0xffffffff, 0x9, 0x1000, 0x6, 0x10000, 0x401, 0x0, 0x2, 0x7, 0x7fffffff, 0x4, 0x61, 0xfffffffe]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x3, 0x5, 0x7, 0x401, {0x1, 0x2, 0x10, 0x3, 0xf, 0xc8}, {0x10, 0x4cca4b8323583063, 0x6, 0x5, 0x3, 0x2}, 0x6, 0xf, 0x6}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x3, 0x8, 0xa, 0x7, {0xff, 0x2, 0x1, 0x9, 0x2, 0x5}, {0x5, 0x0, 0x0, 0x21b, 0xff, 0x57f7}, 0x6, 0x7ff, 0x4}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x4, 0x3, 0x0, 0x6, {0x7, 0x1, 0x0, 0x3, 0x1020, 0x3}, {0x5, 0x2, 0x1, 0xbee, 0x0, 0x8}, 0x9, 0xffff, 0x3}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x8000}], [@TCA_POLICE_RATE64={0xc, 0x8, 0x1}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x40, 0x8001, 0xbbe, 0x80000001, 0x5, 0x52, 0x0, 0x1, 0x9, 0x5, 0x9, 0x0, 0x0, 0x7, 0xfffffff9, 0x3e7, 0x8, 0x3, 0x8, 0x1b, 0x10000, 0x1a08, 0x7, 0x3, 0xae0, 0x7, 0x1, 0x800, 0xee5b, 0x1000, 0x6, 0x10000, 0x9, 0x0, 0x533, 0x8, 0x8, 0x2bc5, 0x5, 0xfffffffc, 0xd, 0x4, 0x6, 0x5, 0x9c7, 0x90000000, 0x6, 0x8, 0x2737, 0x6, 0x8000, 0x10, 0x879f, 0x9, 0x8001, 0x2, 0x4, 0x1, 0x6, 0xc, 0x20000000, 0x2, 0x200, 0x8, 0x7fff, 0x5, 0x5, 0x7, 0x50, 0x6, 0x8, 0x9, 0xd, 0x834, 0xa1d, 0x8, 0x7, 0x6433, 0xd03e, 0x9, 0x5, 0x9, 0x5, 0x145e, 0x2, 0x3, 0x9, 0x7fffffff, 0x1, 0x8, 0x6a, 0x2, 0x3, 0x0, 0x43, 0x8001, 0x2, 0x5, 0x1000, 0x200, 0x5, 0x4, 0xfff, 0x81, 0xffff2929, 0x5c2, 0x6, 0x8, 0xe, 0xffffffff, 0x8a, 0x7, 0x77e, 0x1, 0x2, 0x9, 0x1, 0xf5e38d2, 0x1, 0x5, 0xc, 0x273c, 0xe22, 0x5, 0xe74a, 0x1, 0x2, 0x2, 0x80000000, 0x8218, 0x3, 0x9, 0x8, 0x7fff, 0x3, 0x1000, 0x6, 0x0, 0xe94d, 0x4, 0x2, 0x6, 0xcb4, 0xffffff80, 0x2, 0xf3c, 0x2, 0x80, 0x2223, 0x2, 0x5, 0x3, 0x7, 0x2, 0x3, 0xb, 0x58f, 0xfff, 0x3, 0xfffffff8, 0x6, 0x5, 0x9, 0x7, 0x0, 0x9, 0x9, 0xcef, 0x2, 0x4, 0xc68, 0x8, 0x3, 0xfffffc32, 0x1, 0xf, 0x7ff, 0xffffffff, 0x10000, 0xfffffff1, 0x200, 0xfce7, 0x0, 0xf, 0x5d, 0x9, 0x2, 0x9, 0x9, 0xfffff000, 0x1, 0x1, 0x3, 0x0, 0x8001, 0x10000, 0x7, 0xcd, 0x1, 0xfffffffa, 0x9, 0xce9, 0x9, 0xe1b8, 0x80000000, 0xcc6b, 0x9, 0x6, 0x3, 0x3, 0xff, 0xbd, 0xb2, 0x6, 0xffffffff, 0xfffffff9, 0x8, 0x8, 0x6, 0x7, 0xfffffff9, 0xf, 0x7f, 0xfffeffff, 0x3, 0x7, 0x8, 0x6, 0x5, 0x0, 0x5, 0x3, 0x3, 0x5, 0x8, 0x7, 0x7, 0x4, 0x7, 0x401, 0x5, 0xb1e, 0x80, 0xb3, 0x1ff, 0x7, 0xfffffffa, 0x1, 0x1b, 0x7, 0x196d, 0xffffffff, 0x6, 0xb4a]}, @TCA_POLICE_RESULT={0x8, 0x5, 0xfff}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x20000000, 0x2, 0x24, 0x7, {0x1, 0x1, 0x400, 0x8, 0x1}, {0x7, 0x0, 0x8000, 0x8, 0x21, 0x283b}, 0x7f, 0xb, 0x7f}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1}, @TCA_POLICE_TBF={0x3c, 0x1, {0xffff, 0x1, 0x8, 0xb, 0x7fffffff, {0x7f, 0x1, 0x9, 0xfff, 0x8, 0x1ff}, {0x6, 0x0, 0x7, 0x8b83, 0x81, 0x8}, 0xffffffff, 0x0, 0x9}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x100000000}, @TCA_POLICE_RESULT={0x8, 0x5, 0x6}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x8}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x5, 0x0, 0x2, 0x101, 0x88bd, 0x2, 0x2, 0x5, 0x3, 0x400, 0xf06, 0xfffffffe, 0x3, 0xc5e, 0xfff, 0x8, 0x8, 0xa3, 0x7, 0x9, 0x0, 0x0, 0xd, 0x2, 0x8, 0x5, 0x6, 0xe, 0x8, 0x8, 0x9, 0xe, 0x4, 0x7ff, 0x4, 0x983, 0x5977dead, 0xef29, 0x8, 0x0, 0x800, 0x6, 0x7, 0x3, 0x6, 0x9, 0xff, 0x2, 0x5, 0x1, 0x100000, 0xffffffff, 0x8, 0x29000, 0xe8, 0x8001, 0x7, 0x702, 0x6, 0x7, 0x0, 0x4, 0x7f, 0xa, 0xfffffffd, 0xb, 0x17, 0xa0, 0x1, 0xd, 0x6, 0x80, 0x10001, 0x7, 0x2, 0x200, 0x3, 0x4, 0x0, 0xb9e, 0xfff, 0x9, 0x0, 0x8, 0x7, 0x5, 0x1, 0x7f, 0x0, 0x8, 0x5, 0x401, 0xfffffff9, 0x7f, 0x0, 0x2, 0x4, 0x5, 0xae, 0x7, 0x2, 0x3, 0x4, 0x3, 0x4, 0x3, 0xffffffff, 0x8000, 0x4000000, 0x40, 0x7, 0x0, 0x1, 0x8, 0x3, 0xfffffffe, 0x2400, 0x10000, 0x9, 0x7fff, 0xfffffffd, 0x1, 0x2, 0x1000, 0x1, 0x4, 0x1ff, 0x1, 0x78760c53, 0x6, 0x5, 0x7fff, 0x4, 0x4, 0x8, 0xbd, 0xca20, 0x6, 0x7fff, 0x76, 0x5, 0x1000, 0xb, 0x536, 0xe1e, 0x6, 0x9, 0x1, 0x2, 0x3, 0x5, 0x1, 0x0, 0x400, 0x9, 0x5, 0x0, 0x7f, 0x6, 0x8000, 0x122125ee, 0xf, 0x6, 0x4c, 0x2, 0xc968, 0x5, 0x7a2f, 0x4, 0x4, 0x7, 0x3, 0x6, 0x8, 0x2, 0xfffffff7, 0x5, 0x2071, 0x4, 0x800, 0x3, 0x8, 0x3, 0x4, 0x4000800, 0x7, 0x80000000, 0xa, 0x6, 0xc, 0x300000, 0x71b0, 0x7b9, 0xf6, 0xfa, 0x7386, 0x6, 0x0, 0x9, 0xaf43, 0x80000001, 0x1, 0xee21, 0x1ff, 0x8772, 0x2, 0x7fff, 0x9, 0x4, 0x0, 0x100, 0x8, 0x8, 0x200, 0xe599, 0x2, 0x2, 0x6c65, 0x40, 0x9, 0x93, 0x0, 0x200, 0xb94a, 0x9, 0x40a2, 0xc, 0x3, 0xff, 0x8, 0x0, 0xb1, 0xfda0, 0x3, 0x6, 0x5, 0x0, 0x5, 0xdd7, 0x1000, 0x6f, 0x7, 0x3e, 0x8, 0x7, 0x4, 0x5, 0x0, 0x6, 0xe, 0x8, 0x4, 0x6, 0x5, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0xffffffffffffffff, 0x2, 0x13, 0x9, {0x0, 0x1, 0x3, 0x8}, {0x28, 0x0, 0xb225, 0x0, 0x1, 0x3}, 0x48, 0x401, 0x2}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}, @TCA_POLICE_RATE64={0xc, 0x8, 0x7fff}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x8}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x2}, @TCA_POLICE_RESULT={0x8, 0x5, 0x80000000}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0x6, 0x6, 0x5, 0xb15, 0xffff98b9, 0x800, 0x81, 0x7, 0x7, 0x9, 0x7, 0xffffffc0, 0x8a5, 0x5, 0xd883, 0x3, 0x8, 0x80000000, 0xfdf, 0xb, 0x910, 0x9, 0x81, 0xa, 0x40, 0xffff, 0xfffffffe, 0x1419, 0x0, 0x2, 0x3, 0x7, 0x10000, 0x4, 0xbb, 0x9, 0x5, 0x7, 0x7fffffff, 0x2, 0x6, 0x6, 0x4e6ddae1, 0xfffffffb, 0x30, 0x40, 0xf, 0x6, 0x401, 0x2535, 0x0, 0x9, 0x9, 0x7f, 0x1, 0x3a, 0x2, 0x81, 0xfffffffc, 0xa88, 0x9, 0x0, 0x4, 0x0, 0x77, 0x8, 0xf7, 0xffffff7f, 0x3, 0x2, 0x81, 0xffffffff, 0x4, 0x0, 0x401, 0x9, 0x5f, 0x9, 0x0, 0x100, 0x1, 0x3, 0x7, 0x2, 0x6, 0x9, 0xae7f, 0x16, 0x5, 0x4, 0x9, 0x4, 0x7ff, 0x5, 0x7, 0x64f, 0x7, 0x38, 0x7, 0x80, 0x0, 0x8, 0x4, 0x9, 0x8, 0x2, 0x7ff, 0x1, 0x1d, 0x5, 0x3, 0x6, 0x80, 0x2, 0x6, 0x1, 0x3, 0x5, 0x1ff, 0x3e73, 0x9c5c, 0x5, 0xee400000, 0x1, 0xfff, 0x8, 0x9, 0xd5b, 0x5, 0xffffffff, 0x5, 0x9, 0x101, 0x1, 0x400, 0x1, 0x9, 0xfffffff6, 0x8, 0x9, 0x0, 0x401, 0xe3, 0x6, 0x1e, 0x3, 0x400, 0x9, 0x10, 0x2, 0x100, 0x2, 0x200, 0x401, 0xfffff1fe, 0xfce7, 0x0, 0xb4c, 0x61, 0x8001, 0x8000, 0xd, 0x9, 0x100, 0xbee, 0x3, 0x6, 0x1, 0x3a, 0x0, 0x4, 0x10, 0x0, 0x1b, 0x7fff, 0x8, 0x5, 0x9, 0x5, 0x9, 0x10000, 0x3, 0x1, 0xd96, 0x2, 0x80000000, 0xe, 0x9, 0x401, 0x5, 0x4, 0x5, 0x148, 0x6, 0x3, 0x3, 0x4, 0x6497, 0x5b1deb53, 0x7, 0xfffffff7, 0x401, 0x3b0c00b6, 0x7, 0x3, 0xffff97a5, 0x5, 0x3ff, 0xdf5, 0xd1, 0x3, 0x7, 0x7, 0x1, 0xe64, 0x5, 0xffff, 0x400, 0x2, 0xec06ac33, 0x0, 0x6, 0x31b, 0x5, 0x9, 0x2, 0x1, 0x6, 0x2, 0x4, 0x7, 0xfff, 0x0, 0xee, 0x1f5c7c0d, 0x0, 0x4, 0x3b, 0x0, 0x1, 0x1ff, 0x7, 0xc116, 0xe872, 0xfffffc01, 0xffffffff, 0x6, 0x6, 0x2, 0xffffffff, 0x400, 0x7, 0xffff62c3, 0xe, 0x100]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0xd66, 0x6, 0x5, 0x1000, 0xc, 0x455a, 0x8000, 0x2, 0x9, 0x7f2, 0x3, 0x81, 0x9, 0xb, 0xe932, 0xffff, 0x3, 0xffff7fc3, 0x7, 0xe, 0xa000000, 0x0, 0x4, 0x0, 0x0, 0x2, 0x4, 0x9, 0x1, 0x2, 0x7, 0xa0f, 0x6, 0x0, 0x0, 0x9, 0x6, 0x6, 0x9, 0x0, 0x2, 0x8, 0x5, 0x5a, 0x7, 0x1, 0x800, 0x1, 0x4, 0x3, 0x2, 0x5, 0xc, 0x1000, 0x1, 0xfffffff8, 0x9, 0xe44, 0x0, 0x5, 0x7, 0x9, 0x1, 0x4dde, 0x2, 0x3, 0x6, 0xb06, 0x4, 0x0, 0x3, 0xb, 0x939, 0x7e03, 0x8, 0x9, 0x1c54cac6, 0x1, 0xe, 0x1, 0x4, 0xa1, 0xe34, 0xfffffffe, 0x84, 0x4823, 0xc, 0x1000, 0x7f, 0x7fffffff, 0x1, 0x0, 0x7, 0x5, 0xc6, 0x81, 0x2, 0x2, 0x3, 0x4, 0x2, 0x7f, 0x1000, 0x3, 0x7f, 0x2, 0x9, 0x7, 0x0, 0x1, 0x7f, 0x7fffffff, 0x10, 0x8, 0x7fff, 0x8, 0x2, 0x7, 0x61, 0x6a7, 0x9, 0x7, 0x8001, 0x10001, 0xffff, 0x9753, 0x1000000, 0xfff, 0xfffffffa, 0xab0, 0x8, 0x4, 0xfffffff8, 0x4, 0x2, 0xfffff001, 0x80000001, 0xffff, 0x8000, 0xdf58, 0x3, 0x608b, 0x5, 0x8, 0x4, 0x5, 0x5, 0x3, 0x200, 0x76389d1e, 0x5, 0x9, 0x4, 0x0, 0x10000, 0x8, 0xfffff000, 0x4, 0x7f, 0x7, 0x6, 0x8, 0x8, 0x3, 0x89ba, 0x1, 0x6, 0xf1, 0xfffffff9, 0x83, 0x7fff, 0x10000, 0x9b8, 0x6, 0x3, 0x0, 0x101, 0x8, 0xf0, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x0, 0x6, 0xce, 0x20a, 0x8, 0x18, 0xd26, 0x605, 0x9, 0x2, 0x0, 0xfffffff8, 0x315, 0x2, 0x9, 0xffffffff, 0x9, 0x145fc1f, 0x8, 0x8359, 0x9, 0x3, 0x9, 0x8, 0x5, 0xffffffff, 0x6c, 0x26cad3a5, 0xff, 0x0, 0x2, 0x1, 0x8001, 0x9, 0x7, 0x5, 0x4b, 0x80000000, 0x7f, 0xa8, 0xff, 0x200, 0x7fff, 0x0, 0x0, 0xa, 0x7, 0x7, 0x1, 0x8001, 0x1abb, 0x473, 0x3, 0x4, 0x3, 0x259a9198, 0xf29, 0x100, 0xffffffff, 0x21, 0x7fff, 0x0, 0x5, 0x40, 0x0, 0x0, 0x2, 0x5, 0x9, 0x0, 0x1ff]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x1}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0xea3, 0x4, 0x2, 0x8c, 0x0, 0x40, 0x6, 0x2, 0x3, 0x1ff, 0x9, 0x9, 0x80, 0x8, 0x8, 0xb, 0x6, 0x87, 0x31, 0xfe, 0x100, 0x9, 0x2, 0x4, 0x27, 0xe00, 0x10001, 0x1, 0x6, 0x7, 0x0, 0x10, 0x9, 0xffffffff, 0x7fff, 0xc597, 0x5, 0x9, 0x8, 0x6, 0x6, 0x0, 0x5, 0x9, 0x2, 0x2, 0x42ce0000, 0x2, 0x5, 0x10001, 0x1, 0x8, 0x2, 0x3d3, 0x0, 0x3, 0x5, 0x1, 0x7, 0x40, 0xff, 0x9, 0x5, 0x1a0, 0x0, 0x1, 0xffffffff, 0x80000001, 0x65b, 0xffffffc0, 0x50d, 0x1, 0x8, 0x3, 0xff, 0x1, 0x5, 0x4, 0x1, 0x4, 0x2, 0xfffffc01, 0x32b8000, 0x5, 0x10000, 0x40, 0xb, 0x775, 0x2, 0x7, 0x6, 0xfffffffa, 0xe, 0x435, 0x3, 0x6, 0x7, 0x0, 0x1ff, 0x5d, 0x1, 0x1, 0x7, 0x4, 0xe, 0x5, 0x7, 0x4, 0x0, 0x4, 0x2, 0xfffffff8, 0x5236, 0x7, 0x1, 0x7fff, 0xc9, 0x5c, 0xac, 0xffffffc0, 0xfffff800, 0x8, 0x8, 0x6000, 0x20000000, 0x1, 0x7fffffff, 0xfffff800, 0x8, 0x0, 0xf, 0x4, 0x764, 0x7f, 0x1ff, 0x3, 0xffff, 0x5, 0x0, 0x7fff, 0x6, 0x1, 0x4ba, 0x8, 0x1, 0x4, 0xc8, 0x1, 0xcc, 0x7f, 0x8, 0x3, 0x26, 0x3, 0xfffffff8, 0x5d, 0x0, 0x10001, 0x0, 0x7, 0x2, 0x100, 0xffffffff, 0x1, 0x5, 0xa6e, 0x8, 0x2, 0x7fffffff, 0x8, 0xff, 0x63223a9a, 0x9, 0x10001, 0x1, 0x5, 0x0, 0x7f, 0x5, 0x8, 0x7d2, 0x8b0, 0x800, 0x8001, 0x81, 0x4, 0xfffffffd, 0x3ff, 0x9a4, 0x4, 0x2, 0xf6c1, 0x10001, 0x0, 0x0, 0x7f, 0xf734, 0x3, 0x80000000, 0x6, 0x10000, 0x0, 0x5c, 0xa86b, 0x2, 0x4, 0x7ff80, 0xffff, 0x7fff, 0x0, 0x6, 0xa, 0x7, 0x442, 0x3, 0x3800000, 0x4, 0x7, 0x6, 0x80, 0x3, 0x8db, 0x6, 0x7f7b, 0x87e9, 0xd, 0x0, 0xaa8, 0x2, 0x6e, 0x35, 0x9, 0x4, 0x0, 0x5, 0x5, 0x4, 0x2, 0x9, 0x4, 0x1000, 0x0, 0x80000001, 0xfffffff8, 0x0, 0x6, 0x8, 0xd, 0x5, 0x100, 0x48, 0x3, 0x3, 0xfffffffc, 0x9]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8c7, 0xeb, 0xda, 0xff, 0x1, 0x5, 0x7, 0x8, 0x6354, 0x8, 0x4a, 0x7, 0x0, 0x7fffffff, 0x0, 0x6, 0x8, 0x8, 0x9f08, 0x2, 0x0, 0x1, 0x6, 0x6, 0xe67, 0x0, 0x1, 0x4, 0x1, 0x3342, 0x8, 0xf, 0x3, 0xff, 0x5, 0xa2, 0x7, 0x2, 0x3, 0xb9, 0x3, 0x6, 0xffffffff, 0x8, 0x80000001, 0x1, 0x48f, 0xc6fd, 0x3, 0x100, 0x0, 0x6f, 0x58, 0x3, 0x4, 0x5, 0x80000001, 0x8, 0xfffffffd, 0x2, 0x6, 0x10000, 0x2dbb, 0x17, 0x800, 0xc, 0xdc6, 0x2, 0x2, 0x4, 0x7ff, 0xa, 0x5, 0x4, 0x1, 0x3, 0xfffffeff, 0x5, 0x1000, 0x8, 0x0, 0x6, 0x1, 0x6, 0x5, 0xffffffff, 0x630162ec, 0x5, 0x7, 0x4, 0x1000, 0xbee3, 0x1, 0x80000000, 0xb765, 0x3, 0x100, 0x80, 0x6, 0xffffffff, 0x10000, 0x8, 0xf, 0x7d, 0x800, 0x4, 0x5, 0x9, 0x4, 0xffff, 0x8, 0x0, 0x0, 0x81, 0x6, 0x7, 0x1, 0x3, 0xc, 0x4, 0x5, 0x9b, 0x200, 0x6, 0x401, 0x8001, 0xffffffff, 0x2, 0x5, 0x5, 0x2, 0x4, 0x0, 0x1, 0x9, 0x7, 0x7ff, 0x3, 0x8, 0x9, 0x2, 0xfb, 0x1, 0x0, 0x101, 0x4, 0x1, 0xffffffff, 0x9, 0x3, 0x6, 0x5, 0x100, 0x101, 0x0, 0xb91d, 0x3, 0xac5ddd3, 0xadf7, 0x1, 0x4, 0xca, 0x2, 0x0, 0x1, 0x5bf, 0x7, 0x5, 0x8, 0x0, 0x3, 0x1, 0x7, 0x7, 0x8, 0x40, 0x3, 0x8, 0x401, 0xfffffff9, 0x0, 0xfffffff2, 0x8, 0x1, 0x6, 0x3d0c, 0xf77, 0x101, 0x7ab1, 0x2, 0x400, 0x7cb, 0x1, 0xd, 0x6, 0x3, 0x9, 0x4, 0x2105, 0x1, 0x2, 0x8, 0x4, 0x9de, 0x80000000, 0x1, 0x7, 0x3, 0x4, 0x8, 0x7fffffff, 0x3, 0x3, 0x6, 0x7f, 0xb54a, 0x9c, 0x5, 0x35e71a3f, 0x4, 0x1, 0x3, 0x2627, 0x457, 0x6, 0xfffffffc, 0x40, 0x0, 0x80000000, 0xfd96, 0xffff, 0x9e3, 0x7ff, 0x3f, 0x8001, 0x7, 0x9, 0x80000001, 0x8, 0x5, 0x1, 0x4, 0x6, 0x4, 0x10, 0x4, 0xfb48, 0x10000, 0x80, 0x1, 0x9, 0x1cac, 0x3, 0x3c5b, 0x4, 0x6]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x8c37}], [@TCA_POLICE_RESULT={0x8, 0x5, 0x7}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}]]}, {0x67, 0x6, "a623427e4a07caae99aad7fac1c6f7f3a1abf23c3331ca7003140e75f9154608576833a50e7c26f8bc2163b0c5ee1b7a6dfe069685c4fa66341f578951bcefa6135ea51c59bbff6a5ae4303c1812620224b6315d9d3e75a517d80a74dd6f120eb4d4c4"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ct={0xb4, 0x16, 0x0, 0x0, {{0x7}, {0x6c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x80000000, 0x2, 0x7, 0x4, 0x5}}, @TCA_CT_ACTION={0x6, 0x3, 0x20}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_PARMS={0x18, 0x1, {0x2, 0x0, 0x8, 0x3, 0x200}}, @TCA_CT_LABELS_MASK={0x14, 0x8, "0723a1dd17a60fed8b32933520b6e3b2"}]}, {0x23, 0x6, "7d7a31a06a5403ac8aa7b06eeb441f50bcf63b34a0409ee91eb212fb2c4cf9"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_mpls={0x1040, 0x1d, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x7}, @TCA_MPLS_TC={0x5, 0x6, 0x5}]}, {0x1004, 0x6, "a33cd02ef862854f83128de6a36bcc570314a060d2e8d0d605281b8ca956f82515f82d2fc4367b684049a25225de308564111f6135a0aa827538dc88b93bec80537e77afab89bf41407aaddfb0d64444bb73e2890cdc0576c0355dc8d3157a15f52146a9c5dcf193cc09982752b32154dcefefba4e8fe9d85bf17381560bd23843783ce7d293660e3bfb0a5aa9edf2e73e25c339875360b2b1ea13a72a3e3bd474ecf01f6e5e039b29aa6440362809ddfffa62fa2a2aec4a01bded5333a6d62afbd69d524567bc68b9b922d6c38a2629d7fef8a20e19ac82d8d0d001ead8a535119b7a40d1b0cba43973e2090d4abdc79355bba4d98e8a20a310ed482e0b781aae39af15ee3a793c5ae9bbae1ce7b01199c5fa97f1d08d1e0815f8965a8dd084ce923fdb9be5e930175e628c7580fce5e01a2c70c88a2a875c357fd5149fd65a92b558aca01ab8813194f55d4f22bce434e16af722079e7ba23260da211a46079b72a0d169d3f499521f9561264ac2f0b27a6848fe86a8f1fc7199058f0d26e65c2654c92b4fe965fec8586194290b327b309a5e4571432d679f04fe05155ae8a5a907e0eaecc37a1ee0a128e8b6b6b063c41a8d702f5d38b419b0cda2c53ebbb58b7fbc5178be0e1238d7e7e01124d2e9b3f11a5e6fe2e34e178fb051120806cb941a8ea697cdb3a679aee8a8fac53067a5d19bf7b563991ae18b9b36e76a3a42c4f626f9dd3a15c8537fd98d4d5c3410e96e50568d2397ef6de4e8fa16963993eef095ce84987f66c60dd4e9804ca8117855324d8e387b47ced100c564dabe9e7509e9f23d4051c3e8bd6c457c5fd4341a24b191825ec9c38f168aedb63d5f20040f635aa757218d30180346ee724a1b3bd373ba39a9fac16eab3fb81e70d8e9dfaa2c7e7aeee93a9ec3bee4c0928af87c878a69d6d25e9dda50129c80a95eb0f3e045e804b283a8147fb5d4495a155c883213bdef6284af7ba8753d62ccacd2a96edf6a62c229424d400381c3191baaa545ce4b3a5019ff86b92df2b24a674a259bc3adc47e1dde5972399d43f9462c8ecea2e2064a7e9dba20d826e4ce391d58c440fafb508c437f21c2c43fc46a34a4bf2050e5273bd2b5a7b27f6477570aad3cb4b712f6dc511144a872203f6e378c91feaf7a06705037c8f8ac8fb65e448bb926e2193271ee2ad8de4b822b6d145a1ae3787d5ee362b131eb78bd960e0ee42f13ec0abeb9b37e3e33729ec8d6251b9c0134e7c55f3686c77290177340dc5a176e59a36ac05824fb21bfb50350f2155073b6a9024b1eba74d75dbb1b2540512928a4215704f29338a0355964de401bea024d867f55b608efa1d01b51f587fc5a9ce6b188b5a345ddcebf00537e263af26c651253bf9adb53d010a7aa7641ff6e711d349f4fe158e74d56fde5c598e484e035f1f2e5bce357784ef72c9fef336eb88ea680685f3ee2098edc9432fe37e53570573304a6f44dc38703fb7af5b46110980ef43a74a99c87c4a336610bfcc89a239af645f4e0c295ba7a270a03521a37967c2dace9fe1f70f271c01e031627b0db45b24d527ac50ec6b6bd6d320a8013c0b2922637e18abe39d4f1a7f87c3486a110a2ae279866394909d75cc515b06b85cc672c26445bb1f2ddc084b9328d65fc911eb28e2a24c0859a73a2c6fbff43b0f6fac533dc26ba54bd8f4f3f6403baaa03eb1a94091e255772b985e34f7e44a9a4a80c85ce0c358f43656d315b7014d58fab4a234e8596ed30d83d5ed16771e754fb8e5e5d993890a332a3f2c889d748f0923d2a326b84ce005c95b8782a6ce5e7759af93c992bc1a90d882822462ba8f12a30e407b31f6c5a8966db6c174f9732807551e7f7ce87a11ea51f3b82ac4be928f4c02ed78f390e0b8186a6c0755fa1b7d49e67195fd9b4c15399d1f4fd3de0fbcb660ad74654c1abde76c75721ab2cd2f6cc743c8a4e8a20f212f12ad0f9e7ee64dcde940923b02cfc553430ec9897edf3c06b40d95a88780fe857145fe58b3cb764ee3c0740a93b040f72596f7e2f020ddc66097043b10787fce0de77c00fda5c7664c89f77eacb9d346f77efc569bd9e99d23c91c32049dea18050b32c6f04de934d419d4c028442c848c9c9b8404f046e1e6f454cf181cb53ae441e1ae99f1a48d235f7f3abc873f41bf12ef99ff485d162d3a0dd33df9cb1a37b77f3643d2ba3e9dd6947139e958582bf2ddd30a6ce76c2d67320bfd9afa1ced97d62ebf21b51a5b7077632175fa48eada0e1eb390a4da87c2e8d1ed3a3660a87f566528774b8f5df68570554b186078a82a3be495a0a49146523e8f3a9155bfdc778df3078ea1a38c38d490516a67302c3dfed22630e786558ad5a1138f91dcf54868edce2d48201fa5481937b61038eabdc133826b6835f2f7901c73f1b372335b5317c5587a275cf27001f39917cf49f2a5235113e002301736992c31a68f518006717e536000c859b9a7c0ff452ebd57f939c2b22eefe337a0c873d7455adc65ad7f2de2e93dff5dfbf9347c652f1f51515aed2f66e8c89b483fb08d7f7d69b32e5ba888eef872b1396b8c2ec30e7251c9b71c3f9af1f6dacac80cff0f59795bc887bc91cfb59c4a3f8fc3781083fc0d25d7a5078ebdd47aba9d509282e65f5907428633db82d4a2fe9b48c1c90776cdddbec80b05121a111648d7cd3cd333273ceef2d62be6880c0ac4fcf152dab95faf955825fe2e8bf64abef255229204ead07e1e392e6089f67b8db98dfb9922ef63d637b49eee1daaf16d52c4d5501cc8cd8de9f318ecab3f024df3d067258ce61872749c9c32cc45a47f2312bbc4ded8719b712f0d20a46b2a065e7f84b548eb0ee5bd75076da670e13a9656608b1d061bb4a00195ff63fddb61197afcdc42cf55ce4cf45370323a6e6478f27a5c9b204ef722537bf0e047480202f774fe79b05ef83545bca804a4b5d7559423ce31394217904103a4c6b7031ef4818b9be50d50c8ce9e88c41a5b524c350e6c5265aa97177c222aee2d0f2741cca24195c5f9585f9f9c511590b7e0e86662f97086ad11b06906a8ebb68b4b0fa13ff93fa10631a9c65ef3931883f995cf09defab0d80ec14a72716e95ff27b0b93b3ffc90139e7122e8b0e1495be3b5c41a266aff8817db21c70295739e003c75c34d8d8a48bd532e8e845f3ed9ce4cef599043ad1ae920012630187b90e5f5e99a42d802ddba97cc58a562bb7a1c4d85f04c89fda1d8dd0305a52712ee9a18f0a69f5b48ee39ae20184788e6f40a4f52dced203795e71b26c71bb062a23c520d80c1c45f3043a01b1265bc0816d06443b976d68e8031dd4ba54684f1ce5c86c69ab2e1262a7314c9cf30e6ec678f76e639ec6801927c8ebbb7cc8822064486c8aa2d8ba3b6f58446e31af389753ee7cf3c2fab58e44500e88e94d3c6da236d1729717bc240542de003f89fb6815357fea089728b799dee3b96149fdd5813cd0ddf9dcaf7d6bfa3c8d92055e9508c88534c119f55a76614a4fe7b859437f73c778d119d38cd46dfe626e92cb689d6e809b29670a4c727a0395a651c5b499ebb3e422459934cb04155ff44cc1ec65fd85b0c2c47b2e35bd8c0eab93f692707c5cb71896f6961881081a1e3b2d2144becedc606ac24066c239138f4e2c7f9420e2fca026a1640185ba7b2f9d7f607216f74b955909cc0cbb4cf28330a27322d3ed3d86ebfc18d65ef525312ecf5d2f8e2ed2725dfe741ef23166fbe94e4b7c8a8e1d3163f275760c9731f280eb2907abd894306c8abf2ae27e7c2d3fb4ac17741df443aa96bb7ec7a469526a9887ca179014af7a2b51467f47ef3a8cf56b99047e97a4c7e7fdc426c8cc45a2eeb2fa458cb7a21f3659eee3bd5f3c74d551092492a94e1e788adf6f5b106041c3d75206d9f710da84a4a7dafd68f029fa7f1998817f2e24786e660edff2ced8da054df6dc51d3cd531a21e0ab3d76deabb368719138b08bc6b41547ec171dc028b4cdccbdff1ec78f7813ca9d784475740d240b1a02b4380e4d1599aa2158833bc86362157c00daf850f601981e7db7578ec0d1b09c781686e5758981d748afe84337fb32f20525c619a5a78e4f78a35db8ffbe9997c826ece20e00f3b6de8a598ef072b75cf034dc50e6287808ecf8ab0fef2784e4b075608ef92c93a4d7eec121b35cafb461ab9299d85382f8d2a2867d5036803c42c2ddd282921c3afea9526d6308671c5d24e00ec5afe14594c8c252fb66d02f8f5d5ba6b23251ee0f740b293f861855a404adbcdaedf7445d9dae650e2379700ecdff8ae786da3df2ec920fb598838a1656dc114d4ac8413cccad5b411ed3d62d824abe145d6d3d42d574b47beda55351a5e63c165f97d3d07703a82895448f19f25463e5122c0b0a0fde127ba5a7436abf8581c8182f50731d37d5b4164738c1990fc3540c618c6a3fa3bd8b45817261f444bba201982c6a3e4158bf93b34a88fcbcde9aadc1ad8ba5c4a176cd9bf9018a6653a4471383040b09eeafd36e57839299ded6a1a3a8a66c591e26e6721a3dba416d4a451e17d47961e3f5a09936a05dc369f7cd78b327a1ffb50b7e09f39a4136fcc4b4f817244cf5cff8f226997f509a561a5de1d3c580f1c9fed3fb009b191c868830ae7f2dc320239e5c7a5bff3abf2b847f574aaff624787d9e3728eb3a1e45092f7515c9e7582c1333302851fe54a03715170ee32a7fa7a1ced576f564dc39a1d2bca9b218267dd80e97f471c930c5ac7270f714944e56ae028c55699d97fb3ee37b1d35058ef7abfd24d568e22eec90a80bfe284d2285cb91671a0615b330a30049d76b16f30b2e1d7d31fe27a959028e19b5ec93f30f247d92d1121874cfa838260523ffb2e9ad90cf503210d87cec4f696b0740d46c51c44f6e317be290e06ec0215ffefb19efd682eb30c49fb7f6cb1c67c6bcbc99de27929e5c66776910861cf1568459ff74a516d119862444fcb86ad7a17edae641af4e16ce5ca1817e9365cecc718fe0f083b8ab76fba715b21cd4866eefe5d37f4d11dc0692d3977e067729ec357375aefedb79ebc90ca1d7256a73bf1c55bb347b508e4d310c1a50185aabd6a57d7a0e71fd64d3500b8e6cf3c0cc1ebe416604f1633bf81f860bb3a4b7ce94c2fa5d7927729b2268277e8119216d0ac81444902e873b2c44f37b3658e947cad6a963a39f67959c51d3c88d113e8bacdfca6ff8d370cfd7e464bfb99a62ea2cf03b1ba4690cabc4667c59e2d543311502122e8e54d43a0fb892a0951ca0dc883f16888398fd1107413f379c41fb2a6003bb865f7048e3df747f41b98ef887a508157b2c92721b9a18451116d233a7961b26d0cc109e175c80d9c88b103c6fe2ab6c8ab9af06d2a8673b7722223b0c3b258fb5c7639df565b769f25bd133a9ffd0d2da741984b23acafbcb65f7ba9ecbeceb7ff3b7f175bb21c5d156d03d8ebfb4ec4dad5a14cfdee787277731eb202cc86f7c4e0972997ef0d694bf1b73ee8f3fe2dfc27e4c6376b74a0a8a0aef66c4b93b77fcb1505ed541ad31adf72fea5462f42877c156d83980e42a914d66cc714a7e4a3279155dfa798a759a4abbf0a4d35da37d90c7e29907aa11312a91777e7b47ea1d31be75495b62bb3d5df37936a3f9bd2bb22a3d1c3ea42349a01ac929abc4e11aebb20326bb71e237e6196741530fe9a4dda2470b88ce82d0d244e51a99183af9bf6385340ee8ee493cd857a74804d4619c60d12834fcc618f47b43afb617be4e091e384d8bf81be6e2439b0a363f7f8c4a4ece"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}, @m_pedit={0x364, 0x4, 0x0, 0x0, {{0xa}, {0x280, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x150, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x44, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x44, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}, {0x4c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0xe9347b5dc4fadb29}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}]}, @TCA_PEDIT_KEYS_EX={0x4c, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x3c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_KEYS_EX={0xe0, 0x5, 0x0, 0x1, [{0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x54, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}]}, {0x34, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}]}]}]}, {0xbc, 0x6, "a08c7a5862da629a7e59a0cea8d5161e3801d0ccaf9b047b9cb3aa9981a4c8a468fd47c2aa8eec0c52f7e2b3b1b91898a0669058e21580b9092393e0c652c4f5a44d49f799bb40056158ace860f90cc955aa9330b8ec490dd278897be4a7a9c10a3272153dce248c78042e2a289e2cbcd9e85834aa0b1ec3cfea271ac23566ab284a6b88559c8b64b74616f2e0d9729c7c412d346674b954039724e45b2a9a3f0b057ddc93ffd9a2e3a85d4b9d6c8f8709981d751beab8dc"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_connmark={0x12c, 0xb, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0xffff, 0x8, 0xd3ba3d6, 0x3}}}]}, {0xde, 0x6, "92dea45c1b62518e32919f4851fe6836a9ddc425b2e6db2d2a7249c5c2af3efafd73b3c43e21f3c9f49cc3aef39728ee66e69ee1ae416a194c175f82e00d4b5bb4bc271a2bf3f2d03b353a8dc7153c9f9d80eaf40f5e65ac9d9d17840412f99f45f351c87f5f18279be5946e719b7d36221f7149f4aad972c07f8c81d0d7d779618816fbd20443216445f86595333763abd5e4b4c4dd5263bb4359255d314105f1b548f079dd645534a9f40268095a511be320cdbeaf28db0758a53b64eb6370ec3b8f5abbb56c75280c48aaff99d949b8a372712cd75936c1cf"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_sample={0xc0, 0xb, 0x0, 0x0, {{0xb}, {0x4c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xd}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x800}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x3}, @TCA_SAMPLE_TRUNC_SIZE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xa3, 0x1, 0x0, 0xfffffff7, 0x81}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x7071}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x2}]}, {0x4c, 0x6, "71ab3200ccf883fa04383e688e466f9645be4ce3d1bec97026dc8301ac42482453b40741083b1c59111c97e9b3c307a1a8c0cee42566a6bd448f339cdcb267b559a4994fb4525e65"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0x429c}}, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r4, 0x800452d3, &(0x7f0000000100))

2.321735506s ago: executing program 2 (id=2923):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$CDROM_LOCKDOOR(r1, 0x5329, 0x0)
ioctl$CDROMEJECT(r1, 0x5309)
ioctl$CDROM_DEBUG(r1, 0x5330, 0x1)
ioctl$CDROMEJECT_SW(r1, 0x530f, 0x0)
ioctl$CDROMPLAYTRKIND(r1, 0x5304, &(0x7f0000000340)={0x4, 0x8, 0x7, 0x2})
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="dc2000003d0007010000000000000000017c0000040000000c00018006000600800a0000b8200280b1200680d8"], 0x20dc}, 0x1, 0x0, 0x0, 0x40001}, 0x10)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000140)=ANY=[@ANYRES16=<r5=>r3])
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x11)
socket(0x26, 0x3, 0x3)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYRES32=r5, @ANYRES16=r7], 0x14}}, 0x0)
r9 = getpid()
sched_setscheduler(r9, 0x2, 0x0)
sched_setaffinity(r9, 0x8, &(0x7f0000000240)=0x2)
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000240)={r9})
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r6, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r7, 0x20, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400c400}, 0xf0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000040)=ANY=[@ANYRES32=r3])

2.183789605s ago: executing program 1 (id=2925):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_CONNECT(r0, 0x0, 0xc0)

2.100179976s ago: executing program 1 (id=2926):
socket$netlink(0x10, 0x3, 0x15)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f00000004c0)={'fscrypt:', @desc4}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da414968ff065714faa61d1f32c9d064bbd27b2cf43000000000000831ac46b8829b48fff3d63520d260804d0", 0x39}, 0x48, 0xfffffffffffffffd)
keyctl$setperm(0x5, r1, 0x0)
keyctl$revoke(0x6, r1)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x26020280)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r3 = socket$pptp(0x18, 0x1, 0x2)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000002c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}, {&(0x7f00000003c0)="ae5ea257e863cd116652451a4a6acef4097e480f497fe2219b38af71290cb5e8b89cab071337e613b281a6c397137ef5eaf2b3133270d912baea1ff1a18d24d0d8a762ca0b086121dcaaee4cfa62daba8d24d2f2f6ef1a4fe181682f5714278be2d1f7e650f041bb81bb4632b641821fac3e8b27bff3f0346ed1a8ff0b039715da59768a6579a12f0406f27f6a06b2f88e7733cdbbae52c37ffa43f4450000000000", 0xa2}], 0x2, 0x0, 0x0, 0xc9e}, 0x4000)
bind$pptp(r3, &(0x7f0000000080)={0x18, 0x2, {0x0, @dev}}, 0x1e)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f0000000480)={0xd0, 0x1f, 0xf8a0, 0x5, "c31e914188d268e48f82a2ae8ee1bdccce285d561f4f4da12067829a9ffe3c5d"})
bind$pptp(r2, &(0x7f00000000c0)={0x18, 0x2, {0x6, @local}}, 0x1e)
preadv(r2, &(0x7f0000000240), 0x0, 0x0, 0x0)
socket(0x1e, 0xa, 0x7)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r5, 0x0)

2.023339026s ago: executing program 3 (id=2927):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
ioprio_set$pid(0x3, r0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="000e000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='rseq_update\x00', r6, 0x0, 0x2000000000000000}, 0x18)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000280)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4003, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e643000"/56], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x1e8, 0x1b4, 0x0, 0x148, 0x1b4, 0x148, 0x248, 0x240, 0x240, 0x248, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x9c, 0xc0, 0x0, {}, [@common=@addrtype={{0x2c}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x244)
sendto$inet6(r3, 0x0, 0x0, 0x20000002, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000180)={0x11004, 0x4000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000000)={0x3000, 0x27000})

1.940088946s ago: executing program 2 (id=2928):
socket$netlink(0x10, 0x3, 0x15)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f00000004c0)={'fscrypt:', @desc4}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da414968ff065714faa61d1f32c9d064bbd27b2cf43000000000000831ac46b8829b48fff3d63520d260804d0", 0x39}, 0x48, 0xfffffffffffffffd)
keyctl$setperm(0x5, r1, 0x0)
keyctl$revoke(0x6, r1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket$pptp(0x18, 0x1, 0x2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)
bind$pptp(r3, &(0x7f0000000080)={0x18, 0x2, {0x0, @dev}}, 0x1e)
bind$pptp(r2, &(0x7f00000000c0)={0x18, 0x2, {0x6, @local}}, 0x1e)
preadv(r2, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)

1.700196494s ago: executing program 1 (id=2929):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r2, 0x0, 0x0)
r3 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x21, 0x2, 0x10000000000002)
connect$rxrpc(r5, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x3a)
sendmmsg(r5, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x10, 0x110, 0x1}], 0x10, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r5, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0xf000, 0x10002, 0x0)

1.592784645s ago: executing program 2 (id=2930):
mount$tmpfs(0x0, 0x0, 0x0, 0x800040, &(0x7f0000000340)=ANY=[@ANYBLOB='gid=', @ANYRESHEX])
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000cc0), r0) (async)
r2 = mq_open(&(0x7f0000000000)='\xbd([-+\x00', 0x63, 0x0, 0x0)
syncfs(r2) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ASSOCIATE_RESP(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010028bd7000fcdbdf4c2ac92513000000"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x10) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async, rerun: 64)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88) (rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0}) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x38, r4, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0xf4, 0x2a}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x177f}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a0}]]}, 0x38}, 0x1, 0x0, 0x0, 0xd37697ff280d3c0e}, 0x0) (async)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='omfs\x00', 0x0, &(0x7f0000000340))

1.490380321s ago: executing program 2 (id=2931):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newtaction={0x98, 0x30, 0x1, 0x8000000, 0x0, {}, [{0x84, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_PRIO={0x8}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)

1.431428039s ago: executing program 2 (id=2932):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000080), 0x11000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000000000002000000400004803c0001800b00010065787468647200002c0002800800044000000004080007400020000f0800064000000001050002000000000008000340000000040900010073797a30000000000900020073797a32", @ANYBLOB="4f8709266e597e66b113351bba6a5214413d8ab058cb6ebed97b71dc7a616d09d4a8ef04d5f69568aab19675e5e1bd52888b59373145686a014475d7ca283520d8464ecf5a1a4077bf92ca064485f05733d97c1ac9843460472307b4e4c277791a8d62198c2648cf227bda20d8ee4bf3a1f714ce48d7d4d3848f3b44c57b777db96c4014b7baaf5a4d5ffa9667bca6883dccf9574f3e648c6ef79fe9bd0a130a91638b1622683295f67c6a77a582c7e40c91bb3713754a780d49aeeeb2b2bcaed4dc68", @ANYRES32], 0x94}, 0x1, 0x0, 0x0, 0x20044000}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f0000000280)=0x3, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0x4)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=@allocspi={0x100, 0x16, 0x1, 0x0, 0x0, {{{@in=@dev, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0, 0x0, 0x3b}, {@in6=@mcast1, 0x0, 0x6c}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, 0x7}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x1}}]}, 0x100}}, 0x40010)

1.430237275s ago: executing program 0 (id=2933):
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, 0x0, 0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x3, &(0x7f0000000000)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f00000010c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
read$char_usb(r0, &(0x7f0000000380)=""/140, 0x8c)
write$char_usb(r1, &(0x7f0000000b40)="b6682ef6a4adbb09a117fddb1cc94f0ed881d375c1ea3ff5cde2b7c8eddda629c83aa41a00cadb9fa4eb5b3aa1f5f93508a5f16b52742d5f2dfa1673a0b72d7684846a05d4aac989eed7dc18638c8a8628b8456e2ab8dde025b5e2cf3dc18aa6e1483fec57bb198092e0f9eb5fb15b266e7df94154c0176a614aedb545d1ea5562de3395c803d98d2af2e19755", 0x8d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = open(&(0x7f00000024c0)='./file0\x00', 0x105c42, 0x5)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x12a, 0x1}}, 0x20)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x2})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x237, &(0x7f0000000380)={0x0, 0x1ffffe, 0x40, 0x0, 0xffffffff, 0x0, r5}, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r7 = socket$kcm(0x25, 0x1, 0x0)
recvmsg$kcm(r7, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x160)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1900000002000000080020000800000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x20363159, 0x3, 0x6, 0x2, 0x6, 0xa6e, 0x0, 0x0, 0x1, 0x5}})
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r8, 0xc2c45513, &(0x7f00000000c0)={0x5, 0x0, 0x2000000})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r5, 0xc0189372, &(0x7f0000000140)={{0x1, 0x1, 0x18, r6, {0x7}}, './file0\x00'})
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.430007959s ago: executing program 2 (id=2934):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe)
connect$bt_l2cap(r0, &(0x7f0000000300)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
syz_open_dev$media(&(0x7f0000000280), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x300}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000040)={0x13, 0x1})
fsetxattr(r5, &(0x7f0000000100)=@known='trusted.overlay.redirect\x00', &(0x7f0000000180)='{\xc6\x00', 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)

1.090719633s ago: executing program 1 (id=2935):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x28011, r3, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$evdev(&(0x7f00000000c0), 0x3f, 0x822f01)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r7 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0xb49e, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=<r8=>0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x4004000)
ioctl$SIOCAX25GETINFOOLD(0xffffffffffffffff, 0x541b, &(0x7f0000000100))
syz_io_uring_setup(0x5e2, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000180)=<r10=>0x0, &(0x7f0000000380))
syz_io_uring_submit(r10, r8, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(r7, 0x381b, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000080)={0x7ff, 0x2, 0x0, 0x4000000000000}, 0x0, 0x0)
getsockname$llc(r6, &(0x7f0000000280)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000340)=0x10)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000200)={'ip6gre0\x00', {0x2, 0x0, @local}})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000003c0)={0x0, <r11=>0x0, <r12=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000600)={0x0, 0x0, r11, r12, 0xfff, 0x7, 0x7ff, 0x7ff, {0x6, 0x3, 0x0, 0x3, 0x6, 0x6, 0xcd8, 0xa, 0xcde8, 0xc, 0x1, 0x1, 0x3, 0xffff2033, "9d70c909eb1a6f40d5ecc10aafe771d9b22b54d7fc2591dc7cd3c92ebc8fe671"}})
fcntl$setpipe(r1, 0x408, 0x0)

984.901658ms ago: executing program 3 (id=2936):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
write(r0, 0x0, 0x0)

819.95138ms ago: executing program 3 (id=2937):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r2, 0x0, 0x0)
r3 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
dup(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x21, 0x2, 0x10000000000002)
connect$rxrpc(r5, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x3a)
sendmmsg(r5, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x10, 0x110, 0x1}], 0x10, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r5, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0xf000, 0x10002, 0x0)

359.862495ms ago: executing program 0 (id=2938):
socket$netlink(0x10, 0x3, 0x15)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f00000004c0)={'fscrypt:', @desc4}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da414968ff065714faa61d1f32c9d064bbd27b2cf43000000000000831ac46b8829b48fff3d63520d260804d0", 0x39}, 0x48, 0xfffffffffffffffd)
keyctl$setperm(0x5, r1, 0x0)
keyctl$revoke(0x6, r1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket$pptp(0x18, 0x1, 0x2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)
bind$pptp(r3, &(0x7f0000000080)={0x18, 0x2, {0x0, @dev}}, 0x1e)
bind$pptp(r2, &(0x7f00000000c0)={0x18, 0x2, {0x6, @local}}, 0x1e)
preadv(r2, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)

140.380414ms ago: executing program 1 (id=2939):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000000, 0x8031, 0xffffffffffffffff, 0x0)
keyctl$join(0x1, 0x0)

92.738929ms ago: executing program 1 (id=2940):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc)
splice(r1, 0x0, r3, 0x0, 0xbfd1, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5a074edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r5 = syz_io_uring_setup(0x109, &(0x7f0000000380)={0x0, 0x4c13, 0x0, 0x80, 0x159}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x2, 0x0, 0xffffffffffffffff, &(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)='./file0\x00'})
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r0, @ANYRESDEC=r5, @ANYRES32], 0x80}}, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40008410}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="00010000040a0104000000000000000003000006280004800800024038bf9c1a14000300766c616e30000000000000000000000008000140000000000900010073797a310000000008000b400000000108000b400000000464000c00f237dc275ca8811e4b81c9a01747218db13a611867be2c21a351a2e8650d7a2012e720f1d167720a08ac94d1028e61250dfc111aa146cbafaecf584d62c278fb51dac893dc34f80cf1314313d1ab775ec4bfd6d991d561d6b97357fc59820d5e300004800800024034bb4b390800024044d88eed11e869996c820d35ff11c1679d80f808000140000000021400030070696d7265673100000000000000000008000b40000000020900030073797a3100000000"], 0x100}, 0x1, 0x0, 0x0, 0x880}, 0x80)

0s ago: executing program 0 (id=2941):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000300000008000400ac1414bb08000100", @ANYRES32=r3, @ANYBLOB="08000200"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r6=>0x0})
r7 = socket(0x10, 0x3, 0x6)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r7, &(0x7f00000005c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000580)={&(0x7f00000008c0)=ANY=[@ANYRES64=r4, @ANYRES16, @ANYBLOB="020028bd7000fddbdf256800000008000300", @ANYRES32=r6, @ANYBLOB="0c009900f8ffffff190000001c00c70002000902400606000206fb0108034003d4abd99690216c9c1a00c7000d0505030707ac2a050001020a005b1353b12a36c33900002c00c700030301030305a500c2070500ff0080020b0103062c0000030702020705010001b75f40890a6aeee51800c700070400000b04060609054006310d73cc1bfeba3a2a00c70081000200080135074e07ba05400501070102090001060b0209062a043b04e3e8a5de7214069900002a00c700f7060404070001008103020102020a0602060c0002030c03050107050502a3e20e0887c2e8dd00002800c7000706050700050b02070606060502020706050102060305070a07fc0a547ba82af48ba62b"], 0x124}, 0x1, 0x0, 0x0, 0x24048004}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}}}]}, 0x88}}, 0x20000000)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r3, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_LINK={0x8, 0x1, r9}, @GTPA_FAMILY={0x5, 0xd, 0x1a}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004050}, 0x20000040)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r10}, 0x10)
unlinkat(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

interval 1, probability 0, space 0, times 0
[  401.389139][T14444] CPU: 3 UID: 0 PID: 14444 Comm: syz.2.2408 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  401.392148][T14444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  401.395121][T14444] Call Trace:
[  401.396125][T14444]  <TASK>
[  401.396991][T14444]  dump_stack_lvl+0x16c/0x1f0
[  401.398336][T14444]  should_fail_ex+0x497/0x5b0
[  401.399687][T14444]  _copy_to_user+0x32/0xd0
[  401.400973][T14444]  simple_read_from_buffer+0xd0/0x160
[  401.402507][T14444]  proc_fail_nth_read+0x198/0x270
[  401.403952][T14444]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  401.405542][T14444]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  401.407115][T14444]  vfs_read+0x1df/0xbe0
[  401.408325][T14444]  ? __fget_files+0x1fc/0x3a0
[  401.409658][T14444]  ? __pfx___mutex_lock+0x10/0x10
[  401.411033][T14444]  ? __pfx_vfs_read+0x10/0x10
[  401.412421][T14444]  ? __fget_files+0x206/0x3a0
[  401.413728][T14444]  ksys_read+0x12b/0x250
[  401.414919][T14444]  ? __pfx_ksys_read+0x10/0x10
[  401.416281][T14444]  ? rcu_is_watching+0x12/0xc0
[  401.417679][T14444]  __do_fast_syscall_32+0x73/0x120
[  401.419111][T14444]  do_fast_syscall_32+0x32/0x80
[  401.420493][T14444]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  401.422249][T14444] RIP: 0023:0xf70be579
[  401.423409][T14444] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  401.428882][T14444] RSP: 002b:00000000f50b0590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  401.431192][T14444] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f50b0620
[  401.433387][T14444] RDX: 000000000000000f RSI: 00000000f73f3ff4 RDI: 0000000000000000
[  401.435587][T14444] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  401.437784][T14444] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  401.439976][T14444] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  401.442179][T14444]  </TASK>
[  401.582809][ T5982] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.0048/input/input78
[  401.642868][ T5982] appleir 0003:05AC:8241.0048: input,hiddev0,hidraw2: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  401.862191][T14462] random: crng reseeded on system resumption
[  401.870343][T14462] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2412'.
[  401.874809][T14462] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2412'.
[  401.913289][T14462] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2412'.
[  402.757430][ T5954] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  402.763788][ T5954] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  402.770788][ T5954] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  402.773848][ T5954] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  402.776755][ T5954] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  402.778937][ T5954] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  402.878070][T14481] chnl_net:caif_netlink_parms(): no params data found
[  402.937122][T14481] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.939391][T14481] bridge0: port 1(bridge_slave_0) entered disabled state
[  402.945882][T14481] bridge_slave_0: entered allmulticast mode
[  402.948388][T14481] bridge_slave_0: entered promiscuous mode
[  402.953240][T14481] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.955256][T14481] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.957325][T14481] bridge_slave_1: entered allmulticast mode
[  402.960834][T14481] bridge_slave_1: entered promiscuous mode
[  403.005135][T14481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  403.009201][T14481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  403.038930][T14481] team0: Port device team_slave_0 added
[  403.043189][T14481] team0: Port device team_slave_1 added
[  403.063161][T14481] batman_adv: batadv0: Adding interface: batadv_slave_0
[  403.065184][T14481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  403.072741][T14481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  403.076818][T14481] batman_adv: batadv0: Adding interface: batadv_slave_1
[  403.078820][T14481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  403.086668][T14481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  403.116880][T14481] hsr_slave_0: entered promiscuous mode
[  403.118951][T14481] hsr_slave_1: entered promiscuous mode
[  403.120944][T14481] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  403.124109][T14481] Cannot create hsr debugfs directory
[  403.209673][T14481] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.261710][ T6002] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  403.281207][T14481] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.294458][T14497] random: crng reseeded on system resumption
[  403.301076][T14497] Restarting kernel threads ... done.
[  403.305216][T14497] autofs: Unknown parameter '	'
[  403.347765][T14481] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.361478][T14500] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2422'.
[  403.403294][   T35] usb 5-1: USB disconnect, device number 29
[  403.411471][ T6002] usb 8-1: Using ep0 maxpacket: 16
[  403.417643][ T6002] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  403.420917][ T6002] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  403.427087][ T6002] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  403.430174][ T6002] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.434985][ T6002] usb 8-1: config 0 descriptor??
[  403.437444][T14490] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  403.449765][T14481] team0: Port device netdevsim0 removed
[  403.454994][T14481] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.616512][T14481] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  403.620804][T14481] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  403.626568][T14481] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  403.630220][T14481] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  403.699364][T14481] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.702248][T14481] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.705161][T14481] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.707993][T14481] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.778561][T14481] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.789661][T14481] 8021q: adding VLAN 0 to HW filter on device team0
[  403.995412][ T6002] appleir 0003:05AC:8241.0049: unknown main item tag 0x0
[  403.997442][ T6002] appleir 0003:05AC:8241.0049: unknown main item tag 0x0
[  403.999450][ T6002] appleir 0003:05AC:8241.0049: unknown main item tag 0x0
[  404.001715][ T6002] appleir 0003:05AC:8241.0049: No inputs registered, leaving
[  404.007092][ T6002] appleir 0003:05AC:8241.0049: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  404.047508][T14481] 8021q: adding VLAN 0 to HW filter on device batadv0
[  404.071709][T14481] veth0_vlan: entered promiscuous mode
[  404.078683][T14481] veth1_vlan: entered promiscuous mode
[  404.093320][T14481] veth0_macvtap: entered promiscuous mode
[  404.097672][T14481] veth1_macvtap: entered promiscuous mode
[  404.107198][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.110212][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.113139][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.116318][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.119130][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.122197][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.124983][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.127975][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.130733][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.133842][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.137809][T14481] batman_adv: batadv0: Interface activated: batadv_slave_0
[  404.143814][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.147352][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.150207][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.153605][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.156659][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.159676][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.163005][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.165997][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.168846][T14481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.171916][T14481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.176114][T14481] batman_adv: batadv0: Interface activated: batadv_slave_1
[  404.182489][T14481] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  404.184901][T14481] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  404.187551][T14481] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  404.190041][T14481] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  404.224803][   T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.227869][   T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.241161][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.243847][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.266851][ T6002] usb 8-1: USB disconnect, device number 31
[  404.356769][T14517] random: crng reseeded on system resumption
[  404.360028][T14515] netlink: 'syz.2.2417': attribute type 10 has an invalid length.
[  404.367379][T14517] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2424'.
[  404.370256][T14517] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2424'.
[  404.397815][T14515] batman_adv: batadv0: Adding interface: team0
[  404.399983][T14515] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.407448][T14515] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  404.437876][T14517] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2424'.
[  404.835324][ T5946] Bluetooth: hci1: command tx timeout
[  404.929590][T14527] netlink: 'syz.3.2425': attribute type 10 has an invalid length.
[  404.947015][T14529] FAULT_INJECTION: forcing a failure.
[  404.947015][T14529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.952335][T14529] CPU: 3 UID: 0 PID: 14529 Comm: syz.0.2427 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  404.956723][T14529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.960969][T14529] Call Trace:
[  404.962263][T14529]  <TASK>
[  404.963494][T14529]  dump_stack_lvl+0x16c/0x1f0
[  404.965398][T14529]  should_fail_ex+0x497/0x5b0
[  404.966918][T14529]  _copy_from_user+0x2e/0xd0
[  404.968271][T14529]  v4l2_compat_get_user+0x192/0x11b0
[  404.969796][T14529]  ? find_held_lock+0x2d/0x110
[  404.971182][T14529]  ? __pfx_v4l2_compat_get_user+0x10/0x10
[  404.973045][T14529]  ? __pfx_lock_release+0x10/0x10
[  404.974568][T14529]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  404.976179][T14529]  ? tomoyo_path_number_perm+0x190/0x5b0
[  404.977790][T14529]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  404.979557][T14529]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  404.981900][T14529]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  404.983779][T14529]  video_usercopy+0xc21/0x1520
[  404.985162][T14529]  ? __pfx___video_do_ioctl+0x10/0x10
[  404.986708][T14529]  ? __pfx_video_usercopy+0x10/0x10
[  404.988214][T14529]  v4l2_ioctl+0x1ba/0x250
[  404.989452][T14529]  ? __fget_files+0x121/0x3a0
[  404.991297][T14529]  v4l2_compat_ioctl32+0x214/0x2c0
[  404.993025][T14529]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  404.994627][T14529]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  404.996139][T14529]  __do_fast_syscall_32+0x73/0x120
[  404.997623][T14529]  do_fast_syscall_32+0x32/0x80
[  404.999026][T14529]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  405.001375][T14529] RIP: 0023:0xf7f60579
[  405.002915][T14529] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.008432][T14529] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  405.011056][T14529] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185648
[  405.013302][T14529] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  405.015560][T14529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.017818][T14529] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  405.020235][T14529] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.023216][T14529]  </TASK>
[  405.212806][T14537] FAULT_INJECTION: forcing a failure.
[  405.212806][T14537] name failslab, interval 1, probability 0, space 0, times 0
[  405.216980][T14537] CPU: 2 UID: 0 PID: 14537 Comm: syz.2.2429 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  405.221215][T14537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.224613][T14537] Call Trace:
[  405.225684][T14537]  <TASK>
[  405.226724][T14537]  dump_stack_lvl+0x16c/0x1f0
[  405.228217][T14537]  should_fail_ex+0x497/0x5b0
[  405.229658][T14537]  ? fs_reclaim_acquire+0xae/0x150
[  405.231265][T14537]  should_failslab+0xc2/0x120
[  405.232717][T14537]  __kmalloc_noprof+0xce/0x4f0
[  405.234207][T14537]  ? tomoyo_encode2+0x100/0x3e0
[  405.235825][T14537]  tomoyo_encode2+0x100/0x3e0
[  405.237320][T14537]  tomoyo_realpath_from_path+0x1a7/0x710
[  405.239120][T14537]  ? tomoyo_path_number_perm+0x235/0x5b0
[  405.240899][T14537]  tomoyo_path_number_perm+0x248/0x5b0
[  405.242619][T14537]  ? tomoyo_path_number_perm+0x235/0x5b0
[  405.244411][T14537]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  405.246342][T14537]  ? __pfx_lock_release+0x10/0x10
[  405.247953][T14537]  ? trace_lock_acquire+0x14e/0x1f0
[  405.249572][T14537]  ? lock_acquire+0x2f/0xb0
[  405.251034][T14537]  ? __fget_files+0x40/0x3a0
[  405.252536][T14537]  ? __fget_files+0x206/0x3a0
[  405.253983][T14537]  security_file_ioctl_compat+0x9b/0x240
[  405.255829][T14537]  __do_compat_sys_ioctl+0x4e/0x2c0
[  405.257433][T14537]  __do_fast_syscall_32+0x73/0x120
[  405.259111][T14537]  do_fast_syscall_32+0x32/0x80
[  405.260770][T14537]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  405.262754][T14537] RIP: 0023:0xf7fe5579
[  405.264027][T14537] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.269901][T14537] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  405.272406][T14537] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  405.274789][T14537] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  405.277539][T14537] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.279954][T14537] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  405.282340][T14537] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.284746][T14537]  </TASK>
[  405.286038][    C2] hpet: Lost 3 RTC interrupts
[  405.290477][T14537] ERROR: Out of memory at tomoyo_realpath_from_path.
[  405.303977][T14537] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  405.584877][T14545] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  405.730833][T14551] syz.3.2433: vmalloc error: size 1847640064, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  405.735542][T14551] CPU: 0 UID: 0 PID: 14551 Comm: syz.3.2433 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  405.738638][T14551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.741722][T14551] Call Trace:
[  405.742719][T14551]  <TASK>
[  405.743583][T14551]  dump_stack_lvl+0x16c/0x1f0
[  405.744942][T14551]  warn_alloc+0x24d/0x3a0
[  405.746197][T14551]  ? __pfx_warn_alloc+0x10/0x10
[  405.747618][T14551]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  405.749546][T14551]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  405.751119][T14551]  ? kasan_save_stack+0x42/0x60
[  405.752523][T14551]  ? kasan_save_stack+0x33/0x60
[  405.753935][T14551]  ? kasan_save_track+0x14/0x30
[  405.755383][T14551]  ? __kasan_kmalloc+0xaa/0xb0
[  405.756769][T14551]  ? vb2_vmalloc_alloc+0xe2/0x3d0
[  405.758239][T14551]  ? vb2_core_create_bufs+0x558/0xab0
[  405.759784][T14551]  ? vb2_create_bufs+0x566/0x780
[  405.761222][T14551]  ? vb2_ioctl_create_bufs+0x244/0x3e0
[  405.762819][T14551]  __vmalloc_node_range_noprof+0x10df/0x1530
[  405.764540][T14551]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  405.766020][T14551]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  405.767905][T14551]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  405.769389][T14551]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  405.770959][T14551]  vmalloc_user_noprof+0x6b/0x90
[  405.772391][T14551]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  405.773863][T14551]  vb2_vmalloc_alloc+0x11e/0x3d0
[  405.775289][T14551]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  405.776844][T14551]  __vb2_queue_alloc+0x896/0x1230
[  405.778340][T14551]  ? vbi_out_queue_setup+0x1e3/0x2b0
[  405.779873][T14551]  vb2_core_create_bufs+0x558/0xab0
[  405.781375][T14551]  ? __pfx_vbi_out_queue_setup+0x10/0x10
[  405.782997][T14551]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  405.784638][T14551]  ? lock_acquire.part.0+0x11b/0x380
[  405.786144][T14551]  vb2_create_bufs+0x566/0x780
[  405.787571][T14551]  ? __pfx_vb2_create_bufs+0x10/0x10
[  405.789108][T14551]  ? __video_do_ioctl+0x4a2/0xf00
[  405.790563][T14551]  vb2_ioctl_create_bufs+0x244/0x3e0
[  405.792074][T14551]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  405.793761][T14551]  vidioc_create_bufs+0x7d/0xf0
[  405.795169][T14551]  v4l_create_bufs+0x198/0x270
[  405.796568][T14551]  __video_do_ioctl+0xaf0/0xf00
[  405.798024][T14551]  ? __pfx___video_do_ioctl+0x10/0x10
[  405.799593][T14551]  ? __kmalloc_noprof+0x23b/0x4f0
[  405.801054][T14551]  ? video_usercopy+0x1b4/0x1520
[  405.802516][T14551]  video_usercopy+0x427/0x1520
[  405.803899][T14551]  ? __pfx___video_do_ioctl+0x10/0x10
[  405.805441][T14551]  ? __pfx_video_usercopy+0x10/0x10
[  405.806943][T14551]  v4l2_ioctl+0x1ba/0x250
[  405.808224][T14551]  ? __fget_files+0x121/0x3a0
[  405.809572][T14551]  v4l2_compat_ioctl32+0x214/0x2c0
[  405.811059][T14551]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  405.812662][T14551]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  405.814175][T14551]  __do_fast_syscall_32+0x73/0x120
[  405.815651][T14551]  do_fast_syscall_32+0x32/0x80
[  405.817057][T14551]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  405.818963][T14551] RIP: 0023:0xf7f21579
[  405.820289][T14551] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.825846][T14551] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  405.828285][T14551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0f8565c
[  405.830539][T14551] RDX: 00000000200002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  405.832834][T14551] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.835130][T14551] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  405.837431][T14551] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.839715][T14551]  </TASK>
[  405.842954][T14551] Mem-Info:
[  405.844285][T14551] active_anon:7772 inactive_anon:136 isolated_anon:0
[  405.844285][T14551]  active_file:2620 inactive_file:36803 isolated_file:0
[  405.844285][T14551]  unevictable:1768 dirty:342 writeback:0
[  405.844285][T14551]  slab_reclaimable:5885 slab_unreclaimable:64933
[  405.844285][T14551]  mapped:24603 shmem:4528 pagetables:650
[  405.844285][T14551]  sec_pagetables:317 bounce:0
[  405.844285][T14551]  kernel_misc_reclaimable:0
[  405.844285][T14551]  free:56755 free_pcp:1901 free_cma:0
[  405.865698][T14551] Node 0 active_anon:4496kB inactive_anon:544kB active_file:436kB inactive_file:8240kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5408kB dirty:24kB writeback:0kB shmem:5260kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9488kB pagetables:728kB sec_pagetables:1152kB all_unreclaimable? yes
[  405.878937][T14551] Node 1 active_anon:26592kB inactive_anon:0kB active_file:10044kB inactive_file:138972kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:93004kB dirty:1344kB writeback:0kB shmem:12852kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2752kB pagetables:1872kB sec_pagetables:116kB all_unreclaimable? no
[  405.888651][T14551] Node 0 DMA free:2996kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:1404kB inactive_anon:4kB active_file:76kB inactive_file:36kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:516kB local_pcp:168kB free_cma:0kB
[  405.897712][T14551] lowmem_reserve[]: 0 273 0 0 0
[  405.899279][T14551] Node 0 DMA32 free:19840kB boost:2048kB min:15952kB low:19428kB high:22904kB reserved_highatomic:4096KB active_anon:3092kB inactive_anon:540kB active_file:360kB inactive_file:8204kB unevictable:3536kB writepending:24kB present:1032196kB managed:306312kB mlocked:0kB bounce:0kB free_pcp:3212kB local_pcp:1604kB free_cma:0kB
[  405.908232][T14551] lowmem_reserve[]: 0 0 0 0 0
[  405.911353][T14551] Node 1 DMA32 free:204184kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:26592kB inactive_anon:0kB active_file:10044kB inactive_file:138972kB unevictable:3536kB writepending:1344kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:3784kB local_pcp:864kB free_cma:0kB
[  405.920524][T14551] lowmem_reserve[]: 0 0 0 0 0
[  405.922099][T14551] Node 0 DMA: 31*4kB (UM) 42*8kB (UM) 32*16kB (UM) 25*32kB (UM) 15*64kB (UM) 2*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2988kB
[  405.929762][T14551] Node 0 DMA32: 155*4kB (UEH) 65*8kB (UMEH) 15*16kB (UEH) 73*32kB (UMEH) 59*64kB (UME) 36*128kB (UME) 14*256kB (UME) 4*512kB (UE) 0*1024kB 1*2048kB (M) 0*4096kB = 19780kB
[  405.935917][T14551] Node 1 DMA32: 290*4kB (UME) 561*8kB (UME) 430*16kB (UME) 274*32kB (UME) 149*64kB (UME) 107*128kB (UME) 39*256kB (UME) 20*512kB (UME) 16*1024kB (UME) 8*2048kB (UM) 26*4096kB (UME) = 204016kB
[  405.943062][T14551] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  405.945787][T14551] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  405.949756][T14551] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  405.953457][T14551] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  405.957337][T14551] 43951 total pagecache pages
[  405.958868][T14551] 0 pages in swap cache
[  405.960381][T14551] Free swap  = 124160kB
[  405.961997][T14551] Total swap = 124996kB
[  405.963280][T14551] 524155 pages RAM
[  405.964370][T14551] 0 pages HighMem/MovableOnly
[  405.965668][T14551] 206674 pages reserved
[  405.966896][T14551] 0 pages cma reserved
[  406.031689][T14557] random: crng reseeded on system resumption
[  406.045051][T14557] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2435'.
[  406.048554][T14557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2435'.
[  406.079507][T14557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2435'.
[  406.214007][T14569] netlink: 'syz.2.2437': attribute type 10 has an invalid length.
[  406.291012][T14561] xt_connbytes: Forcing CT accounting to be enabled
[  406.294437][T14561] xt_CT: You must specify a L4 protocol and not use inversions on it
[  406.911565][ T5946] Bluetooth: hci1: command tx timeout
[  407.214299][T14603] netlink: 'syz.1.2442': attribute type 10 has an invalid length.
[  407.931451][T13856] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  408.081446][T13856] usb 6-1: Using ep0 maxpacket: 16
[  408.084609][T13856] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  408.088159][T13856] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  408.091946][T13856] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  408.094593][T13856] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.100174][T13856] usb 6-1: config 0 descriptor??
[  408.102721][T14617] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  408.257229][T14621] random: crng reseeded on system resumption
[  408.264050][T14621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2449'.
[  408.266646][T14621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2449'.
[  408.266715][T14623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2450'.
[  408.501499][   T30] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  408.549286][T13856] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.004A/input/input79
[  408.613463][T13856] appleir 0003:05AC:8241.004A: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  408.671703][   T30] usb 7-1: Using ep0 maxpacket: 16
[  408.686412][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  408.689685][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  408.693179][   T30] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  408.695822][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.699050][   T30] usb 7-1: config 0 descriptor??
[  408.702053][T14619] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  408.994412][ T5946] Bluetooth: hci1: command tx timeout
[  409.128349][   T30] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.004B/input/input80
[  409.204543][   T30] appleir 0003:05AC:8241.004B: input,hiddev1,hidraw2: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  409.451533][    T9] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  409.462309][T14638] netlink: 'syz.0.2452': attribute type 10 has an invalid length.
[  409.602840][    T9] usb 8-1: Using ep0 maxpacket: 16
[  409.607008][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  409.610133][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.613162][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  409.617091][    T9] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  409.619789][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.624136][    T9] usb 8-1: config 0 descriptor??
[  409.686425][   T35] usb 7-1: USB disconnect, device number 33
[  410.039239][T14633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  410.043239][T14633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  410.049822][    T9] usbhid 8-1:0.0: can't add hid device: -71
[  410.051613][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  410.057683][    T9] usb 8-1: USB disconnect, device number 32
[  410.303042][T14651] netlink: 'syz.1.2455': attribute type 10 has an invalid length.
[  410.311503][T14655] input: syz0 as /devices/virtual/input/input81
[  410.442055][ T6002] usb 6-1: USB disconnect, device number 31
[  410.609931][T14666] random: crng reseeded on system resumption
[  410.644497][T14666] __nla_validate_parse: 2 callbacks suppressed
[  410.644514][T14666] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2459'.
[  410.650984][T14666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2459'.
[  410.701636][T14666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2459'.
[  411.071545][ T5946] Bluetooth: hci1: command tx timeout
[  411.209374][T14676] netlink: 'syz.1.2461': attribute type 10 has an invalid length.
[  411.285352][T14680] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  411.681479][T13856] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  411.831456][T13856] usb 5-1: Using ep0 maxpacket: 16
[  411.834975][T13856] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  411.836821][T14690] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  411.838219][T13856] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  411.845187][T13856] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  411.847821][T13856] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.851959][T13856] usb 5-1: config 0 descriptor??
[  411.854183][T14682] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  412.282974][T13856] usbhid 5-1:0.0: can't add hid device: -71
[  412.285370][T13856] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  412.289650][T13856] usb 5-1: USB disconnect, device number 30
[  412.558556][T14707] netlink: 'syz.3.2470': attribute type 10 has an invalid length.
[  412.865468][T14710] random: crng reseeded on system resumption
[  412.874179][T14710] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2472'.
[  412.877828][T14710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2472'.
[  412.937641][T14710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2472'.
[  413.324337][T14722] netlink: 'syz.3.2474': attribute type 10 has an invalid length.
[  413.371480][   T25] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  413.531471][   T25] usb 7-1: Using ep0 maxpacket: 16
[  413.535696][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  413.539966][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  413.543276][   T25] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  413.545994][   T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.549675][   T25] usb 7-1: config 0 descriptor??
[  413.553723][T14718] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  413.993489][   T25] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.004C/input/input82
[  414.000089][T14730] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  414.053893][   T25] appleir 0003:05AC:8241.004C: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  414.145772][T14736] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  414.186295][    T9] usb 7-1: USB disconnect, device number 34
[  414.913746][   T63] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  415.161626][   T63] usb 8-1: Using ep0 maxpacket: 16
[  415.174603][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  415.180663][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  415.185775][   T63] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  415.188567][   T63] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.210226][   T63] usb 8-1: config 0 descriptor??
[  415.221067][T14745] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  415.376122][T14754] overlay: Unknown parameter '
[  415.376122][T14754] time
[  415.376122][T14754] string
[  415.376122][T14754] statistic
[  415.376122][T14754] state
[  415.376122][T14754] realm
[  415.376122][T14754] rateest
[  415.376122][T14754] quota
[  415.376122][T14754] pkttype
[  415.376122][T14754] physdev
[  415.376122][T14754] cgroup
[  415.376122][T14754] cgroup
[  415.376122][T14754] cgroup
[  415.376122][T14754] owner
[  415.376122][T14754] nfacct
[  415.376122][T14754] nfacct
[  415.376122][T14754] mac
[  415.376122][T14754] limit
[  415.376122][T14754] ipvs
[  415.376122][T14754] helper
[  415.376122][T14754] devgroup
[  415.376122][T14754] cpu
[  415.376122][T14754] conntrack
[  415.376122][T14754] conntrack
[  415.376122][T14754] conntrack
[  415.376122][T14754] connlabel
[  415.376122][T14754] connbytes
[  415.376122][T14754] comment
[  415.376122][T14754] bpf
[  415.376122][T14754] bpf
[  415.376122][T14754] connmark
[  415.376122][T14754] mark
[  415.376122][T14754] rpfilter
[  415.376122][T14754] ah
[  415.376122][T14754] tcpmss
[  415.376122][T14754] socket
[  415.376122][T14754] socket
[  415.376122][T14754] socket
[  415.376122][T14754] socket
[  415.376122][T14754] sctp
[  415.376122][T14754] recent
[  415.376122][T14754] recent
[  415.376122][T14754] policy
[  415.376122][T14754] osf
[  415.376122][T14754] multiport
[  415.376122][T14754] length
[  415.376122][T14754] l2tp
[  415.376122][T14754] iprange
[  415.376122][T14754] ipcomp
[  415.376122][T14754] ttl
[  415.376122][T14754] hashlimit
[  415.376122][T14754] hashlimit
[  415.376122][T14754] hashlimit
[  415.376122][T14754] esp
[  415.376122][T14754] ecn
[  415.376122][T14754] tos
[  415.376122][T14754] dscp
[  415.376122][T14754] dccp
[  415.376122][T14754] connlimit
[  415.376122][T14754] cluster
[  415.376122][T14754] addrtype
[  415.376122][T14754] addrtype
[  415.376122][T14754] set
[  415.376122][T14754] set
[  415.376122][T14754] set
[  415.376122][T14754] set
[  415.376122][T14754] set
[  415.376122][T14754] icmp
[  415.600567][T14758] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2483'.
[  415.603333][T14758] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2483'.
[  415.680924][   T63] usbhid 8-1:0.0: can't add hid device: -71
[  415.683002][   T63] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  415.698576][   T63] usb 8-1: USB disconnect, device number 33
[  415.872953][T14763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2484'.
[  415.875635][T14763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2484'.
[  416.043277][T14767] netlink: 'syz.0.2485': attribute type 10 has an invalid length.
[  416.375290][T14770] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  416.711610][T14774] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  416.842210][ T6007] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  417.050828][ T6007] usb 7-1: Using ep0 maxpacket: 16
[  417.054270][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  417.057635][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  417.061043][ T6007] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  417.064913][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.070656][ T6007] usb 7-1: config 0 descriptor??
[  417.072967][T14776] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  417.121525][T13856] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  417.271463][T13856] usb 5-1: Using ep0 maxpacket: 16
[  417.275428][T13856] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  417.278617][T13856] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  417.281822][T13856] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  417.284433][T13856] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.290054][T13856] usb 5-1: config 0 descriptor??
[  417.293453][T14780] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  417.556338][ T6007] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.004D/input/input83
[  417.616599][ T6007] appleir 0003:05AC:8241.004D: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  417.714304][T13856] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.004E/input/input84
[  417.798494][T13856] appleir 0003:05AC:8241.004E: input,hiddev1,hidraw2: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  418.131455][T13856] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  418.291438][T13856] usb 6-1: Using ep0 maxpacket: 16
[  418.294408][T13856] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  418.297661][T13856] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  418.300900][T13856] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  418.303677][T13856] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.307265][T13856] usb 6-1: config 0 descriptor??
[  418.309128][T14796] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  418.412739][T14800] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  418.567228][   T35] usb 5-1: USB disconnect, device number 31
[  418.729746][T13856] usbhid 6-1:0.0: can't add hid device: -71
[  418.731605][T13856] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  418.734469][T13856] usb 6-1: USB disconnect, device number 32
[  419.233756][T14815] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  419.259824][T14821] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2500'.
[  419.263112][T14821] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2500'.
[  419.343663][   T30] usb 7-1: USB disconnect, device number 35
[  419.721834][T14837] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  419.994370][T14843] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2506'.
[  419.997056][T14843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2506'.
[  420.141468][ T5982] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  420.301488][ T5982] usb 8-1: Using ep0 maxpacket: 16
[  420.305168][ T5982] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  420.308707][ T5982] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  420.312035][ T5982] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  420.314704][ T5982] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.320781][ T5982] usb 8-1: config 0 descriptor??
[  420.322950][T14841] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  420.501339][   T39] audit: type=1800 audit(1736544242.073:158): pid=14847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2507" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  420.731897][ T5982] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.004F/input/input85
[  420.747333][T14857] FAULT_INJECTION: forcing a failure.
[  420.747333][T14857] name failslab, interval 1, probability 0, space 0, times 0
[  420.751034][T14857] CPU: 1 UID: 0 PID: 14857 Comm: syz.0.2509 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  420.754022][T14857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  420.757214][T14857] Call Trace:
[  420.758172][T14857]  <TASK>
[  420.759035][T14857]  dump_stack_lvl+0x16c/0x1f0
[  420.760380][T14857]  should_fail_ex+0x497/0x5b0
[  420.761716][T14857]  ? fs_reclaim_acquire+0xae/0x150
[  420.763173][T14857]  should_failslab+0xc2/0x120
[  420.764511][T14857]  __kmalloc_cache_noprof+0x68/0x420
[  420.766014][T14857]  allocate_cgrp_cset_links+0xc6/0x240
[  420.767563][T14857]  find_css_set+0x998/0x1c40
[  420.768889][T14857]  ? __pfx_find_css_set+0x10/0x10
[  420.770337][T14857]  ? __pfx_mark_lock+0x10/0x10
[  420.771766][T14857]  ? cgroup_attach_task+0x483/0x920
[  420.773260][T14857]  cgroup_migrate_prepare_dst+0x10b/0x7f0
[  420.774888][T14857]  cgroup_attach_task+0x48f/0x920
[  420.776323][T14857]  ? __pfx_cgroup_attach_task+0x10/0x10
[  420.777880][T14857]  ? get_task_cred+0x17f/0x360
[  420.779256][T14857]  ? __cgroup1_procs_write.constprop.0+0x2f9/0x420
[  420.781084][T14857]  __cgroup1_procs_write.constprop.0+0x2f9/0x420
[  420.782871][T14857]  ? __pfx___cgroup1_procs_write.constprop.0+0x10/0x10
[  420.784778][T14857]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  420.786398][T14857]  cgroup_file_write+0x211/0x7d0
[  420.787809][T14857]  ? __pfx_cgroup1_procs_write+0x10/0x10
[  420.789397][T14857]  ? __pfx_cgroup_file_write+0x10/0x10
[  420.790934][T14857]  ? lock_acquire+0x2f/0xb0
[  420.792230][T14857]  kernfs_fop_write_iter+0x33d/0x500
[  420.793714][T14857]  ? __pfx_cgroup_file_write+0x10/0x10
[  420.795257][T14857]  iter_file_splice_write+0x90f/0x10b0
[  420.796791][T14857]  ? __pfx_iter_file_splice_write+0x10/0x10
[  420.798467][T14857]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  420.798589][ T5982] appleir 0003:05AC:8241.004F: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  420.800041][T14857]  ? splice_direct_to_actor+0x346/0xa40
[  420.805368][T14857]  ? __pfx_iter_file_splice_write+0x10/0x10
[  420.807046][T14857]  direct_splice_actor+0x18f/0x6c0
[  420.808505][T14857]  splice_direct_to_actor+0x346/0xa40
[  420.810020][T14857]  ? __pfx_direct_splice_actor+0x10/0x10
[  420.811611][T14857]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  420.813294][T14857]  ? __fget_files+0x1fc/0x3a0
[  420.814621][T14857]  do_splice_direct+0x178/0x250
[  420.816014][T14857]  ? __pfx_do_splice_direct+0x10/0x10
[  420.817527][T14857]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  420.819263][T14857]  do_sendfile+0xaed/0xe30
[  420.820550][T14857]  ? __pfx_do_sendfile+0x10/0x10
[  420.821979][T14857]  ? __fget_files+0x206/0x3a0
[  420.823702][T14857]  __ia32_compat_sys_sendfile+0x1e7/0x230
[  420.825484][T14857]  ? ksys_write+0x1ba/0x250
[  420.826786][T14857]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  420.828540][T14857]  __do_fast_syscall_32+0x73/0x120
[  420.829986][T14857]  do_fast_syscall_32+0x32/0x80
[  420.831385][T14857]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  420.833169][T14857] RIP: 0023:0xf7f60579
[  420.834377][T14857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  420.839933][T14857] RSP: 002b:00000000f509555c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  420.842289][T14857] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000007
[  420.844629][T14857] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[  420.846961][T14857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  420.849259][T14857] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  420.851470][T14857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  420.853702][T14857]  </TASK>
[  421.021504][T14861] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  421.186288][T14868] fuse: Invalid rootmode
[  421.237777][T14870] random: crng reseeded on system resumption
[  421.245854][T14870] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2514'.
[  421.248460][T14870] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2514'.
[  421.252151][T14870] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2514'.
[  421.297186][T14870] bond0: (slave bond_slave_0): Releasing backup interface
[  422.304268][T14892] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  422.638873][T14903] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  422.656393][    T9] usb 8-1: USB disconnect, device number 34
[  422.737620][T14913] 9pnet_fd: Insufficient options for proto=fd
[  423.043088][T14920] random: crng reseeded on system resumption
[  423.047539][T14921] fuse: Invalid rootmode
[  423.051728][T14920] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2527'.
[  423.054381][T14920] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2527'.
[  423.080309][T14920] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2527'.
[  423.311457][   T30] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  423.478988][T14928] netlink: zone id is out of range
[  423.482317][T14928] netlink: zone id is out of range
[  423.485302][T14928] netlink: zone id is out of range
[  423.486855][T14928] netlink: zone id is out of range
[  423.488533][T14928] netlink: zone id is out of range
[  423.490476][T14928] netlink: zone id is out of range
[  423.491424][   T30] usb 6-1: Using ep0 maxpacket: 16
[  423.492074][T14928] netlink: zone id is out of range
[  423.494559][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  423.494874][T14928] netlink: zone id is out of range
[  423.494914][T14928] netlink: zone id is out of range
[  423.497964][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  423.504986][   T30] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  423.506616][T14928] netlink: 'syz.2.2528': attribute type 11 has an invalid length.
[  423.507610][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.510295][T14928] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2528'.
[  423.513365][   T30] usb 6-1: config 0 descriptor??
[  423.517487][T14917] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  423.934683][   T30] usbhid 6-1:0.0: can't add hid device: -71
[  423.936464][   T30] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  423.939597][   T30] usb 6-1: USB disconnect, device number 33
[  424.082107][T14937] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  424.424469][T14946] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2534'.
[  425.214981][T14965] overlayfs: missing 'workdir'
[  425.293435][T14968] fuse: Invalid rootmode
[  425.354777][ T1137] Bluetooth: hci3: Frame reassembly failed (-84)
[  426.712390][T14988] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2543'.
[  427.096455][T15000] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2547'.
[  427.166634][T14997] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2546'.
[  427.169370][T14997] netlink: 'syz.3.2546': attribute type 1 has an invalid length.
[  427.331589][ T6009] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  427.391536][ T5954] Bluetooth: hci3: command 0x1003 tx timeout
[  427.393609][ T5946] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  427.474954][ T6009] usb 5-1: device descriptor read/64, error -71
[  427.566029][   T63] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  427.711564][   T63] usb 8-1: Using ep0 maxpacket: 16
[  427.783636][ T6009] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  427.828547][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  427.832653][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  427.836894][   T63] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  427.840297][   T63] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.844906][   T63] usb 8-1: config 0 descriptor??
[  427.846850][T15008] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  428.060922][ T6009] usb 5-1: device descriptor read/64, error -71
[  428.181922][ T6009] usb usb5-port1: attempt power cycle
[  428.369193][   T63] usbhid 8-1:0.0: can't add hid device: -71
[  428.372636][   T63] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  428.379195][   T63] usb 8-1: USB disconnect, device number 35
[  428.522225][ T6009] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  428.563416][ T6009] usb 5-1: device descriptor read/8, error -71
[  428.592399][T15017] xt_CT: You must specify a L4 protocol and not use inversions on it
[  428.803377][ T6009] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  428.815949][   T39] audit: type=1804 audit(1736544250.393:159): pid=15026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2554" name="/newroot/80/file0/file0" dev="9p" ino=38535839 res=1 errno=0
[  428.827471][ T6009] usb 5-1: device descriptor read/8, error -71
[  428.918797][T15028] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2555'.
[  428.922265][T15028] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2555'.
[  428.932446][ T6009] usb usb5-port1: unable to enumerate USB device
[  430.365821][T15048] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×0º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[  430.369568][T15048] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[  430.376075][T15048] CUSE: DEVNAME unspecified
[  430.429110][ T1136] Bluetooth: hci3: Frame reassembly failed (-84)
[  430.947045][T15056] random: crng reseeded on system resumption
[  430.960155][T15056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2562'.
[  430.962812][T15056] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2562'.
[  431.020035][T15059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2562'.
[  431.316590][T15069] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2565'.
[  431.319508][T15069] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2565'.
[  431.356631][T15070] batman_adv: batadv0: Removing interface: team0
[  431.358831][T15070] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  431.360679][T15070] batman_adv: batadv0: Removing interface: batadv_slave_0
[  431.366804][T15070] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  431.369019][T15070] batman_adv: batadv0: Removing interface: batadv_slave_1
[  431.501580][ T6009] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  431.661853][ T6009] usb 5-1: Using ep0 maxpacket: 16
[  431.679024][ T6009] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  431.689839][ T6009] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  431.697713][ T6009] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  431.706517][ T6009] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.716798][ T6009] usb 5-1: config 0 descriptor??
[  431.720575][T15063] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  432.070551][T15079] overlayfs: missing 'workdir'
[  432.168317][ T6009] usbhid 5-1:0.0: can't add hid device: -71
[  432.170698][ T6009] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  432.174533][ T6009] usb 5-1: USB disconnect, device number 36
[  432.431507][ T5954] Bluetooth: hci3: command 0x1003 tx timeout
[  432.441473][ T5946] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  432.709736][T15085] __nla_validate_parse: 1 callbacks suppressed
[  432.709751][T15085] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2570'.
[  432.714709][T15085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2570'.
[  432.720897][T15087] FAULT_INJECTION: forcing a failure.
[  432.720897][T15087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  432.725035][T15087] CPU: 0 UID: 0 PID: 15087 Comm: syz.0.2571 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  432.728879][T15087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.732724][T15087] Call Trace:
[  432.733934][T15087]  <TASK>
[  432.735048][T15087]  dump_stack_lvl+0x16c/0x1f0
[  432.736573][T15087]  should_fail_ex+0x497/0x5b0
[  432.738020][T15087]  _copy_to_user+0x32/0xd0
[  432.739265][T15087]  simple_read_from_buffer+0xd0/0x160
[  432.740779][T15087]  proc_fail_nth_read+0x198/0x270
[  432.742189][T15087]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  432.743747][T15087]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  432.745307][T15087]  vfs_read+0x1df/0xbe0
[  432.746834][T15087]  ? __fget_files+0x1fc/0x3a0
[  432.748537][T15087]  ? __pfx___mutex_lock+0x10/0x10
[  432.750519][T15087]  ? __pfx_vfs_read+0x10/0x10
[  432.752431][T15087]  ? __fget_files+0x206/0x3a0
[  432.754350][T15087]  ksys_read+0x12b/0x250
[  432.756058][T15087]  ? __pfx_ksys_read+0x10/0x10
[  432.758001][T15087]  __do_fast_syscall_32+0x73/0x120
[  432.759810][T15087]  do_fast_syscall_32+0x32/0x80
[  432.761573][T15087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  432.763930][T15087] RIP: 0023:0xf7f60579
[  432.765505][T15087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  432.772654][T15087] RSP: 002b:00000000f50b6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  432.775804][T15087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50b6620
[  432.778688][T15087] RDX: 000000000000000f RSI: 00000000f73f3ff4 RDI: 0000000000000000
[  432.781696][T15087] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  432.784726][T15087] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  432.787833][T15087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  432.790945][T15087]  </TASK>
[  433.377330][T15099] random: crng reseeded on system resumption
[  433.410578][T15099] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2574'.
[  433.415183][T15099] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2574'.
[  433.447468][T15099] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2574'.
[  433.798984][T15106] ptrace attach of ""[15107] was attempted by "/syz-executor exec"[15106]
[  434.239444][   T30] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  434.346789][T15119] FAULT_INJECTION: forcing a failure.
[  434.346789][T15119] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  434.350822][T15119] CPU: 1 UID: 0 PID: 15119 Comm: syz.2.2580 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  434.353771][T15119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  434.356835][T15119] Call Trace:
[  434.357808][T15119]  <TASK>
[  434.358771][T15119]  dump_stack_lvl+0x16c/0x1f0
[  434.360075][T15119]  should_fail_ex+0x497/0x5b0
[  434.361398][T15119]  ? fs_reclaim_acquire+0xae/0x150
[  434.363132][T15119]  should_fail_alloc_page+0xe7/0x130
[  434.364706][T15119]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  434.366571][T15119]  ? mark_lock+0xb5/0xc60
[  434.367826][T15119]  __alloc_pages_noprof+0x190/0x25b0
[  434.369349][T15119]  ? __pfx_mark_lock+0x10/0x10
[  434.370723][T15119]  ? __pfx_mark_lock+0x10/0x10
[  434.372170][T15119]  ? __pfx_mark_lock+0x10/0x10
[  434.373527][T15119]  ? hlock_class+0x4e/0x130
[  434.374795][T15119]  ? __pfx_mark_lock+0x10/0x10
[  434.376194][T15119]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  434.377766][T15119]  ? hlock_class+0x4e/0x130
[  434.379146][T15119]  ? mark_lock+0xb5/0xc60
[  434.380401][T15119]  ? __lock_acquire+0xcc5/0x3c40
[  434.381897][T15119]  ? hlock_class+0x4e/0x130
[  434.383183][T15119]  ? mark_lock+0xb5/0xc60
[  434.384385][T15119]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  434.386098][T15119]  ? policy_nodemask+0xea/0x4e0
[  434.387489][T15119]  alloc_pages_mpol_noprof+0x2c9/0x610
[  434.389110][T15119]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  434.390841][T15119]  ? __lock_acquire+0xcc5/0x3c40
[  434.392331][T15119]  ? find_held_lock+0x2d/0x110
[  434.393717][T15119]  folio_alloc_mpol_noprof+0x36/0xd0
[  434.395317][T15119]  vma_alloc_folio_noprof+0xee/0x1b0
[  434.396896][T15119]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  434.398698][T15119]  ? __pfx___lock_acquire+0x10/0x10
[  434.400198][T15119]  do_wp_page+0x105a/0x4670
[  434.401591][T15119]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  434.403210][T15119]  ? __pfx_do_wp_page+0x10/0x10
[  434.404676][T15119]  ? rcu_is_watching+0x12/0xc0
[  434.406099][T15119]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  434.407648][T15119]  ? lock_acquire+0x2f/0xb0
[  434.408996][T15119]  ? __handle_mm_fault+0xdfa/0x2a40
[  434.410482][T15119]  __handle_mm_fault+0x1ade/0x2a40
[  434.412089][T15119]  ? __pfx___handle_mm_fault+0x10/0x10
[  434.413650][T15119]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  434.415259][T15119]  ? find_vma+0xc0/0x140
[  434.416547][T15119]  ? __pfx_find_vma+0x10/0x10
[  434.417919][T15119]  handle_mm_fault+0x3fa/0xaa0
[  434.419252][T15119]  do_user_addr_fault+0x7a3/0x13f0
[  434.420713][T15119]  exc_page_fault+0x5c/0xc0
[  434.422015][T15119]  asm_exc_page_fault+0x26/0x30
[  434.423399][T15119] RIP: 0010:__put_user_4+0x11/0x20
[  434.424833][T15119] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  434.430321][T15119] RSP: 0018:ffffc9000337fd48 EFLAGS: 00050206
[  434.432031][T15119] RAX: 00000000fffffff2 RBX: 0000000000000000 RCX: 0000000020002000
[  434.434367][T15119] RDX: ffff888025dca440 RSI: ffffffff81fd5672 RDI: ffffffff8bb17140
[  434.436584][T15119] RBP: 00000000fffffff2 R08: 0000000000000000 R09: fffffbfff2039e4a
[  434.438741][T15119] R10: ffffffff901cf257 R11: 0000000000000000 R12: dffffc0000000000
[  434.440976][T15119] R13: 0000000020000000 R14: 0000000000000000 R15: ffff888025dca440
[  434.443256][T15119]  ? kernel_move_pages+0xca2/0x1560
[  434.444830][T15119]  kernel_move_pages+0xcb6/0x1560
[  434.446238][T15119]  ? __pfx_kernel_move_pages+0x10/0x10
[  434.447737][T15119]  ? fput+0x67/0x440
[  434.448845][T15119]  ? ksys_write+0x1ba/0x250
[  434.450198][T15119]  ? __pfx_ksys_write+0x10/0x10
[  434.451587][T15119]  __ia32_sys_move_pages+0xdd/0x1b0
[  434.453074][T15119]  ? lockdep_hardirqs_on+0x7c/0x110
[  434.454738][T15119]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  434.456542][T15119]  __do_fast_syscall_32+0x73/0x120
[  434.458010][T15119]  do_fast_syscall_32+0x32/0x80
[  434.459451][T15119]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.461248][T15119] RIP: 0023:0xf7fe5579
[  434.462424][T15119] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  434.467985][T15119] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 000000000000013d
[  434.470350][T15119] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000002064
[  434.472587][T15119] RDX: 0000000020000040 RSI: 0000000020001180 RDI: 0000000020000000
[  434.474969][T15119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  434.477215][T15119] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  434.479492][T15119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.481764][T15119]  </TASK>
[  434.501884][   T30] usb 5-1: Using ep0 maxpacket: 16
[  434.506450][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  434.509559][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  434.512894][   T30] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  434.522226][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.528391][   T30] usb 5-1: config 0 descriptor??
[  434.530391][T15112] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  434.611729][ T1319] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  434.793205][ T1319] usb 6-1: device descriptor read/64, error -71
[  435.103103][   T30] appleir 0003:05AC:8241.0050: unknown main item tag 0x0
[  435.105312][   T30] appleir 0003:05AC:8241.0050: unknown main item tag 0x0
[  435.107324][   T30] appleir 0003:05AC:8241.0050: unknown main item tag 0x0
[  435.109520][   T30] appleir 0003:05AC:8241.0050: No inputs registered, leaving
[  435.116386][   T30] appleir 0003:05AC:8241.0050: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  435.218349][ T6009] usb 5-1: USB disconnect, device number 37
[  435.241569][ T1319] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  435.371890][T15140] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2586'.
[  435.375005][T15140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2586'.
[  435.381479][ T1319] usb 6-1: device descriptor read/64, error -71
[  435.505610][ T1319] usb usb6-port1: attempt power cycle
[  435.591984][T15144] random: crng reseeded on system resumption
[  435.602302][T15144] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2587'.
[  435.605763][T15144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2587'.
[  435.651476][T15144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2587'.
[  435.861499][ T1319] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  435.881941][ T1319] usb 6-1: device descriptor read/8, error -71
[  436.131953][ T1319] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  436.151858][ T1319] usb 6-1: device descriptor read/8, error -71
[  436.266204][ T1319] usb usb6-port1: unable to enumerate USB device
[  437.574801][T15182] net_ratelimit: 2 callbacks suppressed
[  437.574812][T15182] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  437.731534][ T1319] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  437.881443][ T1319] usb 6-1: Using ep0 maxpacket: 16
[  437.886738][ T1319] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  437.893148][ T1319] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  437.896368][ T1319] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  437.899499][ T1319] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.918584][ T1319] usb 6-1: config 0 descriptor??
[  437.920501][T15176] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  438.217076][T15198] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  438.226238][T15198] 
@ÿ: renamed from vlan0 (while UP)
[  438.329876][ T1319] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.0051/input/input87
[  438.416505][ T1319] appleir 0003:05AC:8241.0051: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  438.496595][ T5946] Bluetooth: hci3: sending frame failed (-49)
[  438.501796][ T5954] Bluetooth: hci3: Opcode 0x1003 failed: -49
[  438.558902][   T25] usb 6-1: USB disconnect, device number 38
[  439.193386][T15215] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[  439.194775][T15213] __nla_validate_parse: 3 callbacks suppressed
[  439.194786][T15213] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2608'.
[  439.218401][T15202] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  439.291765][T15222] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  439.360177][T15226] fuse: Unknown parameter 'fd9`¥
()%„'
[  439.393364][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[  439.396218][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[  439.414967][T15228] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2612'.
[  439.419286][T15228] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2612'.
[  439.880825][T15237] random: crng reseeded on system resumption
[  439.894602][T15237] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2614'.
[  439.897676][T15237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2614'.
[  439.935207][T15237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2614'.
[  439.981482][   T25] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  440.134492][   T25] usb 5-1: Using ep0 maxpacket: 16
[  440.142835][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  440.147913][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  440.159789][   T25] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  440.167645][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.177268][   T25] usb 5-1: config 0 descriptor??
[  440.181712][T15231] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  440.467848][T14790] Bluetooth: hci3: Frame reassembly failed (-84)
[  440.470038][ T1132] Bluetooth: hci3: Frame reassembly failed (-84)
[  440.600944][   T25] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.0052/input/input88
[  440.668236][   T25] appleir 0003:05AC:8241.0052: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  440.786695][T15248] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[  440.789566][T15247] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2616'.
[  440.810488][ T5982] usb 5-1: USB disconnect, device number 38
[  440.968137][ T5955] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  440.973188][ T5955] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  440.978233][ T5955] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  440.981065][ T5955] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  440.985425][ T5955] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  440.987713][ T5955] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  441.080429][T15257] FAULT_INJECTION: forcing a failure.
[  441.080429][T15257] name failslab, interval 1, probability 0, space 0, times 0
[  441.085343][T15257] CPU: 1 UID: 0 PID: 15257 Comm: syz.1.2618 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  441.089364][T15257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  441.093419][T15257] Call Trace:
[  441.094711][T15257]  <TASK>
[  441.095849][T15257]  dump_stack_lvl+0x16c/0x1f0
[  441.095944][T15252] chnl_net:caif_netlink_parms(): no params data found
[  441.097659][T15257]  should_fail_ex+0x497/0x5b0
[  441.102230][T15257]  ? fs_reclaim_acquire+0xae/0x150
[  441.104189][T15257]  should_failslab+0xc2/0x120
[  441.105991][T15257]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  441.108061][T15257]  ? fput+0x67/0x440
[  441.109562][T15257]  ? getname_flags.part.0+0x4c/0x550
[  441.111581][T15257]  getname_flags.part.0+0x4c/0x550
[  441.113615][T15257]  __ia32_sys_rmdir+0xaf/0x110
[  441.115446][T15257]  __do_fast_syscall_32+0x73/0x120
[  441.117412][T15257]  do_fast_syscall_32+0x32/0x80
[  441.119281][T15257]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  441.121680][T15257] RIP: 0023:0xf708e579
[  441.123252][T15257] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  441.130492][T15257] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000028
[  441.133619][T15257] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000000000000
[  441.136609][T15257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  441.139642][T15257] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  441.142653][T15257] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  441.145674][T15257] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  441.148707][T15257]  </TASK>
[  441.188053][T15252] bridge0: port 1(bridge_slave_0) entered blocking state
[  441.190171][T15252] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.192364][T15252] bridge_slave_0: entered allmulticast mode
[  441.194531][T15252] bridge_slave_0: entered promiscuous mode
[  441.197114][T15252] bridge0: port 2(bridge_slave_1) entered blocking state
[  441.199193][T15252] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.201288][T15252] bridge_slave_1: entered allmulticast mode
[  441.203630][T15252] bridge_slave_1: entered promiscuous mode
[  441.225131][T15252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  441.230787][T15252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  441.263349][T15252] team0: Port device team_slave_0 added
[  441.266417][T15252] team0: Port device team_slave_1 added
[  441.294619][T15252] batman_adv: batadv0: Adding interface: batadv_slave_0
[  441.297275][T15252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  441.306743][T15252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  441.310679][T15252] batman_adv: batadv0: Adding interface: batadv_slave_1
[  441.313398][T15252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  441.321713][T15252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  441.352478][T15252] hsr_slave_0: entered promiscuous mode
[  441.354746][T15252] hsr_slave_1: entered promiscuous mode
[  441.357531][T15252] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  441.360913][T15252] Cannot create hsr debugfs directory
[  441.454808][T15252] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.494691][T15268] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  441.538692][T15252] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.595722][T15252] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.683032][T15252] team0: Port device netdevsim0 removed
[  441.685417][T15252] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.818773][T15252] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  441.833181][T15252] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  441.846916][T15252] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  441.858003][T15252] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  441.878585][T15252] bridge0: port 2(bridge_slave_1) entered blocking state
[  441.880727][T15252] bridge0: port 2(bridge_slave_1) entered forwarding state
[  441.883449][T15252] bridge0: port 1(bridge_slave_0) entered blocking state
[  441.886350][T15252] bridge0: port 1(bridge_slave_0) entered forwarding state
[  441.954154][T15252] 8021q: adding VLAN 0 to HW filter on device bond0
[  441.966156][T15252] 8021q: adding VLAN 0 to HW filter on device team0
[  442.104830][T15252] 8021q: adding VLAN 0 to HW filter on device batadv0
[  442.139924][T15252] veth0_vlan: entered promiscuous mode
[  442.158820][T15252] veth1_vlan: entered promiscuous mode
[  442.188627][T15252] veth0_macvtap: entered promiscuous mode
[  442.195696][T15252] veth1_macvtap: entered promiscuous mode
[  442.210693][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  442.215891][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.219944][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  442.224490][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.228543][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  442.233108][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.237108][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  442.240407][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.243600][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  442.247397][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.251105][T15252] batman_adv: batadv0: Interface activated: batadv_slave_0
[  442.256961][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.260100][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.266333][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.269692][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.273041][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.276213][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.279737][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.284552][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.287421][T15252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.290869][T15252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.294950][T15252] batman_adv: batadv0: Interface activated: batadv_slave_1
[  442.299622][T15252] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  442.302707][T15252] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  442.305189][T15252] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  442.308421][T15252] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  442.337338][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  442.339620][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  442.362742][T14790] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  442.365031][T14790] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  442.455348][   T30] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  442.521552][ T5946] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  442.521663][ T5955] Bluetooth: hci3: command 0x1003 tx timeout
[  442.612210][   T30] usb 6-1: Using ep0 maxpacket: 8
[  442.616110][   T30] usb 6-1: config 0 has no interfaces?
[  442.618493][   T30] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  442.621928][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.626307][   T30] usb 6-1: config 0 descriptor??
[  442.841444][    T9] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  442.883050][   T25] usb 6-1: USB disconnect, device number 39
[  443.021437][    T9] usb 7-1: Using ep0 maxpacket: 16
[  443.025955][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  443.031907][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  443.035413][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  443.038254][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.060184][    T9] usb 7-1: config 0 descriptor??
[  443.064605][T15294] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  443.081616][ T5946] Bluetooth: hci0: command tx timeout
[  443.424292][T15304] netlink: 'syz.1.2629': attribute type 3 has an invalid length.
[  443.468825][T15301] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  443.475677][    T9] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.0053/input/input89
[  443.536768][    T9] appleir 0003:05AC:8241.0053: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  443.677513][ T1319] usb 7-1: USB disconnect, device number 36
[  444.258861][T15327] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2634'.
[  444.262041][T15327] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2634'.
[  445.151675][ T5946] Bluetooth: hci0: command tx timeout
[  445.185350][ T1136] Bluetooth: hci3: Frame reassembly failed (-84)
[  445.223767][T15338] random: crng reseeded on system resumption
[  445.250152][T15338] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2638'.
[  445.253200][T15338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2638'.
[  445.291066][T15338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2638'.
[  446.181015][T15352] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.351561][T15352] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.498578][T15358] netlink: 'syz.1.2640': attribute type 4 has an invalid length.
[  446.697393][T15352] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.762880][T15352] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.878071][T15352] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  446.883444][T15352] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  446.887867][T15352] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  446.894837][T15352] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  447.156050][T15369] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2644'.
[  447.231818][ T5955] Bluetooth: hci0: command tx timeout
[  447.232715][ T5946] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  447.241659][ T6009] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  447.401487][ T6009] usb 5-1: Using ep0 maxpacket: 16
[  447.406092][ T6009] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  447.409495][ T6009] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  447.413061][ T6009] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  447.423760][ T6009] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.432341][ T6009] usb 5-1: config 0 descriptor??
[  447.439687][T15363] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  447.860226][ T6009] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.0054/input/input90
[  447.931763][ T6009] appleir 0003:05AC:8241.0054: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  449.311509][ T5946] Bluetooth: hci0: command tx timeout
[  449.574312][T15425] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.657288][T15425] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.777414][T15425] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.849870][T15432] netlink: 'syz.0.2652': attribute type 4 has an invalid length.
[  449.863615][ T5982] usb 5-1: USB disconnect, device number 39
[  449.933234][T15425] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  450.125292][T15425] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.132631][T15425] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.143147][T15425] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.148238][T15425] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  450.412247][T15440] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2655'.
[  451.041446][ T6007] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  451.191637][ T6007] usb 7-1: Using ep0 maxpacket: 32
[  451.195442][ T6007] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  451.197995][ T6007] usb 7-1: config 0 has too many interfaces: 36, using maximum allowed: 32
[  451.200464][ T6007] usb 7-1: config 0 has an invalid interface number: 224 but max is 35
[  451.203201][ T6007] usb 7-1: config 0 has an invalid descriptor of length 203, skipping remainder of the config
[  451.206347][ T6007] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 36
[  451.209131][ T6007] usb 7-1: config 0 has no interface number 0
[  451.211179][ T6007] usb 7-1: too many endpoints for config 0 interface 224 altsetting 191: 144, using maximum allowed: 30
[  451.214755][ T6007] usb 7-1: config 0 interface 224 altsetting 191 has 0 endpoint descriptors, different from the interface descriptor's value: 144
[  451.218792][ T6007] usb 7-1: config 0 interface 224 has no altsetting 0
[  451.224695][ T6007] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  451.230962][ T6007] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  451.235071][ T6007] usb 7-1: Product: syz
[  451.236434][ T6007] usb 7-1: Manufacturer: syz
[  451.238055][ T6007] usb 7-1: SerialNumber: syz
[  451.243940][ T6007] usb 7-1: config 0 descriptor??
[  451.450705][T15452] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  451.461587][T15452] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  451.484601][ T6007] ldusb 7-1:0.224: Interrupt in endpoint not found
[  451.487772][ T6007] usb 7-1: USB disconnect, device number 37
[  451.511002][T15465] ieee802154 phy0 wpan0: encryption failed: -22
[  451.733381][ T5955] Bluetooth: hci2: unexpected event 0x03 length: 17 > 11
[  451.741515][ T6009] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[  451.891473][ T6009] usb 8-1: Using ep0 maxpacket: 16
[  451.895022][ T6009] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  451.899288][ T6009] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  451.903414][ T6009] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  451.906729][ T6009] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.911010][ T6009] usb 8-1: config 0 descriptor??
[  451.913679][T15461] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  452.321642][ T6009] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.0055/input/input91
[  452.387215][ T6009] appleir 0003:05AC:8241.0055: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  452.447562][ T5955] Bluetooth: hci2: command tx timeout
[  452.467323][T15486] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2669'.
[  452.505832][T15482] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  452.521586][ T6007] usb 6-1: new full-speed USB device number 40 using dummy_hcd
[  452.684346][ T6007] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  452.692162][ T6007] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  452.696951][ T6007] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.700889][ T6007] usb 6-1: Product: syz
[  452.704409][ T6007] usb 6-1: Manufacturer: syz
[  452.706291][ T6007] usb 6-1: SerialNumber: syz
[  452.721741][T15478] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  452.749239][T15495] input: syz1 as /devices/virtual/input/input92
[  452.831508][ T5955] Bluetooth: hci0: command 0x0405 tx timeout
[  453.050485][   T12] Bluetooth: hci3: Frame reassembly failed (-84)
[  453.054229][   T12] Bluetooth: hci3: Frame reassembly failed (-84)
[  453.690393][T15504] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  454.023975][T15512] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  454.212175][   T30] usb 8-1: USB disconnect, device number 36
[  454.313728][T15518] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2677'.
[  454.362333][T15518] bond0: entered promiscuous mode
[  454.363956][T15518] bond_slave_0: entered promiscuous mode
[  454.365786][T15518] bond_slave_1: entered promiscuous mode
[  454.375432][T15518] batadv0: entered promiscuous mode
[  454.398434][T15518] 8021q: adding VLAN 0 to HW filter on device hsr1
[  454.522245][ T5955] Bluetooth: hci2: command tx timeout
[  454.903152][T15529] ieee802154 phy0 wpan0: encryption failed: -22
[  455.071633][ T5946] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  455.137201][T15533] virtio-fs: tag <(null)> not found
[  455.145688][T15534] netlink: 6 bytes leftover after parsing attributes in process `syz.2.2681'.
[  455.153591][T15534] netlink: 6 bytes leftover after parsing attributes in process `syz.2.2681'.
[  455.168241][T15536] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2683'.
[  455.170904][T15536] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2683'.
[  455.302816][ T6007] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 40 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  455.307995][ T6007] usb 6-1: USB disconnect, device number 40
[  455.313570][ T6007] usblp0: removed
[  455.314392][T15540] FAULT_INJECTION: forcing a failure.
[  455.314392][T15540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  455.318546][T15540] CPU: 3 UID: 0 PID: 15540 Comm: syz.1.2684 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  455.321634][T15540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.324711][T15540] Call Trace:
[  455.325679][T15540]  <TASK>
[  455.326546][T15540]  dump_stack_lvl+0x16c/0x1f0
[  455.327933][T15540]  should_fail_ex+0x497/0x5b0
[  455.329300][T15540]  _copy_from_iter+0x29b/0x1400
[  455.330754][T15540]  ? __pfx__copy_from_iter+0x10/0x10
[  455.332301][T15540]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  455.334038][T15540]  ? tun_build_skb.constprop.0+0x1b8/0x1120
[  455.335750][T15540]  ? __pfx_lock_release+0x10/0x10
[  455.337125][T15540]  ? trace_lock_acquire+0x14e/0x1f0
[  455.338582][T15540]  copy_page_from_iter+0xa5/0x120
[  455.340032][T15540]  tun_build_skb.constprop.0+0x294/0x1120
[  455.341686][T15540]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  455.343472][T15540]  ? __pfx___lock_acquire+0x10/0x10
[  455.344998][T15540]  ? __lock_acquire+0xcc5/0x3c40
[  455.346551][T15540]  tun_get_user+0x870/0x3e40
[  455.347902][T15540]  ? find_held_lock+0x2d/0x110
[  455.349287][T15540]  ? __pfx_tun_get_user+0x10/0x10
[  455.350753][T15540]  ? find_held_lock+0x2d/0x110
[  455.352131][T15540]  ? __pfx_lock_release+0x10/0x10
[  455.353603][T15540]  tun_chr_write_iter+0xdc/0x210
[  455.355037][T15540]  vfs_write+0x5ae/0x1150
[  455.356281][T15540]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  455.357869][T15540]  ? __pfx_vfs_write+0x10/0x10
[  455.359144][T15540]  ? __fget_files+0x40/0x3a0
[  455.361067][T15540]  ksys_write+0x12b/0x250
[  455.362315][T15540]  ? __pfx_ksys_write+0x10/0x10
[  455.363692][T15540]  __do_fast_syscall_32+0x73/0x120
[  455.365134][T15540]  do_fast_syscall_32+0x32/0x80
[  455.366495][T15540]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  455.368279][T15540] RIP: 0023:0xf708e579
[  455.369439][T15540] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  455.374789][T15540] RSP: 002b:00000000f5080520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  455.377129][T15540] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000100
[  455.379741][T15540] RDX: 0000000000000086 RSI: 00000000f73c3ff4 RDI: 0000000000000000
[  455.381908][T15540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  455.384169][T15540] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  455.386426][T15540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  455.388720][T15540]  </TASK>
[  456.165254][T15562] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2690'.
[  456.172736][T15562] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2690'.
[  456.609165][ T5946] Bluetooth: hci2: command tx timeout
[  457.307370][T15575] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2693'.
[  457.517373][T15589] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  457.521193][T15592] random: crng reseeded on system resumption
[  457.532617][T15592] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2698'.
[  457.535176][T15592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2698'.
[  457.575790][T15592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2698'.
[  457.611449][   T25] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[  457.771466][   T25] usb 8-1: Using ep0 maxpacket: 16
[  457.774136][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  457.777385][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  457.780578][   T25] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  457.783351][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  457.786555][   T25] usb 8-1: config 0 descriptor??
[  457.788778][T15585] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  457.796809][T15599] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2700'.
[  458.191481][ T5946] Bluetooth: hci0: command 0x0405 tx timeout
[  458.199008][   T25] appleir 0003:05AC:8241.0056: unknown main item tag 0x0
[  458.201091][   T25] appleir 0003:05AC:8241.0056: unknown main item tag 0x0
[  458.203243][   T25] appleir 0003:05AC:8241.0056: unknown main item tag 0x0
[  458.205286][   T25] appleir 0003:05AC:8241.0056: unknown main item tag 0x0
[  458.207630][   T25] appleir 0003:05AC:8241.0056: No inputs registered, leaving
[  458.211105][   T25] appleir 0003:05AC:8241.0056: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  458.419823][T15608] fuse: Bad value for 'fd'
[  458.470621][ T6009] usb 8-1: USB disconnect, device number 37
[  458.833992][T15615] FAULT_INJECTION: forcing a failure.
[  458.833992][T15615] name failslab, interval 1, probability 0, space 0, times 0
[  458.837567][T15615] CPU: 3 UID: 0 PID: 15615 Comm: syz.2.2704 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  458.840640][T15615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  458.843722][T15615] Call Trace:
[  458.844693][T15615]  <TASK>
[  458.845556][T15615]  dump_stack_lvl+0x16c/0x1f0
[  458.846933][T15615]  should_fail_ex+0x497/0x5b0
[  458.848295][T15615]  ? fs_reclaim_acquire+0xae/0x150
[  458.849773][T15615]  should_failslab+0xc2/0x120
[  458.851166][T15615]  __kmalloc_noprof+0xce/0x4f0
[  458.852601][T15615]  ? d_absolute_path+0x137/0x1b0
[  458.854049][T15615]  ? tomoyo_encode2+0x100/0x3e0
[  458.855503][T15615]  tomoyo_encode2+0x100/0x3e0
[  458.856911][T15615]  tomoyo_realpath_from_path+0x1a7/0x710
[  458.858529][T15615]  tomoyo_path_number_perm+0x248/0x5b0
[  458.859958][T15615]  ? tomoyo_path_number_perm+0x235/0x5b0
[  458.861442][T15615]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  458.863217][T15615]  ? __pfx_lock_release+0x10/0x10
[  458.864663][T15615]  ? trace_lock_acquire+0x14e/0x1f0
[  458.866170][T15615]  ? lock_acquire+0x2f/0xb0
[  458.867493][T15615]  ? __fget_files+0x40/0x3a0
[  458.868830][T15615]  ? __fget_files+0x206/0x3a0
[  458.870213][T15615]  security_file_ioctl_compat+0x9b/0x240
[  458.871814][T15615]  __do_compat_sys_ioctl+0x4e/0x2c0
[  458.873313][T15615]  __do_fast_syscall_32+0x73/0x120
[  458.874806][T15615]  do_fast_syscall_32+0x32/0x80
[  458.876208][T15615]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  458.878049][T15615] RIP: 0023:0xf7fe5579
[  458.879228][T15615] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  458.884789][T15615] RSP: 002b:00000000f511555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  458.887164][T15615] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004c81
[  458.889425][T15615] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  458.891689][T15615] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  458.893939][T15615] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  458.896178][T15615] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  458.898446][T15615]  </TASK>
[  458.899827][T15615] ERROR: Out of memory at tomoyo_realpath_from_path.
[  458.937654][T15617] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  458.947188][   T39] audit: type=1800 audit(1736544280.523:160): pid=15617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2705" name="file0" dev="overlay" ino=38535839 res=0 errno=0
[  459.301460][ T6001] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  459.461447][ T6001] usb 5-1: Using ep0 maxpacket: 16
[  459.464576][ T6001] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  459.467677][ T6001] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  459.471008][ T6001] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  459.478164][ T6001] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.505161][ T6001] usb 5-1: config 0 descriptor??
[  459.509646][T15624] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  459.618334][T15633] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  459.807789][T15640] fuse: Bad value for 'fd'
[  459.944107][ T6001] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.0057/input/input93
[  460.014809][ T6001] appleir 0003:05AC:8241.0057: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  460.185792][T15643] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2715'.
[  460.518150][ T5955] Bluetooth: hci3: sending frame failed (-49)
[  460.522921][ T5946] Bluetooth: hci3: Opcode 0x1003 failed: -49
[  460.903607][T15674] netlink: 1280 bytes leftover after parsing attributes in process `syz.2.2722'.
[  460.918028][T15674] fuse: Unknown parameter '0x0000000000000007'
[  461.233273][T15680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2724'.
[  461.236186][T15680] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  461.271515][T15682] nfs: Unknown parameter '0dev/net/tun'
[  461.581191][T15688] Device name cannot be null; rc = [-22]
[  461.623807][T15691] fuse: Unknown parameter '00000000000000000000003'
[  461.922096][   T63] usb 5-1: USB disconnect, device number 40
[  462.047477][T15700] Bluetooth: MGMT ver 1.23
[  462.296354][ T1132] Bluetooth: hci3: Frame reassembly failed (-84)
[  462.363618][T15707] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  462.694939][T15717] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2736'.
[  462.698729][T15719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2737'.
[  462.698750][T15719] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2737'.
[  462.707857][T15717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2736'.
[  462.741502][ T1319] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  462.891458][ T1319] usb 5-1: Using ep0 maxpacket: 8
[  462.895177][ T1319] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[  462.897801][ T1319] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  462.902431][ T1319] usb 5-1: config 0 has no interface number 0
[  462.904445][ T1319] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  462.909557][ T1319] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  462.912466][ T1319] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  462.917142][ T1319] usb 5-1: config 0 interface 52 has no altsetting 0
[  462.922084][ T1319] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00
[  462.926241][ T1319] usb 5-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35
[  462.931057][ T1319] usb 5-1: Product: syz
[  462.933241][ T1319] usb 5-1: SerialNumber: syz
[  462.937320][ T1319] usb 5-1: config 0 descriptor??
[  463.147141][ T1319] input: syz (Stick) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.52/input/input94
[  463.152975][ T5342] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.162093][ T5342] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.170535][ T5342] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.180453][ T5342] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.206499][ T5957] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.210133][ T5342] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.216963][ T5342] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.227107][ T5342] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.401627][T15713] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  463.628361][ T1319] usb 5-1: USB disconnect, device number 41
[  463.647653][T15734] netlink: 'syz.1.2740': attribute type 10 has an invalid length.
[  464.227743][T15741] fuse: Unknown parameter '00000000000000000000003'
[  464.234200][T15743] random: crng reseeded on system resumption
[  464.240357][T15743] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2743'.
[  464.243448][T15743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2743'.
[  464.271961][T15743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2743'.
[  464.351604][ T5955] Bluetooth: hci3: command 0x1003 tx timeout
[  464.351927][ T5946] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  464.675232][T15754] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  465.104939][T15765] =======================================================
[  465.104939][T15765] WARNING: The mand mount option has been deprecated and
[  465.104939][T15765]          and is ignored by this kernel. Remove the mand
[  465.104939][T15765]          option from the mount to silence this warning.
[  465.104939][T15765] =======================================================
[  465.142333][T15768] xfs: Unknown parameter 'grpquotaon_end'
[  465.987836][T15782] netlink: 'syz.1.2754': attribute type 10 has an invalid length.
[  466.120910][T15792] fuse: Unknown parameter '00000000000000000000003'
[  466.571104][T15797] FAULT_INJECTION: forcing a failure.
[  466.571104][T15797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  466.575139][T15797] CPU: 1 UID: 0 PID: 15797 Comm: syz.1.2759 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  466.579063][T15797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  466.583129][T15797] Call Trace:
[  466.584432][T15797]  <TASK>
[  466.585535][T15797]  dump_stack_lvl+0x16c/0x1f0
[  466.587344][T15797]  should_fail_ex+0x497/0x5b0
[  466.589108][T15797]  _copy_from_user+0x2e/0xd0
[  466.590902][T15797]  kstrtouint_from_user+0xd7/0x1c0
[  466.592780][T15797]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  466.594854][T15797]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  466.596477][T15797]  proc_fail_nth_write+0x84/0x250
[  466.598409][T15797]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  466.600168][T15797]  ? ksys_write+0x12b/0x250
[  466.601448][T15797]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  466.603271][T15797]  vfs_write+0x24c/0x1150
[  466.604870][T15797]  ? __fget_files+0x1fc/0x3a0
[  466.606588][T15797]  ? __pfx___mutex_lock+0x10/0x10
[  466.608406][T15797]  ? __pfx_vfs_write+0x10/0x10
[  466.610112][T15797]  ? __fget_files+0x206/0x3a0
[  466.611823][T15797]  ksys_write+0x12b/0x250
[  466.613391][T15797]  ? __pfx_ksys_write+0x10/0x10
[  466.615160][T15797]  __do_fast_syscall_32+0x73/0x120
[  466.617048][T15797]  do_fast_syscall_32+0x32/0x80
[  466.618449][T15797]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  466.620163][T15797] RIP: 0023:0xf708e579
[  466.621338][T15797] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  466.628021][T15797] RSP: 002b:00000000f5080590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  466.631047][T15797] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5080620
[  466.633925][T15797] RDX: 0000000000000001 RSI: 00000000f73c3ff4 RDI: 0000000000000000
[  466.636174][T15797] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  466.638453][T15797] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  466.640673][T15797] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  466.642874][T15797]  </TASK>
[  466.932388][ T5983] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  467.061620][T15812] loop2: detected capacity change from 0 to 7
[  467.067971][T15812] Dev loop2: unable to read RDB block 7
[  467.069784][T15812]  loop2: AHDI p1 p2 p3 p4
[  467.071210][T15812] loop2: partition table partially beyond EOD, truncated
[  467.074120][T15812] loop2: p1 start 2316988880 is beyond EOD, truncated
[  467.076995][T15812] loop2: p2 start 3872735472 is beyond EOD, truncated
[  467.080600][T15812] loop2: p3 start 1193984827 is beyond EOD, truncated
[  467.091782][ T5983] usb 6-1: Using ep0 maxpacket: 8
[  467.096204][ T5983] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  467.099215][ T5983] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  467.107695][ T5983] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  467.112584][ T5983] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  467.117658][ T5983] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  467.121551][ T5983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.191463][ T1319] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  467.351473][ T1319] usb 7-1: Using ep0 maxpacket: 8
[  467.351901][ T5983] usb 6-1: GET_CAPABILITIES returned 0
[  467.354675][ T5983] usbtmc 6-1:16.0: can't read capabilities
[  467.358137][ T1319] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  467.361746][ T1319] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  467.365375][ T1319] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  467.378349][ T1319] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  467.385047][ T1319] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  467.388243][ T1319] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.637078][ T1319] usb 7-1: GET_CAPABILITIES returned 0
[  467.638760][ T1319] usbtmc 7-1:16.0: can't read capabilities
[  467.779113][T15822] netlink: zone id is out of range
[  467.781001][T15822] netlink: zone id is out of range
[  467.787145][T15822] netlink: zone id is out of range
[  467.788771][T15822] netlink: zone id is out of range
[  467.790260][T15822] netlink: zone id is out of range
[  468.073279][T15824] netlink: zone id is out of range
[  468.074854][T15824] netlink: zone id is out of range
[  468.713904][T15832] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  469.080081][T15843] netlink: 'syz.3.2772': attribute type 3 has an invalid length.
[  469.093257][T15843] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  469.095856][T15843] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  469.098962][T15843] vhci_hcd vhci_hcd.0: Device attached
[  469.281466][   T25] vhci_hcd: vhci_device speed not set
[  469.341534][   T25] usb 43-1: new full-speed USB device number 3 using vhci_hcd
[  469.351469][ T5982] usb 8-1: new low-speed USB device number 38 using dummy_hcd
[  469.522633][ T5982] usb 8-1: config 0 has no interfaces?
[  469.524347][ T5982] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  469.527007][ T5982] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.530087][ T5982] usb 8-1: config 0 descriptor??
[  469.734326][T15844] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2
[  469.735631][ T5982] usb 8-1: USB disconnect, device number 38
[  469.740100][T14790] vhci_hcd: stop threads
[  469.741884][T14790] vhci_hcd: release socket
[  469.743381][T14790] vhci_hcd: disconnect device
[  469.767661][   T62] usb 6-1: USB disconnect, device number 41
[  469.991156][T15858] vlan2: entered allmulticast mode
[  469.995960][T15858] bond0: entered allmulticast mode
[  469.997489][T15858] bond_slave_1: entered allmulticast mode
[  470.000983][T15858] bond0: left allmulticast mode
[  470.002597][T15858] bond_slave_1: left allmulticast mode
[  470.091099][   T62] usb 7-1: USB disconnect, device number 38
[  470.424119][ T1209] Bluetooth: hci3: Frame reassembly failed (-84)
[  470.425129][T15873] netlink: 'syz.1.2780': attribute type 10 has an invalid length.
[  471.222609][   T39] audit: type=1326 audit(1736544292.803:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15883 comm="syz.3.2784" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf714e579 code=0x0
[  472.431767][ T5946] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  472.653331][T15911] netlink: 'syz.2.2791': attribute type 10 has an invalid length.
[  473.906011][   T45] Bluetooth: hci3: Frame reassembly failed (-84)
[  473.911428][   T45] Bluetooth: hci3: Frame reassembly failed (-84)
[  474.048964][T15950] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  474.262412][T15962] tmpfs: Bad value for 'mpol'
[  474.312136][   T39] audit: type=1326 audit(1736544295.883:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.322645][   T39] audit: type=1326 audit(1736544295.893:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.328907][   T39] audit: type=1326 audit(1736544295.903:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.335286][   T39] audit: type=1326 audit(1736544295.903:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.341693][   T39] audit: type=1326 audit(1736544295.903:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.347866][   T39] audit: type=1326 audit(1736544295.903:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.354968][   T39] audit: type=1326 audit(1736544295.903:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.361012][   T39] audit: type=1326 audit(1736544295.903:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.367027][   T39] audit: type=1326 audit(1736544295.913:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15963 comm="syz.3.2808" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf714e579 code=0x7ffc0000
[  474.432157][   T25] vhci_hcd: vhci_device speed not set
[  474.498583][T15972] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  474.582318][T15964] /dev/sr0: Can't open blockdev
[  474.760382][T15979] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  474.780495][T15982] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  474.788695][T15982] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2814'.
[  474.791497][T15982] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2814'.
[  475.315802][T15996] fuse: Unknown parameter 'fd00000000000000000000003'
[  475.578995][T16003] random: crng reseeded on system resumption
[  475.695587][T16005] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  475.951495][ T5946] Bluetooth: hci3: command 0x1003 tx timeout
[  475.951664][ T5955] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  476.373338][T16044] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  476.857871][T16064] input: syz1 as /devices/virtual/input/input95
[  476.869801][T16064] FAULT_INJECTION: forcing a failure.
[  476.869801][T16064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  476.873755][T16064] CPU: 3 UID: 0 PID: 16064 Comm: syz.0.2828 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  476.876697][T16064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  476.879645][T16064] Call Trace:
[  476.880682][T16064]  <TASK>
[  476.881794][T16064]  dump_stack_lvl+0x16c/0x1f0
[  476.883154][T16064]  should_fail_ex+0x497/0x5b0
[  476.884598][T16064]  _copy_from_user+0x2e/0xd0
[  476.885984][T16064]  input_event_from_user+0x22d/0x3b0
[  476.887523][T16064]  ? __pfx_input_event_from_user+0x10/0x10
[  476.889220][T16064]  ? read_tsc+0x9/0x20
[  476.890450][T16064]  ? ktime_get+0x1ac/0x300
[  476.891822][T16064]  ? input_event+0x2a/0xa0
[  476.893106][T16064]  uinput_write+0xbb6/0x12b0
[  476.894456][T16064]  ? __pfx_uinput_write+0x10/0x10
[  476.895927][T16064]  ? bpf_lsm_file_permission+0x9/0x10
[  476.897518][T16064]  ? security_file_permission+0x71/0x210
[  476.899216][T16064]  ? __pfx_uinput_write+0x10/0x10
[  476.900692][T16064]  vfs_write+0x24c/0x1150
[  476.901957][T16064]  ? __fget_files+0x1fc/0x3a0
[  476.903310][T16064]  ? __pfx_lock_release+0x10/0x10
[  476.904755][T16064]  ? __pfx_vfs_write+0x10/0x10
[  476.906147][T16064]  ? lock_acquire+0x2f/0xb0
[  476.907467][T16064]  ? __fget_files+0x40/0x3a0
[  476.908823][T16064]  ? __fget_files+0x206/0x3a0
[  476.910196][T16064]  ksys_write+0x207/0x250
[  476.911482][T16064]  ? __pfx_ksys_write+0x10/0x10
[  476.912895][T16064]  __do_fast_syscall_32+0x73/0x120
[  476.914386][T16064]  do_fast_syscall_32+0x32/0x80
[  476.915796][T16064]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  476.917646][T16064] RIP: 0023:0xf7f60579
[  476.919132][T16064] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  476.924930][T16064] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  476.927343][T16064] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0
[  476.929598][T16064] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000000
[  476.931906][T16064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  476.934198][T16064] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  476.936479][T16064] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  476.938756][T16064]  </TASK>
[  476.939764][    C3] vkms_vblank_simulate: vblank timer overrun
[  477.011462][ T1319] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  477.096702][   T12] Bluetooth: hci3: Frame reassembly failed (-84)
[  477.098616][   T12] Bluetooth: hci3: Frame reassembly failed (-84)
[  477.100493][   T12] Bluetooth: hci3: Frame reassembly failed (-84)
[  477.102501][   T12] Bluetooth: hci3: Frame reassembly failed (-84)
[  477.104367][   T12] Bluetooth: hci3: Frame reassembly failed (-84)
[  477.161441][ T1319] usb 6-1: Using ep0 maxpacket: 16
[  477.164355][ T1319] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  477.168853][ T1319] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 97, changing to 10
[  477.172789][ T1319] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024
[  477.195448][ T1319] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  477.199104][ T1319] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.202446][ T1319] usb 6-1: Product: syz
[  477.204156][ T1319] usb 6-1: Manufacturer: syz
[  477.206087][ T1319] usb 6-1: SerialNumber: syz
[  477.217619][ T1319] usb 6-1: config 0 descriptor??
[  477.481631][ T1319] appledisplay 6-1:0.0: Error while getting initial brightness: -110
[  477.484423][ T1319] appledisplay 6-1:0.0: probe with driver appledisplay failed with error -110
[  477.497229][T16104] fuse: Unknown parameter 'fd00000000000000000000003'
[  477.507534][ T1319] usb 6-1: USB disconnect, device number 42
[  477.774871][T16107] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[  477.965403][T16111] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  478.141628][T16118] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2837'.
[  478.145362][T16118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2837'.
[  478.159472][T16118] loop7: detected capacity change from 0 to 16384
[  478.382751][T16123] Invalid source name
[  478.382815][T16120] loop7: detected capacity change from 16384 to 16383
[  478.384541][T16123] UBIFS error (pid: 16123): cannot open "ubifs", error -22
[  479.058728][T16133] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2840'.
[  479.065991][T16133] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2840'.
[  479.151636][ T5946] Bluetooth: hci3: command 0x1003 tx timeout
[  479.154233][ T5955] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  479.254369][T16139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2842'.
[  479.257907][T16139] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2842'.
[  480.003013][   T25] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[  480.151792][   T25] usb 7-1: Using ep0 maxpacket: 16
[  480.159928][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  480.164276][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  480.168570][   T25] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  480.173502][   T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.179477][   T25] usb 7-1: config 0 descriptor??
[  480.181802][T16148] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  480.593312][   T25] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.0058/input/input96
[  480.656172][   T25] appleir 0003:05AC:8241.0058: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  481.923477][T16176] random: crng reseeded on system resumption
[  481.929535][T16176] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2853'.
[  481.932181][T16176] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2853'.
[  481.935617][T16176] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2853'.
[  482.061291][T16176] bond0: (slave bond_slave_0): Releasing backup interface
[  482.065547][T16176] bond_slave_0 (unregistering): left promiscuous mode
[  482.291625][T16186] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2856'.
[  482.294813][T16186] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2856'.
[  482.446443][T16187] Sensor A: =================  START STATUS  =================
[  482.449891][T16187] Sensor A: Test Pattern: 75% Colorbar
[  482.453102][T16187] Sensor A: Show Information: All
[  482.456368][T16187] Sensor A: Vertical Flip: false
[  482.460014][T16187] Sensor A: Horizontal Flip: false
[  482.461827][T16187] Sensor A: Brightness: 128
[  482.463337][T16187] Sensor A: Contrast: 128
[  482.464661][T16187] Sensor A: Hue: 0
[  482.465902][T16187] Sensor A: Saturation: 128
[  482.467559][T16187] Sensor A: ==================  END STATUS  ==================
[  482.512998][ T5983] usb 7-1: USB disconnect, device number 39
[  483.481493][   T25] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  483.661546][   T25] usb 5-1: Using ep0 maxpacket: 16
[  483.667047][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  483.670342][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  483.673570][   T25] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  483.676142][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.679374][   T25] usb 5-1: config 0 descriptor??
[  483.681589][T16202] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  483.851477][ T6432] usb 8-1: new high-speed USB device number 39 using dummy_hcd
[  483.934059][T16220] random: crng reseeded on system resumption
[  483.946010][T16220] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2868'.
[  483.948619][T16220] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2868'.
[  483.980483][T16220] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2868'.
[  484.011554][ T6432] usb 8-1: Using ep0 maxpacket: 16
[  484.022486][ T6432] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10
[  484.025973][ T6432] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024
[  484.029202][ T6432] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  484.032084][ T6432] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.035169][ T6432] usb 8-1: config 0 descriptor??
[  484.037041][T16211] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  484.090586][   T25] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.0059/input/input97
[  484.206885][   T25] appleir 0003:05AC:8241.0059: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  484.363734][T16230] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  484.445849][ T6432] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.005A/input/input98
[  484.504060][ T6432] appleir 0003:05AC:8241.005A: input,hiddev1,hidraw2: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  485.182136][T16244] ceph: No mds server is up or the cluster is laggy
[  485.210109][ T5983] usb 8-1: USB disconnect, device number 39
[  485.530272][T16255] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2875'.
[  485.533351][T16255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2875'.
[  485.962113][   T35] usb 5-1: USB disconnect, device number 42
[  486.179507][T16273] netlink: 'syz.1.2880': attribute type 10 has an invalid length.
[  486.446268][T16275] random: crng reseeded on system resumption
[  486.671520][ T5946] Bluetooth: hci0: command 0x0405 tx timeout
[  486.674781][ T5955] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  486.887069][T16293] netlink: 'syz.1.2886': attribute type 10 has an invalid length.
[  486.943869][T16289] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  487.328207][T16299] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  487.762646][T16316] siw: device registration error -23
[  488.181071][T16323] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  488.192950][T16252] libceph: mon0 (1)[c::]:6789 socket closed (con state V1_BANNER)
[  488.250737][T16324] ceph: No mds server is up or the cluster is laggy
[  488.470202][T16339] random: crng reseeded on system resumption
[  488.483915][T16339] __nla_validate_parse: 3 callbacks suppressed
[  488.483925][T16339] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2898'.
[  488.488194][T16339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2898'.
[  488.535463][T16339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2898'.
[  488.818791][T16348] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  489.172013][T16365] netlink: 'syz.0.2903': attribute type 10 has an invalid length.
[  490.100479][T16375] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  490.103136][T16375] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  490.105516][T16375] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  490.108618][T16375] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2907'.
[  490.461608][   T25] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  490.615033][   T25] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  490.617857][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  490.620112][   T25] usb 6-1: Product: syz
[  490.621342][   T25] usb 6-1: Manufacturer: syz
[  490.622802][   T25] usb 6-1: SerialNumber: syz
[  490.637816][   T25] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  490.693879][   T25] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  491.001556][ T5946] Bluetooth: hci0: command 0x0405 tx timeout
[  491.002436][ T5955] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  491.014810][ T5982] usb 6-1: USB disconnect, device number 43
[  491.711500][   T25] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  491.715811][   T25] ath9k_htc: Failed to initialize the device
[  491.720559][ T5982] usb 6-1: ath9k_htc: USB layer deinitialized
[  491.792604][T16393] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  491.842568][T14790] Bluetooth: hci3: Frame reassembly failed (-84)
[  492.083783][T16407] netlink: 'syz.3.2916': attribute type 10 has an invalid length.
[  492.119613][T16407] batman_adv: batadv0: Adding interface: team0
[  492.121826][T16407] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.129031][T16407] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  493.178666][T16429] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  493.306232][T16439] netlink: 'syz.1.2926': attribute type 10 has an invalid length.
[  493.565031][T16445] siw: device registration error -23
[  493.871579][ T5946] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  495.358752][T16484] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2941'.
[  495.376178][T16485] 
[  495.377164][T16485] ======================================================
[  495.379154][T16485] WARNING: possible circular locking dependency detected
[  495.381176][T16485] 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 Not tainted
[  495.384074][T16485] ------------------------------------------------------
[  495.386708][T16485] syz.1.2940/16485 is trying to acquire lock:
[  495.388419][T16485] ffff88806032ac88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  495.391095][T16485] 
[  495.391095][T16485] but task is already holding lock:
[  495.393169][T16485] ffff88806d29d868 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[  495.395562][T16485] 
[  495.395562][T16485] which lock already depends on the new lock.
[  495.395562][T16485] 
[  495.398678][T16485] 
[  495.398678][T16485] the existing dependency chain (in reverse order) is:
[  495.402256][T16485] 
[  495.402256][T16485] -> #3 (&pipe->mutex){+.+.}-{4:4}:
[  495.405208][T16485]        __mutex_lock+0x19b/0xa60
[  495.407236][T16485]        pipe_lock+0x64/0x80
[  495.409122][T16485]        iter_file_splice_write+0x1eb/0x10b0
[  495.411546][T16485]        do_splice+0x145c/0x1f60
[  495.413351][T16485]        __do_splice+0x327/0x360
[  495.414790][T16485]        __ia32_sys_splice+0x189/0x250
[  495.416382][T16485]        __do_fast_syscall_32+0x73/0x120
[  495.418127][T16485]        do_fast_syscall_32+0x32/0x80
[  495.420294][T16485]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.423016][T16485] 
[  495.423016][T16485] -> #2 (sb_writers#5){.+.+}-{0:0}:
[  495.425981][T16485]        mnt_want_write+0x6f/0x450
[  495.428029][T16485]        ovl_create_object+0x12e/0x300
[  495.430130][T16485]        lookup_open.isra.0+0x1174/0x14c0
[  495.432374][T16485]        path_openat+0x904/0x2d60
[  495.434405][T16485]        do_filp_open+0x20c/0x470
[  495.436439][T16485]        do_sys_openat2+0x17a/0x1e0
[  495.438395][T16485]        __ia32_compat_sys_openat+0x16e/0x210
[  495.440153][T16485]        __do_fast_syscall_32+0x73/0x120
[  495.441768][T16485]        do_fast_syscall_32+0x32/0x80
[  495.443301][T16485]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.445230][T16485] 
[  495.445230][T16485] -> #1 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}:
[  495.447709][T16485]        down_read+0x9a/0x330
[  495.449057][T16485]        walk_component+0x342/0x5b0
[  495.450551][T16485]        path_lookupat+0x17f/0x770
[  495.452010][T16485]        filename_lookup+0x221/0x5f0
[  495.453522][T16485]        kern_path+0x35/0x50
[  495.454843][T16485]        lookup_bdev+0xd9/0x280
[  495.456373][T16485]        resume_store+0x1d8/0x460
[  495.457966][T16485]        kobj_attr_store+0x55/0x80
[  495.460020][T16485]        sysfs_kf_write+0x117/0x170
[  495.462116][T16485]        kernfs_fop_write_iter+0x33d/0x500
[  495.464430][T16485]        vfs_write+0x5ae/0x1150
[  495.466397][T16485]        ksys_write+0x12b/0x250
[  495.468372][T16485]        __do_fast_syscall_32+0x73/0x120
[  495.470642][T16485]        do_fast_syscall_32+0x32/0x80
[  495.472786][T16485]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.475521][T16485] 
[  495.475521][T16485] -> #0 (&of->mutex){+.+.}-{4:4}:
[  495.477661][T16485]        __lock_acquire+0x249e/0x3c40
[  495.479193][T16485]        lock_acquire.part.0+0x11b/0x380
[  495.480815][T16485]        __mutex_lock+0x19b/0xa60
[  495.482273][T16485]        kernfs_fop_write_iter+0x27b/0x500
[  495.483945][T16485]        iter_file_splice_write+0x90f/0x10b0
[  495.485721][T16485]        do_splice+0x145c/0x1f60
[  495.487156][T16485]        __do_splice+0x327/0x360
[  495.488528][T16485]        __ia32_sys_splice+0x189/0x250
[  495.490104][T16485]        __do_fast_syscall_32+0x73/0x120
[  495.491728][T16485]        do_fast_syscall_32+0x32/0x80
[  495.493256][T16485]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.495216][T16485] 
[  495.495216][T16485] other info that might help us debug this:
[  495.495216][T16485] 
[  495.499174][T16485] Chain exists of:
[  495.499174][T16485]   &of->mutex --> sb_writers#5 --> &pipe->mutex
[  495.499174][T16485] 
[  495.503127][T16485]  Possible unsafe locking scenario:
[  495.503127][T16485] 
[  495.505228][T16485]        CPU0                    CPU1
[  495.506825][T16485]        ----                    ----
[  495.508348][T16485]   lock(&pipe->mutex);
[  495.509553][T16485]                                lock(sb_writers#5);
[  495.511450][T16485]                                lock(&pipe->mutex);
[  495.513355][T16485]   lock(&of->mutex);
[  495.514728][T16485] 
[  495.514728][T16485]  *** DEADLOCK ***
[  495.514728][T16485] 
[  495.517424][T16485] 2 locks held by syz.1.2940/16485:
[  495.518925][T16485]  #0: ffff888044e52420 (sb_writers#8){.+.+}-{0:0}, at: __do_splice+0x327/0x360
[  495.521527][T16485]  #1: ffff88806d29d868 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[  495.523998][T16485] 
[  495.523998][T16485] stack backtrace:
[  495.525746][T16485] CPU: 1 UID: 0 PID: 16485 Comm: syz.1.2940 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  495.528776][T16485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  495.531807][T16485] Call Trace:
[  495.532761][T16485]  <TASK>
[  495.533621][T16485]  dump_stack_lvl+0x116/0x1f0
[  495.534976][T16485]  print_circular_bug+0x41c/0x610
[  495.536482][T16485]  check_noncircular+0x31a/0x400
[  495.537911][T16485]  ? __pfx_check_noncircular+0x10/0x10
[  495.539460][T16485]  ? lock_acquire.part.0+0x11b/0x380
[  495.540981][T16485]  ? lockdep_lock+0xc6/0x200
[  495.542322][T16485]  ? __pfx_lockdep_lock+0x10/0x10
[  495.543770][T16485]  __lock_acquire+0x249e/0x3c40
[  495.545170][T16485]  ? __pfx___lock_acquire+0x10/0x10
[  495.546767][T16485]  ? hlock_class+0x4e/0x130
[  495.548077][T16485]  lock_acquire.part.0+0x11b/0x380
[  495.549550][T16485]  ? kernfs_fop_write_iter+0x27b/0x500
[  495.551124][T16485]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  495.552733][T16485]  ? rcu_is_watching+0x12/0xc0
[  495.554117][T16485]  ? trace_lock_acquire+0x14e/0x1f0
[  495.555664][T16485]  ? kernfs_fop_write_iter+0x27b/0x500
[  495.557228][T16485]  ? lock_acquire+0x2f/0xb0
[  495.558541][T16485]  ? kernfs_fop_write_iter+0x27b/0x500
[  495.560104][T16485]  __mutex_lock+0x19b/0xa60
[  495.561427][T16485]  ? kernfs_fop_write_iter+0x27b/0x500
[  495.562899][T16485]  ? kernfs_fop_write_iter+0x27b/0x500
[  495.564417][T16485]  ? __pfx___mutex_lock+0x10/0x10
[  495.565934][T16485]  ? __pfx__copy_from_iter+0x10/0x10
[  495.567451][T16485]  ? __virt_addr_valid+0x5e/0x590
[  495.568888][T16485]  ? __phys_addr_symbol+0x30/0x80
[  495.570341][T16485]  ? kernfs_fop_write_iter+0x27b/0x500
[  495.571913][T16485]  kernfs_fop_write_iter+0x27b/0x500
[  495.573423][T16485]  iter_file_splice_write+0x90f/0x10b0
[  495.574994][T16485]  ? __pfx_iter_file_splice_write+0x10/0x10
[  495.576825][T16485]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  495.578438][T16485]  ? __do_splice+0x327/0x360
[  495.579766][T16485]  ? __pfx_iter_file_splice_write+0x10/0x10
[  495.581477][T16485]  do_splice+0x145c/0x1f60
[  495.582769][T16485]  ? __pfx_lock_release+0x10/0x10
[  495.584207][T16485]  ? __pfx_do_splice+0x10/0x10
[  495.585609][T16485]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  495.587159][T16485]  ? __pfx_lock_release+0x10/0x10
[  495.588599][T16485]  ? trace_lock_acquire+0x14e/0x1f0
[  495.590102][T16485]  __do_splice+0x327/0x360
[  495.591845][T16485]  ? __pfx___do_splice+0x10/0x10
[  495.593737][T16485]  ? __fget_files+0x206/0x3a0
[  495.595642][T16485]  __ia32_sys_splice+0x189/0x250
[  495.597644][T16485]  __do_fast_syscall_32+0x73/0x120
[  495.599695][T16485]  do_fast_syscall_32+0x32/0x80
[  495.601610][T16485]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.604036][T16485] RIP: 0023:0xf708e579
[  495.605677][T16485] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  495.613157][T16485] RSP: 002b:00000000f505f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
[  495.615755][T16485] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  495.618040][T16485] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 000000000000bfd1
[  495.620254][T16485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  495.622438][T16485] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  495.624663][T16485] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  495.626891][T16485]  </TASK>
[  495.714800][T16486] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2940'.
[  495.718363][T16485] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2940'.
[  500.833275][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[  500.835139][ T1411] ieee802154 phy1 wpan1: encryption failed: -22

VM DIAGNOSIS:
21:16:45  Registers:
info registers vcpu 0

CPU#0
RAX=00000000000000f6 RBX=0000000000000001 RCX=000000000000083f RDX=0000000000000000
RSI=00000000000000f6 RDI=000000000000003f RBP=0000000000080001 RSP=ffffc9002012f6d8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=00000000000d0f77
R12=0000000000000000 R13=0000000000000000 R14=0000000000000002 R15=ffffc9002012f780
RIP=ffffffff8147b128 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3824c2 CR3=000000004b4b6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851454b5 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc9000e6df090
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36
R12=0000000000000000 R13=0000000000000061 R14=ffffffff85145450 R15=0000000000000000
RIP=ffffffff851454df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50b5528 CR3=0000000045160000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
EAX=f6c5cd88 EBX=ffffffff ECX=ffffffff EDX=82074003
ESI=82074003 EDI=ffffffff EBP=f6c5cd18 ESP=ff8ff520
EIP=f7184964 EFL=00000286 [--S--P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 581c6440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 00091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000021000000 CR3=0000000070480000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000000 RBX=ffffffff88f59e6f RCX=0000000000000000 RDX=0000000000000000
RSI=0000000000000000 RDI=ffff888066d5ccd8 RBP=0000000000000000 RSP=ffffc9000dd6f770
R8 =0000000000000001 R9 =0000000000000000 R10=ffffffff901cf257 R11=0000000000000000
R12=0000000000000000 R13=000000000003da4c R14=0000000000000001 R15=0000000000000000
RIP=ffffffff81756c53 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002016b018 CR3=0000000070480000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000