last executing test programs: 5.297097421s ago: executing program 1 (id=2631): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0) ioctl$BLKRRPART(r1, 0x125f, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x3, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xa4}}, 0x0) preadv2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fe00}], 0x1, 0x0, 0x0, 0x2b) 5.008673161s ago: executing program 1 (id=2634): syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="1ed307"], 0xa) syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x800, 0x34324152, 0x2, 0xb, [{}, {}, {0xfffffffd}, {0xfffffffd}, {}, {0x0, 0x1000000}]}}) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) link(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') r1 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3e}}, 0x20) recvmmsg(r1, &(0x7f0000000ec0)=[{{&(0x7f0000000700)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, 0x0}, 0x1}], 0x1, 0x2020, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1a00001d05000000110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a60000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) connect$l2tp6(r1, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r6 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c0000005e00080026bd7000ffdbdf2500000000", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) 4.255391915s ago: executing program 2 (id=2642): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0) ioctl$BLKRRPART(r1, 0x125f, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x3, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xa4}}, 0x0) preadv2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fe00}], 0x1, 0x0, 0x0, 0x2b) 4.255113103s ago: executing program 2 (id=2643): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0xf, &(0x7f0000006680)) mkdir(&(0x7f0000000000)='./file0\x00', 0x408) 4.06294126s ago: executing program 2 (id=2652): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a00) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4008840}, 0x0) r0 = socket$inet_dccp(0x2, 0x6, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x9, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x210, 0xa4, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x17c, 0xffffffff, 0xffffffff, 0x17c, 0xffffffff, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0xff000000, 0xffffffff, 'veth1_macvtap\x00', 'batadv_slave_1\x00', {}, {0xff}, 0x67, 0x1, 0x11}, 0x6, 0x70, 0xa4}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffff}, {0xffffffffffffffff, 0x0, 0x2}}}}, {{@ip={@empty, @remote, 0x0, 0x0, 'netpci0\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xd8, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff, 0x4, 0x2}, {0x4, 0x0, 0x2}, 0x80, 0x2}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x26c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000240)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative', @void}}}], [{@smackfshat={'smackfshat', 0x3d, '\x8f\xde\xc1/.*'}}]}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast2, 0xf}, 0x1c) rseq(0x0, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x702) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) bpf$MAP_CREATE(0x4000000000000, &(0x7f0000000040)=@base={0x5, 0x1, 0x6c02, 0x41, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x20000, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)}) 3.20603891s ago: executing program 1 (id=2647): socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6(0xa, 0x3, 0x100) socket$tipc(0x1e, 0x5, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x3, 0x800}, &(0x7f0000000040), &(0x7f0000000080)) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmsg$alg(r4, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0) recvmsg$unix(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000780)}, 0x0) read$alg(r4, &(0x7f0000002840)=""/4089, 0xff9) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r5, &(0x7f0000000140)={{0x6, @bcast, 0x2}, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r6, &(0x7f0000000300)={{0x6, @rose, 0x5}, [@null, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48) 2.600657408s ago: executing program 0 (id=2648): r0 = socket(0x18, 0x0, 0x0) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x2, @local, 'geneve1\x00'}}, 0x1e) sendmmsg$unix(r0, &(0x7f0000002140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) 2.512611416s ago: executing program 0 (id=2649): openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x100, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) r3 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x440ec63, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000000)={0x0, 0x1, 0x0, "19f1a301000000000080001cca535b8671bd44f6f600000000000000000400", 0x31303553}) ioctl$VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f0000000780)={0x6, @raw_data="986484113d887de2ab933d5e34b02aa1830bd89bb7ed7753d03bd2ca4b113ecc9508aff3f19755546ea0b51df9173103bab8e002a6223cf51896c19ed8cff058996ba4cd84206190557db6e580fd770aab49cc4e405870deca9b033358e5bdb8ed116279d12304afbdcf7f45db0d52da57918f2fb8f0cad4621a0ebf73654c21882ce71f9ee3477663e972b0d64e59a8ddf017c6c2a589d86e7d3bee93f321d5f437f94c6c94f57f7e5f081af6dd7cb9372607f6d93c20a1e040d0fb11ea41fba22d0e8a4613dcce"}) (async) ioctl$VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f0000000780)={0x6, @raw_data="986484113d887de2ab933d5e34b02aa1830bd89bb7ed7753d03bd2ca4b113ecc9508aff3f19755546ea0b51df9173103bab8e002a6223cf51896c19ed8cff058996ba4cd84206190557db6e580fd770aab49cc4e405870deca9b033358e5bdb8ed116279d12304afbdcf7f45db0d52da57918f2fb8f0cad4621a0ebf73654c21882ce71f9ee3477663e972b0d64e59a8ddf017c6c2a589d86e7d3bee93f321d5f437f94c6c94f57f7e5f081af6dd7cb9372607f6d93c20a1e040d0fb11ea41fba22d0e8a4613dcce"}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x13, r4, 0x0) (async) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x7, 0x13, r4, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="9306d813d7dcd35750a7408871cdd4a61fe4d48beeb138f12aae45f2f226fe45b578c97ff4bf7fdf7504c5c08a0f1e6bdbaa7b79ce572f50574943f7972d5b84424ff66e3f4143a7fc5e2b4d4cf6018d1cab4e37ecd6531fb3dde7cbebef87cc1a", 0x61, 0x8000, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2.381209643s ago: executing program 0 (id=2650): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5f, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000480)={0x6, 0x0}, 0x8) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000001010000000000010101000095000000002697000000"], &(0x7f0000000500)='syzkaller\x00', 0xfffffff8, 0x0, 0x0, 0x40f00, 0x45, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x1, 0x6, 0x3350, 0xfffffffe}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000640)=[{0x5, 0x1, 0xf, 0x3}, {0x2, 0x4, 0xd, 0x4}, {0x1, 0x2, 0x7, 0x37c33193f537f891}, {0x0, 0x5, 0x8}, {0x0, 0x2, 0x3}], 0x10, 0x1, @void, @value}, 0x94) r6 = socket$packet(0x11, 0x3, 0x300) r7 = dup(r6) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2, 0x18, &(0x7f0000000c00)=ANY=[@ANYRESOCT=r4, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090900000000005509010000000000951000000000000085200000030000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000008500000006000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0xe7, &(0x7f0000000340)=""/231, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x2, 0x10006, 0x100, 0x5}, 0x10, r4, r5, 0x5, &(0x7f0000000880)=[r7, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f00000008c0)=[{0x5, 0x1, 0x1, 0x5}, {0x3, 0x3, 0x1, 0x5}, {0x5, 0x4, 0x6, 0x1}, {0x4, 0x2, 0x1, 0xa}, {0x4, 0x3, 0xb, 0x6}], 0x10, 0x80, @void, @value}, 0x94) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r8}, 0x10) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2.346266614s ago: executing program 3 (id=2651): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2ee4000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) 2.266222975s ago: executing program 3 (id=2653): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff00", @ANYBLOB="00000000010000001c0012000c00", @ANYRES32, @ANYBLOB="491f4db755d1c95897", @ANYBLOB="d66639bb07b86f98e586f08ddb6fecb1deedf706ac6316ad0ce35baa024b33147cc577ff22b56ec0cc6e9a96441319ec34fed045ec4c5e31be9f5ae4013c1d4abb57406c5ad5ff889f58c69124eb33fb3764a95b42b7440f9a01502efef7a96792d59c58e94e6dd9eeaa42f9d01ada362bbe2a103a97bae59de45230b030eb3799cdd32742981757f483a3de3b6c450e5f8d771d6ecbc4d8df0a70b14de4da7e"], 0x3c}}, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, 0x0) r2 = socket$netlink(0x10, 0x3, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r3, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="01000a00"}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b80)=@filter={'filter\x00', 0x4, 0x4, 0x438, 0xffffffff, 0x0, 0x154, 0x284, 0xfeffffff, 0xffffffff, 0x370, 0x370, 0x370, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@local, @private2={0xfc, 0x2, '\x00', 0x1}, [0x0, 0x0, 0xff, 0xffffff00], [0xffffff00, 0x0, 0xff000000, 0xff], 'nicvf0\x00', 'gre0\x00', {0xff}, {0xff}, 0x62, 0x3, 0x5, 0x9}, 0x2f2, 0x130, 0x154, 0x0, {}, [@common=@srh1={{0x8c}, {0x0, 0x70, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, @private2, @mcast2, [0x0, 0xffffffff, 0xff000000, 0xffffffff], [], [0x0, 0x0, 0xff000000]}}]}, @common=@inet=@SYNPROXY={0x24, 'SYNPROXY\x00', 0x0, {0x8, 0x7, 0x200}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x16}, @ipv4={'\x00', '\xff\xff', @multicast1}, [0x0, 0x0, 0xffffffff, 0xffffffff], [0xff000000, 0xffffffff, 0x0, 0xff], 'veth1_to_bridge\x00', 'gre0\x00', {0xff}, {}, 0x16, 0xe, 0x5, 0x2}, 0x0, 0x10c, 0x130, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'wg2\x00', 'dummy0\x00', 0x8, 0x0, 0x7, 0xfffffffd, 0x6, 0x100, {0x7fff}, {0x8}}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x4}}}, {{@ipv6={@mcast1, @loopback, [0xffffff00, 0xffffffff, 0xff, 0xff], [0xffffff00, 0xff0000ff], 'xfrm0\x00', 'gretap0\x00', {}, {0xff}, 0x29, 0x0, 0x4, 0x4}, 0x0, 0xa4, 0xec}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x1, 0xc214, {0x1}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x494) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000198000/0x3000)=nil, 0x3000, 0x12) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = socket$alg(0x26, 0x5, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r6) sendmsg$NL80211_CMD_GET_REG(r6, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="0000ec2cca563f7331cc00000000"], 0x14}}, 0x8084) syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), r6) bind$alg(r5, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x4c) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c591", 0x5) r8 = accept4(r5, 0x0, 0x0, 0x0) r9 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_FREE_MR(r9, 0x114, 0x3, &(0x7f00000005c0)={{0x0, 0x66}, 0x44}, 0x10) sendmsg$TIPC_NL_MEDIA_SET(r8, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0) dup2(r4, r0) recvmsg$unix(r8, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000880)=""/14, 0xe}, {&(0x7f0000000500)=""/4, 0x4}], 0x2}, 0x0) r10 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r10, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0x0, 0xfe}, 0x9c) 2.20754316s ago: executing program 0 (id=2654): syz_io_uring_setup(0x10b, &(0x7f00000000c0)={0x0, 0x68f0, 0x80, 0xfffffffe, 0x27}, &(0x7f00000001c0)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) socket$inet6(0xa, 0x6, 0x0) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = open_tree(0xffffffffffffff9c, 0x0, 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) openat$cgroup_ro(r2, &(0x7f0000000100)='memory.numa_stat\x00', 0x26e1, 0x0) r3 = socket$inet6(0xa, 0x3, 0x2) sendto$inet6(r3, 0x0, 0x0, 0xc0005, &(0x7f0000000340)={0xa, 0x4e1d, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x75f8}, 0x1c) syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_matches\x00') prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, &(0x7f0000000040)={0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3}}) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_route(0x10, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') r5 = userfaultfd(0x1) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x488}) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000100), 0x3af4701e) 2.204697639s ago: executing program 2 (id=2655): r0 = userfaultfd(0x801) r1 = socket(0x10, 0x80002, 0x0) r2 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="2e0000001c0073fc0000000400fd000007000003", @ANYBLOB="020047040a000200", @ANYRESDEC], 0x30}}, 0x0) sendmmsg$alg(r1, &(0x7f00000000c0), 0x492492492492627, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) r3 = socket(0xa, 0x3, 0x3a) getsockopt$nfc_llcp(r3, 0x3a, 0x1, 0x0, 0x20000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000190c0)=ANY=[@ANYRES8=r3, @ANYRES32=r3, @ANYRES8=r3, @ANYBLOB="2fce590e"], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07) r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/if_inet6\x00') pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000192c0)=@newtaction={0x70, 0x30, 0xcac229faa96ee7df, 0xffffffff, 0xfffffffd, {}, [{0x5c, 0x1, [@m_ife={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4000, 0xffffffff}}}, @TCA_IFE_METALST={0x10, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x3}, @IFE_META_TCINDEX={0x4, 0x5, @void}]}]}, {0x4}, {0xc, 0x4}, {0xc}}}]}]}, 0x70}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7001f0081000000bfa30000000000000703000003feffff720a00fef8ffffff71a4f1ff0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffff20, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) socket$kcm(0x29, 0x0, 0x0) ioctl$sock_inet6_SIOCDELRT(r6, 0x890c, &(0x7f0000019400)={@loopback, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3, 0x6, 0x0, 0x0, 0x6, 0x105090100}) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) 1.947024542s ago: executing program 3 (id=2656): syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="1ed307"], 0xa) syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x800, 0x34324152, 0x2, 0xb, [{}, {}, {0xfffffffd}, {0xfffffffd}, {}, {0x0, 0x1000000}]}}) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) link(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') r1 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3e}}, 0x20) recvmmsg(r1, &(0x7f0000000ec0)=[{{&(0x7f0000000700)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, 0x0}, 0x1}], 0x1, 0x2020, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1a00001d05000000110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a60000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) connect$l2tp6(r1, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r6 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c0000005e00080026bd7000ffdbdf2500000000", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) 1.942633771s ago: executing program 1 (id=2663): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000480), r0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r2, 0x800455cc, 0x1) ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f00000005c0)={0x0, 0x7, 0x1, [0x5, 0x200, 0x401, 0x6, 0x4], [0x100000000, 0x8, 0x6, 0x7, 0x100000000, 0x8, 0x3, 0x9, 0x4, 0x100, 0x6, 0x4, 0x31d3, 0x4, 0x39, 0x7, 0x8, 0x4, 0xbec, 0xfff, 0x0, 0x400, 0x5, 0x8, 0x8000000000000000, 0xc94a, 0x9, 0x7fff, 0x2, 0x2, 0x100000000, 0x3, 0x9dff, 0x6, 0x7, 0xb332, 0x5, 0x7, 0x8, 0xffffffffffffffff, 0x84, 0x0, 0x463, 0x3, 0x7, 0x0, 0x9266, 0x200, 0x9, 0x85, 0xd8f2, 0x9, 0x9, 0x7fffffff, 0x7, 0xc000000000000000, 0x8, 0x39, 0x8, 0x8001, 0x9, 0x5, 0x800, 0x10000, 0x3, 0x100, 0x28e, 0x1, 0x0, 0x100, 0x2, 0x6e, 0xa0b, 0x4, 0x7fff, 0x4, 0x10000, 0x8f2a, 0x9, 0x2, 0x7, 0xffffffff, 0x16d, 0x6f, 0x1, 0x3, 0x7, 0x8, 0x9, 0x5, 0xfffffffffffffffb, 0x54a, 0xfffffffffffffffe, 0x0, 0x5, 0x5, 0x3, 0x3, 0x6, 0x2, 0x5b47dde6, 0x5, 0x175f, 0x7, 0x80000000, 0x1ff, 0x6, 0x100000000, 0x6, 0x0, 0x4, 0x1, 0x9, 0x800, 0x4, 0x71ec, 0x5, 0x4e, 0x9, 0x9, 0x70]}) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x1c, r1, 0x27, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) lsetxattr$security_ima(&(0x7f0000000080)='.\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v2={0x3, 0x2, 0x3, 0x1}, 0x9, 0x3) 1.844703863s ago: executing program 1 (id=2657): openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x39, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x50}, @TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xf01d}]}}]}, 0x44}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x20008844) socket$nl_audit(0x10, 0x3, 0x9) openat$dir(0xffffffffffffff9c, 0x0, 0x40, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382) r2 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n0x0, 0x0}, 0x2020) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0xb, &(0x7f0000000140)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000002140)=ANY=[@ANYBLOB="02000000010004000000000002000000", @ANYRES32=r4, @ANYBLOB="040000000000000008000400", @ANYRES32=r5, @ANYBLOB="08000500", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08010200", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="08000400", @ANYRES32=r5, @ANYBLOB="08000400", @ANYRES32=r5, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000300000000002000010000000000"], 0x6c, 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000080)={0x10001, r6}) mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r8, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000300)='numa_maps\x00') pread64(r9, &(0x7f000001a240)=""/102400, 0x19000, 0x0) listen(r1, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800) r10 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r10, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r10, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) setsockopt$sock_int(r10, 0x1, 0x23, &(0x7f0000000600)=0x3, 0x4) sendto$inet(r10, &(0x7f0000000180)="0c269651cad05a18a1d10aa3a6fda2ca7748d84832dad2510de6dbd99994a1befd006bc5bc54bd5f87c729c59ed5cdc27c141bb747ba099043f4307d6f7b0def946b8f17636c0c09f710cde3233407f55af920959ac14696494eff070000000000000bf563262de57b44b734a412acd21fe098cadf0ceb7d1d20871b", 0x7c, 0x40000, 0x0, 0x0) 1.046994175s ago: executing program 2 (id=2659): r0 = fsopen(&(0x7f0000000040)='ntfs3\x00', 0x0) socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x3d0, 0xffffffff, 0x0, 0x0, 0x224, 0xfeffffff, 0xffffffff, 0x308, 0x308, 0x308, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'veth1\x00', 'vcan0\x00'}, 0x2f2, 0xd0, 0xf4, 0x0, {}, [@common=@srh={{0x2c}}]}, @REJECT={0x24}}, {{@ipv6={@remote, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xd4, 0x130, 0x0, {}, [@common=@unspec=@cluster={{0x30}, {0x0, 0x4}}]}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv4=@empty}}}, {{@uncond, 0x0, 0xa4, 0xe4}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "1655e7b191395139620734d46e52f71c1747c6110a6d555946752e989951"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x42c) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) io_setup(0x23, &(0x7f0000000280)=0x0) setresuid(0x0, 0x0, 0xee00) creat(&(0x7f0000000000)='./file0\x00', 0x0) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045009, &(0x7f0000000040)) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) openat(0xffffffffffffff9c, 0x0, 0x80101, 0x0) creat(&(0x7f0000000140)='./file0\x00', 0x1) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) io_submit(r4, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}]) ioctl$BINDER_WRITE_READ(r7, 0x40046208, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='iocharset', 0x0, 0x0) 480.705228ms ago: executing program 0 (id=2660): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000000c0), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x2df0, 0x9b50, 0x3, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket$inet6(0xa, 0x1, 0x84) add_key(&(0x7f0000000000)='pkcs7_test\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, 0x0, 0x0) bind$inet6(r2, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000006080)=@newtaction={0x4294, 0x30, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [{0x4280, 0x1, [@m_skbedit={0xf4, 0x1c, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x5}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x10000, 0x2, 0x4, 0x333bb3c9, 0x8001}}]}, {0xa5, 0x6, "8fb3557ba6e299d84e7d241e2abf5411501bf2991c0039897eadb758973ea0d2cdd47f364c4abfc5c73d172ec935928bc8d0ab493b114559c47d7d2fb7165be4c0d323fcd45f7798c045217c6cbd5c29fde3f0054c2795c48761be8b383e4cb776ddee981f6fdb03df7ce7c98abf9747543246a2c4ba910baa1aa61710c77bc9cf9b6fc3c75dd92f2876764de37f75f010de8843f2fc520f52c3ee960ebd5ab1e6"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_police={0x2b4c, 0x5, 0x0, 0x0, {{0xb}, {0x2abc, 0x2, 0x0, 0x1, [[@TCA_POLICE_AVRATE={0x8, 0x4, 0x100}, @TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x4, 0x4, 0x0, 0xa, 0xb1, 0x101, 0xff, 0x5, 0x72, 0x2, 0x7f, 0x7, 0x2, 0x4, 0x671, 0x3, 0x0, 0x86, 0x2, 0x1, 0x6, 0xc, 0x4000000, 0x7, 0xfffffffe, 0x230, 0xdcb, 0x0, 0xddd, 0x3, 0x5, 0xffffb44d, 0x396, 0x1, 0x1, 0x1a04, 0x800, 0x3ff, 0x10, 0x0, 0x9, 0x6, 0xfffffff7, 0x2, 0x200, 0x10000, 0x0, 0x6, 0xffffffff, 0xfffffeff, 0xc, 0x2, 0x9, 0x3, 0x6, 0x2, 0x5, 0x9, 0x7f, 0x5, 0x3, 0x9, 0x135, 0x1, 0x0, 0xfff, 0x5, 0x8, 0xa0, 0x8, 0x5, 0x9, 0x9, 0x62, 0x4, 0x1c84, 0x22, 0x7, 0xb312, 0xfc, 0x2779, 0x629, 0x3, 0x1, 0xed, 0x5, 0x8, 0xd9e, 0x0, 0x81, 0x6, 0xc, 0x6d1, 0x9, 0xfffffffb, 0x5, 0x8b, 0xe03, 0x2, 0xe54, 0x81, 0xeafb, 0x80000000, 0x80, 0xb, 0x7, 0x6440, 0xa, 0xb12, 0x7829, 0x6, 0x10000, 0xfffffff9, 0xda, 0x8000, 0x3, 0xfff, 0x1a5, 0x8, 0x9, 0x9, 0x6, 0x7, 0x80000000, 0xbcde, 0x80000000, 0x9, 0x9, 0x10001, 0x8, 0x3, 0x1, 0x6, 0x80, 0x4, 0xe0, 0xc05, 0xffffffff, 0x10000, 0x3, 0xb4b, 0x2, 0x4, 0x5a8, 0x36, 0x0, 0x6, 0x4, 0xffffffff, 0x2, 0x3, 0x3, 0x9, 0x8, 0x5, 0x80000000, 0x6, 0xa, 0x2c7485f7, 0xfffffff9, 0xffffffb2, 0x29e0, 0x6, 0x2, 0x1, 0x5, 0x4, 0x6, 0xd, 0x800, 0x1, 0x3, 0x6, 0x8, 0x8000, 0x2, 0x3, 0x7, 0x3, 0x8, 0x5d, 0x9, 0x1, 0x3ff, 0x3, 0x4, 0x401, 0x7fff, 0x6, 0x7, 0x2, 0x41, 0x5c6, 0x1, 0xcc47, 0x80000001, 0x9c4c, 0x7, 0x7f, 0x9, 0x2, 0xca, 0x7, 0x1, 0x8, 0x7fff, 0x8, 0x500, 0x7, 0x9, 0x7, 0x7, 0x2, 0x8b, 0x4, 0x5, 0x8f4, 0x3, 0x70b8, 0x900000, 0xfffffff1, 0x0, 0x2, 0xfffff800, 0x4, 0x5, 0x5, 0x4, 0x8, 0x7fff, 0x40, 0x3, 0x3, 0x0, 0xfffffff9, 0x8, 0x8, 0x2, 0x1, 0x2, 0x9a1, 0x6, 0x0, 0x8, 0x8, 0x1, 0xfff, 0x80, 0x9, 0x4, 0x0, 0x101, 0xff, 0x8, 0xd]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8000, 0x54, 0x4, 0x1, 0x7, 0x5, 0x4, 0x40, 0x4, 0x6, 0x4, 0x7, 0x2, 0x6, 0x1000, 0x8, 0x101, 0xe, 0x9, 0x5, 0x9, 0x6, 0x8, 0x8, 0x2, 0x3, 0x3, 0x4, 0xa111, 0x8f1, 0x4, 0xfffff369, 0x3ff, 0x656, 0x7eec00, 0x0, 0x0, 0x0, 0x3, 0x8, 0x4, 0x9, 0x0, 0x4, 0x4, 0x1, 0xf43, 0x7fffffff, 0xffff, 0x9, 0x1, 0x3, 0x2, 0x2, 0x5, 0x3, 0x7, 0x2, 0x80000000, 0x5, 0x2, 0x4, 0x4, 0x8, 0x7f, 0x9, 0x8, 0xd7, 0x1, 0x7, 0x5, 0x40, 0x9, 0x3, 0x9, 0x5, 0x8, 0x5, 0x800, 0x0, 0x4, 0x7, 0x9, 0x1d, 0x3, 0xc, 0x3, 0x7, 0x4, 0xd7c, 0x7, 0x1, 0x0, 0x40, 0x2, 0x5, 0x7ff, 0xdd51, 0x7, 0x9, 0x9, 0x4, 0xcb9, 0x8, 0x97a, 0x0, 0xff, 0xfffffff7, 0x1, 0x8, 0x8, 0x5, 0x6b0a0f54, 0x5, 0x8c4, 0x40, 0xa5, 0xe2, 0x0, 0x6, 0x1107951f, 0x4, 0x164, 0x5, 0xffffd08f, 0x4, 0x6, 0xff, 0x1, 0x3, 0x3, 0x3ff, 0xffffdcb5, 0x0, 0x1, 0x1, 0x401, 0x4, 0x0, 0x8c55, 0xa3, 0x7, 0x3, 0x3, 0x4, 0x6, 0x1000, 0x6, 0x4, 0x6, 0x3, 0x4, 0x1, 0x5adc, 0xf09, 0x380, 0x8, 0x48, 0x1a5b2e77, 0xdec, 0x8, 0x5, 0xd, 0x4d0, 0x6, 0xf6f0, 0x7fff, 0x800, 0xacf, 0xf6, 0x0, 0x40, 0xff, 0x7, 0x101, 0x5, 0x9af1, 0x3ff, 0x3, 0x8, 0x3, 0x7, 0x5, 0x2, 0x59, 0x9, 0x6, 0x9a7, 0x5, 0x0, 0x3, 0x1, 0x100, 0x0, 0xfffffff9, 0xda, 0xfffff800, 0xd6, 0x1ff, 0x100, 0x3, 0x401, 0x6, 0x15cf, 0x800, 0x400, 0x9, 0xa, 0x9a3, 0x6, 0x1, 0x9, 0x9, 0x6, 0xa, 0xd, 0x4, 0x4, 0x1, 0x6, 0x17, 0x4, 0x7, 0x7fff, 0x68, 0xfffffff9, 0x81, 0x5, 0x1, 0xfffffff9, 0x8000, 0x9, 0xbb, 0x9, 0x5, 0x81, 0x10000, 0x4, 0x9, 0x4, 0x5, 0x0, 0x0, 0x6, 0xffffe000, 0x800, 0x4, 0x6, 0x3, 0x95, 0x4, 0x3, 0x8000, 0x5, 0x3, 0x10000]}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x9c, 0x0, 0x1, 0x1ff, 0x400, 0xe, 0x2, 0x8, 0x3, 0x7ff, 0x40004, 0x10, 0x3, 0x8, 0xa, 0x3, 0xffffffff, 0x7fffffff, 0x4, 0x9be, 0x3, 0x3, 0x8, 0x8000, 0x0, 0x0, 0x3, 0x2b, 0x4, 0xe21, 0xe, 0x7, 0x81, 0x3, 0x3, 0x9539, 0x2, 0x6, 0x80000001, 0x4, 0x3, 0x3c2, 0x8, 0x48d0, 0x2, 0x5, 0x0, 0x4, 0x95f, 0x3, 0x400, 0x39, 0x10001, 0x154b, 0x9, 0x800, 0x10001, 0x8, 0x7, 0x7fff, 0x1, 0x1, 0x80, 0x0, 0x2, 0x0, 0x9, 0x3ef, 0x2be, 0x6, 0x9a2, 0x7, 0x7, 0x0, 0xc7, 0x7, 0x6, 0x9, 0x7, 0x0, 0x5, 0x6, 0x5, 0x2, 0xa5e, 0x2, 0x6, 0x0, 0xea, 0x1000, 0x9, 0x6, 0x1ff, 0xd7, 0x27, 0x6, 0x2, 0x400, 0x3, 0x0, 0x9, 0x7fff, 0x1, 0x7, 0x8, 0x4, 0xfffffff4, 0x14000000, 0x6, 0x7, 0x8, 0xff, 0x9, 0x3, 0x1, 0x988dc218, 0x2, 0xfffffff3, 0x10000, 0xd, 0x9, 0x100, 0x8000, 0x9, 0x800, 0xa6, 0x0, 0x7fff, 0x8, 0xfffffffb, 0x0, 0xe0f, 0xe, 0x8, 0x3, 0x0, 0x1, 0x5, 0x8f, 0xffffffff, 0x4a6, 0xf, 0x2, 0x1ff, 0x78f, 0x4, 0xfffffffb, 0x67, 0x1, 0x9, 0x10001, 0x3, 0x5, 0x1, 0xfffffffc, 0x8000, 0xc, 0x8, 0x1, 0x200, 0x9, 0x4, 0x400, 0x81, 0x3, 0xa8a, 0x2, 0xb, 0x2, 0x5, 0x3, 0x8, 0x0, 0x4, 0xdc, 0x7ff, 0x2, 0x6, 0x80000001, 0xc5, 0x7f, 0x9a6, 0x4, 0xfff, 0x5, 0x9, 0xffffffff, 0x7, 0xfffffff9, 0x5, 0x400, 0x4, 0x8, 0x400, 0x1, 0x9, 0x100, 0x78fb9eb9, 0x9, 0x7, 0xdb9, 0x80, 0x8, 0x2, 0x7, 0x3, 0xd5de, 0x0, 0x8, 0x3, 0x15, 0x9, 0x7, 0x3000, 0x1000, 0xfff, 0x2, 0x2, 0x7c84, 0x8, 0x1, 0x274, 0x2, 0x922, 0x0, 0x8, 0x9, 0x8, 0x3, 0x4, 0x6, 0x3, 0x9, 0x7, 0x3, 0x8, 0x6, 0x0, 0x1a4, 0xe, 0x1, 0x101, 0x4, 0x5, 0xff, 0x4, 0x101, 0x6, 0x0, 0x3, 0xd, 0x6, 0x29, 0x8, 0xff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x10, 0x680f1ac03817e2b, 0xf53, 0x275, 0xe9e9, {0x5, 0x2, 0x80, 0x7fff, 0x4, 0x5}, {0x0, 0x0, 0x1ff, 0x800, 0xfffd, 0x40}, 0x7, 0xd14, 0xe74}}, @TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x0, 0x23a, 0x13c8, 0x1, 0x11a, 0x1, 0x2, 0x4, 0x3, 0x6, 0x5, 0x1, 0x3, 0x8, 0x7fffffff, 0x4, 0x2, 0x3ff, 0x2, 0x10f8298c, 0xfffffff7, 0x80, 0x6, 0x7, 0x6, 0x9, 0x5, 0x5, 0x10000, 0x400, 0x6, 0x1, 0x1, 0x7e3, 0x1, 0x1, 0x2, 0x1, 0xb, 0x2, 0x3, 0x7fffffff, 0x6, 0x401, 0xc000, 0x401, 0x1a, 0x7, 0x4, 0x80000001, 0x3, 0x8, 0x2, 0x10, 0x8, 0x1, 0x2, 0x0, 0x4, 0x6c0, 0x5, 0x10000, 0xe, 0xa008, 0x7, 0x5, 0x80000001, 0x6, 0x0, 0x3, 0xfffffff6, 0x999, 0x6, 0x7700000, 0x2, 0x7, 0x6, 0xd, 0x6, 0x8, 0x2, 0x4, 0x7fffffff, 0x7, 0xb6, 0x7, 0x2, 0x2, 0x5, 0x10, 0xab3d, 0x5, 0x85, 0x7a7, 0x10001, 0x9, 0x8, 0x8, 0xc, 0x1, 0x10001, 0xfffffff9, 0x2, 0x2ac9e58e, 0x792, 0x9, 0x8c7, 0x400, 0x1ff, 0x9, 0x8, 0x200, 0xac, 0xf4, 0x8, 0x9, 0xbb9, 0x4, 0x8, 0x81, 0x9, 0x1, 0x9f, 0x2, 0x2, 0x1ff, 0x1, 0x2, 0x6, 0xf, 0x9, 0x0, 0x9, 0x3, 0x4, 0x81, 0x2, 0x7, 0xd4, 0x7, 0xfffffc00, 0x1000, 0x1, 0x4, 0xfff, 0x2, 0x7f, 0x4, 0xfffffffe, 0x8, 0xffffffff, 0x1, 0x8001, 0x0, 0xfffffff8, 0x81, 0x8001, 0x8, 0x101, 0xc, 0x7, 0x9, 0x2, 0x2, 0xffffffff, 0x5, 0x0, 0x7, 0x52, 0x8, 0x5, 0x9, 0x400, 0x3, 0xfffffffe, 0xf6, 0x3, 0x6, 0x5, 0x0, 0x1864, 0x4, 0xa, 0x3ff, 0x1, 0x2, 0x6, 0x5, 0x9, 0x8, 0xb6, 0x2170, 0x0, 0xfffffbfc, 0xfffffcaf, 0x4518, 0x0, 0x8, 0x9, 0x9, 0x3, 0xafe, 0x2e4e224, 0x9, 0x9, 0x45ea, 0x0, 0x112414e, 0x7, 0x8, 0xff, 0xfffffe00, 0x6, 0x1, 0x1, 0x7f, 0x0, 0xfffffff9, 0x200, 0xd92b, 0x2, 0x7, 0x1ff, 0x2, 0x2, 0x2, 0x10000, 0xea, 0x8, 0x5, 0x7, 0xfffffffb, 0x792ea6fe, 0x64f2, 0x5, 0x10, 0xa13, 0xdf4, 0x5, 0x96c, 0x3, 0x5, 0xffffffff, 0x9, 0x1000, 0x6, 0x10000, 0x401, 0x0, 0x2, 0x7, 0x7fffffff, 0x4, 0x61, 0xfffffffe]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x3, 0x5, 0x7, 0x401, {0x1, 0x2, 0x10, 0x3, 0xf, 0xc8}, {0x10, 0x4cca4b8323583063, 0x6, 0x5, 0x3, 0x2}, 0x6, 0xf, 0x6}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x3, 0x8, 0xa, 0x7, {0xff, 0x2, 0x1, 0x9, 0x2, 0x5}, {0x5, 0x0, 0x0, 0x21b, 0xff, 0x57f7}, 0x6, 0x7ff, 0x4}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x4, 0x3, 0x0, 0x6, {0x7, 0x1, 0x0, 0x3, 0x1020, 0x3}, {0x5, 0x2, 0x1, 0xbee, 0x0, 0x8}, 0x9, 0xffff, 0x3}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x8000}], [@TCA_POLICE_RATE64={0xc, 0x8, 0x1}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x40, 0x8001, 0xbbe, 0x80000001, 0x5, 0x52, 0x0, 0x1, 0x9, 0x5, 0x9, 0x0, 0x0, 0x7, 0xfffffff9, 0x3e7, 0x8, 0x3, 0x8, 0x1b, 0x10000, 0x1a08, 0x7, 0x3, 0xae0, 0x7, 0x1, 0x800, 0xee5b, 0x1000, 0x6, 0x10000, 0x9, 0x0, 0x533, 0x8, 0x8, 0x2bc5, 0x5, 0xfffffffc, 0xd, 0x4, 0x6, 0x5, 0x9c7, 0x90000000, 0x6, 0x8, 0x2737, 0x6, 0x8000, 0x10, 0x879f, 0x9, 0x8001, 0x2, 0x4, 0x1, 0x6, 0xc, 0x20000000, 0x2, 0x200, 0x8, 0x7fff, 0x5, 0x5, 0x7, 0x50, 0x6, 0x8, 0x9, 0xd, 0x834, 0xa1d, 0x8, 0x7, 0x6433, 0xd03e, 0x9, 0x5, 0x9, 0x5, 0x145e, 0x2, 0x3, 0x9, 0x7fffffff, 0x1, 0x8, 0x6a, 0x2, 0x3, 0x0, 0x43, 0x8001, 0x2, 0x5, 0x1000, 0x200, 0x5, 0x4, 0xfff, 0x81, 0xffff2929, 0x5c2, 0x6, 0x8, 0xe, 0xffffffff, 0x8a, 0x7, 0x77e, 0x1, 0x2, 0x9, 0x1, 0xf5e38d2, 0x1, 0x5, 0xc, 0x273c, 0xe22, 0x5, 0xe74a, 0x1, 0x2, 0x2, 0x80000000, 0x8218, 0x3, 0x9, 0x8, 0x7fff, 0x3, 0x1000, 0x6, 0x0, 0xe94d, 0x4, 0x2, 0x6, 0xcb4, 0xffffff80, 0x2, 0xf3c, 0x2, 0x80, 0x2223, 0x2, 0x5, 0x3, 0x7, 0x2, 0x3, 0xb, 0x58f, 0xfff, 0x3, 0xfffffff8, 0x6, 0x5, 0x9, 0x7, 0x0, 0x9, 0x9, 0xcef, 0x2, 0x4, 0xc68, 0x8, 0x3, 0xfffffc32, 0x1, 0xf, 0x7ff, 0xffffffff, 0x10000, 0xfffffff1, 0x200, 0xfce7, 0x0, 0xf, 0x5d, 0x9, 0x2, 0x9, 0x9, 0xfffff000, 0x1, 0x1, 0x3, 0x0, 0x8001, 0x10000, 0x7, 0xcd, 0x1, 0xfffffffa, 0x9, 0xce9, 0x9, 0xe1b8, 0x80000000, 0xcc6b, 0x9, 0x6, 0x3, 0x3, 0xff, 0xbd, 0xb2, 0x6, 0xffffffff, 0xfffffff9, 0x8, 0x8, 0x6, 0x7, 0xfffffff9, 0xf, 0x7f, 0xfffeffff, 0x3, 0x7, 0x8, 0x6, 0x5, 0x0, 0x5, 0x3, 0x3, 0x5, 0x8, 0x7, 0x7, 0x4, 0x7, 0x401, 0x5, 0xb1e, 0x80, 0xb3, 0x1ff, 0x7, 0xfffffffa, 0x1, 0x1b, 0x7, 0x196d, 0xffffffff, 0x6, 0xb4a]}, @TCA_POLICE_RESULT={0x8, 0x5, 0xfff}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x20000000, 0x2, 0x24, 0x7, {0x1, 0x1, 0x400, 0x8, 0x1}, {0x7, 0x0, 0x8000, 0x8, 0x21, 0x283b}, 0x7f, 0xb, 0x7f}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1}, @TCA_POLICE_TBF={0x3c, 0x1, {0xffff, 0x1, 0x8, 0xb, 0x7fffffff, {0x7f, 0x1, 0x9, 0xfff, 0x8, 0x1ff}, {0x6, 0x0, 0x7, 0x8b83, 0x81, 0x8}, 0xffffffff, 0x0, 0x9}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x100000000}, @TCA_POLICE_RESULT={0x8, 0x5, 0x6}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x8}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x5, 0x0, 0x2, 0x101, 0x88bd, 0x2, 0x2, 0x5, 0x3, 0x400, 0xf06, 0xfffffffe, 0x3, 0xc5e, 0xfff, 0x8, 0x8, 0xa3, 0x7, 0x9, 0x0, 0x0, 0xd, 0x2, 0x8, 0x5, 0x6, 0xe, 0x8, 0x8, 0x9, 0xe, 0x4, 0x7ff, 0x4, 0x983, 0x5977dead, 0xef29, 0x8, 0x0, 0x800, 0x6, 0x7, 0x3, 0x6, 0x9, 0xff, 0x2, 0x5, 0x1, 0x100000, 0xffffffff, 0x8, 0x29000, 0xe8, 0x8001, 0x7, 0x702, 0x6, 0x7, 0x0, 0x4, 0x7f, 0xa, 0xfffffffd, 0xb, 0x17, 0xa0, 0x1, 0xd, 0x6, 0x80, 0x10001, 0x7, 0x2, 0x200, 0x3, 0x4, 0x0, 0xb9e, 0xfff, 0x9, 0x0, 0x8, 0x7, 0x5, 0x1, 0x7f, 0x0, 0x8, 0x5, 0x401, 0xfffffff9, 0x7f, 0x0, 0x2, 0x4, 0x5, 0xae, 0x7, 0x2, 0x3, 0x4, 0x3, 0x4, 0x3, 0xffffffff, 0x8000, 0x4000000, 0x40, 0x7, 0x0, 0x1, 0x8, 0x3, 0xfffffffe, 0x2400, 0x10000, 0x9, 0x7fff, 0xfffffffd, 0x1, 0x2, 0x1000, 0x1, 0x4, 0x1ff, 0x1, 0x78760c53, 0x6, 0x5, 0x7fff, 0x4, 0x4, 0x8, 0xbd, 0xca20, 0x6, 0x7fff, 0x76, 0x5, 0x1000, 0xb, 0x536, 0xe1e, 0x6, 0x9, 0x1, 0x2, 0x3, 0x5, 0x1, 0x0, 0x400, 0x9, 0x5, 0x0, 0x7f, 0x6, 0x8000, 0x122125ee, 0xf, 0x6, 0x4c, 0x2, 0xc968, 0x5, 0x7a2f, 0x4, 0x4, 0x7, 0x3, 0x6, 0x8, 0x2, 0xfffffff7, 0x5, 0x2071, 0x4, 0x800, 0x3, 0x8, 0x3, 0x4, 0x4000800, 0x7, 0x80000000, 0xa, 0x6, 0xc, 0x300000, 0x71b0, 0x7b9, 0xf6, 0xfa, 0x7386, 0x6, 0x0, 0x9, 0xaf43, 0x80000001, 0x1, 0xee21, 0x1ff, 0x8772, 0x2, 0x7fff, 0x9, 0x4, 0x0, 0x100, 0x8, 0x8, 0x200, 0xe599, 0x2, 0x2, 0x6c65, 0x40, 0x9, 0x93, 0x0, 0x200, 0xb94a, 0x9, 0x40a2, 0xc, 0x3, 0xff, 0x8, 0x0, 0xb1, 0xfda0, 0x3, 0x6, 0x5, 0x0, 0x5, 0xdd7, 0x1000, 0x6f, 0x7, 0x3e, 0x8, 0x7, 0x4, 0x5, 0x0, 0x6, 0xe, 0x8, 0x4, 0x6, 0x5, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0xffffffffffffffff, 0x2, 0x13, 0x9, {0x0, 0x1, 0x3, 0x8}, {0x28, 0x0, 0xb225, 0x0, 0x1, 0x3}, 0x48, 0x401, 0x2}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}, @TCA_POLICE_RATE64={0xc, 0x8, 0x7fff}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x8}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x2}, @TCA_POLICE_RESULT={0x8, 0x5, 0x80000000}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0x6, 0x6, 0x5, 0xb15, 0xffff98b9, 0x800, 0x81, 0x7, 0x7, 0x9, 0x7, 0xffffffc0, 0x8a5, 0x5, 0xd883, 0x3, 0x8, 0x80000000, 0xfdf, 0xb, 0x910, 0x9, 0x81, 0xa, 0x40, 0xffff, 0xfffffffe, 0x1419, 0x0, 0x2, 0x3, 0x7, 0x10000, 0x4, 0xbb, 0x9, 0x5, 0x7, 0x7fffffff, 0x2, 0x6, 0x6, 0x4e6ddae1, 0xfffffffb, 0x30, 0x40, 0xf, 0x6, 0x401, 0x2535, 0x0, 0x9, 0x9, 0x7f, 0x1, 0x3a, 0x2, 0x81, 0xfffffffc, 0xa88, 0x9, 0x0, 0x4, 0x0, 0x77, 0x8, 0xf7, 0xffffff7f, 0x3, 0x2, 0x81, 0xffffffff, 0x4, 0x0, 0x401, 0x9, 0x5f, 0x9, 0x0, 0x100, 0x1, 0x3, 0x7, 0x2, 0x6, 0x9, 0xae7f, 0x16, 0x5, 0x4, 0x9, 0x4, 0x7ff, 0x5, 0x7, 0x64f, 0x7, 0x38, 0x7, 0x80, 0x0, 0x8, 0x4, 0x9, 0x8, 0x2, 0x7ff, 0x1, 0x1d, 0x5, 0x3, 0x6, 0x80, 0x2, 0x6, 0x1, 0x3, 0x5, 0x1ff, 0x3e73, 0x9c5c, 0x5, 0xee400000, 0x1, 0xfff, 0x8, 0x9, 0xd5b, 0x5, 0xffffffff, 0x5, 0x9, 0x101, 0x1, 0x400, 0x1, 0x9, 0xfffffff6, 0x8, 0x9, 0x0, 0x401, 0xe3, 0x6, 0x1e, 0x3, 0x400, 0x9, 0x10, 0x2, 0x100, 0x2, 0x200, 0x401, 0xfffff1fe, 0xfce7, 0x0, 0xb4c, 0x61, 0x8001, 0x8000, 0xd, 0x9, 0x100, 0xbee, 0x3, 0x6, 0x1, 0x3a, 0x0, 0x4, 0x10, 0x0, 0x1b, 0x7fff, 0x8, 0x5, 0x9, 0x5, 0x9, 0x10000, 0x3, 0x1, 0xd96, 0x2, 0x80000000, 0xe, 0x9, 0x401, 0x5, 0x4, 0x5, 0x148, 0x6, 0x3, 0x3, 0x4, 0x6497, 0x5b1deb53, 0x7, 0xfffffff7, 0x401, 0x3b0c00b6, 0x7, 0x3, 0xffff97a5, 0x5, 0x3ff, 0xdf5, 0xd1, 0x3, 0x7, 0x7, 0x1, 0xe64, 0x5, 0xffff, 0x400, 0x2, 0xec06ac33, 0x0, 0x6, 0x31b, 0x5, 0x9, 0x2, 0x1, 0x6, 0x2, 0x4, 0x7, 0xfff, 0x0, 0xee, 0x1f5c7c0d, 0x0, 0x4, 0x3b, 0x0, 0x1, 0x1ff, 0x7, 0xc116, 0xe872, 0xfffffc01, 0xffffffff, 0x6, 0x6, 0x2, 0xffffffff, 0x400, 0x7, 0xffff62c3, 0xe, 0x100]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0xd66, 0x6, 0x5, 0x1000, 0xc, 0x455a, 0x8000, 0x2, 0x9, 0x7f2, 0x3, 0x81, 0x9, 0xb, 0xe932, 0xffff, 0x3, 0xffff7fc3, 0x7, 0xe, 0xa000000, 0x0, 0x4, 0x0, 0x0, 0x2, 0x4, 0x9, 0x1, 0x2, 0x7, 0xa0f, 0x6, 0x0, 0x0, 0x9, 0x6, 0x6, 0x9, 0x0, 0x2, 0x8, 0x5, 0x5a, 0x7, 0x1, 0x800, 0x1, 0x4, 0x3, 0x2, 0x5, 0xc, 0x1000, 0x1, 0xfffffff8, 0x9, 0xe44, 0x0, 0x5, 0x7, 0x9, 0x1, 0x4dde, 0x2, 0x3, 0x6, 0xb06, 0x4, 0x0, 0x3, 0xb, 0x939, 0x7e03, 0x8, 0x9, 0x1c54cac6, 0x1, 0xe, 0x1, 0x4, 0xa1, 0xe34, 0xfffffffe, 0x84, 0x4823, 0xc, 0x1000, 0x7f, 0x7fffffff, 0x1, 0x0, 0x7, 0x5, 0xc6, 0x81, 0x2, 0x2, 0x3, 0x4, 0x2, 0x7f, 0x1000, 0x3, 0x7f, 0x2, 0x9, 0x7, 0x0, 0x1, 0x7f, 0x7fffffff, 0x10, 0x8, 0x7fff, 0x8, 0x2, 0x7, 0x61, 0x6a7, 0x9, 0x7, 0x8001, 0x10001, 0xffff, 0x9753, 0x1000000, 0xfff, 0xfffffffa, 0xab0, 0x8, 0x4, 0xfffffff8, 0x4, 0x2, 0xfffff001, 0x80000001, 0xffff, 0x8000, 0xdf58, 0x3, 0x608b, 0x5, 0x8, 0x4, 0x5, 0x5, 0x3, 0x200, 0x76389d1e, 0x5, 0x9, 0x4, 0x0, 0x10000, 0x8, 0xfffff000, 0x4, 0x7f, 0x7, 0x6, 0x8, 0x8, 0x3, 0x89ba, 0x1, 0x6, 0xf1, 0xfffffff9, 0x83, 0x7fff, 0x10000, 0x9b8, 0x6, 0x3, 0x0, 0x101, 0x8, 0xf0, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x0, 0x6, 0xce, 0x20a, 0x8, 0x18, 0xd26, 0x605, 0x9, 0x2, 0x0, 0xfffffff8, 0x315, 0x2, 0x9, 0xffffffff, 0x9, 0x145fc1f, 0x8, 0x8359, 0x9, 0x3, 0x9, 0x8, 0x5, 0xffffffff, 0x6c, 0x26cad3a5, 0xff, 0x0, 0x2, 0x1, 0x8001, 0x9, 0x7, 0x5, 0x4b, 0x80000000, 0x7f, 0xa8, 0xff, 0x200, 0x7fff, 0x0, 0x0, 0xa, 0x7, 0x7, 0x1, 0x8001, 0x1abb, 0x473, 0x3, 0x4, 0x3, 0x259a9198, 0xf29, 0x100, 0xffffffff, 0x21, 0x7fff, 0x0, 0x5, 0x40, 0x0, 0x0, 0x2, 0x5, 0x9, 0x0, 0x1ff]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x1}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0xea3, 0x4, 0x2, 0x8c, 0x0, 0x40, 0x6, 0x2, 0x3, 0x1ff, 0x9, 0x9, 0x80, 0x8, 0x8, 0xb, 0x6, 0x87, 0x31, 0xfe, 0x100, 0x9, 0x2, 0x4, 0x27, 0xe00, 0x10001, 0x1, 0x6, 0x7, 0x0, 0x10, 0x9, 0xffffffff, 0x7fff, 0xc597, 0x5, 0x9, 0x8, 0x6, 0x6, 0x0, 0x5, 0x9, 0x2, 0x2, 0x42ce0000, 0x2, 0x5, 0x10001, 0x1, 0x8, 0x2, 0x3d3, 0x0, 0x3, 0x5, 0x1, 0x7, 0x40, 0xff, 0x9, 0x5, 0x1a0, 0x0, 0x1, 0xffffffff, 0x80000001, 0x65b, 0xffffffc0, 0x50d, 0x1, 0x8, 0x3, 0xff, 0x1, 0x5, 0x4, 0x1, 0x4, 0x2, 0xfffffc01, 0x32b8000, 0x5, 0x10000, 0x40, 0xb, 0x775, 0x2, 0x7, 0x6, 0xfffffffa, 0xe, 0x435, 0x3, 0x6, 0x7, 0x0, 0x1ff, 0x5d, 0x1, 0x1, 0x7, 0x4, 0xe, 0x5, 0x7, 0x4, 0x0, 0x4, 0x2, 0xfffffff8, 0x5236, 0x7, 0x1, 0x7fff, 0xc9, 0x5c, 0xac, 0xffffffc0, 0xfffff800, 0x8, 0x8, 0x6000, 0x20000000, 0x1, 0x7fffffff, 0xfffff800, 0x8, 0x0, 0xf, 0x4, 0x764, 0x7f, 0x1ff, 0x3, 0xffff, 0x5, 0x0, 0x7fff, 0x6, 0x1, 0x4ba, 0x8, 0x1, 0x4, 0xc8, 0x1, 0xcc, 0x7f, 0x8, 0x3, 0x26, 0x3, 0xfffffff8, 0x5d, 0x0, 0x10001, 0x0, 0x7, 0x2, 0x100, 0xffffffff, 0x1, 0x5, 0xa6e, 0x8, 0x2, 0x7fffffff, 0x8, 0xff, 0x63223a9a, 0x9, 0x10001, 0x1, 0x5, 0x0, 0x7f, 0x5, 0x8, 0x7d2, 0x8b0, 0x800, 0x8001, 0x81, 0x4, 0xfffffffd, 0x3ff, 0x9a4, 0x4, 0x2, 0xf6c1, 0x10001, 0x0, 0x0, 0x7f, 0xf734, 0x3, 0x80000000, 0x6, 0x10000, 0x0, 0x5c, 0xa86b, 0x2, 0x4, 0x7ff80, 0xffff, 0x7fff, 0x0, 0x6, 0xa, 0x7, 0x442, 0x3, 0x3800000, 0x4, 0x7, 0x6, 0x80, 0x3, 0x8db, 0x6, 0x7f7b, 0x87e9, 0xd, 0x0, 0xaa8, 0x2, 0x6e, 0x35, 0x9, 0x4, 0x0, 0x5, 0x5, 0x4, 0x2, 0x9, 0x4, 0x1000, 0x0, 0x80000001, 0xfffffff8, 0x0, 0x6, 0x8, 0xd, 0x5, 0x100, 0x48, 0x3, 0x3, 0xfffffffc, 0x9]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8c7, 0xeb, 0xda, 0xff, 0x1, 0x5, 0x7, 0x8, 0x6354, 0x8, 0x4a, 0x7, 0x0, 0x7fffffff, 0x0, 0x6, 0x8, 0x8, 0x9f08, 0x2, 0x0, 0x1, 0x6, 0x6, 0xe67, 0x0, 0x1, 0x4, 0x1, 0x3342, 0x8, 0xf, 0x3, 0xff, 0x5, 0xa2, 0x7, 0x2, 0x3, 0xb9, 0x3, 0x6, 0xffffffff, 0x8, 0x80000001, 0x1, 0x48f, 0xc6fd, 0x3, 0x100, 0x0, 0x6f, 0x58, 0x3, 0x4, 0x5, 0x80000001, 0x8, 0xfffffffd, 0x2, 0x6, 0x10000, 0x2dbb, 0x17, 0x800, 0xc, 0xdc6, 0x2, 0x2, 0x4, 0x7ff, 0xa, 0x5, 0x4, 0x1, 0x3, 0xfffffeff, 0x5, 0x1000, 0x8, 0x0, 0x6, 0x1, 0x6, 0x5, 0xffffffff, 0x630162ec, 0x5, 0x7, 0x4, 0x1000, 0xbee3, 0x1, 0x80000000, 0xb765, 0x3, 0x100, 0x80, 0x6, 0xffffffff, 0x10000, 0x8, 0xf, 0x7d, 0x800, 0x4, 0x5, 0x9, 0x4, 0xffff, 0x8, 0x0, 0x0, 0x81, 0x6, 0x7, 0x1, 0x3, 0xc, 0x4, 0x5, 0x9b, 0x200, 0x6, 0x401, 0x8001, 0xffffffff, 0x2, 0x5, 0x5, 0x2, 0x4, 0x0, 0x1, 0x9, 0x7, 0x7ff, 0x3, 0x8, 0x9, 0x2, 0xfb, 0x1, 0x0, 0x101, 0x4, 0x1, 0xffffffff, 0x9, 0x3, 0x6, 0x5, 0x100, 0x101, 0x0, 0xb91d, 0x3, 0xac5ddd3, 0xadf7, 0x1, 0x4, 0xca, 0x2, 0x0, 0x1, 0x5bf, 0x7, 0x5, 0x8, 0x0, 0x3, 0x1, 0x7, 0x7, 0x8, 0x40, 0x3, 0x8, 0x401, 0xfffffff9, 0x0, 0xfffffff2, 0x8, 0x1, 0x6, 0x3d0c, 0xf77, 0x101, 0x7ab1, 0x2, 0x400, 0x7cb, 0x1, 0xd, 0x6, 0x3, 0x9, 0x4, 0x2105, 0x1, 0x2, 0x8, 0x4, 0x9de, 0x80000000, 0x1, 0x7, 0x3, 0x4, 0x8, 0x7fffffff, 0x3, 0x3, 0x6, 0x7f, 0xb54a, 0x9c, 0x5, 0x35e71a3f, 0x4, 0x1, 0x3, 0x2627, 0x457, 0x6, 0xfffffffc, 0x40, 0x0, 0x80000000, 0xfd96, 0xffff, 0x9e3, 0x7ff, 0x3f, 0x8001, 0x7, 0x9, 0x80000001, 0x8, 0x5, 0x1, 0x4, 0x6, 0x4, 0x10, 0x4, 0xfb48, 0x10000, 0x80, 0x1, 0x9, 0x1cac, 0x3, 0x3c5b, 0x4, 0x6]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x8c37}], [@TCA_POLICE_RESULT={0x8, 0x5, 0x7}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}]]}, {0x67, 0x6, "a623427e4a07caae99aad7fac1c6f7f3a1abf23c3331ca7003140e75f9154608576833a50e7c26f8bc2163b0c5ee1b7a6dfe069685c4fa66341f578951bcefa6135ea51c59bbff6a5ae4303c1812620224b6315d9d3e75a517d80a74dd6f120eb4d4c4"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ct={0xb4, 0x16, 0x0, 0x0, {{0x7}, {0x6c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x80000000, 0x2, 0x7, 0x4, 0x5}}, @TCA_CT_ACTION={0x6, 0x3, 0x20}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_PARMS={0x18, 0x1, {0x2, 0x0, 0x8, 0x3, 0x200}}, @TCA_CT_LABELS_MASK={0x14, 0x8, "0723a1dd17a60fed8b32933520b6e3b2"}]}, {0x23, 0x6, "7d7a31a06a5403ac8aa7b06eeb441f50bcf63b34a0409ee91eb212fb2c4cf9"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_mpls={0x1040, 0x1d, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x7}, @TCA_MPLS_TC={0x5, 0x6, 0x5}]}, {0x1004, 0x6, "a33cd02ef862854f83128de6a36bcc570314a060d2e8d0d605281b8ca956f82515f82d2fc4367b684049a25225de308564111f6135a0aa827538dc88b93bec80537e77afab89bf41407aaddfb0d64444bb73e2890cdc0576c0355dc8d3157a15f52146a9c5dcf193cc09982752b32154dcefefba4e8fe9d85bf17381560bd23843783ce7d293660e3bfb0a5aa9edf2e73e25c339875360b2b1ea13a72a3e3bd474ecf01f6e5e039b29aa6440362809ddfffa62fa2a2aec4a01bded5333a6d62afbd69d524567bc68b9b922d6c38a2629d7fef8a20e19ac82d8d0d001ead8a535119b7a40d1b0cba43973e2090d4abdc79355bba4d98e8a20a310ed482e0b781aae39af15ee3a793c5ae9bbae1ce7b01199c5fa97f1d08d1e0815f8965a8dd084ce923fdb9be5e930175e628c7580fce5e01a2c70c88a2a875c357fd5149fd65a92b558aca01ab8813194f55d4f22bce434e16af722079e7ba23260da211a46079b72a0d169d3f499521f9561264ac2f0b27a6848fe86a8f1fc7199058f0d26e65c2654c92b4fe965fec8586194290b327b309a5e4571432d679f04fe05155ae8a5a907e0eaecc37a1ee0a128e8b6b6b063c41a8d702f5d38b419b0cda2c53ebbb58b7fbc5178be0e1238d7e7e01124d2e9b3f11a5e6fe2e34e178fb051120806cb941a8ea697cdb3a679aee8a8fac53067a5d19bf7b563991ae18b9b36e76a3a42c4f626f9dd3a15c8537fd98d4d5c3410e96e50568d2397ef6de4e8fa16963993eef095ce84987f66c60dd4e9804ca8117855324d8e387b47ced100c564dabe9e7509e9f23d4051c3e8bd6c457c5fd4341a24b191825ec9c38f168aedb63d5f20040f635aa757218d30180346ee724a1b3bd373ba39a9fac16eab3fb81e70d8e9dfaa2c7e7aeee93a9ec3bee4c0928af87c878a69d6d25e9dda50129c80a95eb0f3e045e804b283a8147fb5d4495a155c883213bdef6284af7ba8753d62ccacd2a96edf6a62c229424d400381c3191baaa545ce4b3a5019ff86b92df2b24a674a259bc3adc47e1dde5972399d43f9462c8ecea2e2064a7e9dba20d826e4ce391d58c440fafb508c437f21c2c43fc46a34a4bf2050e5273bd2b5a7b27f6477570aad3cb4b712f6dc511144a872203f6e378c91feaf7a06705037c8f8ac8fb65e448bb926e2193271ee2ad8de4b822b6d145a1ae3787d5ee362b131eb78bd960e0ee42f13ec0abeb9b37e3e33729ec8d6251b9c0134e7c55f3686c77290177340dc5a176e59a36ac05824fb21bfb50350f2155073b6a9024b1eba74d75dbb1b2540512928a4215704f29338a0355964de401bea024d867f55b608efa1d01b51f587fc5a9ce6b188b5a345ddcebf00537e263af26c651253bf9adb53d010a7aa7641ff6e711d349f4fe158e74d56fde5c598e484e035f1f2e5bce357784ef72c9fef336eb88ea680685f3ee2098edc9432fe37e53570573304a6f44dc38703fb7af5b46110980ef43a74a99c87c4a336610bfcc89a239af645f4e0c295ba7a270a03521a37967c2dace9fe1f70f271c01e031627b0db45b24d527ac50ec6b6bd6d320a8013c0b2922637e18abe39d4f1a7f87c3486a110a2ae279866394909d75cc515b06b85cc672c26445bb1f2ddc084b9328d65fc911eb28e2a24c0859a73a2c6fbff43b0f6fac533dc26ba54bd8f4f3f6403baaa03eb1a94091e255772b985e34f7e44a9a4a80c85ce0c358f43656d315b7014d58fab4a234e8596ed30d83d5ed16771e754fb8e5e5d993890a332a3f2c889d748f0923d2a326b84ce005c95b8782a6ce5e7759af93c992bc1a90d882822462ba8f12a30e407b31f6c5a8966db6c174f9732807551e7f7ce87a11ea51f3b82ac4be928f4c02ed78f390e0b8186a6c0755fa1b7d49e67195fd9b4c15399d1f4fd3de0fbcb660ad74654c1abde76c75721ab2cd2f6cc743c8a4e8a20f212f12ad0f9e7ee64dcde940923b02cfc553430ec9897edf3c06b40d95a88780fe857145fe58b3cb764ee3c0740a93b040f72596f7e2f020ddc66097043b10787fce0de77c00fda5c7664c89f77eacb9d346f77efc569bd9e99d23c91c32049dea18050b32c6f04de934d419d4c028442c848c9c9b8404f046e1e6f454cf181cb53ae441e1ae99f1a48d235f7f3abc873f41bf12ef99ff485d162d3a0dd33df9cb1a37b77f3643d2ba3e9dd6947139e958582bf2ddd30a6ce76c2d67320bfd9afa1ced97d62ebf21b51a5b7077632175fa48eada0e1eb390a4da87c2e8d1ed3a3660a87f566528774b8f5df68570554b186078a82a3be495a0a49146523e8f3a9155bfdc778df3078ea1a38c38d490516a67302c3dfed22630e786558ad5a1138f91dcf54868edce2d48201fa5481937b61038eabdc133826b6835f2f7901c73f1b372335b5317c5587a275cf27001f39917cf49f2a5235113e002301736992c31a68f518006717e536000c859b9a7c0ff452ebd57f939c2b22eefe337a0c873d7455adc65ad7f2de2e93dff5dfbf9347c652f1f51515aed2f66e8c89b483fb08d7f7d69b32e5ba888eef872b1396b8c2ec30e7251c9b71c3f9af1f6dacac80cff0f59795bc887bc91cfb59c4a3f8fc3781083fc0d25d7a5078ebdd47aba9d509282e65f5907428633db82d4a2fe9b48c1c90776cdddbec80b05121a111648d7cd3cd333273ceef2d62be6880c0ac4fcf152dab95faf955825fe2e8bf64abef255229204ead07e1e392e6089f67b8db98dfb9922ef63d637b49eee1daaf16d52c4d5501cc8cd8de9f318ecab3f024df3d067258ce61872749c9c32cc45a47f2312bbc4ded8719b712f0d20a46b2a065e7f84b548eb0ee5bd75076da670e13a9656608b1d061bb4a00195ff63fddb61197afcdc42cf55ce4cf45370323a6e6478f27a5c9b204ef722537bf0e047480202f774fe79b05ef83545bca804a4b5d7559423ce31394217904103a4c6b7031ef4818b9be50d50c8ce9e88c41a5b524c350e6c5265aa97177c222aee2d0f2741cca24195c5f9585f9f9c511590b7e0e86662f97086ad11b06906a8ebb68b4b0fa13ff93fa10631a9c65ef3931883f995cf09defab0d80ec14a72716e95ff27b0b93b3ffc90139e7122e8b0e1495be3b5c41a266aff8817db21c70295739e003c75c34d8d8a48bd532e8e845f3ed9ce4cef599043ad1ae920012630187b90e5f5e99a42d802ddba97cc58a562bb7a1c4d85f04c89fda1d8dd0305a52712ee9a18f0a69f5b48ee39ae20184788e6f40a4f52dced203795e71b26c71bb062a23c520d80c1c45f3043a01b1265bc0816d06443b976d68e8031dd4ba54684f1ce5c86c69ab2e1262a7314c9cf30e6ec678f76e639ec6801927c8ebbb7cc8822064486c8aa2d8ba3b6f58446e31af389753ee7cf3c2fab58e44500e88e94d3c6da236d1729717bc240542de003f89fb6815357fea089728b799dee3b96149fdd5813cd0ddf9dcaf7d6bfa3c8d92055e9508c88534c119f55a76614a4fe7b859437f73c778d119d38cd46dfe626e92cb689d6e809b29670a4c727a0395a651c5b499ebb3e422459934cb04155ff44cc1ec65fd85b0c2c47b2e35bd8c0eab93f692707c5cb71896f6961881081a1e3b2d2144becedc606ac24066c239138f4e2c7f9420e2fca026a1640185ba7b2f9d7f607216f74b955909cc0cbb4cf28330a27322d3ed3d86ebfc18d65ef525312ecf5d2f8e2ed2725dfe741ef23166fbe94e4b7c8a8e1d3163f275760c9731f280eb2907abd894306c8abf2ae27e7c2d3fb4ac17741df443aa96bb7ec7a469526a9887ca179014af7a2b51467f47ef3a8cf56b99047e97a4c7e7fdc426c8cc45a2eeb2fa458cb7a21f3659eee3bd5f3c74d551092492a94e1e788adf6f5b106041c3d75206d9f710da84a4a7dafd68f029fa7f1998817f2e24786e660edff2ced8da054df6dc51d3cd531a21e0ab3d76deabb368719138b08bc6b41547ec171dc028b4cdccbdff1ec78f7813ca9d784475740d240b1a02b4380e4d1599aa2158833bc86362157c00daf850f601981e7db7578ec0d1b09c781686e5758981d748afe84337fb32f20525c619a5a78e4f78a35db8ffbe9997c826ece20e00f3b6de8a598ef072b75cf034dc50e6287808ecf8ab0fef2784e4b075608ef92c93a4d7eec121b35cafb461ab9299d85382f8d2a2867d5036803c42c2ddd282921c3afea9526d6308671c5d24e00ec5afe14594c8c252fb66d02f8f5d5ba6b23251ee0f740b293f861855a404adbcdaedf7445d9dae650e2379700ecdff8ae786da3df2ec920fb598838a1656dc114d4ac8413cccad5b411ed3d62d824abe145d6d3d42d574b47beda55351a5e63c165f97d3d07703a82895448f19f25463e5122c0b0a0fde127ba5a7436abf8581c8182f50731d37d5b4164738c1990fc3540c618c6a3fa3bd8b45817261f444bba201982c6a3e4158bf93b34a88fcbcde9aadc1ad8ba5c4a176cd9bf9018a6653a4471383040b09eeafd36e57839299ded6a1a3a8a66c591e26e6721a3dba416d4a451e17d47961e3f5a09936a05dc369f7cd78b327a1ffb50b7e09f39a4136fcc4b4f817244cf5cff8f226997f509a561a5de1d3c580f1c9fed3fb009b191c868830ae7f2dc320239e5c7a5bff3abf2b847f574aaff624787d9e3728eb3a1e45092f7515c9e7582c1333302851fe54a03715170ee32a7fa7a1ced576f564dc39a1d2bca9b218267dd80e97f471c930c5ac7270f714944e56ae028c55699d97fb3ee37b1d35058ef7abfd24d568e22eec90a80bfe284d2285cb91671a0615b330a30049d76b16f30b2e1d7d31fe27a959028e19b5ec93f30f247d92d1121874cfa838260523ffb2e9ad90cf503210d87cec4f696b0740d46c51c44f6e317be290e06ec0215ffefb19efd682eb30c49fb7f6cb1c67c6bcbc99de27929e5c66776910861cf1568459ff74a516d119862444fcb86ad7a17edae641af4e16ce5ca1817e9365cecc718fe0f083b8ab76fba715b21cd4866eefe5d37f4d11dc0692d3977e067729ec357375aefedb79ebc90ca1d7256a73bf1c55bb347b508e4d310c1a50185aabd6a57d7a0e71fd64d3500b8e6cf3c0cc1ebe416604f1633bf81f860bb3a4b7ce94c2fa5d7927729b2268277e8119216d0ac81444902e873b2c44f37b3658e947cad6a963a39f67959c51d3c88d113e8bacdfca6ff8d370cfd7e464bfb99a62ea2cf03b1ba4690cabc4667c59e2d543311502122e8e54d43a0fb892a0951ca0dc883f16888398fd1107413f379c41fb2a6003bb865f7048e3df747f41b98ef887a508157b2c92721b9a18451116d233a7961b26d0cc109e175c80d9c88b103c6fe2ab6c8ab9af06d2a8673b7722223b0c3b258fb5c7639df565b769f25bd133a9ffd0d2da741984b23acafbcb65f7ba9ecbeceb7ff3b7f175bb21c5d156d03d8ebfb4ec4dad5a14cfdee787277731eb202cc86f7c4e0972997ef0d694bf1b73ee8f3fe2dfc27e4c6376b74a0a8a0aef66c4b93b77fcb1505ed541ad31adf72fea5462f42877c156d83980e42a914d66cc714a7e4a3279155dfa798a759a4abbf0a4d35da37d90c7e29907aa11312a91777e7b47ea1d31be75495b62bb3d5df37936a3f9bd2bb22a3d1c3ea42349a01ac929abc4e11aebb20326bb71e237e6196741530fe9a4dda2470b88ce82d0d244e51a99183af9bf6385340ee8ee493cd857a74804d4619c60d12834fcc618f47b43afb617be4e091e384d8bf81be6e2439b0a363f7f8c4a4ece"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}, @m_pedit={0x35c, 0x4, 0x0, 0x0, {{0xa}, {0x278, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x150, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x44, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x44, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}, {0x4c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0xe9347b5dc4fadb29}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}]}, @TCA_PEDIT_KEYS_EX={0x44, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x34, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_KEYS_EX={0xe0, 0x5, 0x0, 0x1, [{0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x54, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}]}, {0x34, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}]}]}]}, {0xbc, 0x6, "a08c7a5862da629a7e59a0cea8d5161e3801d0ccaf9b047b9cb3aa9981a4c8a468fd47c2aa8eec0c52f7e2b3b1b91898a0669058e21580b9092393e0c652c4f5a44d49f799bb40056158ace860f90cc955aa9330b8ec490dd278897be4a7a9c10a3272153dce248c78042e2a289e2cbcd9e85834aa0b1ec3cfea271ac23566ab284a6b88559c8b64b74616f2e0d9729c7c412d346674b954039724e45b2a9a3f0b057ddc93ffd9a2e3a85d4b9d6c8f8709981d751beab8dc"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_connmark={0x12c, 0xb, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0xffff, 0x8, 0xd3ba3d6, 0x3}}}]}, {0xde, 0x6, "92dea45c1b62518e32919f4851fe6836a9ddc425b2e6db2d2a7249c5c2af3efafd73b3c43e21f3c9f49cc3aef39728ee66e69ee1ae416a194c175f82e00d4b5bb4bc271a2bf3f2d03b353a8dc7153c9f9d80eaf40f5e65ac9d9d17840412f99f45f351c87f5f18279be5946e719b7d36221f7149f4aad972c07f8c81d0d7d779618816fbd20443216445f86595333763abd5e4b4c4dd5263bb4359255d314105f1b548f079dd645534a9f40268095a511be320cdbeaf28db0758a53b64eb6370ec3b8f5abbb56c75280c48aaff99d949b8a372712cd75936c1cf"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_sample={0xc0, 0xb, 0x0, 0x0, {{0xb}, {0x4c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xd}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x800}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x3}, @TCA_SAMPLE_TRUNC_SIZE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xa3, 0x1, 0x0, 0xfffffff7, 0x81}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x7071}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x2}]}, {0x4c, 0x6, "71ab3200ccf883fa04383e688e466f9645be4ce3d1bec97026dc8301ac42482453b40741083b1c59111c97e9b3c307a1a8c0cee42566a6bd448f339cdcb267b559a4994fb4525e65"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0x4294}}, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$FS_IOC_GETFSLABEL(r5, 0x800452d3, &(0x7f0000000100)) 365.079127ms ago: executing program 3 (id=2661): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r1, @ANYBLOB="05002dbd7000000000002e00000008000300", @ANYRES32=r2, @ANYBLOB="0a00340002020202020200000600980006cb0000040093000a000600fe99173a3b34000010009d00000000080c000400090000001e001f0008001c8000005419000000970000000c000000000801000000d300000a004f0008021100000000001e0094"], 0x9c}, 0x1, 0x0, 0x0, 0x44840}, 0xc0) 323.063222ms ago: executing program 3 (id=2662): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5f, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000480)={0x6, 0x0}, 0x8) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000001010000000000010101000095000000002697000000"], &(0x7f0000000500)='syzkaller\x00', 0xfffffff8, 0x0, 0x0, 0x40f00, 0x45, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000600)={0x1, 0x6, 0x3350, 0xfffffffe}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000640)=[{0x5, 0x1, 0xf, 0x3}, {0x2, 0x4, 0xd, 0x4}, {0x1, 0x2, 0x7, 0x37c33193f537f891}, {0x0, 0x5, 0x8}, {0x0, 0x2, 0x3}], 0x10, 0x1, @void, @value}, 0x94) socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2, 0x18, &(0x7f0000000c00)=ANY=[@ANYRESOCT=r4, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090900000000005509010000000000951000000000000085200000030000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000008500000006000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0xe7, &(0x7f0000000340)=""/231, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x2, 0x10006, 0x100, 0x5}, 0x10, r4, r5, 0x5, &(0x7f0000000880)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f00000008c0)=[{0x5, 0x1, 0x1, 0x5}, {0x3, 0x3, 0x1, 0x5}, {0x5, 0x4, 0x6, 0x1}, {0x4, 0x2, 0x1, 0xa}, {0x4, 0x3, 0xb, 0x6}], 0x10, 0x80, @void, @value}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r6}, 0x10) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff) ioctl$KVM_RUN(r3, 0xae80, 0x0) 106.766647ms ago: executing program 3 (id=2664): unshare(0x68040200) (async) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r1 = epoll_create1(0x0) r2 = fcntl$dupfd(r1, 0x2, 0xffffffffffffffff) (async, rerun: 32) r3 = fanotify_init(0x2, 0x0) (rerun: 32) fanotify_mark(r3, 0x1, 0x4000101b, r2, 0x0) fanotify_mark(r3, 0x2, 0x8000020, r2, 0x0) (async) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async, rerun: 64) r4 = socket$kcm(0x2, 0x3, 0x2) (rerun: 64) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000080)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x20}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x0, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x4}}}}, 0xfdef) 106.251522ms ago: executing program 1 (id=2665): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)) splice(r0, 0x0, r1, 0x0, 0x7, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="020f00001500000000000000000000000800120000000100000000000000000006000000000000000000000000000000e00000020000000000000000000000002001000000000000000000000000000205000600000000000a00000000000000fe8000000000000000000000000000bb0000000000000000010018000000000005"], 0xa8}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_IGMP_VERSION={0x5, 0x2b, 0x3}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}]}, 0x44}, 0x1, 0xffffffea, 0x0, 0x4004}, 0x0) r5 = creat(&(0x7f0000000380)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r7, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) ioctl$TIOCL_SCROLLCONSOLE(r5, 0x541c, &(0x7f0000000080)={0xd, 0x800}) r8 = dup(r7) socket$inet6_sctp(0xa, 0x1, 0x84) r9 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r9, 0x84, 0xc, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB=',cache=mmap']) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r10 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r11, 0x2000009) sendfile(r10, r11, 0x0, 0x7ffff000) lstat(&(0x7f00000002c0)='./file0\x00', 0x0) (fail_nth: 6) clock_gettime(0x0, 0x0) utimes(&(0x7f0000000180)='./file0\x00', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) 0s ago: executing program 2 (id=2666): r0 = openat$nmem0(0xffffff9c, &(0x7f0000000080), 0xc0, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000140)={0x8, 0x2, 0x0, "2115beba7af972a16fd06e6b5694848119e1a8bc94b6871c7f46690000000011"}) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@o_path={&(0x7f0000000140)='./file0\x00', 0x0, 0x4018, r0}, 0x14) bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r0}, 0x8) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='sched_switch\x00', r3}, 0x10) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) socket$caif_stream(0x25, 0x1, 0x4) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x14) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TIOCVHANGUP(r4, 0x5437, 0x0) kernel console output (not intermixed with test programs): 5][T13489] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 408.030058][T13489] RSP: 002b:00000000f511f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 408.033068][T13489] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004c81 [ 408.035681][T13489] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 408.037911][T13489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 408.040200][T13489] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 408.042817][T13489] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 408.045342][T13489] [ 408.332830][ T68] Bluetooth: hci3: command 0x0405 tx timeout [ 408.744723][T13511] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2047'. [ 408.751642][T13511] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2047'. [ 410.224712][T13574] FAULT_INJECTION: forcing a failure. [ 410.224712][T13574] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 410.229351][T13574] CPU: 0 UID: 0 PID: 13574 Comm: syz.2.2058 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 410.232522][T13574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 410.235792][T13574] Call Trace: [ 410.237041][T13574] [ 410.237894][T13574] dump_stack_lvl+0x16c/0x1f0 [ 410.239417][T13574] should_fail_ex+0x497/0x5b0 [ 410.241167][T13574] _copy_from_user+0x2e/0xd0 [ 410.242511][T13574] ucma_write+0x129/0x330 [ 410.243813][T13574] ? __pfx_ucma_write+0x10/0x10 [ 410.245237][T13574] ? bpf_lsm_file_permission+0x9/0x10 [ 410.246885][T13574] ? security_file_permission+0x71/0x210 [ 410.248681][T13574] ? __pfx_ucma_write+0x10/0x10 [ 410.250110][T13574] vfs_write+0x24c/0x1150 [ 410.251717][T13574] ? __fget_files+0x1fc/0x3a0 [ 410.253403][T13574] ? __pfx_lock_release+0x10/0x10 [ 410.254804][T13574] ? __pfx_vfs_write+0x10/0x10 [ 410.256084][T13574] ? lock_acquire+0x2f/0xb0 [ 410.257388][T13574] ? __fget_files+0x40/0x3a0 [ 410.258721][T13574] ? __fget_files+0x206/0x3a0 [ 410.260083][T13574] ksys_write+0x207/0x250 [ 410.261330][T13574] ? __pfx_ksys_write+0x10/0x10 [ 410.262737][T13574] __do_fast_syscall_32+0x73/0x120 [ 410.264229][T13574] do_fast_syscall_32+0x32/0x80 [ 410.265628][T13574] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 410.267456][T13574] RIP: 0023:0xf709e579 [ 410.268632][T13574] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 410.274099][T13574] RSP: 002b:00000000f509055c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 410.276497][T13574] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020006a40 [ 410.278779][T13574] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 410.281197][T13574] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 410.283467][T13574] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 410.285758][T13574] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 410.288019][T13574] [ 410.877596][T13599] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2067'. [ 410.883508][T13602] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2067'. [ 410.887926][T13600] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2067'. [ 411.067248][T13605] netlink: 1276 bytes leftover after parsing attributes in process `syz.1.2068'. [ 411.284184][T13608] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 411.286864][T13608] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 411.290944][T13608] vhci_hcd vhci_hcd.0: Device attached [ 411.975772][ T6170] vhci_hcd: vhci_device speed not set [ 412.039913][ T6170] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 412.432910][T13633] random: crng reseeded on system resumption [ 412.442857][T13633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2077'. [ 412.446813][T13633] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2077'. [ 412.475230][T13633] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2077'. [ 412.521138][ T66] usb 8-1: new high-speed USB device number 31 using dummy_hcd [ 412.616594][T13609] vhci_hcd: connection reset by peer [ 412.623257][ T64] vhci_hcd: stop threads [ 412.624580][ T64] vhci_hcd: release socket [ 412.626086][ T64] vhci_hcd: disconnect device [ 412.681596][ T66] usb 8-1: Using ep0 maxpacket: 16 [ 412.685434][ T66] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 412.688912][ T66] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 412.692294][ T66] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 412.695221][ T66] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.699258][ T66] usb 8-1: config 0 descriptor?? [ 412.701922][T13629] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 413.149187][ T66] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.0045/input/input156 [ 413.194643][ T5948] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 413.224224][ T66] appleir 0003:05AC:8241.0045: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 413.442293][T13648] : entered promiscuous mode [ 413.672162][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2085'. [ 413.675574][T13659] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2085'. [ 414.391906][ T833] usb 8-1: reset high-speed USB device number 31 using dummy_hcd [ 414.889843][T13668] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2086'. [ 415.227171][ T6005] usb 8-1: USB disconnect, device number 31 [ 416.172559][ T5948] usb 7-1: unable to get BOS descriptor or descriptor too short [ 416.176041][ T5948] usb 7-1: unable to read config index 0 descriptor/start: -71 [ 416.178640][ T5948] usb 7-1: can't read configurations, error -71 [ 416.335128][T13694] vivid-007: disconnect [ 416.703570][T13702] overlay: Unknown parameter '/' [ 417.141310][T13712] MTD: Attempt to mount non-MTD device "/dev/nbd0" [ 417.144317][T13712] cramfs: wrong magic [ 417.168896][T13712] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2098'. [ 417.411285][T13693] vivid-007: reconnect [ 417.485163][ T6170] vhci_hcd: vhci_device speed not set [ 418.004027][T13729] netlink: 'syz.1.2102': attribute type 12 has an invalid length. [ 418.561356][ T5948] usb 8-1: new high-speed USB device number 32 using dummy_hcd [ 418.753821][ T5948] usb 8-1: Using ep0 maxpacket: 8 [ 418.759172][ T5948] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 418.761608][ T5948] usb 8-1: config 0 has no interface number 0 [ 418.769552][ T5948] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 418.772567][ T5948] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 418.780156][ T5948] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.786686][ T5948] usb 8-1: config 0 descriptor?? [ 418.792240][ T5948] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 418.822641][T13762] vivid-007: disconnect [ 419.146889][ T5948] usb 8-1: USB disconnect, device number 32 [ 419.214443][T13779] overlay: Unknown parameter '/' [ 419.760870][T13784] input: syz0 as /devices/virtual/input/input157 [ 419.815064][T13761] vivid-007: reconnect [ 419.851089][T13789] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2114'. [ 419.854208][T13789] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2114'. [ 420.027804][ T5948] usb 8-1: new high-speed USB device number 33 using dummy_hcd [ 420.132720][ T5956] Bluetooth: hci3: command 0x0405 tx timeout [ 420.186150][ T5948] usb 8-1: Using ep0 maxpacket: 16 [ 420.189454][ T5948] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 420.194115][ T5948] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 420.196883][ T5948] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 420.201209][ T5948] usb 8-1: Product: syz [ 420.203476][ T5948] usb 8-1: Manufacturer: syz [ 420.206370][ T5948] usb 8-1: SerialNumber: syz [ 420.211122][ T5948] usb 8-1: config 0 descriptor?? [ 420.215378][ T5948] hub 8-1:0.0: bad descriptor, ignoring hub [ 420.217101][ T5948] hub 8-1:0.0: probe with driver hub failed with error -5 [ 420.230145][ T5948] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input158 [ 420.485084][T13815] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 420.786200][ T66] usb 8-1: USB disconnect, device number 33 [ 421.047711][T13820] vivid-007: disconnect [ 421.236963][T13825] overlay: Unknown parameter '/' [ 421.648322][T13831] FAULT_INJECTION: forcing a failure. [ 421.648322][T13831] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 421.694091][T13831] CPU: 1 UID: 0 PID: 13831 Comm: syz.2.2125 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 421.698130][T13831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 421.701611][T13831] Call Trace: [ 421.702658][T13831] [ 421.703900][T13831] dump_stack_lvl+0x16c/0x1f0 [ 421.705254][T13831] should_fail_ex+0x497/0x5b0 [ 421.707085][T13831] _copy_from_user+0x2e/0xd0 [ 421.708499][T13831] get_compat_msghdr+0xa8/0x170 [ 421.710267][T13831] ? __pfx_get_compat_msghdr+0x10/0x10 [ 421.711984][T13831] ___sys_recvmsg+0x193/0x1a0 [ 421.713325][T13831] ? __pfx____sys_recvmsg+0x10/0x10 [ 421.714823][T13831] ? __fget_files+0x1fc/0x3a0 [ 421.716261][T13831] ? trace_lock_acquire+0x14e/0x1f0 [ 421.717753][T13831] ? __fget_files+0x206/0x3a0 [ 421.719131][T13831] do_recvmmsg+0x55d/0x740 [ 421.720412][T13831] ? __pfx_do_recvmmsg+0x10/0x10 [ 421.721835][T13831] ? __pfx___schedule+0x10/0x10 [ 421.723240][T13831] ? __fget_files+0x206/0x3a0 [ 421.724597][T13831] __sys_recvmmsg+0x21e/0x280 [ 421.725967][T13831] ? __pfx___sys_recvmmsg+0x10/0x10 [ 421.727470][T13831] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 421.729262][T13831] ? lockdep_hardirqs_on+0x7c/0x110 [ 421.730757][T13831] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 421.732639][T13831] __do_fast_syscall_32+0x73/0x120 [ 421.734130][T13831] do_fast_syscall_32+0x32/0x80 [ 421.735535][T13831] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 421.737452][T13831] RIP: 0023:0xf709e579 [ 421.738626][T13831] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 421.744145][T13831] RSP: 002b:00000000f506f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 421.746415][T13831] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020002940 [ 421.748666][T13831] RDX: 000000000000f000 RSI: 0000000000010002 RDI: 0000000000000000 [ 421.750933][T13831] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 421.753168][T13831] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 421.755386][T13831] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 421.757610][T13831] [ 421.917489][T13841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2130'. [ 422.073635][T13843] netlink: 187320 bytes leftover after parsing attributes in process `syz.3.2129'. [ 422.077538][T13843] netlink: zone id is out of range [ 422.079749][T13843] netlink: zone id is out of range [ 422.081770][T13843] netlink: zone id is out of range [ 422.083732][T13843] netlink: zone id is out of range [ 422.085170][T13843] netlink: zone id is out of range [ 422.090665][T13843] netlink: zone id is out of range [ 422.093076][T13843] netlink: zone id is out of range [ 422.095494][T13843] netlink: zone id is out of range [ 422.097560][T13843] netlink: zone id is out of range [ 422.099663][T13843] netlink: zone id is out of range [ 422.439147][T13818] vivid-007: reconnect [ 422.445031][T13849] FAULT_INJECTION: forcing a failure. [ 422.445031][T13849] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 422.448872][T13849] CPU: 3 UID: 0 PID: 13849 Comm: syz.1.2133 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 422.451960][T13849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 422.455291][T13849] Call Trace: [ 422.456483][T13849] [ 422.457603][T13849] dump_stack_lvl+0x16c/0x1f0 [ 422.459544][T13849] should_fail_ex+0x497/0x5b0 [ 422.461007][T13849] ? fs_reclaim_acquire+0xae/0x150 [ 422.462486][T13849] should_fail_alloc_page+0xe7/0x130 [ 422.464490][T13849] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 422.466506][T13849] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 422.469258][T13849] __alloc_pages_noprof+0x190/0x25b0 [ 422.470890][T13849] ? mark_lock+0xb5/0xc60 [ 422.472555][T13849] ? hlock_class+0x4e/0x130 [ 422.474106][T13849] ? __pfx_mark_lock+0x10/0x10 [ 422.475616][T13849] ? find_held_lock+0x2d/0x110 [ 422.477477][T13849] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 422.479607][T13849] ? is_bpf_text_address+0x8a/0x1a0 [ 422.481636][T13849] ? __pfx_lock_release+0x10/0x10 [ 422.483560][T13849] ? trace_lock_acquire+0x14e/0x1f0 [ 422.485548][T13849] ? __lock_acquire+0x15a9/0x3c40 [ 422.487503][T13849] ? hlock_class+0x4e/0x130 [ 422.489204][T13849] ? mark_lock+0xb5/0xc60 [ 422.490882][T13849] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 422.493455][T13849] ___kmalloc_large_node+0x84/0x1b0 [ 422.495463][T13849] __kmalloc_large_node_noprof+0x1c/0x70 [ 422.497563][T13849] __kmalloc_noprof.cold+0xc/0x63 [ 422.498434][ T68] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 422.499101][T13849] ? wiphy_new_nm+0x701/0x2160 [ 422.503370][T13849] ? mac80211_hwsim_new_radio+0x164/0x56c0 [ 422.504994][T13849] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 422.506860][T13849] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 422.508811][T13849] wiphy_new_nm+0x701/0x2160 [ 422.510156][T13849] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 422.512041][T13849] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 422.513995][T13849] ieee80211_alloc_hw_nm+0x1b7a/0x2260 [ 422.515578][T13849] ? __local_bh_enable_ip+0xa4/0x120 [ 422.517109][T13849] mac80211_hwsim_new_radio+0x201/0x56c0 [ 422.518734][T13849] ? do_fast_syscall_32+0x32/0x80 [ 422.520214][T13849] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 422.522355][T13849] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 422.524807][T13849] hwsim_new_radio_nl+0xb42/0x12b0 [ 422.526332][T13849] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 422.527955][T13849] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 422.530060][T13849] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 422.532197][T13849] genl_family_rcv_msg_doit+0x202/0x2f0 [ 422.533770][T13849] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 422.535518][T13849] ? genl_get_cmd+0x195/0x580 [ 422.536885][T13849] ? bpf_lsm_capable+0x9/0x10 [ 422.538229][T13849] ? security_capable+0x7e/0x260 [ 422.539668][T13849] ? ns_capable+0xd7/0x110 [ 422.540947][T13849] genl_rcv_msg+0x565/0x800 [ 422.542270][T13849] ? __pfx_genl_rcv_msg+0x10/0x10 [ 422.543754][T13849] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 422.545354][T13849] ? __pfx___lock_acquire+0x10/0x10 [ 422.546858][T13849] netlink_rcv_skb+0x165/0x410 [ 422.548262][T13849] ? __pfx_genl_rcv_msg+0x10/0x10 [ 422.549743][T13849] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 422.551290][T13849] ? down_read+0xc9/0x330 [ 422.552560][T13849] ? __pfx_down_read+0x10/0x10 [ 422.553973][T13849] ? netlink_deliver_tap+0x1ae/0xca0 [ 422.555520][T13849] genl_rcv+0x28/0x40 [ 422.556697][T13849] netlink_unicast+0x53c/0x7f0 [ 422.558095][T13849] ? __pfx_netlink_unicast+0x10/0x10 [ 422.559638][T13849] ? __phys_addr_symbol+0x30/0x80 [ 422.561133][T13849] ? __check_object_size+0x488/0x710 [ 422.562664][T13849] netlink_sendmsg+0x8b8/0xd70 [ 422.564089][T13849] ? __pfx_netlink_sendmsg+0x10/0x10 [ 422.565626][T13849] ____sys_sendmsg+0x9ae/0xb40 [ 422.567015][T13849] ? __pfx_____sys_sendmsg+0x10/0x10 [ 422.568549][T13849] ? get_compat_msghdr+0x11b/0x170 [ 422.570051][T13849] ___sys_sendmsg+0x135/0x1e0 [ 422.571445][T13849] ? __pfx____sys_sendmsg+0x10/0x10 [ 422.572965][T13849] ? __pfx_lock_release+0x10/0x10 [ 422.574416][T13849] ? trace_lock_acquire+0x14e/0x1f0 [ 422.575948][T13849] ? __fget_files+0x206/0x3a0 [ 422.577325][T13849] __sys_sendmsg+0x16e/0x220 [ 422.578664][T13849] ? __pfx___sys_sendmsg+0x10/0x10 [ 422.580196][T13849] __do_fast_syscall_32+0x73/0x120 [ 422.581680][T13849] do_fast_syscall_32+0x32/0x80 [ 422.583114][T13849] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 422.584932][T13849] RIP: 0023:0xf7f50579 [ 422.586116][T13849] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 422.591653][T13849] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 422.594030][T13849] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040 [ 422.596317][T13849] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 422.598577][T13849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 422.600990][T13849] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 422.603394][T13849] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 422.606150][T13849] [ 422.719973][ T5948] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 422.880803][ T5948] usb 7-1: Using ep0 maxpacket: 8 [ 422.884774][ T5948] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 422.888895][ T5948] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 422.893008][ T5948] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 422.897066][ T5948] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 422.905934][ T5948] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 422.909679][ T5948] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.005531][T13867] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 423.008201][T13867] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 423.011400][T13867] vhci_hcd vhci_hcd.0: Device attached [ 423.147576][ T5948] usb 7-1: GET_CAPABILITIES returned 0 [ 423.149215][ T5948] usbtmc 7-1:16.0: can't read capabilities [ 423.201193][ T6431] vhci_hcd: vhci_device speed not set [ 423.265041][ T6220] usb 5-1: new low-speed USB device number 26 using dummy_hcd [ 423.267288][ T6431] usb 37-1: new full-speed USB device number 3 using vhci_hcd [ 423.430915][ T6220] usb 5-1: config 0 has no interfaces? [ 423.433196][ T6220] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 423.440657][ T6220] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.451310][ T6220] usb 5-1: config 0 descriptor?? [ 423.553761][ T66] usb 8-1: new high-speed USB device number 34 using dummy_hcd [ 423.681827][T13867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 423.692826][T13867] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 423.697614][ T6220] usb 5-1: USB disconnect, device number 26 [ 423.701399][T13868] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2 [ 423.707672][ T12] vhci_hcd: stop threads [ 423.709103][ T12] vhci_hcd: release socket [ 423.710545][ T12] vhci_hcd: disconnect device [ 423.724877][ T66] usb 8-1: Using ep0 maxpacket: 8 [ 423.728391][ T66] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 423.732449][ T66] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 423.737659][ T66] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 423.741668][ T66] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 423.747252][ T66] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 423.750928][ T66] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.981106][ T66] usb 8-1: GET_CAPABILITIES returned 0 [ 423.983487][ T66] usbtmc 8-1:16.0: can't read capabilities [ 424.054817][T13893] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2148'. [ 424.334302][ T3225] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 424.494494][ T3225] usb 6-1: Using ep0 maxpacket: 8 [ 424.510763][ T3225] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 424.514628][ T3225] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 424.518889][ T3225] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 424.523397][ T3225] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 424.528956][ T3225] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 424.532728][ T3225] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.741252][T13898] siw: device registration error -23 [ 424.771054][ T3225] usb 6-1: GET_CAPABILITIES returned 0 [ 424.772930][ T3225] usbtmc 6-1:16.0: can't read capabilities [ 424.990711][ T6220] usb 6-1: USB disconnect, device number 27 [ 425.777719][ T3225] usb 7-1: USB disconnect, device number 30 [ 425.779531][ T6220] usb 5-1: new low-speed USB device number 27 using dummy_hcd [ 425.916316][ T6220] usb 5-1: device descriptor read/64, error -71 [ 426.183586][ T6220] usb 5-1: new low-speed USB device number 28 using dummy_hcd [ 426.322558][ T6220] usb 5-1: device descriptor read/64, error -71 [ 426.440929][ T6220] usb usb5-port1: attempt power cycle [ 426.550254][ T66] usb 8-1: USB disconnect, device number 34 [ 426.790981][T13929] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2158'. [ 426.793680][T13929] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2158'. [ 426.814330][ T6220] usb 5-1: new low-speed USB device number 29 using dummy_hcd [ 426.847605][ T6220] usb 5-1: device descriptor read/8, error -71 [ 426.909717][T13937] lo speed is unknown, defaulting to 1000 [ 426.961171][T13937] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2160'. [ 426.965356][T13937] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2160'. [ 427.103081][ T6220] usb 5-1: new low-speed USB device number 30 using dummy_hcd [ 427.125263][ T6220] usb 5-1: device descriptor read/8, error -71 [ 427.243323][ T6220] usb usb5-port1: unable to enumerate USB device [ 427.641242][T13941] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2161'. [ 427.654255][T13941] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2161'. [ 427.671467][T13941] mkiss: ax0: crc mode is auto. [ 427.783845][T13946] loop2: detected capacity change from 0 to 7 [ 427.788246][T13946] Dev loop2: unable to read RDB block 7 [ 427.790124][T13946] loop2: AHDI p1 p2 p3 p4 [ 427.791775][T13946] loop2: partition table partially beyond EOD, truncated [ 427.794118][T13946] loop2: p1 start 2316988880 is beyond EOD, truncated [ 427.797693][T13946] loop2: p2 start 3872735472 is beyond EOD, truncated [ 427.799952][T13946] loop2: p3 start 1193984827 is beyond EOD, truncated [ 427.864750][ T5360] Dev loop2: unable to read RDB block 7 [ 427.867999][ T5360] loop2: AHDI p1 p2 p3 p4 [ 427.869764][ T5360] loop2: partition table partially beyond EOD, truncated [ 427.874989][ T5360] loop2: p1 start 2316988880 is beyond EOD, truncated [ 427.877553][ T5360] loop2: p2 start 3872735472 is beyond EOD, truncated [ 427.879998][ T5360] loop2: p3 start 1193984827 is beyond EOD, truncated [ 428.190598][ T5360] Dev loop2: unable to read RDB block 7 [ 428.192283][ T5360] loop2: AHDI p1 p2 p3 p4 [ 428.193971][ T5360] loop2: partition table partially beyond EOD, truncated [ 428.195119][T13959] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2164'. [ 428.199256][ T5360] loop2: p1 start 2316988880 is beyond EOD, truncated [ 428.201960][ T5360] loop2: p2 start 3872735472 is beyond EOD, truncated [ 428.203995][ T5360] loop2: p3 start 1193984827 is beyond EOD, truncated [ 428.438955][ T5360] Dev loop2: unable to read RDB block 7 [ 428.440773][ T5360] loop2: AHDI p1 p2 p3 p4 [ 428.442160][ T5360] loop2: partition table partially beyond EOD, truncated [ 428.444303][ T5360] loop2: p1 start 2316988880 is beyond EOD, truncated [ 428.446340][ T5360] loop2: p2 start 3872735472 is beyond EOD, truncated [ 428.448388][ T5360] loop2: p3 start 1193984827 is beyond EOD, truncated [ 428.482867][ T5360] Dev loop2: unable to read RDB block 7 [ 428.484833][ T5360] loop2: AHDI p1 p2 p3 p4 [ 428.486401][ T5360] loop2: partition table partially beyond EOD, truncated [ 428.489585][ T5360] loop2: p1 start 2316988880 is beyond EOD, truncated [ 428.491589][ T5360] loop2: p2 start 3872735472 is beyond EOD, truncated [ 428.495292][ T5360] loop2: p3 start 1193984827 is beyond EOD, truncated [ 428.600256][ T5360] Dev loop2: unable to read RDB block 7 [ 428.601875][ T5360] loop2: AHDI p1 p2 p3 p4 [ 428.603198][ T5360] loop2: partition table partially beyond EOD, truncated [ 428.605260][ T5360] loop2: p1 start 2316988880 is beyond EOD, truncated [ 428.607412][ T5360] loop2: p2 start 3872735472 is beyond EOD, truncated [ 428.609921][ T5360] loop2: p3 start 1193984827 is beyond EOD, truncated [ 428.760129][ T6431] vhci_hcd: vhci_device speed not set [ 429.125235][T13978] random: crng reseeded on system resumption [ 429.207549][T13980] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2172'. [ 429.212026][T13980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2172'. [ 430.359992][T13993] netlink: 187320 bytes leftover after parsing attributes in process `syz.2.2175'. [ 430.362671][T13993] net_ratelimit: 4 callbacks suppressed [ 430.362679][T13993] netlink: zone id is out of range [ 430.366439][T13993] netlink: zone id is out of range [ 430.368053][T13993] netlink: zone id is out of range [ 430.369560][T13993] netlink: zone id is out of range [ 430.371090][T13993] netlink: zone id is out of range [ 430.372705][T13993] netlink: zone id is out of range [ 430.375020][T13993] netlink: zone id is out of range [ 430.376942][T13993] netlink: zone id is out of range [ 430.378463][T13993] netlink: zone id is out of range [ 430.380083][T13993] netlink: zone id is out of range [ 430.505621][T14001] input: syz1 as /devices/virtual/input/input159 [ 430.536543][T14001] FAULT_INJECTION: forcing a failure. [ 430.536543][T14001] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 430.541877][T14001] CPU: 2 UID: 0 PID: 14001 Comm: syz.3.2178 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 430.545206][T14001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 430.548329][T14001] Call Trace: [ 430.549406][T14001] [ 430.550293][T14001] dump_stack_lvl+0x16c/0x1f0 [ 430.551702][T14001] should_fail_ex+0x497/0x5b0 [ 430.553162][T14001] _copy_from_user+0x2e/0xd0 [ 430.554514][T14001] input_event_from_user+0x22d/0x3b0 [ 430.556146][T14001] ? __pfx_input_event_from_user+0x10/0x10 [ 430.557853][T14001] ? input_event+0x57/0xa0 [ 430.559295][T14001] uinput_write+0xbb6/0x12b0 [ 430.560736][T14001] ? __pfx_uinput_write+0x10/0x10 [ 430.562754][T14001] ? bpf_lsm_file_permission+0x9/0x10 [ 430.564940][T14001] ? security_file_permission+0x71/0x210 [ 430.567245][T14001] ? __pfx_uinput_write+0x10/0x10 [ 430.569251][T14001] vfs_write+0x24c/0x1150 [ 430.571006][T14001] ? __fget_files+0x1fc/0x3a0 [ 430.572901][T14001] ? __pfx_lock_release+0x10/0x10 [ 430.574920][T14001] ? __pfx_vfs_write+0x10/0x10 [ 430.576871][T14001] ? lock_acquire+0x2f/0xb0 [ 430.578672][T14001] ? __fget_files+0x40/0x3a0 [ 430.580555][T14001] ? __fget_files+0x206/0x3a0 [ 430.582061][T14001] ksys_write+0x207/0x250 [ 430.583328][T14001] ? __pfx_ksys_write+0x10/0x10 [ 430.584775][T14001] __do_fast_syscall_32+0x73/0x120 [ 430.586237][T14001] do_fast_syscall_32+0x32/0x80 [ 430.587661][T14001] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 430.589514][T14001] RIP: 0023:0xf714e579 [ 430.590701][T14001] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 430.596157][T14001] RSP: 002b:00000000f514055c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 430.598549][T14001] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 430.600863][T14001] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000000 [ 430.603218][T14001] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 430.605505][T14001] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 430.607750][T14001] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 430.610825][T14001] [ 430.612264][ C2] vkms_vblank_simulate: vblank timer overrun [ 432.873436][T14046] __nla_validate_parse: 2 callbacks suppressed [ 432.873449][T14046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2190'. [ 432.893320][T14046] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2190'. [ 432.903881][T14046] mkiss: ax0: crc mode is auto. [ 433.222417][T14056] binder_alloc: 14055: binder_alloc_buf, no vma [ 433.286235][ T40] audit: type=1326 audit(1736544245.615:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.292895][ T40] audit: type=1326 audit(1736544245.615:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.299665][ T40] audit: type=1326 audit(1736544245.615:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=197 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.306285][ T40] audit: type=1326 audit(1736544245.615:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.323627][ T40] audit: type=1326 audit(1736544245.624:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.330498][ T40] audit: type=1326 audit(1736544245.624:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.336919][ T40] audit: type=1326 audit(1736544245.624:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.343245][ T40] audit: type=1326 audit(1736544245.624:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.349678][ T40] audit: type=1326 audit(1736544245.634:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.355829][ T40] audit: type=1326 audit(1736544245.634:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14058 comm="syz.1.2193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x7ffc0000 [ 433.634949][ T6431] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 433.795280][ T6431] usb 6-1: Using ep0 maxpacket: 16 [ 433.798643][ T6431] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 433.802402][ T6431] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 433.806312][ T6431] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024 [ 433.812423][ T6431] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 433.815215][ T6431] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 433.818066][ T6431] usb 6-1: Product: syz [ 433.819374][ T6431] usb 6-1: Manufacturer: syz [ 433.820755][ T6431] usb 6-1: SerialNumber: syz [ 433.828375][ T6431] usb 6-1: config 0 descriptor?? [ 434.105499][ T6431] appledisplay 6-1:0.0: Error while getting initial brightness: -110 [ 434.111896][ T6431] appledisplay 6-1:0.0: probe with driver appledisplay failed with error -110 [ 434.154185][ T6170] usb 6-1: USB disconnect, device number 28 [ 434.659834][T14077] loop2: detected capacity change from 0 to 7 [ 434.662282][T14077] Dev loop2: unable to read RDB block 7 [ 434.663901][T14077] loop2: AHDI p1 p2 p3 p4 [ 434.665206][T14077] loop2: partition table partially beyond EOD, truncated [ 434.667934][T14077] loop2: p1 start 2316988880 is beyond EOD, truncated [ 434.670044][T14077] loop2: p2 start 3872735472 is beyond EOD, truncated [ 434.672847][T14077] loop2: p3 start 1193984827 is beyond EOD, truncated [ 434.875097][ T5948] usb 8-1: new high-speed USB device number 36 using dummy_hcd [ 435.041159][ T5948] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 435.044736][ T5948] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 435.049030][ T5948] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 435.052609][ T5948] usb 8-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 435.058258][ T5948] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 435.061704][ T5948] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 435.064947][ T5948] usb 8-1: Product: syz [ 435.066592][ T5948] usb 8-1: Manufacturer: syz [ 435.075327][ T5948] cdc_wdm 8-1:1.0: skipping garbage [ 435.077499][ T5948] cdc_wdm 8-1:1.0: skipping garbage [ 435.079759][ T5948] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 435.745824][T14096] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2202'. [ 435.748530][T14096] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2202'. [ 436.518454][ T6170] usb 8-1: USB disconnect, device number 36 [ 437.169322][T14103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2203'. [ 437.173026][T14103] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2203'. [ 438.595573][T14125] netfs: Couldn't get user pages (rc=-14) [ 439.172768][ T5948] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 439.354422][ T5948] usb 6-1: Using ep0 maxpacket: 16 [ 439.357444][ T5948] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 439.360669][ T5948] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 439.364633][ T5948] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 439.368381][ T5948] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 439.372121][ T5948] usb 6-1: config 0 descriptor?? [ 439.374397][T14139] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 439.589586][ T833] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 439.782191][ T833] usb 5-1: Using ep0 maxpacket: 16 [ 439.785605][ T833] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 439.788997][ T833] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 439.792233][ T833] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 439.794920][ T833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 439.798313][ T833] usb 5-1: config 0 descriptor?? [ 439.800328][T14146] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 439.812669][ T5948] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.0046/input/input160 [ 439.892311][ T5948] appleir 0003:05AC:8241.0046: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0 [ 440.299982][ T833] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.0047/input/input161 [ 440.361361][ T833] appleir 0003:05AC:8241.0047: input,hiddev1,hidraw2: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0 [ 440.921936][ T5948] usb 5-1: USB disconnect, device number 31 [ 441.786999][T14169] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 441.788892][T14169] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 441.794069][T14169] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 441.796563][T14169] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 441.800374][T14169] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 441.802173][T14169] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 441.984816][ T6431] usb 6-1: USB disconnect, device number 29 [ 442.046399][ T40] kauditd_printk_skb: 26 callbacks suppressed [ 442.046414][ T40] audit: type=1800 audit(1736544253.809:363): pid=14182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2226" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0 [ 442.230581][T14209] virtio-fs: tag <(null)> not found [ 442.588777][ T833] libceph: connect (1)[c::]:6789 error -101 [ 442.590512][ T833] libceph: mon0 (1)[c::]:6789 connect error [ 442.752397][T14217] ceph: No mds server is up or the cluster is laggy [ 443.006175][T14238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2240'. [ 443.008840][T14238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2240'. [ 444.148153][T14268] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2249'. [ 446.041054][T14319] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2264'. [ 446.043576][T14319] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2264'. [ 446.356901][ T833] usb 8-1: new high-speed USB device number 37 using dummy_hcd [ 446.517285][ T833] usb 8-1: Using ep0 maxpacket: 16 [ 446.522504][ T833] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 446.526091][ T833] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 446.529942][ T833] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 446.532775][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 446.537015][ T833] usb 8-1: config 0 descriptor?? [ 446.539467][T14322] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 446.862313][T14340] FAULT_INJECTION: forcing a failure. [ 446.862313][T14340] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 446.866318][T14340] CPU: 3 UID: 0 PID: 14340 Comm: syz.0.2271 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 446.869594][T14340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 446.873040][T14340] Call Trace: [ 446.873997][T14340] [ 446.875034][T14340] dump_stack_lvl+0x16c/0x1f0 [ 446.876591][T14340] should_fail_ex+0x497/0x5b0 [ 446.878087][T14340] _copy_to_user+0x32/0xd0 [ 446.879449][T14340] simple_read_from_buffer+0xd0/0x160 [ 446.880961][T14340] proc_fail_nth_read+0x198/0x270 [ 446.882396][T14340] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 446.884017][T14340] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 446.885538][T14340] vfs_read+0x1df/0xbe0 [ 446.886784][T14340] ? __fget_files+0x1fc/0x3a0 [ 446.888248][T14340] ? __pfx___mutex_lock+0x10/0x10 [ 446.889854][T14340] ? __pfx_vfs_read+0x10/0x10 [ 446.891267][T14340] ? __fget_files+0x206/0x3a0 [ 446.892709][T14340] ksys_read+0x12b/0x250 [ 446.893975][T14340] ? __pfx_ksys_read+0x10/0x10 [ 446.895478][T14340] __do_fast_syscall_32+0x73/0x120 [ 446.897097][T14340] do_fast_syscall_32+0x32/0x80 [ 446.898600][T14340] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 446.900531][T14340] RIP: 0023:0xf707e579 [ 446.901773][T14340] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 446.907552][T14340] RSP: 002b:00000000f5070590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 446.910698][T14340] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5070620 [ 446.913136][T14340] RDX: 000000000000000f RSI: 00000000f73b3ff4 RDI: 0000000000000000 [ 446.915446][T14340] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 446.917713][T14340] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 446.919955][T14340] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 446.922161][T14340] [ 446.987945][ T833] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.0048/input/input162 [ 447.059547][ T833] appleir 0003:05AC:8241.0048: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 447.340721][T14350] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2274'. [ 447.343352][T14350] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2274'. [ 447.426184][T14353] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2275'. [ 448.543515][T14373] 9pnet: Unknown protocol version 9p2000. [ 449.021365][ T66] usb 8-1: USB disconnect, device number 37 [ 449.394955][T14398] binder_alloc: 14396: binder_alloc_buf, no vma [ 449.757503][ T833] usb 8-1: new high-speed USB device number 38 using dummy_hcd [ 449.927435][ T833] usb 8-1: Using ep0 maxpacket: 16 [ 449.931358][ T833] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 449.935369][ T833] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 449.945880][ T833] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 449.949482][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 449.953804][ T833] usb 8-1: config 0 descriptor?? [ 449.956200][T14403] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 449.958083][T14411] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2295'. [ 449.961594][T14411] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2295'. [ 450.397148][ T833] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.0049/input/input163 [ 450.467093][ T833] appleir 0003:05AC:8241.0049: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 451.648694][ T66] usb 8-1: reset high-speed USB device number 38 using dummy_hcd [ 452.245514][T14450] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2304'. [ 452.536384][ T6431] usb 8-1: USB disconnect, device number 38 [ 452.675891][T14459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2305'. [ 452.689380][T14460] 9pnet: Unknown protocol version 9p2000. [ 452.857513][T14467] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2309'. [ 453.370020][T14481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2311'. [ 454.048602][T14494] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2317'. [ 454.052027][T14495] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2317'. [ 454.120168][T14497] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 454.184008][T14500] FAULT_INJECTION: forcing a failure. [ 454.184008][T14500] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 454.187679][T14500] CPU: 1 UID: 0 PID: 14500 Comm: syz.2.2319 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 454.190843][T14500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.193859][T14500] Call Trace: [ 454.194823][T14500] [ 454.195678][T14500] dump_stack_lvl+0x16c/0x1f0 [ 454.197057][T14500] should_fail_ex+0x497/0x5b0 [ 454.198421][T14500] _copy_to_user+0x32/0xd0 [ 454.199719][T14500] simple_read_from_buffer+0xd0/0x160 [ 454.201398][T14500] proc_fail_nth_read+0x198/0x270 [ 454.202857][T14500] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 454.204470][T14500] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 454.206070][T14500] vfs_read+0x1df/0xbe0 [ 454.207195][T14500] ? __fget_files+0x1fc/0x3a0 [ 454.208522][T14500] ? __pfx___mutex_lock+0x10/0x10 [ 454.209857][T14500] ? __pfx_vfs_read+0x10/0x10 [ 454.211194][T14500] ? __fget_files+0x206/0x3a0 [ 454.212559][T14500] ksys_read+0x12b/0x250 [ 454.213791][T14500] ? __pfx_ksys_read+0x10/0x10 [ 454.215190][T14500] __do_fast_syscall_32+0x73/0x120 [ 454.216694][T14500] do_fast_syscall_32+0x32/0x80 [ 454.218075][T14500] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.219863][T14500] RIP: 0023:0xf709e579 [ 454.221011][T14500] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.226516][T14500] RSP: 002b:00000000f5090590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 454.228911][T14500] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5090620 [ 454.231159][T14500] RDX: 000000000000000f RSI: 00000000f73d3ff4 RDI: 0000000000000000 [ 454.233350][T14500] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 454.235524][T14500] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.237803][T14500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.240086][T14500] [ 455.590944][T14540] lo speed is unknown, defaulting to 1000 [ 455.632302][ T5948] IPVS: starting estimator thread 0... [ 455.721812][T14542] IPVS: using max 41 ests per chain, 98400 per kthread [ 455.799655][T14540] binder: 14539:14540 ioctl c04c5611 20000180 returned -22 [ 455.802477][T14540] binder: 14539:14540 ioctl c0306201 200003c0 returned -14 [ 455.805654][T14540] binder: 14539:14540 ioctl c0306201 20000380 returned -14 [ 455.925175][T14550] FAULT_INJECTION: forcing a failure. [ 455.925175][T14550] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 455.929057][T14550] CPU: 2 UID: 0 PID: 14550 Comm: syz.3.2335 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 455.932950][T14550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 455.937023][T14550] Call Trace: [ 455.938304][T14550] [ 455.939463][T14550] dump_stack_lvl+0x16c/0x1f0 [ 455.941298][T14550] should_fail_ex+0x497/0x5b0 [ 455.943115][T14550] _copy_to_user+0x32/0xd0 [ 455.944858][T14550] lsm_fill_user_ctx+0x1ae/0x290 [ 455.946878][T14550] apparmor_getselfattr+0x311/0x380 [ 455.948896][T14550] ? __pfx_apparmor_getselfattr+0x10/0x10 [ 455.951069][T14550] ? lock_acquire+0x2f/0xb0 [ 455.952808][T14550] ? __might_fault+0xe3/0x190 [ 455.954623][T14550] security_getselfattr+0x2fa/0x510 [ 455.956615][T14550] ? find_held_lock+0x2d/0x110 [ 455.958446][T14550] ? __pfx_security_getselfattr+0x10/0x10 [ 455.960614][T14550] ? syscall_trace_enter+0x1cd/0x260 [ 455.962653][T14550] __ia32_sys_lsm_get_self_attr+0x93/0x100 [ 455.964890][T14550] __do_fast_syscall_32+0x73/0x120 [ 455.966836][T14550] do_fast_syscall_32+0x32/0x80 [ 455.968799][T14550] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 455.971226][T14550] RIP: 0023:0xf714e579 [ 455.972782][T14550] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 455.980010][T14550] RSP: 002b:00000000f514055c EFLAGS: 00000296 ORIG_RAX: 00000000000001cb [ 455.983161][T14550] RAX: ffffffffffffffda RBX: 0000000000000064 RCX: 0000000020000580 [ 455.986103][T14550] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 455.988997][T14550] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 455.992026][T14550] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 455.995047][T14550] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 455.998031][T14550] [ 456.212325][T14562] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 456.283696][ T39] IPVS: stop unused estimator thread 0... [ 456.771518][T14574] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 456.956851][T14580] binder: BINDER_SET_CONTEXT_MGR already set [ 456.960627][T14580] binder: 14578:14580 ioctl 4018620d 20000100 returned -16 [ 457.083598][T14580] lo speed is unknown, defaulting to 1000 [ 457.122081][ T30] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 457.228493][T14590] lo speed is unknown, defaulting to 1000 [ 457.326923][ T30] usb 6-1: Using ep0 maxpacket: 8 [ 457.330847][ T30] usb 6-1: config 7 has an invalid interface number: 161 but max is 0 [ 457.333308][ T30] usb 6-1: config 7 has no interface number 0 [ 457.335067][ T30] usb 6-1: config 7 interface 161 has no altsetting 0 [ 457.348338][ T30] usb 6-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=4e.59 [ 457.352281][ T30] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 457.357986][ T30] usb 6-1: Product: syz [ 457.359358][ T30] usb 6-1: Manufacturer: syz [ 457.362031][ T30] usb 6-1: SerialNumber: syz [ 458.172731][ T30] hub 6-1:7.161: bad descriptor, ignoring hub [ 458.176439][ T30] hub 6-1:7.161: probe with driver hub failed with error -5 [ 458.182284][ T30] cypress_m8 6-1:7.161: HID->COM RS232 Adapter converter detected [ 458.189627][ T30] cyphidcom ttyUSB0: required endpoint is missing [ 458.224724][ T30] usb 6-1: USB disconnect, device number 30 [ 458.230367][ T30] cypress_m8 6-1:7.161: device disconnected [ 458.644064][T14606] Process accounting resumed [ 458.959850][T14619] FAULT_INJECTION: forcing a failure. [ 458.959850][T14619] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 458.966295][T14619] CPU: 3 UID: 0 PID: 14619 Comm: syz.2.2358 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 458.970522][T14619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 458.974670][T14619] Call Trace: [ 458.975835][T14619] [ 458.976872][T14619] dump_stack_lvl+0x16c/0x1f0 [ 458.978684][T14619] should_fail_ex+0x497/0x5b0 [ 458.980417][T14619] _copy_to_user+0x32/0xd0 [ 458.981718][T14619] simple_read_from_buffer+0xd0/0x160 [ 458.983644][T14619] proc_fail_nth_read+0x198/0x270 [ 458.985689][T14619] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 458.987973][T14619] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 458.990191][T14619] vfs_read+0x1df/0xbe0 [ 458.991915][T14619] ? __fget_files+0x1fc/0x3a0 [ 458.993825][T14619] ? __pfx___mutex_lock+0x10/0x10 [ 458.995875][T14619] ? __pfx_vfs_read+0x10/0x10 [ 458.997755][T14619] ? __fget_files+0x206/0x3a0 [ 458.999680][T14619] ksys_read+0x12b/0x250 [ 459.001401][T14619] ? __pfx_ksys_read+0x10/0x10 [ 459.003345][T14619] __do_fast_syscall_32+0x73/0x120 [ 459.005445][T14619] do_fast_syscall_32+0x32/0x80 [ 459.007402][T14619] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 459.009966][T14619] RIP: 0023:0xf709e579 [ 459.011558][T14619] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 459.018751][T14619] RSP: 002b:00000000f5090590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 459.021866][T14619] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5090620 [ 459.024804][T14619] RDX: 000000000000000f RSI: 00000000f73d3ff4 RDI: 0000000000000000 [ 459.027905][T14619] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 459.031134][T14619] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 459.034140][T14619] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 459.037059][T14619] [ 459.075698][ T5956] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 459.082628][ T5956] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 459.085377][ T5956] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 459.092235][ T5956] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 459.095556][ T5956] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 459.098384][ T5956] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 459.119479][ T68] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 459.123574][ T68] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 459.127198][ T68] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 459.129595][ T68] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 459.133220][ T68] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 459.135546][ T68] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 459.154281][T14621] lo speed is unknown, defaulting to 1000 [ 459.224019][T14621] chnl_net:caif_netlink_parms(): no params data found [ 459.294561][T14621] bridge0: port 1(bridge_slave_0) entered blocking state [ 459.296692][T14621] bridge0: port 1(bridge_slave_0) entered disabled state [ 459.298860][T14621] bridge_slave_0: entered allmulticast mode [ 459.301025][T14621] bridge_slave_0: entered promiscuous mode [ 459.305224][T14621] bridge0: port 2(bridge_slave_1) entered blocking state [ 459.307386][T14621] bridge0: port 2(bridge_slave_1) entered disabled state [ 459.309444][T14621] bridge_slave_1: entered allmulticast mode [ 459.311609][T14621] bridge_slave_1: entered promiscuous mode [ 459.348152][T14621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 459.354257][T14621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 459.378960][T14621] team0: Port device team_slave_0 added [ 459.384481][T14621] team0: Port device team_slave_1 added [ 459.403063][T14621] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 459.405071][T14621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 459.412507][T14621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 459.416324][T14621] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 459.418311][T14621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 459.426262][T14621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 459.478537][T14621] hsr_slave_0: entered promiscuous mode [ 459.480798][T14621] hsr_slave_1: entered promiscuous mode [ 459.482931][T14621] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 459.485482][T14621] Cannot create hsr debugfs directory [ 459.541184][T14642] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 19971 - 0 [ 459.544576][T14642] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 19971 - 0 [ 459.547794][T14642] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 19971 - 0 [ 459.554064][T14642] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 19971 - 0 [ 459.654052][T14621] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.659517][T14621] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 459.879158][T14621] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.883917][T14621] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 459.957382][T14621] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.960387][T14621] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 460.022004][T14621] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.025851][T14621] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 460.252193][T14621] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 460.267607][T14621] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 460.273141][T14621] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 460.279107][T14621] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 460.341823][T14621] 8021q: adding VLAN 0 to HW filter on device bond0 [ 460.376640][T14621] 8021q: adding VLAN 0 to HW filter on device team0 [ 460.396415][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 460.399505][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 460.418457][T14501] bridge0: port 2(bridge_slave_1) entered blocking state [ 460.421404][T14501] bridge0: port 2(bridge_slave_1) entered forwarding state [ 460.718424][T14661] Bluetooth: MGMT ver 1.23 [ 460.722965][T14661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2367'. [ 460.813896][T14621] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 460.868583][T14621] veth0_vlan: entered promiscuous mode [ 460.877879][T14621] veth1_vlan: entered promiscuous mode [ 460.896696][T14621] veth0_macvtap: entered promiscuous mode [ 460.905617][T14621] veth1_macvtap: entered promiscuous mode [ 460.914333][T14621] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 460.918131][T14621] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.921442][T14621] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 460.924786][T14621] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 460.927807][T14621] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.931760][T14621] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 460.935174][T14621] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.937684][T14621] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.940683][T14621] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.943155][T14621] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.981420][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 460.984478][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 461.001952][T14501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 461.036784][T14501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 461.106274][T14670] serio: Serial port ttynull [ 461.357275][ T68] Bluetooth: hci0: command tx timeout [ 461.652259][T14681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2356'. [ 461.684052][T14681] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 461.686999][T14681] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 461.689792][T14681] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 461.692396][T14681] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 461.720113][T14681] vxlan0: entered promiscuous mode [ 462.211642][T14686] FAULT_INJECTION: forcing a failure. [ 462.211642][T14686] name failslab, interval 1, probability 0, space 0, times 0 [ 462.215603][T14686] CPU: 0 UID: 0 PID: 14686 Comm: syz.2.2375 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 462.218792][T14686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 462.221983][T14686] Call Trace: [ 462.223030][T14686] [ 462.224043][T14686] dump_stack_lvl+0x16c/0x1f0 [ 462.225528][T14686] should_fail_ex+0x497/0x5b0 [ 462.226999][T14686] ? fs_reclaim_acquire+0xae/0x150 [ 462.228609][T14686] should_failslab+0xc2/0x120 [ 462.230118][T14686] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 462.231933][T14686] ? __alloc_skb+0x2b3/0x380 [ 462.233486][T14686] __alloc_skb+0x2b3/0x380 [ 462.234999][T14686] ? __pfx___alloc_skb+0x10/0x10 [ 462.236545][T14686] ? lock_acquire+0x2f/0xb0 [ 462.237980][T14686] netlink_alloc_large_skb+0x69/0x130 [ 462.239612][T14686] netlink_sendmsg+0x689/0xd70 [ 462.241144][T14686] ? __pfx_netlink_sendmsg+0x10/0x10 [ 462.242940][T14686] ____sys_sendmsg+0x9ae/0xb40 [ 462.244511][T14686] ? __pfx_____sys_sendmsg+0x10/0x10 [ 462.246280][T14686] ? get_compat_msghdr+0x11b/0x170 [ 462.247889][T14686] ___sys_sendmsg+0x135/0x1e0 [ 462.249397][T14686] ? __pfx____sys_sendmsg+0x10/0x10 [ 462.251035][T14686] ? __pfx_lock_release+0x10/0x10 [ 462.252571][T14686] ? trace_lock_acquire+0x14e/0x1f0 [ 462.254294][T14686] ? __fget_files+0x206/0x3a0 [ 462.256019][T14686] __sys_sendmsg+0x16e/0x220 [ 462.257828][T14686] ? __pfx___sys_sendmsg+0x10/0x10 [ 462.259580][T14686] __do_fast_syscall_32+0x73/0x120 [ 462.261233][T14686] do_fast_syscall_32+0x32/0x80 [ 462.262826][T14686] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 462.264820][T14686] RIP: 0023:0xf709e579 [ 462.266201][T14686] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 462.272239][T14686] RSP: 002b:00000000f509055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 462.274833][T14686] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100 [ 462.277441][T14686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 462.280004][T14686] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 462.282473][T14686] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 462.284988][T14686] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 462.287542][T14686] [ 462.293344][T14689] FAULT_INJECTION: forcing a failure. [ 462.293344][T14689] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 462.298648][T14689] CPU: 2 UID: 0 PID: 14689 Comm: syz.1.2376 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 462.302596][T14689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 462.306506][T14689] Call Trace: [ 462.307768][T14689] [ 462.308866][T14689] dump_stack_lvl+0x16c/0x1f0 [ 462.310646][T14689] should_fail_ex+0x497/0x5b0 [ 462.312415][T14689] _copy_to_user+0x32/0xd0 [ 462.314102][T14689] simple_read_from_buffer+0xd0/0x160 [ 462.316098][T14689] proc_fail_nth_read+0x198/0x270 [ 462.317961][T14689] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 462.320018][T14689] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 462.322070][T14689] vfs_read+0x1df/0xbe0 [ 462.323656][T14689] ? __fget_files+0x1fc/0x3a0 [ 462.325401][T14689] ? __pfx___mutex_lock+0x10/0x10 [ 462.327279][T14689] ? __pfx_vfs_read+0x10/0x10 [ 462.329045][T14689] ? __fget_files+0x206/0x3a0 [ 462.330820][T14689] ksys_read+0x12b/0x250 [ 462.332405][T14689] ? __pfx_ksys_read+0x10/0x10 [ 462.334199][T14689] __do_fast_syscall_32+0x73/0x120 [ 462.336149][T14689] do_fast_syscall_32+0x32/0x80 [ 462.337989][T14689] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 462.340377][T14689] RIP: 0023:0xf7fe1579 [ 462.341921][T14689] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 462.349043][T14689] RSP: 002b:00000000f5115590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 462.352182][T14689] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5115620 [ 462.355228][T14689] RDX: 000000000000000f RSI: 00000000f7473ff4 RDI: 0000000000000000 [ 462.358183][T14689] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 462.361158][T14689] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 462.364127][T14689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 462.367121][T14689] [ 462.426622][ T5298] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 462.432293][ T5298] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 462.437532][ T5298] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 462.445026][ T5298] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 462.454394][ T5298] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 462.458189][ T5298] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 462.508029][T14701] serio: Serial port ttynull [ 462.584295][T14690] lo speed is unknown, defaulting to 1000 [ 462.869010][T14690] chnl_net:caif_netlink_parms(): no params data found [ 462.933127][T14690] bridge0: port 1(bridge_slave_0) entered blocking state [ 462.935267][T14690] bridge0: port 1(bridge_slave_0) entered disabled state [ 462.937373][T14690] bridge_slave_0: entered allmulticast mode [ 462.940185][T14690] bridge_slave_0: entered promiscuous mode [ 462.942791][T14690] bridge0: port 2(bridge_slave_1) entered blocking state [ 462.944854][T14690] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.946950][T14690] bridge_slave_1: entered allmulticast mode [ 462.949116][T14690] bridge_slave_1: entered promiscuous mode [ 463.000603][T14720] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2383'. [ 463.004559][T14720] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2383'. [ 463.098340][ T40] audit: type=1326 audit(1736544273.480:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.107162][ T40] audit: type=1326 audit(1736544273.480:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.115635][ T40] audit: type=1326 audit(1736544273.490:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.124941][ T40] audit: type=1326 audit(1736544273.490:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.152878][ T40] audit: type=1326 audit(1736544273.499:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.163501][ T40] audit: type=1326 audit(1736544273.555:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=9 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.171732][ T40] audit: type=1326 audit(1736544273.555:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.180865][ T40] audit: type=1326 audit(1736544273.555:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.189731][ T40] audit: type=1326 audit(1736544273.555:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.198303][ T40] audit: type=1326 audit(1736544273.565:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.0.2383" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 463.289464][T14690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 463.295238][T14690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 463.340596][T14690] team0: Port device team_slave_0 added [ 463.345135][T14690] team0: Port device team_slave_1 added [ 463.413589][T14690] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 463.416417][T14690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 463.427795][T14690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 463.434421][T14690] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 463.437212][T14690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 463.447776][T14690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 463.499410][T14690] hsr_slave_0: entered promiscuous mode [ 463.504817][T14690] hsr_slave_1: entered promiscuous mode [ 463.507646][T14690] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 463.510713][T14690] Cannot create hsr debugfs directory [ 463.583373][ T5298] Bluetooth: hci0: command 0x041b tx timeout [ 463.590400][T14690] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.694970][T14690] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.750404][ T8] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 463.789080][T14690] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.884123][T14690] bridge0: port 3(netdevsim0) entered disabled state [ 463.893843][T14690] netdevsim netdevsim3 netdevsim0 (unregistering): left allmulticast mode [ 463.896165][T14690] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode [ 463.898535][T14690] bridge0: port 3(netdevsim0) entered disabled state [ 463.906148][T14690] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.932147][ T8] usb 6-1: Using ep0 maxpacket: 16 [ 463.935799][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 463.938741][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 463.941637][ T8] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 463.944506][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.947511][ T8] usb 6-1: config 0 descriptor?? [ 463.949426][T14730] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 463.996439][ T30] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 464.023060][T14690] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 464.026304][T14690] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 464.029745][T14690] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 464.032866][T14690] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 464.061660][T14690] 8021q: adding VLAN 0 to HW filter on device bond0 [ 464.071868][T14690] 8021q: adding VLAN 0 to HW filter on device team0 [ 464.076367][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 464.078621][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 464.093615][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.095688][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 464.167317][ T30] usb 7-1: Using ep0 maxpacket: 16 [ 464.174503][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 464.177692][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 464.181097][ T30] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 464.183693][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.189072][ T30] usb 7-1: config 0 descriptor?? [ 464.190723][T14690] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 464.190938][T14732] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 464.218276][T14690] veth0_vlan: entered promiscuous mode [ 464.225865][T14690] veth1_vlan: entered promiscuous mode [ 464.241940][T14690] veth0_macvtap: entered promiscuous mode [ 464.248919][T14690] veth1_macvtap: entered promiscuous mode [ 464.258927][T14690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 464.263085][T14690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.267598][T14690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 464.271695][T14690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.276919][T14690] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 464.282941][T14690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 464.288044][T14690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.291898][T14690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 464.296021][T14690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.300655][T14690] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 464.313757][T14690] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.318259][T14690] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.321722][T14690] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.325069][T14690] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.367877][ T1225] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 464.371502][ T1225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 464.385777][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 464.389015][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 464.402797][ T8] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.004A/input/input164 [ 464.470599][ T8] appleir 0003:05AC:8241.004A: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0 [ 464.512314][T14741] veth0_vlan: left promiscuous mode [ 464.514850][T14741] veth0_vlan: entered promiscuous mode [ 464.616506][ T5298] Bluetooth: hci1: command tx timeout [ 464.628456][ T30] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.004B/input/input165 [ 464.706163][ T30] appleir 0003:05AC:8241.004B: input,hiddev1,hidraw2: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0 [ 465.064423][T14754] FAULT_INJECTION: forcing a failure. [ 465.064423][T14754] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 465.069959][T14754] CPU: 1 UID: 0 PID: 14754 Comm: syz.2.2387 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 465.074027][T14754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 465.078039][T14754] Call Trace: [ 465.079334][T14754] [ 465.080459][T14754] dump_stack_lvl+0x16c/0x1f0 [ 465.082254][T14754] should_fail_ex+0x497/0x5b0 [ 465.084094][T14754] _copy_from_user+0x2e/0xd0 [ 465.085851][T14754] kstrtouint_from_user+0xd7/0x1c0 [ 465.087920][T14754] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 465.090077][T14754] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 465.092222][T14754] proc_fail_nth_write+0x84/0x250 [ 465.094143][T14754] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 465.096292][T14754] ? ksys_write+0x12b/0x250 [ 465.098029][T14754] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 465.100093][T14754] vfs_write+0x24c/0x1150 [ 465.101739][T14754] ? __fget_files+0x1fc/0x3a0 [ 465.103569][T14754] ? __pfx___mutex_lock+0x10/0x10 [ 465.105480][T14754] ? __pfx_vfs_write+0x10/0x10 [ 465.107293][T14754] ? __fget_files+0x206/0x3a0 [ 465.109100][T14754] ksys_write+0x12b/0x250 [ 465.110780][T14754] ? __pfx_ksys_write+0x10/0x10 [ 465.112652][T14754] __do_fast_syscall_32+0x73/0x120 [ 465.114614][T14754] do_fast_syscall_32+0x32/0x80 [ 465.116459][T14754] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 465.118839][T14754] RIP: 0023:0xf709e579 [ 465.120398][T14754] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 465.127575][T14754] RSP: 002b:00000000f504e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 465.130712][T14754] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f504e620 [ 465.133655][T14754] RDX: 0000000000000001 RSI: 00000000f73d3ff4 RDI: 0000000000000000 [ 465.136603][T14754] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 465.139562][T14754] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 465.142517][T14754] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 465.145525][T14754] [ 465.146844][ C1] vkms_vblank_simulate: vblank timer overrun [ 465.624949][ T833] usb 7-1: USB disconnect, device number 31 [ 466.444547][T14771] nftables ruleset with unbound chain [ 466.458093][ T5948] usb 6-1: USB disconnect, device number 31 [ 466.730671][T14773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2396'. [ 466.741181][T14773] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2396'. [ 466.834380][ T5298] Bluetooth: hci1: command tx timeout [ 467.504414][ T5956] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 467.508039][ T5956] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 467.511392][ T5956] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 467.514811][ T5956] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 467.517247][ T5956] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 467.519712][ T5956] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 467.564028][T14786] lo speed is unknown, defaulting to 1000 [ 467.634712][T14786] chnl_net:caif_netlink_parms(): no params data found [ 467.795049][T14786] bridge0: port 1(bridge_slave_0) entered blocking state [ 467.797145][T14786] bridge0: port 1(bridge_slave_0) entered disabled state [ 467.799171][T14786] bridge_slave_0: entered allmulticast mode [ 467.801288][T14786] bridge_slave_0: entered promiscuous mode [ 467.808385][T14786] bridge0: port 2(bridge_slave_1) entered blocking state [ 467.810457][T14786] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.812603][T14786] bridge_slave_1: entered allmulticast mode [ 467.817237][T14786] bridge_slave_1: entered promiscuous mode [ 467.852782][T14786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 467.856745][T14786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 467.893845][T14786] team0: Port device team_slave_0 added [ 467.899314][T14786] team0: Port device team_slave_1 added [ 467.961423][T14786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 467.967186][T14786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 467.976722][T14786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 467.981880][T14786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 467.984778][T14786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 467.994301][T14786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 468.026879][T14786] hsr_slave_0: entered promiscuous mode [ 468.029691][T14786] hsr_slave_1: entered promiscuous mode [ 468.031824][T14786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 468.034601][T14786] Cannot create hsr debugfs directory [ 468.178442][T14786] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.440563][T14786] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.560157][T14786] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.654246][T14786] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.801822][T14786] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 468.807351][T14786] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 468.812330][T14786] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 468.819535][T14786] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 468.886817][T14786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 468.908537][T14786] 8021q: adding VLAN 0 to HW filter on device team0 [ 468.912681][T14501] bridge0: port 1(bridge_slave_0) entered blocking state [ 468.914921][T14501] bridge0: port 1(bridge_slave_0) entered forwarding state [ 468.945209][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state [ 468.948243][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 468.999008][T14786] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 469.002075][T14786] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 469.053275][ T5298] Bluetooth: hci1: command tx timeout [ 469.275097][T14786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 469.297702][T14786] veth0_vlan: entered promiscuous mode [ 469.302677][T14786] veth1_vlan: entered promiscuous mode [ 469.317043][T14786] veth0_macvtap: entered promiscuous mode [ 469.321139][T14786] veth1_macvtap: entered promiscuous mode [ 469.329324][T14786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.333632][T14786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.336611][T14786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.340050][T14786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.344025][T14786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.347182][T14786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.350804][T14786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 469.359725][T14786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.364055][T14786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.366937][T14786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.370014][T14786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.372888][T14786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.376879][T14786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.381347][T14786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 469.386870][T14786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.389528][T14786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.392168][T14786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.394767][T14786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.426069][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 469.433897][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 469.451698][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 469.454370][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 469.742829][ T5298] Bluetooth: hci4: command tx timeout [ 470.109152][T14826] netlink: 'syz.0.2410': attribute type 10 has an invalid length. [ 471.288814][ T5298] Bluetooth: hci1: command tx timeout [ 471.669873][T14871] 9pnet_virtio: no channels available for device syz [ 471.960830][ T5298] Bluetooth: hci4: command 0x041b tx timeout [ 472.772807][T14893] FAULT_INJECTION: forcing a failure. [ 472.772807][T14893] name failslab, interval 1, probability 0, space 0, times 0 [ 472.781386][T14893] CPU: 0 UID: 0 PID: 14893 Comm: syz.1.2430 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 472.784516][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 472.787581][T14893] Call Trace: [ 472.788546][T14893] [ 472.789410][T14893] dump_stack_lvl+0x16c/0x1f0 [ 472.790772][T14893] should_fail_ex+0x497/0x5b0 [ 472.792511][T14893] ? fs_reclaim_acquire+0xae/0x150 [ 472.794636][T14893] should_failslab+0xc2/0x120 [ 472.796092][T14893] __kmalloc_noprof+0xce/0x4f0 [ 472.797708][T14893] ? video_usercopy+0x1b4/0x1520 [ 472.799507][T14893] video_usercopy+0x1b4/0x1520 [ 472.801338][T14893] ? __pfx___video_do_ioctl+0x10/0x10 [ 472.803481][T14893] ? __pfx_video_usercopy+0x10/0x10 [ 472.805437][T14893] v4l2_ioctl+0x1ba/0x250 [ 472.806795][T14893] ? __fget_files+0x121/0x3a0 [ 472.808167][T14893] v4l2_compat_ioctl32+0x214/0x2c0 [ 472.809625][T14893] ? __pfx_v4l2_compat_ioctl32+0x10/0x10 [ 472.811226][T14893] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 472.812712][T14893] __do_fast_syscall_32+0x73/0x120 [ 472.814162][T14893] do_fast_syscall_32+0x32/0x80 [ 472.815540][T14893] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 472.817455][T14893] RIP: 0023:0xf7fe1579 [ 472.818771][T14893] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 472.825714][T14893] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 472.827971][T14893] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0d05605 [ 472.830223][T14893] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 472.832478][T14893] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 472.834740][T14893] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 472.837050][T14893] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 472.839874][T14893] [ 473.127092][ T5948] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 473.286392][ T5948] usb 6-1: Using ep0 maxpacket: 16 [ 473.289167][ T5948] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 473.292479][ T5948] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 473.296331][ T5948] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 473.303792][ T5948] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.307880][ T5948] usb 6-1: config 0 descriptor?? [ 473.309956][T14898] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 473.516647][T14908] netfs: Couldn't get user pages (rc=-14) [ 473.747132][ T5948] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.004C/input/input166 [ 473.813512][ T5948] appleir 0003:05AC:8241.004C: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0 [ 474.238012][ T5956] Bluetooth: hci4: command 0x041b tx timeout [ 474.879295][T14923] syz.3.2438: attempt to access beyond end of device [ 474.879295][T14923] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0 [ 474.884416][T14923] syz.3.2438: attempt to access beyond end of device [ 474.884416][T14923] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 474.903801][T14923] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0 [ 475.653619][T14936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2442'. [ 475.656213][T14936] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2442'. [ 475.756987][ T832] usb 6-1: USB disconnect, device number 32 [ 476.068188][ T6170] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 476.134298][ T3225] usb 8-1: new high-speed USB device number 39 using dummy_hcd [ 476.226374][ T6170] usb 5-1: Using ep0 maxpacket: 16 [ 476.230690][ T6170] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 476.235921][ T6170] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 476.240077][ T6170] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 476.242563][ T6170] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.251999][ T6170] usb 5-1: config 0 descriptor?? [ 476.253871][T14938] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 476.290495][ T3225] usb 8-1: Using ep0 maxpacket: 16 [ 476.294143][ T3225] usb 8-1: config 0 interface 0 altsetting 79 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 476.297282][ T3225] usb 8-1: config 0 interface 0 altsetting 79 endpoint 0x81 has invalid maxpacket 34304, setting to 1024 [ 476.300252][ T3225] usb 8-1: config 0 interface 0 has no altsetting 0 [ 476.302546][ T3225] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 476.305181][ T3225] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.308158][ T3225] usb 8-1: config 0 descriptor?? [ 476.310042][T14941] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 476.408133][ T5956] Bluetooth: hci4: command 0x041b tx timeout [ 476.537925][T14941] vxcan3: entered promiscuous mode [ 476.539504][T14941] vxcan3: entered allmulticast mode [ 476.726854][ T6170] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:05AC:8241.004D/input/input167 [ 476.806676][ T6170] appleir 0003:05AC:8241.004D: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0 [ 476.831758][ T3225] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.004E/input/input168 [ 476.910666][ T3225] appleir 0003:05AC:8241.004E: input,hiddev1,hidraw2: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 478.197400][ T3225] usb 8-1: reset high-speed USB device number 39 using dummy_hcd [ 478.642560][ T5956] Bluetooth: hci4: command 0x041b tx timeout [ 478.739727][ T66] usb 5-1: USB disconnect, device number 32 [ 479.096038][ T5298] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 479.103587][ T5298] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 479.106342][ T5298] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 479.112919][ T5298] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 479.124111][ T5298] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 479.130486][ T5298] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 479.170576][T14967] lo speed is unknown, defaulting to 1000 [ 479.259360][T14967] chnl_net:caif_netlink_parms(): no params data found [ 479.321646][T14967] bridge0: port 1(bridge_slave_0) entered blocking state [ 479.324096][T14967] bridge0: port 1(bridge_slave_0) entered disabled state [ 479.326464][T14967] bridge_slave_0: entered allmulticast mode [ 479.330576][T14967] bridge_slave_0: entered promiscuous mode [ 479.333823][T14967] bridge0: port 2(bridge_slave_1) entered blocking state [ 479.336066][T14967] bridge0: port 2(bridge_slave_1) entered disabled state [ 479.340308][T14967] bridge_slave_1: entered allmulticast mode [ 479.342659][T14967] bridge_slave_1: entered promiscuous mode [ 479.365002][T14967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 479.369800][T14967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 479.429680][T14967] team0: Port device team_slave_0 added [ 479.436985][T14967] team0: Port device team_slave_1 added [ 479.462246][T14967] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 479.464331][T14967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 479.473458][T14967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 479.483013][T14967] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 479.485236][T14967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 479.492988][T14967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 479.560754][T14967] hsr_slave_0: entered promiscuous mode [ 479.596374][T14967] hsr_slave_1: entered promiscuous mode [ 479.598464][T14967] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 479.600683][T14967] Cannot create hsr debugfs directory [ 479.704573][T14967] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 19971 - 0 [ 479.803678][T14967] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 19971 - 0 [ 479.915329][T14967] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 19971 - 0 [ 479.994784][T14967] team0: Port device netdevsim0 removed [ 479.998944][T14967] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 19971 - 0 [ 480.001464][ T30] usb 8-1: USB disconnect, device number 39 [ 480.350658][T14967] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 480.364155][T14967] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 480.369174][T14967] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 480.372515][T14967] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 480.449177][T14967] 8021q: adding VLAN 0 to HW filter on device bond0 [ 480.463482][T14967] 8021q: adding VLAN 0 to HW filter on device team0 [ 480.467927][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 480.469955][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 480.475242][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 480.477209][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 480.506389][T14967] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 480.509827][T14967] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 480.594725][T14967] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 480.633374][T14967] veth0_vlan: entered promiscuous mode [ 480.648359][T14967] veth1_vlan: entered promiscuous mode [ 480.718095][T14967] veth0_macvtap: entered promiscuous mode [ 480.725720][ T66] hid-generic 0005:7FFF:0008.004F: hidraw1: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 480.739298][T14967] veth1_macvtap: entered promiscuous mode [ 480.756734][T14967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.778550][T14967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.789518][T14967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.792681][T14967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.795733][T14967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.802256][T14967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.805309][T14967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.809688][T14967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.827418][T14967] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 480.835145][T14967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.838150][T14967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.841016][T14967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.844120][T14967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.847036][T14967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.849981][T14967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.852845][T14967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.856049][T14967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.859469][T14967] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 480.866873][T14967] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.869598][T14967] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.872096][T14967] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.875115][T14967] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.933839][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 480.944933][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 480.948834][T15001] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 480.969379][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 480.971921][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.086709][T15015] serio: Serial port ttynull [ 481.381147][ T5956] Bluetooth: hci3: command tx timeout [ 481.984668][T15048] FAULT_INJECTION: forcing a failure. [ 481.984668][T15048] name failslab, interval 1, probability 0, space 0, times 0 [ 482.000008][T15048] CPU: 3 UID: 0 PID: 15048 Comm: syz.1.2469 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 482.003551][T15048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 482.007286][T15048] Call Trace: [ 482.008500][T15048] [ 482.009574][T15048] dump_stack_lvl+0x16c/0x1f0 [ 482.011158][T15048] should_fail_ex+0x497/0x5b0 [ 482.012521][T15048] ? fs_reclaim_acquire+0xae/0x150 [ 482.014280][T15048] should_failslab+0xc2/0x120 [ 482.015691][T15048] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 482.017222][T15048] ? security_inode_alloc+0x3b/0x2b0 [ 482.018848][T15048] security_inode_alloc+0x3b/0x2b0 [ 482.020689][T15048] inode_init_always_gfp+0xce4/0x1030 [ 482.022702][T15048] alloc_inode+0x82/0x230 [ 482.024142][T15048] sock_alloc+0x40/0x280 [ 482.025524][T15048] __sock_create+0xc1/0x8d0 [ 482.027103][T15048] ? trace_lock_acquire+0x14e/0x1f0 [ 482.028727][T15048] __sys_socket+0x14f/0x260 [ 482.030338][T15048] ? __might_fault+0xe3/0x190 [ 482.032067][T15048] ? __pfx___sys_socket+0x10/0x10 [ 482.033892][T15048] ? __might_fault+0xe3/0x190 [ 482.035594][T15048] __do_compat_sys_socketcall+0x57e/0x700 [ 482.037422][T15048] ? __fget_files+0x206/0x3a0 [ 482.038968][T15048] ? __pfx___do_compat_sys_socketcall+0x10/0x10 [ 482.041117][T15048] ? fput+0x67/0x440 [ 482.042526][T15048] __do_fast_syscall_32+0x73/0x120 [ 482.044309][T15048] do_fast_syscall_32+0x32/0x80 [ 482.045887][T15048] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 482.047815][T15048] RIP: 0023:0xf7fe1579 [ 482.049121][T15048] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 482.055278][T15048] RSP: 002b:00000000f51354f0 EFLAGS: 00000286 ORIG_RAX: 0000000000000066 [ 482.057881][T15048] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f5135500 [ 482.060214][T15048] RDX: 00000000f7473ff4 RSI: 0000000000000000 RDI: 00000000f7473ff4 [ 482.062679][T15048] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 482.065057][T15048] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 482.067582][T15048] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 482.069955][T15048] [ 482.097249][T15048] socket: no more sockets [ 482.770133][T15071] syz.3.2474: attempt to access beyond end of device [ 482.770133][T15071] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 482.773756][T15071] syz.3.2474: attempt to access beyond end of device [ 482.773756][T15071] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0 [ 482.777645][T15071] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 482.784780][T15071] syz.3.2474: attempt to access beyond end of device [ 482.784780][T15071] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 482.788719][T15071] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 482.797131][T15071] syz.3.2474: attempt to access beyond end of device [ 482.797131][T15071] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0 [ 482.807123][T15071] syz.3.2474: attempt to access beyond end of device [ 482.807123][T15071] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 482.812499][T15071] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 482.816345][T15071] syz.3.2474: attempt to access beyond end of device [ 482.816345][T15071] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 482.821598][T15071] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 482.824721][T15071] syz.3.2474: attempt to access beyond end of device [ 482.824721][T15071] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 482.828460][T15071] syz.3.2474: attempt to access beyond end of device [ 482.828460][T15071] nbd3: rw=0, sector=2048, nr_sectors = 8 limit=0 [ 482.832324][T15071] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 482.835163][T15071] syz.3.2474: attempt to access beyond end of device [ 482.835163][T15071] nbd3: rw=0, sector=4096, nr_sectors = 8 limit=0 [ 482.838873][T15071] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 482.841626][T15071] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 483.178120][T15087] netlink: 'syz.0.2478': attribute type 12 has an invalid length. [ 483.181690][T15087] netlink: 'syz.0.2478': attribute type 29 has an invalid length. [ 483.202320][T15087] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2478'. [ 483.205096][T15087] netlink: 59 bytes leftover after parsing attributes in process `syz.0.2478'. [ 483.258189][T15093] tmpfs: Bad value for 'mpol' [ 483.433834][T15105] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2483'. [ 483.592287][ T5956] Bluetooth: hci3: command tx timeout [ 485.246744][T15146] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2493'. [ 485.250449][T15146] netlink: 'syz.3.2493': attribute type 2 has an invalid length. [ 485.252721][T15146] netlink: 'syz.3.2493': attribute type 11 has an invalid length. [ 485.255077][T15146] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2493'. [ 485.326835][T15149] lo speed is unknown, defaulting to 1000 [ 485.349551][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 485.349563][ T40] audit: type=1326 audit(1736544294.312:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.3.2493" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0 [ 485.818903][ T5298] Bluetooth: hci3: command tx timeout [ 485.920761][T15163] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2499'. [ 485.923791][T15163] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2499'. [ 486.201767][T15168] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2500'. [ 486.204527][T15168] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2500'. [ 487.250513][T15176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2510'. [ 488.050240][ T5956] Bluetooth: hci3: command 0x0419 tx timeout [ 488.283193][T15187] netfs: Couldn't get user pages (rc=-14) [ 490.273869][ T5298] Bluetooth: hci3: command 0x0419 tx timeout [ 490.627555][T15230] syz.2.2522 (15230): /proc/15228/oom_adj is deprecated, please use /proc/15228/oom_score_adj instead. [ 490.785543][T15240] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'. [ 490.791257][T15240] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2525'. [ 490.812055][T15244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2527'. [ 490.814744][T15244] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2527'. [ 491.460460][ T5298] Bluetooth: hci4: command 0x041b tx timeout [ 491.722564][T15252] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 491.724401][T15252] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 491.726540][T15252] vhci_hcd vhci_hcd.0: Device attached [ 491.920869][T15255] vhci_hcd: connection closed [ 491.921071][ T39] vhci_hcd: stop threads [ 491.924230][ T39] vhci_hcd: release socket [ 491.925768][ T39] vhci_hcd: disconnect device [ 491.981668][T15258] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2530'. [ 492.035337][T15260] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2532'. [ 493.437008][T15286] random: crng reseeded on system resumption [ 493.574814][T15297] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2544'. [ 493.577378][T15297] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2544'. [ 493.799568][T15303] binder: BINDER_SET_CONTEXT_MGR already set [ 493.801317][T15303] binder: 15302:15303 ioctl 4018620d 20004a80 returned -16 [ 493.911016][T15307] lo speed is unknown, defaulting to 1000 [ 494.043427][T15309] ebtables: wrong size: *len 120, entries_size 48, replsz 48 [ 496.060147][T15337] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2553'. [ 496.110367][T15338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2554'. [ 496.114508][T15338] IPVS: Error joining to the multicast group [ 496.286493][T15346] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2556'. [ 496.289122][T15346] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2556'. [ 497.720514][T15363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2562'. [ 497.735166][T15363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2562'. [ 497.821484][T15368] input: syz1 as /devices/virtual/input/input170 [ 498.085103][T15383] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2569'. [ 498.087794][T15383] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2569'. [ 498.872846][T15395] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2572'. [ 498.882786][T15395] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2572'. [ 500.595386][T15429] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2584'. [ 500.597874][T15429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2584'. [ 501.402840][ T40] audit: type=1804 audit(1736544309.287:379): pid=15435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2585" name="/newroot/49/file0/cgroup.controllers" dev="9p" ino=38535857 res=1 errno=0 [ 502.039431][T15438] qnx6: unable to read the first superblock [ 502.643509][T15467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2593'. [ 502.823667][T15471] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2595'. [ 502.828766][T15471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2595'. [ 503.001954][T15475] lo speed is unknown, defaulting to 1000 [ 503.192991][ T40] audit: type=1326 audit(1736544311.009:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15474 comm="syz.0.2596" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x0 [ 503.339553][T15476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 504.533742][T15488] tipc: Started in network mode [ 504.536186][T15488] tipc: Node identity 03, cluster identity 4711 [ 504.539097][T15488] tipc: Enabling of bearer rejected, failed to enable media [ 505.603661][T15518] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2608'. [ 505.685231][T15521] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2608'. [ 506.137614][T15530] syz.0.2611: vmalloc error: size 2147483264, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 506.142512][T15530] CPU: 3 UID: 0 PID: 15530 Comm: syz.0.2611 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 506.146698][T15530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 506.150888][T15530] Call Trace: [ 506.152256][T15530] [ 506.153476][T15530] dump_stack_lvl+0x16c/0x1f0 [ 506.155359][T15530] warn_alloc+0x24d/0x3a0 [ 506.157082][T15530] ? __pfx_warn_alloc+0x10/0x10 [ 506.159024][T15530] ? __pfx_mark_lock+0x10/0x10 [ 506.160938][T15530] ? __might_fault+0x13b/0x190 [ 506.162892][T15530] ? __pfx_lock_release+0x10/0x10 [ 506.164906][T15530] __vmalloc_node_range_noprof+0x10df/0x1530 [ 506.167285][T15530] ? __might_fault+0xe3/0x190 [ 506.169162][T15530] ? _copy_from_user+0x59/0xd0 [ 506.171081][T15530] ? compat_do_replace+0x1ae/0x750 [ 506.173106][T15530] ? compat_copy_ebt_replace_from_user+0x307/0x420 [ 506.175650][T15530] ? __pfx_compat_copy_ebt_replace_from_user+0x10/0x10 [ 506.178303][T15530] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 506.180753][T15530] ? compat_do_replace+0x1ae/0x750 [ 506.182746][T15530] vmalloc_noprof+0x6b/0x90 [ 506.184579][T15530] ? compat_do_replace+0x1ae/0x750 [ 506.186613][T15530] compat_do_replace+0x1ae/0x750 [ 506.188568][T15530] ? lock_acquire.part.0+0x11b/0x380 [ 506.190637][T15530] ? __pfx_compat_do_replace+0x10/0x10 [ 506.192788][T15530] ? aa_get_newest_label+0x376/0x680 [ 506.194854][T15530] ? __pfx_aa_get_newest_label+0x10/0x10 [ 506.197079][T15530] ? bpf_lsm_capable+0x9/0x10 [ 506.198969][T15530] ? security_capable+0x7e/0x260 [ 506.200937][T15530] do_ebt_set_ctl+0x4af/0x580 [ 506.202793][T15530] ? sockopt_release_sock+0x52/0x60 [ 506.204630][T15530] ? __pfx_do_ebt_set_ctl+0x10/0x10 [ 506.206668][T15530] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 506.208816][T15530] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 506.211133][T15530] nf_setsockopt+0x8a/0xf0 [ 506.212857][T15530] ip_setsockopt+0xcb/0xf0 [ 506.214615][T15530] udp_setsockopt+0x7d/0xd0 [ 506.216399][T15530] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 506.218680][T15530] do_sock_setsockopt+0x222/0x480 [ 506.220672][T15530] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 506.222881][T15530] ? lock_acquire+0x2f/0xb0 [ 506.224707][T15530] __sys_setsockopt+0x1a0/0x230 [ 506.226631][T15530] __ia32_sys_setsockopt+0xbc/0x160 [ 506.228688][T15530] ? lockdep_hardirqs_on+0x7c/0x110 [ 506.230737][T15530] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 506.233273][T15530] __do_fast_syscall_32+0x73/0x120 [ 506.235160][T15530] do_fast_syscall_32+0x32/0x80 [ 506.236566][T15530] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 506.238397][T15530] RIP: 0023:0xf7f95579 [ 506.239560][T15530] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 506.246926][T15530] RSP: 002b:00000000f50c555c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 506.250263][T15530] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000000 [ 506.253429][T15530] RDX: 0000000000000080 RSI: 0000000020000000 RDI: 00000000000000e0 [ 506.256577][T15530] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 506.259706][T15530] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 506.262892][T15530] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 506.266048][T15530] [ 506.268106][T15530] Mem-Info: [ 506.269423][T15530] active_anon:12338 inactive_anon:79 isolated_anon:0 [ 506.269423][T15530] active_file:10202 inactive_file:18297 isolated_file:0 [ 506.269423][T15530] unevictable:1768 dirty:216 writeback:0 [ 506.269423][T15530] slab_reclaimable:7569 slab_unreclaimable:73860 [ 506.269423][T15530] mapped:31646 shmem:9895 pagetables:736 [ 506.269423][T15530] sec_pagetables:326 bounce:0 [ 506.269423][T15530] kernel_misc_reclaimable:0 [ 506.269423][T15530] free:43382 free_pcp:4447 free_cma:0 [ 506.286919][T15530] Node 0 active_anon:4832kB inactive_anon:312kB active_file:7432kB inactive_file:316kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5512kB dirty:0kB writeback:0kB shmem:4952kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9348kB pagetables:1004kB sec_pagetables:1152kB all_unreclaimable? yes [ 506.299361][T15530] Node 1 active_anon:45020kB inactive_anon:4kB active_file:33376kB inactive_file:72872kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:121472kB dirty:864kB writeback:0kB shmem:35028kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3316kB pagetables:1940kB sec_pagetables:152kB all_unreclaimable? no [ 506.311899][T15530] Node 0 DMA free:2932kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:440kB inactive_anon:48kB active_file:20kB inactive_file:16kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:540kB local_pcp:112kB free_cma:0kB [ 506.321870][T15530] lowmem_reserve[]: 0 273 0 0 0 [ 506.323332][T15530] Node 0 DMA32 free:27404kB boost:31284kB min:45188kB low:48664kB high:52140kB reserved_highatomic:2048KB active_anon:4392kB inactive_anon:264kB active_file:7412kB inactive_file:300kB unevictable:3536kB writepending:0kB present:1032196kB managed:306312kB mlocked:0kB bounce:0kB free_pcp:4140kB local_pcp:2076kB free_cma:0kB [ 506.333616][T15530] lowmem_reserve[]: 0 0 0 0 0 [ 506.335458][T15530] Node 1 DMA32 free:149468kB boost:10240kB min:57384kB low:69168kB high:80952kB reserved_highatomic:4096KB active_anon:45420kB inactive_anon:4kB active_file:33376kB inactive_file:72872kB unevictable:3536kB writepending:864kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:7304kB local_pcp:68kB free_cma:0kB [ 506.344390][T15530] lowmem_reserve[]: 0 0 0 0 0 [ 506.345791][T15530] Node 0 DMA: 19*4kB (UE) 93*8kB (UE) 38*16kB (UE) 47*32kB (UE) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2932kB [ 506.349687][T15530] Node 0 DMA32: 297*4kB (UMEH) 141*8kB (UMEH) 86*16kB (UMEH) 239*32kB (UMEH) 77*64kB (UMEH) 23*128kB (UME) 10*256kB (UM) 5*512kB (UM) 3*1024kB (M) 0*2048kB 0*4096kB = 27404kB [ 506.354784][T15530] Node 1 DMA32: 318*4kB (UME) 757*8kB (UME) 462*16kB (UME) 239*32kB (UME) 98*64kB (UME) 36*128kB (UE) 26*256kB (UME) 24*512kB (UM) 11*1024kB (UM) 26*2048kB (UMH) 8*4096kB (UME) = 149472kB [ 506.359724][T15532] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method [ 506.360038][T15530] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 506.360050][T15530] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 506.360060][T15530] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 506.360068][T15530] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 506.360077][T15530] 38794 total pagecache pages [ 506.360082][T15530] 0 pages in swap cache [ 506.360087][T15530] Free swap = 123912kB [ 506.360091][T15530] Total swap = 124996kB [ 506.367024][T15532] netlink: 'syz.0.2611': attribute type 1 has an invalid length. [ 506.368551][T15530] 524155 pages RAM [ 506.371445][T15532] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.2611'. [ 506.374022][T15530] 0 pages HighMem/MovableOnly [ 506.374029][T15530] 206674 pages reserved [ 506.374033][T15530] 0 pages cma reserved [ 507.136163][T15547] netfs: Couldn't get user pages (rc=-14) [ 507.139268][T15551] netlink: 'syz.1.2617': attribute type 1 has an invalid length. [ 508.885065][ T40] audit: type=1326 audit(1736544316.322:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 508.897900][ T40] audit: type=1326 audit(1736544316.340:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 509.121692][ T40] audit: type=1326 audit(1736544316.340:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 509.134995][ T40] audit: type=1326 audit(1736544316.340:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 509.152410][ T40] audit: type=1326 audit(1736544316.340:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 509.158581][ T40] audit: type=1326 audit(1736544316.340:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 509.171923][ T40] audit: type=1326 audit(1736544316.340:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 509.184101][ T40] audit: type=1326 audit(1736544316.340:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 509.194064][ T40] audit: type=1326 audit(1736544316.340:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 509.204092][ T40] audit: type=1326 audit(1736544316.350:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15578 comm="syz.3.2627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 510.029661][T13664] IPVS: starting estimator thread 0... [ 510.054921][T15608] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2635'. [ 510.057574][T15608] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2635'. [ 510.126366][T15604] IPVS: using max 42 ests per chain, 100800 per kthread [ 510.821971][T13664] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 510.992477][T13664] usb 5-1: Using ep0 maxpacket: 8 [ 510.995455][T13664] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 510.998206][T13664] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 511.001053][T13664] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 511.004921][T13664] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 511.011809][T13664] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 511.019510][T13664] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.028305][T15630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2644'. [ 511.110921][T15633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2644'. [ 511.245864][T15619] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2640'. [ 511.249109][T13664] usb 5-1: usb_control_msg returned -32 [ 511.249637][T15619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 511.251064][T13664] usbtmc 5-1:16.0: can't read capabilities [ 511.253116][T15619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 511.258620][T13664] usb 5-1: USB disconnect, device number 33 [ 511.370705][T15635] tmpfs: Unknown parameter 'smackfshat' [ 512.768022][T15662] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2653'. [ 512.918498][T15668] netlink: 18 bytes leftover after parsing attributes in process `syz.2.2655'. [ 512.921749][T15668] netlink: 18 bytes leftover after parsing attributes in process `syz.2.2655'. [ 513.080351][T15666] netfs: Couldn't get user pages (rc=-14) [ 513.200671][T15677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2657'. [ 513.203427][T15677] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2657'. [ 514.008521][T15686] xt_cluster: node mask cannot exceed total number of nodes [ 514.961333][T15700] lo speed is unknown, defaulting to 1000 [ 515.079293][T15709] FAULT_INJECTION: forcing a failure. [ 515.079293][T15709] name failslab, interval 1, probability 0, space 0, times 0 [ 515.084155][T15709] CPU: 1 UID: 0 PID: 15709 Comm: syz.1.2665 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 515.088131][T15709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 515.092063][T15709] Call Trace: [ 515.093281][T15709] [ 515.094532][T15709] dump_stack_lvl+0x16c/0x1f0 [ 515.096305][T15709] should_fail_ex+0x497/0x5b0 [ 515.098059][T15709] ? fs_reclaim_acquire+0xae/0x150 [ 515.099992][T15709] should_failslab+0xc2/0x120 [ 515.101757][T15709] __kmalloc_cache_noprof+0x68/0x420 [ 515.103749][T15709] ? __pfx___folio_start_writeback+0x10/0x10 [ 515.105977][T15709] ? do_raw_spin_lock+0x12d/0x2c0 [ 515.107874][T15709] netfs_buffer_make_space+0x432/0x6b0 [ 515.109919][T15709] netfs_buffer_append_folio+0x298/0x360 [ 515.112032][T15709] netfs_write_folio+0x540/0x1930 [ 515.113528][T15709] netfs_writepages+0x29a/0x8f0 [ 515.114945][T15709] ? __pfx_netfs_writepages+0x10/0x10 [ 515.116482][T15709] ? security_inode_getattr+0x116/0x290 [ 515.118097][T15709] ? __pfx___lock_acquire+0x10/0x10 [ 515.119587][T15709] ? hlock_class+0x4e/0x130 [ 515.120882][T15709] ? mark_lock+0xb5/0xc60 [ 515.122110][T15709] ? __pfx_netfs_writepages+0x10/0x10 [ 515.123635][T15709] do_writepages+0x1b3/0x820 [ 515.124975][T15709] ? find_held_lock+0x2d/0x110 [ 515.126356][T15709] ? __pfx_do_writepages+0x10/0x10 [ 515.127831][T15709] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 515.129566][T15709] ? __pfx_lock_release+0x10/0x10 [ 515.131100][T15709] ? do_raw_spin_lock+0x12d/0x2c0 [ 515.132544][T15709] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 515.134153][T15709] ? lock_acquire+0x2f/0xb0 [ 515.135492][T15709] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 515.137201][T15709] ? do_raw_spin_unlock+0x172/0x230 [ 515.138723][T15709] ? _raw_spin_unlock+0x28/0x50 [ 515.140128][T15709] filemap_fdatawrite_wbc+0x104/0x160 [ 515.141670][T15709] __filemap_fdatawrite_range+0xb3/0xf0 [ 515.143254][T15709] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 515.145028][T15709] ? tomoyo_path_perm+0x29c/0x480 [ 515.146487][T15709] ? end_current_label_crit_section+0xa8/0x1a0 [ 515.148197][T15709] v9fs_vfs_getattr+0x305/0x400 [ 515.149615][T15709] ? __pfx_v9fs_vfs_getattr+0x10/0x10 [ 515.151163][T15709] vfs_getattr_nosec+0x2ae/0x370 [ 515.152579][T15709] vfs_statx_path+0x52/0x310 [ 515.153911][T15709] vfs_statx+0x11f/0x1c0 [ 515.155081][T15709] ? __pfx_vfs_statx+0x10/0x10 [ 515.156417][T15709] ? getname_flags.part.0+0x1c5/0x550 [ 515.157911][T15709] __do_compat_sys_newlstat+0xb1/0x140 [ 515.159432][T15709] ? __pfx___do_compat_sys_newlstat+0x10/0x10 [ 515.161107][T15709] ? __pfx_ksys_write+0x10/0x10 [ 515.162489][T15709] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 515.164275][T15709] __do_fast_syscall_32+0x73/0x120 [ 515.165704][T15709] do_fast_syscall_32+0x32/0x80 [ 515.167056][T15709] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 515.168778][T15709] RIP: 0023:0xf7fe1579 [ 515.169895][T15709] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 515.175147][T15709] RSP: 002b:00000000f511555c EFLAGS: 00000296 ORIG_RAX: 000000000000006b [ 515.177356][T15709] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000000000 [ 515.179533][T15709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 515.181746][T15709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 515.183903][T15709] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 515.185984][T15709] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 515.188148][T15709] [ 515.205163][T15709] ------------[ cut here ]------------ [ 515.207035][T15709] WARNING: CPU: 0 PID: 15709 at lib/iov_iter.c:255 _copy_from_iter+0x39b/0x1400 [ 515.209518][T15709] Modules linked in: [ 515.210763][T15709] CPU: 0 UID: 0 PID: 15709 Comm: syz.1.2665 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 515.215448][T15709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 515.218389][T15709] RIP: 0010:_copy_from_iter+0x39b/0x1400 [ 515.220013][T15709] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 06 3c 02 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 f8 3b 02 fd 89 de bf 01 00 00 00 e8 8c [ 515.225347][T15709] RSP: 0018:ffffc9000d276fe0 EFLAGS: 00010293 [ 515.227176][T15709] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84971388 [ 515.229446][T15709] RDX: ffff888021640000 RSI: ffffffff8497166a RDI: 0000000000000001 [ 515.231702][T15709] RBP: 0000000000007fec R08: 0000000000000001 R09: 0000000000000000 [ 515.233965][T15709] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88806e0415a0 [ 515.236261][T15709] R13: ffff888058b40b00 R14: ffff88806e0415a0 R15: 0000000000007fec [ 515.238625][T15709] FS: 0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f5115b40 [ 515.241173][T15709] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 515.243072][T15709] CR2: 00000000f50f4da4 CR3: 000000005c0e0000 CR4: 0000000000352ef0 [ 515.245336][T15709] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 515.246589][T15712] binder: BINDER_SET_CONTEXT_MGR already set [ 515.247662][T15709] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 515.247672][T15709] Call Trace: [ 515.247677][T15709] [ 515.247682][T15709] ? __warn+0xea/0x3c0 [ 515.249916][T15712] binder: 15711:15712 ioctl 4018620d 20004a80 returned -16 [ 515.252204][T15709] ? _copy_from_iter+0x39b/0x1400 [ 515.258975][T15709] ? report_bug+0x3c0/0x580 [ 515.260284][T15709] ? handle_bug+0x54/0xa0 [ 515.261531][T15709] ? exc_invalid_op+0x17/0x50 [ 515.262893][T15709] ? asm_exc_invalid_op+0x1a/0x20 [ 515.264349][T15709] ? _copy_from_iter+0xb8/0x1400 [ 515.265773][T15709] ? _copy_from_iter+0x39a/0x1400 [ 515.267234][T15709] ? _copy_from_iter+0x39b/0x1400 [ 515.268750][T15709] ? __pfx_lock_release+0x10/0x10 [ 515.270225][T15709] ? trace_lock_acquire+0x14e/0x1f0 [ 515.271720][T15709] ? __pfx__copy_from_iter+0x10/0x10 [ 515.273252][T15709] ? __virt_addr_valid+0x1a4/0x590 [ 515.274729][T15709] ? __virt_addr_valid+0x5e/0x590 [ 515.276180][T15709] ? __phys_addr+0xc6/0x150 [ 515.277556][T15709] ? __phys_addr_symbol+0x30/0x80 [ 515.279056][T15709] ? __check_object_size+0x488/0x710 [ 515.280880][T15709] p9pdu_vwritef+0x2cb/0x21d0 [ 515.282259][T15709] ? p9pdu_writef+0xc4/0x100 [ 515.283593][T15709] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 515.285091][T15709] ? __pfx_p9_tag_alloc+0x10/0x10 [ 515.286578][T15709] ? hlock_class+0x4e/0x130 [ 515.287919][T15709] ? mark_lock+0xb5/0xc60 [ 515.289220][T15709] p9_client_prepare_req+0x244/0x4d0 [ 515.290830][T15709] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 515.292501][T15709] ? __kernel_text_address+0xd/0x40 [ 515.293991][T15709] ? unwind_get_return_address+0x59/0xa0 [ 515.295607][T15709] ? arch_stack_walk+0xa7/0x100 [ 515.297088][T15709] p9_client_rpc+0x1c3/0xc10 [ 515.298438][T15709] ? __lock_acquire+0xcc5/0x3c40 [ 515.299908][T15709] ? __pfx_p9_client_rpc+0x10/0x10 [ 515.301483][T15709] ? hlock_class+0x4e/0x130 [ 515.302793][T15709] ? mark_lock+0xb5/0xc60 [ 515.304053][T15709] p9_client_write+0x31f/0x680 [ 515.305439][T15709] ? __pfx_p9_client_write+0x10/0x10 [ 515.307002][T15709] ? mark_held_locks+0x9f/0xe0 [ 515.308374][T15709] v9fs_issue_write+0xe4/0x1b0 [ 515.309770][T15709] ? __pfx_v9fs_issue_write+0x10/0x10 [ 515.311410][T15709] ? rcu_is_watching+0x12/0xc0 [ 515.312814][T15709] netfs_do_issue_write+0x92/0x110 [ 515.314334][T15709] netfs_advance_write+0x384/0xc80 [ 515.316038][T15709] ? netfs_buffer_append_folio+0x276/0x360 [ 515.317720][T15709] netfs_write_folio+0xc19/0x1930 [ 515.319195][T15709] netfs_writepages+0x29a/0x8f0 [ 515.320598][T15709] ? __pfx_netfs_writepages+0x10/0x10 [ 515.322287][T15709] ? security_inode_getattr+0x116/0x290 [ 515.323873][T15709] ? __pfx___lock_acquire+0x10/0x10 [ 515.325366][T15709] ? hlock_class+0x4e/0x130 [ 515.326682][T15709] ? mark_lock+0xb5/0xc60 [ 515.327930][T15709] ? __pfx_netfs_writepages+0x10/0x10 [ 515.329496][T15709] do_writepages+0x1b3/0x820 [ 515.330842][T15709] ? find_held_lock+0x2d/0x110 [ 515.332261][T15709] ? __pfx_do_writepages+0x10/0x10 [ 515.333792][T15709] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 515.335530][T15709] ? __pfx_lock_release+0x10/0x10 [ 515.336983][T15709] ? do_raw_spin_lock+0x12d/0x2c0 [ 515.338453][T15709] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 515.340011][T15709] ? lock_acquire+0x2f/0xb0 [ 515.341329][T15709] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 515.343087][T15709] ? do_raw_spin_unlock+0x172/0x230 [ 515.344649][T15709] ? _raw_spin_unlock+0x28/0x50 [ 515.346108][T15709] filemap_fdatawrite_wbc+0x104/0x160 [ 515.347843][T15709] __filemap_fdatawrite_range+0xb3/0xf0 [ 515.349455][T15709] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 515.351261][T15709] ? tomoyo_path_perm+0x29c/0x480 [ 515.352734][T15709] ? end_current_label_crit_section+0xa8/0x1a0 [ 515.354593][T15709] v9fs_vfs_getattr+0x305/0x400 [ 515.356001][T15709] ? __pfx_v9fs_vfs_getattr+0x10/0x10 [ 515.357548][T15709] vfs_getattr_nosec+0x2ae/0x370 [ 515.358991][T15709] vfs_statx_path+0x52/0x310 [ 515.360336][T15709] vfs_statx+0x11f/0x1c0 [ 515.361566][T15709] ? __pfx_vfs_statx+0x10/0x10 [ 515.362956][T15709] ? getname_flags.part.0+0x1c5/0x550 [ 515.364540][T15709] __do_compat_sys_newlstat+0xb1/0x140 [ 515.366169][T15709] ? __pfx___do_compat_sys_newlstat+0x10/0x10 [ 515.367874][T15709] ? __pfx_ksys_write+0x10/0x10 [ 515.369307][T15709] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 515.371209][T15709] __do_fast_syscall_32+0x73/0x120 [ 515.372696][T15709] do_fast_syscall_32+0x32/0x80 [ 515.374114][T15709] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 515.375948][T15709] RIP: 0023:0xf7fe1579 [ 515.377117][T15709] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 515.382481][T15709] RSP: 002b:00000000f511555c EFLAGS: 00000296 ORIG_RAX: 000000000000006b [ 515.384839][T15709] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000000000 [ 515.387106][T15709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 515.389365][T15709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 515.391572][T15709] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 515.393817][T15709] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 515.396120][T15709] [ 515.397111][T15709] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 515.399241][T15709] CPU: 0 UID: 0 PID: 15709 Comm: syz.1.2665 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 515.402330][T15709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 515.405364][T15709] Call Trace: [ 515.406336][T15709] [ 515.407208][T15709] dump_stack_lvl+0x3d/0x1f0 [ 515.408546][T15709] panic+0x71d/0x800 [ 515.409710][T15709] ? __pfx_panic+0x10/0x10 [ 515.411021][T15709] ? show_trace_log_lvl+0x29d/0x3d0 [ 515.412522][T15709] ? check_panic_on_warn+0x1f/0xb0 [ 515.414034][T15709] ? _copy_from_iter+0x39b/0x1400 [ 515.415471][T15709] check_panic_on_warn+0xab/0xb0 [ 515.416909][T15709] __warn+0xf6/0x3c0 [ 515.418038][T15709] ? _copy_from_iter+0x39b/0x1400 [ 515.419525][T15709] report_bug+0x3c0/0x580 [ 515.420773][T15709] handle_bug+0x54/0xa0 [ 515.421975][T15709] exc_invalid_op+0x17/0x50 [ 515.423297][T15709] asm_exc_invalid_op+0x1a/0x20 [ 515.424701][T15709] RIP: 0010:_copy_from_iter+0x39b/0x1400 [ 515.426334][T15709] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 06 3c 02 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 f8 3b 02 fd 89 de bf 01 00 00 00 e8 8c [ 515.431823][T15709] RSP: 0018:ffffc9000d276fe0 EFLAGS: 00010293 [ 515.433572][T15709] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84971388 [ 515.435851][T15709] RDX: ffff888021640000 RSI: ffffffff8497166a RDI: 0000000000000001 [ 515.438143][T15709] RBP: 0000000000007fec R08: 0000000000000001 R09: 0000000000000000 [ 515.440411][T15709] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88806e0415a0 [ 515.442677][T15709] R13: ffff888058b40b00 R14: ffff88806e0415a0 R15: 0000000000007fec [ 515.444945][T15709] ? _copy_from_iter+0xb8/0x1400 [ 515.446389][T15709] ? _copy_from_iter+0x39a/0x1400 [ 515.447846][T15709] ? __pfx_lock_release+0x10/0x10 [ 515.449412][T15709] ? trace_lock_acquire+0x14e/0x1f0 [ 515.450942][T15709] ? __pfx__copy_from_iter+0x10/0x10 [ 515.452466][T15709] ? __virt_addr_valid+0x1a4/0x590 [ 515.453935][T15709] ? __virt_addr_valid+0x5e/0x590 [ 515.455397][T15709] ? __phys_addr+0xc6/0x150 [ 515.456711][T15709] ? __phys_addr_symbol+0x30/0x80 [ 515.458165][T15709] ? __check_object_size+0x488/0x710 [ 515.459709][T15709] p9pdu_vwritef+0x2cb/0x21d0 [ 515.461070][T15709] ? p9pdu_writef+0xc4/0x100 [ 515.462412][T15709] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 515.463886][T15709] ? __pfx_p9_tag_alloc+0x10/0x10 [ 515.465333][T15709] ? hlock_class+0x4e/0x130 [ 515.466655][T15709] ? mark_lock+0xb5/0xc60 [ 515.467957][T15709] p9_client_prepare_req+0x244/0x4d0 [ 515.469499][T15709] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 515.471224][T15709] ? __kernel_text_address+0xd/0x40 [ 515.472737][T15709] ? unwind_get_return_address+0x59/0xa0 [ 515.474485][T15709] ? arch_stack_walk+0xa7/0x100 [ 515.475893][T15709] p9_client_rpc+0x1c3/0xc10 [ 515.477240][T15709] ? __lock_acquire+0xcc5/0x3c40 [ 515.478722][T15709] ? __pfx_p9_client_rpc+0x10/0x10 [ 515.480212][T15709] ? hlock_class+0x4e/0x130 [ 515.481602][T15709] ? mark_lock+0xb5/0xc60 [ 515.482899][T15709] p9_client_write+0x31f/0x680 [ 515.484293][T15709] ? __pfx_p9_client_write+0x10/0x10 [ 515.485838][T15709] ? mark_held_locks+0x9f/0xe0 [ 515.487239][T15709] v9fs_issue_write+0xe4/0x1b0 [ 515.488630][T15709] ? __pfx_v9fs_issue_write+0x10/0x10 [ 515.490196][T15709] ? rcu_is_watching+0x12/0xc0 [ 515.491574][T15709] netfs_do_issue_write+0x92/0x110 [ 515.493050][T15709] netfs_advance_write+0x384/0xc80 [ 515.494535][T15709] ? netfs_buffer_append_folio+0x276/0x360 [ 515.496262][T15709] netfs_write_folio+0xc19/0x1930 [ 515.497716][T15709] netfs_writepages+0x29a/0x8f0 [ 515.499143][T15709] ? __pfx_netfs_writepages+0x10/0x10 [ 515.500670][T15709] ? security_inode_getattr+0x116/0x290 [ 515.502287][T15709] ? __pfx___lock_acquire+0x10/0x10 [ 515.503787][T15709] ? hlock_class+0x4e/0x130 [ 515.505097][T15709] ? mark_lock+0xb5/0xc60 [ 515.506358][T15709] ? __pfx_netfs_writepages+0x10/0x10 [ 515.507883][T15709] do_writepages+0x1b3/0x820 [ 515.509248][T15709] ? find_held_lock+0x2d/0x110 [ 515.510636][T15709] ? __pfx_do_writepages+0x10/0x10 [ 515.512102][T15709] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 515.513853][T15709] ? __pfx_lock_release+0x10/0x10 [ 515.515301][T15709] ? do_raw_spin_lock+0x12d/0x2c0 [ 515.516758][T15709] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 515.518308][T15709] ? lock_acquire+0x2f/0xb0 [ 515.519620][T15709] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 515.521359][T15709] ? do_raw_spin_unlock+0x172/0x230 [ 515.522892][T15709] ? _raw_spin_unlock+0x28/0x50 [ 515.524318][T15709] filemap_fdatawrite_wbc+0x104/0x160 [ 515.525870][T15709] __filemap_fdatawrite_range+0xb3/0xf0 [ 515.527457][T15709] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 515.529263][T15709] ? tomoyo_path_perm+0x29c/0x480 [ 515.530744][T15709] ? end_current_label_crit_section+0xa8/0x1a0 [ 515.532509][T15709] v9fs_vfs_getattr+0x305/0x400 [ 515.533948][T15709] ? __pfx_v9fs_vfs_getattr+0x10/0x10 [ 515.535496][T15709] vfs_getattr_nosec+0x2ae/0x370 [ 515.536916][T15709] vfs_statx_path+0x52/0x310 [ 515.538317][T15709] vfs_statx+0x11f/0x1c0 [ 515.539634][T15709] ? __pfx_vfs_statx+0x10/0x10 [ 515.541111][T15709] ? getname_flags.part.0+0x1c5/0x550 [ 515.542751][T15709] __do_compat_sys_newlstat+0xb1/0x140 [ 515.544383][T15709] ? __pfx___do_compat_sys_newlstat+0x10/0x10 [ 515.546080][T15709] ? __pfx_ksys_write+0x10/0x10 [ 515.547491][T15709] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 515.549428][T15709] __do_fast_syscall_32+0x73/0x120 [ 515.550952][T15709] do_fast_syscall_32+0x32/0x80 [ 515.552372][T15709] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 515.554194][T15709] RIP: 0023:0xf7fe1579 [ 515.555375][T15709] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 515.560992][T15709] RSP: 002b:00000000f511555c EFLAGS: 00000296 ORIG_RAX: 000000000000006b [ 515.563444][T15709] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000000000 [ 515.565697][T15709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 515.568003][T15709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 515.570306][T15709] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 515.572588][T15709] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 515.574893][T15709] [ 515.576384][T15709] Kernel Offset: disabled [ 515.577727][T15709] Rebooting in 86400 seconds.. VM DIAGNOSIS: 21:25:32 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851454b5 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc9000d276948 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=0000000000000030 R14=ffffffff85145450 R15=0000000000000000 RIP=ffffffff851454df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f50f4da4 CR3=000000005c0e0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000000a0021 RBX=0000000000080000 RCX=0000000000020000 RDX=0000000000000021 RSI=ffff8880223cd344 RDI=ffff8880223cd424 RBP=0000000000000000 RSP=ffffc900072af0f8 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000014 R11=0000000000000004 R12=0000000000000000 R13=ffff8880223cc880 R14=0000000000000021 R15=ffff8880223cd400 RIP=ffffffff81760a4f RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7425c2c CR3=000000005c0e0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000d1c6a9 RBX=0000000000000002 RCX=ffffffff8b1a7899 RDX=0000000000000000 RSI=ffffffff8b4cd300 RDI=ffffffff8bb17140 RBP=ffffed10036ef000 RSP=ffffc9000048fe08 R8 =0000000000000001 R9 =ffffed10056c6fed R10=ffff88802b637f6b R11=0000000000000000 R12=0000000000000002 R13=ffff88801b778000 R14=ffffffff901cf250 R15=0000000000000000 RIP=ffffffff8b1a8c7f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000056b5599c CR3=00000000229f8000 CR4=00352ef0 DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000010 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7443ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=0000000000000000 RCX=ffffffff81e8d6af RDX=1ffffd4000392009 RSI=0000000000000000 RDI=0000000000000000 RBP=ffffea0001c90040 RSP=ffffc9000441f5f8 R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000003 R12=0000000000000000 R13=ffffea0001c90040 R14=ffff8880252948b8 R15=ffffc9000441fa98 RIP=ffffffff81994da8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000000db7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000