last executing test programs: 21.424339176s ago: executing program 2 (id=1544): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58) syz_emit_ethernet(0x1d, 0x0, &(0x7f0000000080)={0x10, 0x400004, [0x4d6, 0x4c5, 0xfbf, 0xe29]}) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000004300)=""/102400, 0x19000) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='pagemap\x00') read$FUSE(r4, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x0) syz_open_dev$sndmidi(0x0, 0x2, 0x422042) readv(0xffffffffffffffff, 0x0, 0x0) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0}) write(r5, &(0x7f0000000000)="fa", 0xfffffdef) r6 = accept4(r2, 0x0, 0x0, 0x800) r7 = socket(0x23, 0x80000, 0x52bb9774) sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0xe9f3f3a1f9567db6) getsockname$packet(r7, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x20000090}, 0x4c095) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xd9, 0x0, 0x3, 0x4000}, 0x80, 0x0, 0x4, 0x100, 0x9, 0xf, 0xf, 0x19, 0x11, 0x0, {0x0, 0x0, 0x6, 0x0, 0xfffffffd, 0x4}}}}]}, 0x78}}, 0x804) 19.736175584s ago: executing program 2 (id=1552): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x30, 0x10, 0x801, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x4, 0xc1}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4604}, 0x0) 19.643383039s ago: executing program 2 (id=1553): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'team0\x00', &(0x7f0000000300)=@ethtool_drvinfo={0x3, "e55971277418921583c74b99353b9d55d90908b6ea7cafd3188b931053629563", "d2e91e1188a3a6208b5e013818b75a932a2934e7cb5f9bcc53167b323a69eacb", "94d16db71df3a371c4f2294565f888dbc7a32ab04fa38b3c82a67f05ef87e88f", "3e19aa35f2f7b5d3a59b86ed9f130f0574c90f48b2a5c02c6465aebcda9a59f9", "55841bf439f886e44c5aa56197f103b446e00a88a651523af566b9830c4134d9", "6b29a0ff0d9f919c93b5a267", 0x10, 0x44, 0x7ffbffff, 0x5, 0x8}}) socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="850000002f000000d4d77100100000001387dec652dfd6bf01af4f8a6c047a9ebb825045ae49f6247fed5675c5d30031bb2374cd9661b7ea223c1cc9306e474aff66c001db28d4e757723cbf54e18664a926e43f0b889ae24c0676572902a07b54569ec6ff203f84132cd8f680a23f76c19d5c80000d8ba59aa0712b101a88b8b729eabf044729bee98f82f8706b6039c9d34d938b7c5d6db73500e8a7692af1688ab0bed7f872264dad769e465d1efa3b4f87283896533e68cb285712c2653be7863951461de2b25a63b4419f932aea4442d2dd3fe38774ebd6e598"], &(0x7f0000000400)='syzkaller\x00', 0x1, 0xc3, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0xfffffffe}, 0x10}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x3010}, 0x1}) io_uring_enter(r3, 0x2ded, 0x4000, 0x4, 0x0, 0x0) r6 = socket(0x40000000015, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r6, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) bind$inet(r6, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0) sendmsg$nl_route(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYRESHEX=r1, @ANYBLOB="06c634ee2784e625a0576cb24d274f4ab4362f5b70c7d67185d68c976bb97db8926b38ca4e8d81e7392ef87d52446bed29ba727754d6c2e355ccb073ee921936412daddad9b3fc3ceba0f153a3930700000000000000b1f25b3505"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r7 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) ppoll(&(0x7f00000000c0)=[{r7, 0x747}], 0x1, 0x0, 0x0, 0x0) signalfd4(r7, &(0x7f0000000340)={[0x1]}, 0x8, 0x80800) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x6, 'wlan1\x00', {}, 0x108}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 18.609973952s ago: executing program 2 (id=1556): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) ioctl$KVM_IOEVENTFD(r1, 0x40a0ae49, &(0x7f0000000080)={0x7fd, 0x5000}) setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) sendmsg(r3, 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000140)={@my=0x1}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000140)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb5352776725e204757e7dc25c6519a85ef828f711330ff2bb17b5508", "dc5db43f"}, 0x38) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="ec0000000008010300000000b3c1b80e0300000a06000240600500001c0004800800064000000084080004400000007208000240000001ff0900010073797a3000000000050003"], 0xec}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000000)={{@any, 0xffffffff}, @host, 0x0, 0x0, 0x8000000, 0x0, 0x6}) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c40000000206010300000000000000000200000713000300686173683a6e65742c6966616365000012000300686173683a6e65742c706f7274000000050005000b00000020000780050014000500000008000640000000010c000180080001400000000005000100070000000c000300686173683a6970000c00078008000a400000000905000400030000002c0007804cea0000000000440500030001000000050007002f000000050015007f00000005"], 0xc4}, 0x1, 0x0, 0x0, 0x14}, 0x0) r7 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$PIO_UNIMAP(r7, 0x4b67, &(0x7f00000000c0)={0x0, 0x0}) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0) 16.836540714s ago: executing program 2 (id=1560): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e24, 0x1000, @local}, 0x1c) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = io_uring_setup(0x7f17, &(0x7f0000001ac0)={0x0, 0x8a0b, 0x40, 0x1, 0x12, 0x0, r0}) io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={0xffffffffffffffff, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0xffffdc29, 0x1}}, 0x20) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket(0x10, 0x3, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$TCFLSH(r6, 0x400455c8, 0x2) syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003f050ae20"], 0x0) ioctl$TIOCSETD(r6, 0x5412, &(0x7f00000003c0)=0xffffffc0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r4, 0x0, 0x0) socket$rds(0x15, 0x5, 0x0) r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301) ioctl$USBDEVFS_SUBMITURB(r7, 0x802c550a, &(0x7f0000000040)=@urb_type_control={0x2, {0x0, 0x1}, 0x10000006, 0x40, &(0x7f0000000000)={0x40, 0x14, 0xf801, 0x224}, 0x8, 0x28001, 0x2, 0x0, 0x1676ab34, 0xdffffff8, 0x0}) 7.673480496s ago: executing program 0 (id=1584): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8924, &(0x7f0000001300)={'nr0\x00'}) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b000000080000000c00000003000000010000", @ANYRES32, @ANYBLOB="00800000000000000000000000070080bf0000006a704299c2dbd70ea2766c62617bf1f4ef12cfd9515b7af26f3e8c0eb31cc1fc04686a38abd448040ba54c528089586569e143d66dfa47aa11e8eee90a18a77ad22df04894ff93ae62c87029ecf5af38435e79967ec7187fc089283bf444e26a5d6e86eb614233fdbcd76aac052011bdfc05a0657271a23d4400a7125f595467c98ff49d6638058886b31820579fb9a168c9eb39e87752", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, &(0x7f0000000440)=""/179, &(0x7f0000000500), &(0x7f00000006c0), 0x3, r4}, 0x38) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x8c, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76"]) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) r6 = dup(r5) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c) sendmsg$inet6(r5, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, 0x0, 0x0) dup(r5) r7 = openat$pfkey(0xffffff9c, &(0x7f0000000280), 0x381000, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e21, @empty}}, 0x3, 0xfffc, 0xe652, 0x42, 0xf1, 0xc, 0xff}, 0x9c) 7.51911693s ago: executing program 1 (id=1585): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'team0\x00', &(0x7f0000000300)=@ethtool_drvinfo={0x3, "e55971277418921583c74b99353b9d55d90908b6ea7cafd3188b931053629563", "d2e91e1188a3a6208b5e013818b75a932a2934e7cb5f9bcc53167b323a69eacb", "94d16db71df3a371c4f2294565f888dbc7a32ab04fa38b3c82a67f05ef87e88f", "3e19aa35f2f7b5d3a59b86ed9f130f0574c90f48b2a5c02c6465aebcda9a59f9", "55841bf439f886e44c5aa56197f103b446e00a88a651523af566b9830c4134d9", "6b29a0ff0d9f919c93b5a267", 0x10, 0x44, 0x7ffbffff, 0x5, 0x8}}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r3}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r2, 0x0, 0x0, 0x0, {0x3010}, 0x1}) io_uring_enter(r4, 0x2ded, 0x4000, 0x4, 0x0, 0x0) r7 = socket(0x40000000015, 0x5, 0x0) connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r7, 0x114, 0x8, 0x0, 0x0) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r7, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0) sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYRESHEX=r2, @ANYBLOB="06c634ee2784e625a0576cb24d274f4ab4362f5b70c7d67185d68c976bb97db8926b38ca4e8d81e7392ef87d52446bed29ba727754d6c2e355ccb073ee921936412daddad9b3fc3ceba0f153a3930700000000000000b1f25b3505"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r8 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) ppoll(&(0x7f00000000c0)=[{r8, 0x747}], 0x1, 0x0, 0x0, 0x0) signalfd4(r8, &(0x7f0000000340)={[0x1]}, 0x8, 0x80800) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x6, 'wlan1\x00', {}, 0x108}) r9 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) 6.948226617s ago: executing program 3 (id=1586): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) r2 = eventfd(0x5f0) ioctl$KVM_IOEVENTFD(r1, 0x40a0ae49, &(0x7f0000000080)={0x7fd, 0x5000, 0x0, r2}) setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r4, 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000140)={@my=0x1}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x2, &(0x7f0000000140)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb5352776725e204757e7dc25c6519a85ef828f711330ff2bb17b5508", "dc5db43f"}, 0x38) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="ec0000000008010300000000b3c1b80e0300000a06000240600500001c0004800800064000000084080004400000007208000240000001ff0900010073797a3000000000050003"], 0xec}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000000)={{@any, 0xffffffff}, @host, 0x0, 0x0, 0x8000000, 0x0, 0x6}) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c40000000206010300000000000000000200000713000300686173683a6e65742c6966616365000012000300686173683a6e65742c706f7274000000050005000b00000020000780050014000500000008000640000000010c000180080001400000000005000100070000000c000300686173683a6970000c00078008000a400000000905000400030000002c0007804cea0000000000440500030001000000050007002f000000050015007f00000005"], 0xc4}, 0x1, 0x0, 0x0, 0x14}, 0x0) r8 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$PIO_UNIMAP(r8, 0x4b67, &(0x7f00000000c0)={0x0, 0x0}) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0) 6.43680666s ago: executing program 1 (id=1587): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94) socket$packet(0x11, 0x2, 0x300) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001d00070f000000000000000007000000", @ANYRES32=r2, @ANYBLOB="1a00523f"], 0x1c}}, 0x0) gettid() sigaltstack(&(0x7f0000000000)={&(0x7f0000002b40)=""/4082, 0x1, 0x1037}, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r3, 0x11b, 0x7, 0x0, &(0x7f0000000480)) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='devices.list\x00', 0x275a, 0x0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000740)={0x30}, 0x30) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000004c0)={{r0}, &(0x7f0000000380), &(0x7f0000000480)='%+9llu \x00'}, 0x1c) 6.337276815s ago: executing program 1 (id=1588): socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x1) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) r6 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r6, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@alg={0xe0, 0x10, 0x1, 0x70bd26, 0x25dfdbff, {{'drbg_pr_ctr_aes128\x00'}, '\x00', '\x00', 0x2000, 0x4000}}, 0xe0}, 0x1, 0x0, 0x0, 0x2000c010}, 0x4000080) bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1e}, 0x94) 5.542637317s ago: executing program 0 (id=1589): ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x3010}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x4, 0x0, 0x0) r5 = socket(0x40000000015, 0x5, 0x0) connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0) sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYRESHEX=r0, @ANYBLOB="06c634ee2784e625a0576cb24d274f4ab4362f5b70c7d67185d68c976bb97db8926b38ca4e8d81e7392ef87d52446bed29ba727754d6c2e355ccb073ee921936412daddad9b3fc3ceba0f153a3930700000000000000b1f25b3505"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) ppoll(&(0x7f00000000c0)=[{r6, 0x747}], 0x1, 0x0, 0x0, 0x0) unshare(0x2040400) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x6, 'wlan1\x00', {}, 0x108}) 5.460142884s ago: executing program 3 (id=1590): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'team0\x00', &(0x7f0000000300)=@ethtool_drvinfo={0x3, "e55971277418921583c74b99353b9d55d90908b6ea7cafd3188b931053629563", "d2e91e1188a3a6208b5e013818b75a932a2934e7cb5f9bcc53167b323a69eacb", "94d16db71df3a371c4f2294565f888dbc7a32ab04fa38b3c82a67f05ef87e88f", "3e19aa35f2f7b5d3a59b86ed9f130f0574c90f48b2a5c02c6465aebcda9a59f9", "55841bf439f886e44c5aa56197f103b446e00a88a651523af566b9830c4134d9", "6b29a0ff0d9f919c93b5a267", 0x10, 0x44, 0x7ffbffff, 0x5, 0x8}}) socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="850000002f000000d4d77100100000001387dec652dfd6bf01af4f8a6c047a9ebb825045ae49f6247fed5675c5d30031bb2374cd9661b7ea223c1cc9306e474aff66c001db28d4e757723cbf54e18664a926e43f0b889ae24c0676572902a07b54569ec6ff203f84132cd8f680a23f76c19d5c80000d8ba59aa0712b101a88b8b729eabf044729bee98f82f8706b6039c9d34d938b7c5d6db73500e8a7692af1688ab0bed7f872264dad769e465d1efa3b4f87283896533e68cb285712c2653be7863951461de2b25a63b4419f932aea4442d2dd3fe38774ebd6e598"], &(0x7f0000000400)='syzkaller\x00', 0x1, 0xc3, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0xfffffffe}, 0x10}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x3010}, 0x1}) io_uring_enter(r3, 0x2ded, 0x4000, 0x4, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYRESHEX=r1, @ANYBLOB="06c634ee2784e625a0576cb24d274f4ab4362f5b70c7d67185d68c976bb97db8926b38ca4e8d81e7392ef87d52446bed29ba727754d6c2e355ccb073ee921936412daddad9b3fc3ceba0f153a3930700000000000000b1f25b3505"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) ppoll(&(0x7f00000000c0)=[{r6, 0x747}], 0x1, 0x0, 0x0, 0x0) signalfd4(r6, &(0x7f0000000340)={[0x1]}, 0x8, 0x80800) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x6, 'wlan1\x00', {}, 0x108}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 5.402637222s ago: executing program 2 (id=1591): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e24, 0x1000, @local}, 0x1c) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = io_uring_setup(0x7f17, &(0x7f0000001ac0)={0x0, 0x8a0b, 0x40, 0x1, 0x12, 0x0, r0}) io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={0xffffffffffffffff, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0xffffdc29, 0x1}}, 0x20) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket(0x10, 0x3, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$TCFLSH(r6, 0x400455c8, 0x2) syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003f050ae20"], 0x0) ioctl$TIOCSETD(r6, 0x5412, &(0x7f00000003c0)=0xffffffc0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r4, 0x0, 0x0) socket$rds(0x15, 0x5, 0x0) r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301) ioctl$USBDEVFS_SUBMITURB(r7, 0x802c550a, &(0x7f0000000040)=@urb_type_control={0x2, {0x0, 0x1}, 0x10000006, 0x40, &(0x7f0000000000)={0x40, 0x14, 0xf801, 0x224}, 0x8, 0x28001, 0x2, 0x0, 0x1676ab34, 0xdffffff8, 0x0}) 4.539133806s ago: executing program 3 (id=1592): socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x1) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) r6 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r6, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@alg={0xe0, 0x10, 0x1, 0x70bd26, 0x25dfdbff, {{'drbg_pr_ctr_aes128\x00'}, '\x00', '\x00', 0x2000, 0x4000}}, 0xe0}, 0x1, 0x0, 0x0, 0x2000c010}, 0x4000080) bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1e}, 0x94) 4.497464254s ago: executing program 0 (id=1593): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_LIST_KEY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x202}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r1, 0x100, 0x70bd2d, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x50) r2 = syz_io_uring_setup(0x70ca, &(0x7f0000001380)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=0x0, &(0x7f00000007c0)=0x0) r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x2000, @fd=r5, 0x0, 0x0}) io_uring_enter(r2, 0x6a8, 0x2, 0x2, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mlock2(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1) mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x521040, 0x0) listen(0xffffffffffffffff, 0x0) listen(r0, 0x7d4165c9) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r6, 0x0) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r7, 0x7d4165c9) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r8, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6(0xa, 0x2, 0x0) getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000300)=""/228, &(0x7f0000000080)=0xe4) listen(0xffffffffffffffff, 0x0) listen(0xffffffffffffffff, 0x8) 3.330940003s ago: executing program 0 (id=1594): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x5a1a41, 0x0) setitimer(0x2, &(0x7f0000000140)={{0x0, 0x40000000003}, {0xffffffff}}, 0x0) r1 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000300)={0x0, &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x0, 0x1}) syz_io_uring_complete(0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=@ipv4_newrule={0x38, 0x20, 0x800, 0x70bd29, 0x25dfdbfb, {0x2, 0x10, 0x80, 0x3, 0x7, 0x0, 0x0, 0x7}, [@FRA_FLOW={0x8, 0xb, 0x9}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x9}, @FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x32}]}, 0x38}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]}) setitimer(0x0, 0x0, 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0) r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r6, 0x0) syz_emit_ethernet(0x36, &(0x7f0000001b00)=ANY=[@ANYBLOB="ff"], 0x0) preadv2(r5, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, 0x0) ioctl$BLKTRACESETUP(r5, 0xc0401273, &(0x7f0000000200)={'\x00', 0xff97, 0x10, 0x10, 0x7, 0x2aa}) ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, 0x0) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) syz_usbip_server_init(0x1) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040)) sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2000b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x4}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x4}, @IFLA_EXT_MASK={0x8, 0x1d, 0xfffffffe}]}, 0x44}, 0x1, 0x0, 0x0, 0x240008c4}, 0x44005) read$char_usb(r2, 0x0, 0x0) 2.77807908s ago: executing program 1 (id=1595): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000100)=0x1f, 0x4) r2 = syz_open_dev$hidraw(&(0x7f0000000b40), 0x9, 0x4b442) write$hidraw(r2, &(0x7f0000000bc0), 0xffffffae) ioctl$HIDIOCGRDESC(r2, 0x401c5820, &(0x7f00000005c0)) ioctl$HIDIOCGRDESC(r2, 0x4030582a, &(0x7f0000000140)={0xd, "7954bbc8aae250bd23544617d5"}) write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r0, 0x1000) r3 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000002300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xc, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000240)="b9ff03316844268cb89e14f00800", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f00000000c0)={0x1, @vbi={0xa9, 0x6, 0xfffffffa, 0x34325842, [0x4, 0x9], [0x5, 0x1000], 0x13a}}) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000240)=0x1) close(0x3) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x2) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0xf) ioctl$TIOCVHANGUP(r6, 0x5437, 0x2) r7 = socket$pppl2tp(0x18, 0x1, 0x1) r8 = socket$pppl2tp(0x18, 0x1, 0x1) r9 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r8, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r9, {0x2, 0x0, @local}, 0x2}}, 0x26) connect$pppl2tp(r7, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e) poll(&(0x7f0000000040)=[{r3, 0x1}], 0x1, 0x101) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{0x1, 0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000340)='%pI4 \x00'}, 0x1c) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@map=r10, 0x16, 0x1, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40) 2.713613588s ago: executing program 3 (id=1596): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1) r1 = eventfd(0x5f0) ioctl$KVM_IOEVENTFD(r0, 0x40a0ae49, &(0x7f0000000080)={0x7fd, 0x5000, 0x0, r1}) setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) sendmsg(r3, 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000140)={@my=0x1}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000140)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb5352776725e204757e7dc25c6519a85ef828f711330ff2bb17b5508", "dc5db43f"}, 0x38) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="ec0000000008010300000000b3c1b80e0300000a06000240600500001c0004800800064000000084080004400000007208000240000001ff0900010073797a3000000000050003"], 0xec}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000000)={{@any, 0xffffffff}, @host, 0x0, 0x0, 0x8000000, 0x0, 0x6}) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c40000000206010300000000000000000200000713000300686173683a6e65742c6966616365000012000300686173683a6e65742c706f7274000000050005000b00000020000780050014000500000008000640000000010c000180080001400000000005000100070000000c000300686173683a6970000c00078008000a400000000905000400030000002c0007804cea0000000000440500030001000000050007002f000000050015007f00000005"], 0xc4}, 0x1, 0x0, 0x0, 0x14}, 0x0) r7 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$PIO_UNIMAP(r7, 0x4b67, &(0x7f00000000c0)={0x0, 0x0}) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0) 1.926227977s ago: executing program 0 (id=1597): socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x1) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) r6 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r6, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@alg={0xe0, 0x10, 0x1, 0x70bd26, 0x25dfdbff, {{'drbg_pr_ctr_aes128\x00'}, '\x00', '\x00', 0x2000, 0x4000}}, 0xe0}, 0x1, 0x0, 0x0, 0x2000c010}, 0x4000080) bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1e}, 0x94) 1.799763521s ago: executing program 1 (id=1598): socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x1) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) r6 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r6, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@alg={0xe0, 0x10, 0x1, 0x70bd26, 0x25dfdbff, {{'drbg_pr_ctr_aes128\x00'}, '\x00', '\x00', 0x2000, 0x4000}}, 0xe0}, 0x1, 0x0, 0x0, 0x2000c010}, 0x4000080) bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1e}, 0x94) 1.796105941s ago: executing program 3 (id=1599): socket$inet6_mptcp(0xa, 0x1, 0x106) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x9, 0x0, 0xfffffffffffffffd, 0x400009, 0x8, 0xa}, 0x0) getsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, &(0x7f00000001c0), 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r3, 0x0) r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/13, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18060000000000000000000000f20e0000120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b707000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="18060000000000e903b01f48389e7200182b0000", @ANYRES32=r4, @ANYBLOB="00000000080000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) r7 = dup(r6) ioctl$sock_SIOCINQ(r7, 0x541b, 0x0) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$inet6_opts(r2, 0x29, 0x39, &(0x7f00000000c0)=""/15, 0x0) r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) syz_emit_ethernet(0x88, &(0x7f00000000c0)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "954a5b", 0x52, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x6, 0x1, [], "bf3f030b7d27"}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100, [0x5, 0xb, 0x3e]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x9]}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x48, 0x1, 0x1, 0x0, 0x4, 0x10}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x2, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x9}, 0x2, {0x6fe5, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}}}}}}}, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000) 892.745235ms ago: executing program 3 (id=1600): socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x1) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) r6 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r6, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@alg={0xe0, 0x10, 0x1, 0x70bd26, 0x25dfdbff, {{'drbg_pr_ctr_aes128\x00'}, '\x00', '\x00', 0x2000, 0x4000}}, 0xe0}, 0x1, 0x0, 0x0, 0x2000c010}, 0x4000080) bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1e}, 0x94) 132.318394ms ago: executing program 1 (id=1601): r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) poll(&(0x7f00000014c0)=[{r1, 0x108}, {r0, 0x8042}, {r2, 0x4000}, {r3, 0x4000}], 0x4, 0xf4d8) 0s ago: executing program 0 (id=1602): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000b40)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fcdbdf253b00000008000300", @ANYRES32=r2, @ANYBLOB="3e00330050040800080211000000080211"], 0x5c}}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xf}, @printk={@lld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) mq_unlink(0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r5 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00') r6 = openat$binfmt(0xffffffffffffff9c, r5, 0x41, 0x1ff) fcntl$setlease(r6, 0x400, 0x1) open$dir(0x0, 0x4000, 0xc) creat(&(0x7f0000000240)='./file0\x00', 0x160) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) read$watch_queue(r7, 0x0, 0x0) kernel console output (not intermixed with test programs): 4] bond0: (slave bond_slave_1): Releasing backup interface [ 312.107644][T10374] bond_slave_1: left promiscuous mode [ 312.119950][T10374] team0: Port device team_slave_0 removed [ 312.130831][T10374] team0: Port device team_slave_1 removed [ 312.133436][T10374] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 312.136419][T10374] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 312.140002][T10374] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 312.142490][T10374] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 312.147586][T10374] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 315.324157][ T841] usb 40-1: device descriptor read/8, error -110 [ 315.493770][ T6010] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 315.553010][T10435] netlink: 160 bytes leftover after parsing attributes in process `syz.1.1046'. [ 315.557610][T10435] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1046'. [ 315.623843][ T6010] usb 5-1: device descriptor read/64, error -71 [ 315.724814][ T841] usb usb40-port1: attempt power cycle [ 315.863815][ T6010] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 315.993754][ T6010] usb 5-1: device descriptor read/64, error -71 [ 316.104294][ T6010] usb usb5-port1: attempt power cycle [ 316.284184][ T841] usb usb40-port1: unable to enumerate USB device [ 316.443846][ T6010] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 316.474802][ T6010] usb 5-1: device descriptor read/8, error -71 [ 316.763928][ T6010] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 316.795805][ T6010] usb 5-1: device descriptor read/8, error -71 [ 316.909015][ T6010] usb usb5-port1: unable to enumerate USB device [ 316.954084][ T1023] vhci_hcd: vhci_device speed not set [ 317.364603][T10463] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 317.367090][T10463] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 317.370168][T10463] vhci_hcd vhci_hcd.0: Device attached [ 317.376655][T10465] vhci_hcd: connection closed [ 317.376879][ T1184] vhci_hcd: stop threads [ 317.380453][ T1184] vhci_hcd: release socket [ 317.381917][ T1184] vhci_hcd: disconnect device [ 317.833807][ T1335] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 317.983766][ T1335] usb 7-1: Using ep0 maxpacket: 8 [ 317.988140][ T1335] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 317.991602][ T1335] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 317.995975][ T1335] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 318.000194][ T1335] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 318.008255][ T1335] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 318.013996][ T1335] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 318.017710][ T1335] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.120624][T10477] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 318.122718][T10477] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 318.127594][T10477] vhci_hcd vhci_hcd.0: Device attached [ 318.235827][ T1335] usb 7-1: GET_CAPABILITIES returned 0 [ 318.238388][ T1335] usbtmc 7-1:16.0: can't read capabilities [ 318.393744][ T24] usb 39-1: new low-speed USB device number 15 using vhci_hcd [ 318.480233][T10482] syz.0.1056 (10482): drop_caches: 2 [ 318.482719][T10482] syz.0.1056 (10482): drop_caches: 2 [ 318.616623][ T7268] usb 7-1: USB disconnect, device number 19 [ 318.748977][T10478] vhci_hcd: connection reset by peer [ 318.751156][ T1143] vhci_hcd: stop threads [ 318.752636][ T1143] vhci_hcd: release socket [ 318.754185][ T1143] vhci_hcd: disconnect device [ 319.749172][T10506] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1062'. [ 319.952006][ T40] audit: type=1326 audit(1761266160.934:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 319.978363][T10508] pim6reg: entered allmulticast mode [ 320.019463][ T40] audit: type=1326 audit(1761266160.944:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.030282][ T40] audit: type=1326 audit(1761266160.944:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.039450][ T40] audit: type=1326 audit(1761266160.954:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.048617][ T40] audit: type=1326 audit(1761266160.954:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.057962][ T40] audit: type=1326 audit(1761266160.954:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.076341][ T40] audit: type=1326 audit(1761266160.954:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.084213][ T40] audit: type=1326 audit(1761266160.954:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.090821][ T40] audit: type=1326 audit(1761266160.954:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.097978][ T40] audit: type=1326 audit(1761266160.954:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 320.117065][T10514] binder: 10513:10514 ioctl 4018620d 0 returned -22 [ 320.120376][T10514] binder: 10513:10514 ioctl c0306201 80000c00 returned -14 [ 320.545702][T10503] pim6reg: left allmulticast mode [ 321.233737][ T10] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 321.404585][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 321.415178][ T10] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 321.425505][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 321.431968][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 321.442372][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 321.446932][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 321.452754][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 321.458207][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.467985][T10538] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 321.470597][T10538] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 321.474439][T10538] vhci_hcd vhci_hcd.0: Device attached [ 321.706777][ T10] usb 7-1: GET_CAPABILITIES returned 0 [ 321.709278][ T10] usbtmc 7-1:16.0: can't read capabilities [ 321.730041][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 321.732132][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.774076][ T6010] usb 43-1: new low-speed USB device number 20 using vhci_hcd [ 322.121323][T10539] vhci_hcd: connection reset by peer [ 322.125624][ T1143] vhci_hcd: stop threads [ 322.127092][ T1143] vhci_hcd: release socket [ 322.128692][ T1143] vhci_hcd: disconnect device [ 322.133820][ T10] usb 7-1: USB disconnect, device number 20 [ 322.318359][T10553] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1072'. [ 323.483956][ T24] vhci_hcd: vhci_device speed not set [ 323.860341][T10581] FAULT_INJECTION: forcing a failure. [ 323.860341][T10581] name failslab, interval 1, probability 0, space 0, times 0 [ 323.866135][T10581] CPU: 1 UID: 0 PID: 10581 Comm: syz.1.1078 Not tainted syzkaller #0 PREEMPT(full) [ 323.866157][T10581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 323.866168][T10581] Call Trace: [ 323.866174][T10581] [ 323.866181][T10581] dump_stack_lvl+0x16c/0x1f0 [ 323.866205][T10581] should_fail_ex+0x512/0x640 [ 323.866231][T10581] ? __kmalloc_cache_noprof+0x5f/0x780 [ 323.866262][T10581] should_failslab+0xc2/0x120 [ 323.866286][T10581] __kmalloc_cache_noprof+0x72/0x780 [ 323.866314][T10581] ? sctp_transport_new+0xa8/0x7b0 [ 323.866343][T10581] ? sctp_transport_new+0xa8/0x7b0 [ 323.866366][T10581] sctp_transport_new+0xa8/0x7b0 [ 323.866393][T10581] sctp_assoc_add_peer+0x2e3/0x1550 [ 323.866423][T10581] sctp_connect_new_asoc+0x1f8/0x770 [ 323.866449][T10581] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 323.866473][T10581] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 323.866498][T10581] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 323.866530][T10581] sctp_sendmsg+0x1557/0x1e00 [ 323.866562][T10581] ? __pfx_sctp_sendmsg+0x10/0x10 [ 323.866585][T10581] ? __pfx___might_resched+0x10/0x10 [ 323.866610][T10581] ? aa_sk_perm+0x2f4/0xb10 [ 323.866631][T10581] ? __pfx_aa_sk_perm+0x10/0x10 [ 323.866646][T10581] ? __might_fault+0xe3/0x190 [ 323.866670][T10581] ? __pfx_sctp_sendmsg+0x10/0x10 [ 323.866695][T10581] inet_sendmsg+0x11c/0x140 [ 323.866720][T10581] __sys_sendto+0x43c/0x520 [ 323.866743][T10581] ? __pfx___sys_sendto+0x10/0x10 [ 323.866789][T10581] ? ksys_write+0x1ac/0x250 [ 323.866806][T10581] ? __pfx_ksys_write+0x10/0x10 [ 323.866827][T10581] __ia32_sys_sendto+0xdd/0x1b0 [ 323.866850][T10581] ? lockdep_hardirqs_on+0x7c/0x110 [ 323.866869][T10581] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 323.866890][T10581] __do_fast_syscall_32+0x7c/0x300 [ 323.866921][T10581] do_fast_syscall_32+0x32/0x80 [ 323.866942][T10581] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 323.866963][T10581] RIP: 0023:0xf70ad579 [ 323.866977][T10581] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 323.866993][T10581] RSP: 002b:00000000f545b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 323.867010][T10581] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080847fff [ 323.867021][T10581] RDX: 000000000000fee4 RSI: 0000000000000000 RDI: 000000008005ffe4 [ 323.867031][T10581] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000 [ 323.867041][T10581] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 323.867050][T10581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 323.867075][T10581] [ 325.563790][ T5951] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 325.965730][ T5951] usb 7-1: Using ep0 maxpacket: 32 [ 326.143739][ T1023] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 326.227499][ T5951] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 326.230212][ T5951] usb 7-1: config 0 has no interface number 0 [ 326.238384][ T5951] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 326.241215][ T5951] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.244141][ T5951] usb 7-1: Product: syz [ 326.245474][ T5951] usb 7-1: Manufacturer: syz [ 326.246988][ T5951] usb 7-1: SerialNumber: syz [ 326.249756][ T5951] usb 7-1: config 0 descriptor?? [ 326.255790][ T5951] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 326.258566][ T5951] usb 7-1: selecting invalid altsetting 1 [ 326.260429][ T5951] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 326.267976][ T5951] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 326.271356][ T5951] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 326.274429][ T5951] usb 7-1: media controller created [ 326.284370][ T5951] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 326.293791][ T1023] usb 5-1: Using ep0 maxpacket: 32 [ 326.296900][ T1023] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 326.302814][ T1023] usb 5-1: config 0 has no interface number 0 [ 326.308122][ T1023] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 326.311762][ T1023] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.319352][ T1023] usb 5-1: Product: syz [ 326.320782][ T1023] usb 5-1: Manufacturer: syz [ 326.322232][ T1023] usb 5-1: SerialNumber: syz [ 326.331054][ T1023] usb 5-1: config 0 descriptor?? [ 326.340239][ T1023] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 326.342988][ T1023] usb 5-1: selecting invalid altsetting 1 [ 326.349721][ T1023] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 326.353213][ T1023] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 326.363858][ T1023] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 326.366516][ T1023] usb 5-1: media controller created [ 326.386412][ T1023] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 326.535728][T10637] FAULT_INJECTION: forcing a failure. [ 326.535728][T10637] name failslab, interval 1, probability 0, space 0, times 0 [ 326.539821][T10637] CPU: 1 UID: 0 PID: 10637 Comm: syz.3.1096 Not tainted syzkaller #0 PREEMPT(full) [ 326.539842][T10637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 326.539852][T10637] Call Trace: [ 326.539857][T10637] [ 326.539864][T10637] dump_stack_lvl+0x16c/0x1f0 [ 326.539886][T10637] should_fail_ex+0x512/0x640 [ 326.539909][T10637] ? __kmalloc_cache_noprof+0x5f/0x780 [ 326.539955][T10637] should_failslab+0xc2/0x120 [ 326.539977][T10637] __kmalloc_cache_noprof+0x72/0x780 [ 326.540004][T10637] ? sctp_transport_new+0xa8/0x7b0 [ 326.540033][T10637] ? sctp_transport_new+0xa8/0x7b0 [ 326.540054][T10637] sctp_transport_new+0xa8/0x7b0 [ 326.540076][T10637] sctp_assoc_add_peer+0x2e3/0x1550 [ 326.540097][T10637] sctp_connect_new_asoc+0x1f8/0x770 [ 326.540120][T10637] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 326.540145][T10637] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 326.540169][T10637] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 326.540199][T10637] sctp_sendmsg+0x1557/0x1e00 [ 326.540230][T10637] ? __pfx_sctp_sendmsg+0x10/0x10 [ 326.540251][T10637] ? __pfx___might_resched+0x10/0x10 [ 326.540275][T10637] ? aa_sk_perm+0x2f4/0xb10 [ 326.540294][T10637] ? __pfx_aa_sk_perm+0x10/0x10 [ 326.540307][T10637] ? __might_fault+0xe3/0x190 [ 326.540331][T10637] ? __pfx_sctp_sendmsg+0x10/0x10 [ 326.540355][T10637] inet_sendmsg+0x11c/0x140 [ 326.540379][T10637] __sys_sendto+0x43c/0x520 [ 326.540404][T10637] ? __pfx___sys_sendto+0x10/0x10 [ 326.540450][T10637] ? ksys_write+0x1ac/0x250 [ 326.540469][T10637] ? __pfx_ksys_write+0x10/0x10 [ 326.540490][T10637] __ia32_sys_sendto+0xdd/0x1b0 [ 326.540513][T10637] ? lockdep_hardirqs_on+0x7c/0x110 [ 326.540532][T10637] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 326.540552][T10637] __do_fast_syscall_32+0x7c/0x300 [ 326.540574][T10637] do_fast_syscall_32+0x32/0x80 [ 326.540592][T10637] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 326.540610][T10637] RIP: 0023:0xf709d579 [ 326.540624][T10637] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 326.540640][T10637] RSP: 002b:00000000f544b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 326.540658][T10637] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080847fff [ 326.540668][T10637] RDX: 000000000000fee4 RSI: 0000000000000000 RDI: 000000008005ffe4 [ 326.540678][T10637] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000 [ 326.540688][T10637] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 326.540699][T10637] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 326.540722][T10637] [ 326.604515][T10638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 326.636731][T10638] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 326.913759][ T6010] vhci_hcd: vhci_device speed not set [ 327.334020][ T5951] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 327.338306][ T5951] zl10353_read_register: readreg error (reg=127, ret==-110) [ 327.354896][T10618] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 327.374025][T10628] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 327.378214][ T1023] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 327.380548][ T1023] zl10353_read_register: readreg error (reg=127, ret==-71) [ 327.382716][ T5951] usb 7-1: USB disconnect, device number 21 [ 327.384637][ T1023] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 327.424132][ T1023] usb 5-1: USB disconnect, device number 21 [ 327.904373][T10660] ieee802154 phy0 wpan0: encryption failed: -22 [ 328.108135][ T1184] Bluetooth: (null): Invalid header checksum [ 328.110110][ T1184] Bluetooth: (null): Invalid header checksum [ 328.164019][T10271] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 328.217215][ T1143] Bluetooth: (null): Invalid header checksum [ 328.313892][T10271] usb 8-1: Using ep0 maxpacket: 8 [ 328.325875][T10271] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 328.325897][ T1184] Bluetooth: (null): Invalid header checksum [ 328.331396][T10271] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 328.335475][T10271] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 328.339600][T10271] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 328.343948][T10271] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 328.349557][T10271] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 328.353408][T10271] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.444628][ T1143] Bluetooth: (null): Invalid header checksum [ 328.565080][ T1143] Bluetooth: (null): Invalid header checksum [ 328.590855][T10271] usb 8-1: GET_CAPABILITIES returned 0 [ 328.593826][T10271] usbtmc 8-1:16.0: can't read capabilities [ 328.675013][ T12] Bluetooth: (null): Invalid header checksum [ 328.692339][ T1184] Bluetooth: (null): Invalid header checksum [ 328.701562][ T1184] Bluetooth: (null): Invalid header checksum [ 328.796711][ T1184] Bluetooth: (null): Invalid header checksum [ 328.904939][ T1184] Bluetooth: (null): Invalid header checksum [ 329.014382][ T1143] Bluetooth: (null): Invalid header checksum [ 329.125051][ T46] Bluetooth: (null): Invalid header checksum [ 329.144085][T10271] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 329.175444][T10677] syz.2.1107 (10677): drop_caches: 2 [ 329.178139][T10677] syz.2.1107 (10677): drop_caches: 2 [ 329.234129][ T46] Bluetooth: (null): Invalid header checksum [ 329.303935][T10271] usb 5-1: Using ep0 maxpacket: 8 [ 329.314813][T10271] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 329.317607][T10271] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 329.320667][T10271] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 329.324172][T10271] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 329.327516][T10271] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 329.331712][T10271] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 329.337487][T10271] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.343890][ T1184] Bluetooth: (null): Invalid header checksum [ 329.477555][ T5951] usb 8-1: USB disconnect, device number 15 [ 329.560692][T10271] usb 5-1: GET_CAPABILITIES returned 0 [ 329.562610][T10271] usbtmc 5-1:16.0: can't read capabilities [ 330.244615][T10694] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1110'. [ 330.282704][ T1023] usb 5-1: USB disconnect, device number 22 [ 330.792044][T10706] ieee802154 phy0 wpan0: encryption failed: -22 [ 331.840103][ T1023] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 332.043758][ T1023] usb 8-1: Using ep0 maxpacket: 8 [ 332.047138][ T1023] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 332.049906][ T1023] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 332.052977][ T1023] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 332.055998][ T1023] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 332.059086][ T1023] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 332.063281][ T1023] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 332.066263][ T1023] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.273906][ T1023] usb 8-1: GET_CAPABILITIES returned 0 [ 332.275708][ T1023] usbtmc 8-1:16.0: can't read capabilities [ 332.742111][ T24] usb 8-1: USB disconnect, device number 16 [ 333.529276][T10776] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 333.531938][T10776] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 333.535151][T10776] vhci_hcd vhci_hcd.0: Device attached [ 334.075142][T10781] random: crng reseeded on system resumption [ 334.113706][ T1134] usb 43-1: new low-speed USB device number 21 using vhci_hcd [ 334.132920][T10777] vhci_hcd: connection reset by peer [ 334.144719][ T7776] vhci_hcd: stop threads [ 334.146140][ T7776] vhci_hcd: release socket [ 334.147722][ T7776] vhci_hcd: disconnect device [ 334.221200][T10787] binder: 10786:10787 ioctl c0306201 80000c00 returned -14 [ 334.279591][T10792] netlink: 160 bytes leftover after parsing attributes in process `syz.1.1130'. [ 334.284260][T10792] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1130'. [ 334.718609][T10796] binder: 10795:10796 ioctl c0306201 0 returned -14 [ 334.722206][T10796] binder: 10795:10796 ioctl c0306201 80000c00 returned -14 [ 336.010209][T10823] binder: 10822:10823 ioctl c0306201 80000c00 returned -14 [ 336.491767][T10835] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 336.493854][T10835] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 336.496887][T10835] vhci_hcd vhci_hcd.0: Device attached [ 336.558713][T10839] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 336.561471][T10839] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 336.565177][T10839] vhci_hcd vhci_hcd.0: Device attached [ 336.873794][T10271] usb 42-1: SetAddress Request (2) to port 0 [ 336.876129][T10271] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd [ 337.004636][T10840] vhci_hcd: connection reset by peer [ 337.006747][ T1184] vhci_hcd: stop threads [ 337.008597][ T1184] vhci_hcd: release socket [ 337.010597][ T1184] vhci_hcd: disconnect device [ 337.413344][T10849] FAULT_INJECTION: forcing a failure. [ 337.413344][T10849] name failslab, interval 1, probability 0, space 0, times 0 [ 337.418347][T10849] CPU: 3 UID: 0 PID: 10849 Comm: syz.3.1146 Not tainted syzkaller #0 PREEMPT(full) [ 337.418363][T10849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 337.418370][T10849] Call Trace: [ 337.418374][T10849] [ 337.418378][T10849] dump_stack_lvl+0x16c/0x1f0 [ 337.418395][T10849] should_fail_ex+0x512/0x640 [ 337.418413][T10849] ? __kmalloc_noprof+0xca/0x880 [ 337.418432][T10849] should_failslab+0xc2/0x120 [ 337.418448][T10849] __kmalloc_noprof+0xdd/0x880 [ 337.418465][T10849] ? iter_file_splice_write+0x1cc/0x12e0 [ 337.418481][T10849] ? iter_file_splice_write+0x1cc/0x12e0 [ 337.418492][T10849] iter_file_splice_write+0x1cc/0x12e0 [ 337.418507][T10849] ? __vfs_getxattr+0x145/0x1a0 [ 337.418518][T10849] ? bpf_lsm_capable+0x9/0x10 [ 337.418533][T10849] ? security_capable+0x7e/0x260 [ 337.418550][T10849] ? __pfx_iter_file_splice_write+0x10/0x10 [ 337.418562][T10849] ? __lock_acquire+0xb8a/0x1c90 [ 337.418577][T10849] ? HUF_decompress4X1_usingDTable_internal_fast_c_loop+0x1b16/0x1b30 [ 337.418608][T10849] backing_file_splice_write+0x27f/0x890 [ 337.418626][T10849] ovl_splice_write+0x38d/0x6c0 [ 337.418639][T10849] ? __pfx_ovl_splice_write+0x10/0x10 [ 337.418651][T10849] ? __pfx_ovl_file_end_write+0x10/0x10 [ 337.418674][T10849] ? __pfx_ovl_splice_write+0x10/0x10 [ 337.418686][T10849] direct_splice_actor+0x192/0x6c0 [ 337.418699][T10849] splice_direct_to_actor+0x345/0xa30 [ 337.418710][T10849] ? __pfx_direct_splice_actor+0x10/0x10 [ 337.418724][T10849] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 337.418739][T10849] ? get_pid_task+0xfc/0x250 [ 337.418758][T10849] do_splice_direct+0x174/0x240 [ 337.418769][T10849] ? __pfx_do_splice_direct+0x10/0x10 [ 337.418780][T10849] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 337.418800][T10849] ? rw_verify_area+0xcf/0x6c0 [ 337.418812][T10849] do_sendfile+0xb06/0xe50 [ 337.418826][T10849] ? __pfx_do_sendfile+0x10/0x10 [ 337.418837][T10849] ? __might_fault+0xe3/0x190 [ 337.418847][T10849] ? __might_fault+0x13b/0x190 [ 337.418862][T10849] __ia32_compat_sys_sendfile+0x162/0x220 [ 337.418878][T10849] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 337.418894][T10849] ? rcu_is_watching+0x12/0xc0 [ 337.418908][T10849] __do_fast_syscall_32+0x7c/0x300 [ 337.418923][T10849] do_fast_syscall_32+0x32/0x80 [ 337.418936][T10849] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 337.418950][T10849] RIP: 0023:0xf709d579 [ 337.418959][T10849] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 337.418970][T10849] RSP: 002b:00000000f546c55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 337.418980][T10849] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000008 [ 337.418987][T10849] RDX: 0000000080000080 RSI: 0000000000007f03 RDI: 0000000000000000 [ 337.418993][T10849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 337.418999][T10849] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 337.419005][T10849] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 337.419019][T10849] [ 337.560096][T10852] Set syz0 is full, maxelem 0 reached [ 337.562696][T10852] FAULT_INJECTION: forcing a failure. [ 337.562696][T10852] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 337.568675][T10852] CPU: 2 UID: 0 PID: 10852 Comm: syz.0.1147 Not tainted syzkaller #0 PREEMPT(full) [ 337.568698][T10852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 337.568708][T10852] Call Trace: [ 337.568714][T10852] [ 337.568720][T10852] dump_stack_lvl+0x16c/0x1f0 [ 337.568752][T10852] should_fail_ex+0x512/0x640 [ 337.568783][T10852] _copy_to_user+0x32/0xd0 [ 337.568813][T10852] simple_read_from_buffer+0xcb/0x170 [ 337.568843][T10852] proc_fail_nth_read+0x197/0x240 [ 337.568863][T10852] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 337.568884][T10852] ? rw_verify_area+0xcf/0x6c0 [ 337.568901][T10852] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 337.568919][T10852] vfs_read+0x1e4/0xcf0 [ 337.568944][T10852] ? __pfx_vfs_read+0x10/0x10 [ 337.568959][T10852] ? find_held_lock+0x2b/0x80 [ 337.568984][T10852] ? __fget_files+0x20e/0x3c0 [ 337.569010][T10852] ksys_read+0x12a/0x250 [ 337.569027][T10852] ? __pfx_ksys_read+0x10/0x10 [ 337.569047][T10852] ? rcu_is_watching+0x12/0xc0 [ 337.569068][T10852] __do_fast_syscall_32+0x7c/0x300 [ 337.569092][T10852] do_fast_syscall_32+0x32/0x80 [ 337.569114][T10852] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 337.569135][T10852] RIP: 0023:0xf7f15579 [ 337.569148][T10852] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 337.569165][T10852] RSP: 002b:00000000f5406590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 337.569181][T10852] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5406620 [ 337.569192][T10852] RDX: 000000000000000f RSI: 00000000f73a5ff4 RDI: 0000000000000000 [ 337.569201][T10852] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 337.569211][T10852] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 337.569222][T10852] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 337.569245][T10852] [ 337.660487][T10836] vhci_hcd: connection closed [ 337.661219][ T7776] vhci_hcd: stop threads [ 337.665904][ T7776] vhci_hcd: release socket [ 337.668112][ T7776] vhci_hcd: disconnect device [ 337.775847][ T841] vhci_hcd: vhci_device speed not set [ 338.164792][T10867] pim6reg: entered allmulticast mode [ 338.174051][T10869] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1153'. [ 338.231543][T10872] veth1_to_bond: entered promiscuous mode [ 338.233398][T10872] veth1_to_bond: entered allmulticast mode [ 338.261816][T10872] batadv_slave_0: mtu less than device minimum [ 339.083787][T10885] binder: 10884:10885 ioctl c0306201 80000c00 returned -14 [ 339.209162][T10891] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 339.211276][T10891] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 339.216327][T10891] vhci_hcd vhci_hcd.0: Device attached [ 339.245570][ T1134] vhci_hcd: vhci_device speed not set [ 339.935955][T10892] vhci_hcd: connection closed [ 339.936277][ T7776] vhci_hcd: stop threads [ 339.939190][ T7776] vhci_hcd: release socket [ 339.940816][ T7776] vhci_hcd: disconnect device [ 339.949680][T10902] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1164'. [ 339.954070][T10902] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1164'. [ 340.014322][T10903] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 340.014365][T10903] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 340.014490][T10903] vhci_hcd vhci_hcd.0: Device attached [ 340.255803][ T6008] usb 37-1: new low-speed USB device number 11 using vhci_hcd [ 340.355841][T10907] vhci_hcd: connection reset by peer [ 340.361385][ T7776] vhci_hcd: stop threads [ 340.362736][ T7776] vhci_hcd: release socket [ 340.364436][ T7776] vhci_hcd: disconnect device [ 340.612291][T10923] binder: 10922:10923 ioctl c0306201 80000c00 returned -14 [ 340.763389][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 340.763399][ T40] audit: type=1326 audit(1761266181.744:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10927 comm="syz.1.1172" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ad579 code=0x0 [ 341.651748][ T40] audit: type=1326 audit(1761266182.634:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.658422][ T40] audit: type=1326 audit(1761266182.634:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.665157][ T40] audit: type=1326 audit(1761266182.634:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.671744][ T40] audit: type=1326 audit(1761266182.634:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.678422][ T40] audit: type=1326 audit(1761266182.634:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.685160][ T40] audit: type=1326 audit(1761266182.634:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.691643][ T40] audit: type=1326 audit(1761266182.634:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.699148][ T40] audit: type=1326 audit(1761266182.634:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.706048][ T40] audit: type=1326 audit(1761266182.644:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.3.1176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 341.722099][ T1023] IPVS: starting estimator thread 0... [ 341.723474][T10951] binder: 10949:10951 ioctl c0306201 0 returned -14 [ 341.735814][T10944] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 341.883708][T10952] IPVS: using max 44 ests per chain, 105600 per kthread [ 341.963775][T10271] usb 42-1: device descriptor read/8, error -110 [ 342.477525][T10271] usb usb42-port1: attempt power cycle [ 342.641450][ T841] vhci_hcd: vhci_device speed not set [ 342.790325][T10977] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 342.793132][T10977] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 342.799614][T10977] vhci_hcd vhci_hcd.0: Device attached [ 343.063786][ T1023] usb 44-1: SetAddress Request (10) to port 0 [ 343.066546][ T1023] usb 44-1: new SuperSpeed USB device number 10 using vhci_hcd [ 343.357048][T10979] vhci_hcd: connection reset by peer [ 343.359709][ T12] vhci_hcd: stop threads [ 343.361484][ T12] vhci_hcd: release socket [ 343.363405][ T12] vhci_hcd: disconnect device [ 343.579852][T10992] binder: 10991:10992 ioctl c0306201 0 returned -14 [ 343.905199][T10271] usb usb42-port1: unable to enumerate USB device [ 345.403735][ T6008] vhci_hcd: vhci_device speed not set [ 347.917894][T11053] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.920550][T11053] ieee802154 phy0 wpan0: encryption failed: -22 [ 348.133789][ T1023] usb 44-1: device descriptor read/8, error -110 [ 348.614444][ T40] kauditd_printk_skb: 48 callbacks suppressed [ 348.614460][ T40] audit: type=1326 audit(1761266189.604:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.2.1209" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf701d579 code=0x0 [ 348.705680][ T1023] usb usb44-port1: attempt power cycle [ 348.756537][T11067] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 348.758628][T11067] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 348.761203][T11067] vhci_hcd vhci_hcd.0: Device attached [ 349.126691][T11068] vhci_hcd: connection closed [ 349.163751][ T7776] vhci_hcd: stop threads [ 349.166902][ T7776] vhci_hcd: release socket [ 349.169552][ T7776] vhci_hcd: disconnect device [ 349.383180][ T1023] usb usb44-port1: unable to enumerate USB device [ 349.443827][ T841] vhci_hcd: vhci_device speed not set [ 349.606190][T11085] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1215'. [ 350.554522][ T1143] Bluetooth: (null): Invalid header checksum [ 350.566787][ T1143] Bluetooth: (null): Invalid header checksum [ 350.664881][ T1143] Bluetooth: (null): Invalid header checksum [ 350.713802][ T29] usb 6-1: new full-speed USB device number 19 using dummy_hcd [ 350.775829][ T7776] Bluetooth: (null): Invalid header checksum [ 351.541129][ T7782] Bluetooth: (null): Invalid header checksum [ 351.543275][ T7782] Bluetooth: (null): Invalid header checksum [ 351.549306][ T7782] Bluetooth: (null): Invalid header checksum [ 351.551223][ T7782] Bluetooth: (null): Invalid header checksum [ 351.553337][ T7782] Bluetooth: (null): Invalid header checksum [ 351.555696][ T7782] Bluetooth: (null): Invalid header checksum [ 351.557676][ T7782] Bluetooth: (null): Invalid header checksum [ 351.664117][ T7782] Bluetooth: (null): Invalid header checksum [ 351.831658][ T13] Bluetooth: (null): Invalid header checksum [ 351.883921][ T1184] Bluetooth: (null): Invalid header checksum [ 351.994057][ T1184] Bluetooth: (null): Invalid header checksum [ 352.071510][ T40] audit: type=1326 audit(1761266193.054:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11110 comm="syz.2.1221" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf701d579 code=0x0 [ 352.073368][T11113] ieee802154 phy0 wpan0: encryption failed: -22 [ 352.104592][ T1143] Bluetooth: (null): Invalid header checksum [ 352.131612][T11115] fuse: Bad value for 'fd' [ 352.142149][ T29] usb 6-1: unable to get BOS descriptor or descriptor too short [ 352.150371][ T29] usb 6-1: no configurations [ 352.151877][ T29] usb 6-1: can't read configurations, error -22 [ 352.565914][T11120] syz.3.1225 (11120): drop_caches: 2 [ 352.568570][T11120] syz.3.1225 (11120): drop_caches: 2 [ 352.623740][ T6008] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 352.773958][ T6008] usb 5-1: Using ep0 maxpacket: 32 [ 352.776974][ T6008] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 352.779479][ T6008] usb 5-1: config 0 has no interface number 0 [ 352.781705][ T6008] usb 5-1: config 0 interface 1 has no altsetting 0 [ 352.785959][ T6008] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 352.788877][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 352.791444][ T6008] usb 5-1: Product: syz [ 352.792813][ T6008] usb 5-1: Manufacturer: syz [ 352.794634][ T6008] usb 5-1: SerialNumber: syz [ 352.798407][ T6008] usb 5-1: config 0 descriptor?? [ 352.801961][ T6008] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 352.804987][ T6008] usb 5-1: selecting invalid altsetting 1 [ 352.806923][ T6008] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 352.811427][ T6008] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 352.814976][ T6008] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 352.817665][ T6008] usb 5-1: media controller created [ 352.826798][ T6008] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 353.002951][ T6008] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 353.006909][ T6008] zl10353_read_register: readreg error (reg=127, ret==-32) [ 353.009889][ T6008] usb 5-1: selecting invalid altsetting 0 [ 353.011715][ T6008] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 354.486231][T11143] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 354.488345][T11143] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 354.490893][T11143] vhci_hcd vhci_hcd.0: Device attached [ 354.695334][T11144] vhci_hcd: connection closed [ 354.695729][ T46] vhci_hcd: stop threads [ 354.699709][ T46] vhci_hcd: release socket [ 354.701720][ T46] vhci_hcd: disconnect device [ 354.734052][ T29] usb 41-1: new low-speed USB device number 15 using vhci_hcd [ 354.736567][ T29] usb 41-1: enqueue for inactive port 0 [ 354.803724][ T29] vhci_hcd: vhci_device speed not set [ 355.308014][T11152] fuse: Bad value for 'fd' [ 355.406546][ T6008] usb 5-1: USB disconnect, device number 23 [ 355.650618][T11160] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 355.653404][T11160] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 355.654151][ T40] audit: type=1326 audit(1761266196.634:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1236" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf701d579 code=0x0 [ 355.656986][T11160] vhci_hcd vhci_hcd.0: Device attached [ 355.893722][ T6010] usb 37-1: new low-speed USB device number 12 using vhci_hcd [ 356.256187][T11171] vhci_hcd: connection reset by peer [ 356.258767][ T46] vhci_hcd: stop threads [ 356.260211][ T46] vhci_hcd: release socket [ 356.262259][ T46] vhci_hcd: disconnect device [ 356.477630][T11175] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 356.479819][T11175] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 356.482022][T11175] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 356.488640][ T5958] Bluetooth: hci4: sending frame failed (-49) [ 356.491952][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 356.533129][T11181] ieee802154 phy0 wpan0: encryption failed: -22 [ 357.826111][ T5950] Bluetooth: hci1: command 0x0406 tx timeout [ 358.523845][ T5958] Bluetooth: hci3: command 0x0406 tx timeout [ 358.526747][ T5950] Bluetooth: hci2: command 0x0405 tx timeout [ 358.575697][T11229] FAULT_INJECTION: forcing a failure. [ 358.575697][T11229] name failslab, interval 1, probability 0, space 0, times 0 [ 358.580592][T11229] CPU: 1 UID: 0 PID: 11229 Comm: syz.2.1249 Not tainted syzkaller #0 PREEMPT(full) [ 358.580609][T11229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 358.580616][T11229] Call Trace: [ 358.580620][T11229] [ 358.580625][T11229] dump_stack_lvl+0x16c/0x1f0 [ 358.580642][T11229] should_fail_ex+0x512/0x640 [ 358.580660][T11229] ? __kmalloc_cache_noprof+0x5f/0x780 [ 358.580680][T11229] should_failslab+0xc2/0x120 [ 358.580696][T11229] __kmalloc_cache_noprof+0x72/0x780 [ 358.580714][T11229] ? rcu_is_watching+0x12/0xc0 [ 358.580725][T11229] ? __request_module+0x2ad/0x690 [ 358.580742][T11229] ? lockdep_hardirqs_on+0x7c/0x110 [ 358.580756][T11229] ? __request_module+0x2ad/0x690 [ 358.580772][T11229] __request_module+0x2ad/0x690 [ 358.580789][T11229] ? __pfx___request_module+0x10/0x10 [ 358.580811][T11229] ? find_held_lock+0x2b/0x80 [ 358.580823][T11229] ? rtnl_link_ops_get+0x17b/0x2c0 [ 358.580837][T11229] ? __pfx_rtnl_newlink+0x10/0x10 [ 358.580848][T11229] rtnl_newlink+0x1466/0x2000 [ 358.580863][T11229] ? __pfx_rtnl_newlink+0x10/0x10 [ 358.580876][T11229] ? kmem_cache_free+0x2d4/0x6c0 [ 358.580887][T11229] ? kfree_skbmem+0x1a4/0x1f0 [ 358.580904][T11229] ? kfree_skbmem+0x1a4/0x1f0 [ 358.580922][T11229] ? rcu_is_watching+0x12/0xc0 [ 358.580938][T11229] ? find_held_lock+0x2b/0x80 [ 358.580948][T11229] ? __pfx_rtnl_newlink+0x10/0x10 [ 358.580958][T11229] ? __pfx_rtnl_newlink+0x10/0x10 [ 358.580968][T11229] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 358.580979][T11229] ? __pfx_rtnl_newlink+0x10/0x10 [ 358.580991][T11229] rtnetlink_rcv_msg+0x95e/0xe90 [ 358.581003][T11229] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 358.581018][T11229] ? ref_tracker_free+0x37c/0x830 [ 358.581037][T11229] netlink_rcv_skb+0x158/0x420 [ 358.581049][T11229] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 358.581061][T11229] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 358.581078][T11229] ? netlink_deliver_tap+0x1ae/0xd30 [ 358.581098][T11229] netlink_unicast+0x5aa/0x870 [ 358.581112][T11229] ? __pfx_netlink_unicast+0x10/0x10 [ 358.581128][T11229] netlink_sendmsg+0x8c8/0xdd0 [ 358.581142][T11229] ? __pfx_netlink_sendmsg+0x10/0x10 [ 358.581154][T11229] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 358.581173][T11229] ____sys_sendmsg+0xa98/0xc70 [ 358.581188][T11229] ? __pfx_____sys_sendmsg+0x10/0x10 [ 358.581201][T11229] ? get_compat_msghdr+0x11a/0x170 [ 358.581224][T11229] ___sys_sendmsg+0x134/0x1d0 [ 358.581235][T11229] ? __pfx____sys_sendmsg+0x10/0x10 [ 358.581252][T11229] ? find_held_lock+0x2b/0x80 [ 358.581271][T11229] __sys_sendmsg+0x16d/0x220 [ 358.581282][T11229] ? __pfx___sys_sendmsg+0x10/0x10 [ 358.581298][T11229] ? rcu_is_watching+0x12/0xc0 [ 358.581311][T11229] __do_fast_syscall_32+0x7c/0x300 [ 358.581325][T11229] do_fast_syscall_32+0x32/0x80 [ 358.581338][T11229] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 358.581352][T11229] RIP: 0023:0xf701d579 [ 358.581361][T11229] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 358.581371][T11229] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 358.581382][T11229] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180 [ 358.581388][T11229] RDX: 0000000000004040 RSI: 0000000000000000 RDI: 0000000000000000 [ 358.581394][T11229] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 358.581400][T11229] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 358.581406][T11229] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 358.581420][T11229] [ 358.716560][T11230] netlink: 160 bytes leftover after parsing attributes in process `syz.1.1248'. [ 358.720876][T11230] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1248'. [ 359.123761][ T7268] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 359.285324][ T7268] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 359.289143][ T7268] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 359.293699][ T7268] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 359.299640][ T7268] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 359.302531][ T7268] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 359.302544][ T7268] usb 7-1: Manufacturer: syz [ 359.316083][ T7268] usb 7-1: config 0 descriptor?? [ 359.321016][ T7268] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 359.676260][T11247] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 359.678956][T11247] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 359.682702][T11247] vhci_hcd vhci_hcd.0: Device attached [ 360.004354][ T29] usb 39-1: new low-speed USB device number 17 using vhci_hcd [ 360.525045][T11248] vhci_hcd: connection reset by peer [ 360.527188][ T7782] vhci_hcd: stop threads [ 360.529086][ T7782] vhci_hcd: release socket [ 360.543736][ T7782] vhci_hcd: disconnect device [ 360.945672][T11268] syzkaller1: entered promiscuous mode [ 360.948024][T11268] syzkaller1: entered allmulticast mode [ 360.993812][ T6010] vhci_hcd: vhci_device speed not set [ 361.566096][T11276] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 361.568855][T11276] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 361.572618][T11276] vhci_hcd vhci_hcd.0: Device attached [ 361.813838][ T841] usb 43-1: new low-speed USB device number 23 using vhci_hcd [ 361.882260][T10271] usb 7-1: USB disconnect, device number 22 [ 361.904315][T11281] ieee802154 phy0 wpan0: encryption failed: -22 [ 362.200212][T11277] vhci_hcd: connection reset by peer [ 362.207226][ T7782] vhci_hcd: stop threads [ 362.209136][ T7782] vhci_hcd: release socket [ 362.214189][ T7782] vhci_hcd: disconnect device [ 362.590400][T11298] syz.1.1266 (11298): drop_caches: 2 [ 362.593521][T11298] syz.1.1266 (11298): drop_caches: 2 [ 362.855098][T11314] trusted_key: encrypted_key: insufficient parameters specified [ 363.163736][ T5951] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 363.313747][ T5951] usb 7-1: Using ep0 maxpacket: 32 [ 363.319845][ T5951] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 363.322987][ T5951] usb 7-1: config 0 has no interface number 0 [ 363.328601][ T5951] usb 7-1: config 0 interface 1 has no altsetting 0 [ 363.333426][ T5951] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 363.337738][ T5951] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.340852][ T5951] usb 7-1: Product: syz [ 363.342883][ T5951] usb 7-1: Manufacturer: syz [ 363.345328][ T5951] usb 7-1: SerialNumber: syz [ 363.349041][ T5951] usb 7-1: config 0 descriptor?? [ 363.355377][ T5951] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 363.359176][ T5951] usb 7-1: selecting invalid altsetting 1 [ 363.361815][ T5951] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 363.367196][ T5951] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 363.371022][ T5951] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 363.374647][ T5951] usb 7-1: media controller created [ 363.389241][ T5951] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 363.621742][ T5951] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 364.302634][T11332] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1273'. [ 364.306949][T11332] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1273'. [ 364.333843][ T5951] zl10353_read_register: readreg error (reg=127, ret==-32) [ 364.806769][ T5951] usb 7-1: selecting invalid altsetting 0 [ 365.224763][ T29] vhci_hcd: vhci_device speed not set [ 365.291998][ T5951] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 365.335938][T11345] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 365.338495][T11345] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 365.341749][T11345] vhci_hcd vhci_hcd.0: Device attached [ 365.346907][ T53] usb 7-1: USB disconnect, device number 23 [ 365.803602][T11351] ieee802154 phy0 wpan0: encryption failed: -22 [ 365.873709][T11346] vhci_hcd: connection closed [ 365.873997][ T13] vhci_hcd: stop threads [ 365.878191][ T13] vhci_hcd: release socket [ 365.880204][ T13] vhci_hcd: disconnect device [ 366.209241][T11358] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 366.211870][T11358] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 366.227002][T11358] vhci_hcd vhci_hcd.0: Device attached [ 366.514096][ T29] usb 41-1: new low-speed USB device number 16 using vhci_hcd [ 366.797170][T11359] vhci_hcd: connection reset by peer [ 366.802101][ T7782] vhci_hcd: stop threads [ 366.803792][ T7782] vhci_hcd: release socket [ 366.805461][ T7782] vhci_hcd: disconnect device [ 366.983911][ T841] vhci_hcd: vhci_device speed not set [ 367.887507][T11389] syz.2.1285 (11389): drop_caches: 2 [ 367.901777][T11389] syz.2.1285 (11389): drop_caches: 2 [ 368.054389][ T46] Bluetooth: (null): Invalid header checksum [ 368.056649][ T46] Bluetooth: (null): Invalid header checksum [ 368.154940][ T7782] Bluetooth: (null): Invalid header checksum [ 368.835184][ T46] Bluetooth: (null): Invalid header checksum [ 368.837665][ T46] Bluetooth: (null): Invalid header checksum [ 368.840098][ T46] Bluetooth: (null): Invalid header checksum [ 368.915484][ T1143] Bluetooth: (null): Invalid header checksum [ 368.919010][ T1143] Bluetooth: (null): Invalid header checksum [ 368.921109][ T1143] Bluetooth: (null): Invalid header checksum [ 368.934609][ T7782] Bluetooth: (null): Invalid header checksum [ 369.054690][ T46] Bluetooth: (null): Invalid header checksum [ 369.213928][ T46] Bluetooth: (null): Invalid header checksum [ 369.277068][ T1184] Bluetooth: (null): Invalid header checksum [ 369.383890][ T46] Bluetooth: (null): Invalid header checksum [ 369.504590][ T7782] Bluetooth: (null): Invalid header checksum [ 369.614175][ T1143] Bluetooth: (null): Invalid header checksum [ 369.724838][ T46] Bluetooth: (null): Invalid header checksum [ 369.836415][ T1143] Bluetooth: (null): Invalid header checksum [ 369.954514][ T7782] Bluetooth: (null): Invalid header checksum [ 370.063968][ T1143] Bluetooth: (null): Invalid header checksum [ 370.083711][ T55] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 370.195885][ T7782] Bluetooth: (null): Invalid header checksum [ 370.226441][T11410] FAULT_INJECTION: forcing a failure. [ 370.226441][T11410] name failslab, interval 1, probability 0, space 0, times 0 [ 370.230619][T11410] CPU: 3 UID: 0 PID: 11410 Comm: syz.1.1291 Not tainted syzkaller #0 PREEMPT(full) [ 370.230633][T11410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 370.230640][T11410] Call Trace: [ 370.230644][T11410] [ 370.230648][T11410] dump_stack_lvl+0x16c/0x1f0 [ 370.230665][T11410] should_fail_ex+0x512/0x640 [ 370.230682][T11410] ? __kmalloc_noprof+0xca/0x880 [ 370.230702][T11410] should_failslab+0xc2/0x120 [ 370.230717][T11410] __kmalloc_noprof+0xdd/0x880 [ 370.230734][T11410] ? ethnl_default_start+0x114/0x410 [ 370.230754][T11410] ? __pfx_ethnl_default_start+0x10/0x10 [ 370.230771][T11410] ? ethnl_default_start+0x114/0x410 [ 370.230788][T11410] ethnl_default_start+0x114/0x410 [ 370.230806][T11410] ? __pfx_ethnl_default_start+0x10/0x10 [ 370.230823][T11410] genl_start+0x5ff/0x980 [ 370.230838][T11410] __netlink_dump_start+0x60e/0x990 [ 370.230851][T11410] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 370.230866][T11410] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 370.230883][T11410] ? __pfx_genl_get_cmd+0x10/0x10 [ 370.230894][T11410] ? __pfx_genl_start+0x10/0x10 [ 370.230905][T11410] ? __pfx_genl_dumpit+0x10/0x10 [ 370.230917][T11410] ? __pfx_genl_done+0x10/0x10 [ 370.230931][T11410] ? ____sys_sendmsg+0xa98/0xc70 [ 370.230944][T11410] ? ___sys_sendmsg+0x134/0x1d0 [ 370.230952][T11410] ? __radix_tree_lookup+0x21f/0x2c0 [ 370.230972][T11410] genl_rcv_msg+0x46e/0x800 [ 370.230987][T11410] ? __pfx_genl_rcv_msg+0x10/0x10 [ 370.231001][T11410] ? __pfx_ethnl_default_start+0x10/0x10 [ 370.231017][T11410] ? __pfx_ethnl_default_dumpit+0x10/0x10 [ 370.231034][T11410] ? __pfx_ethnl_default_done+0x10/0x10 [ 370.231053][T11410] ? __lock_acquire+0x622/0x1c90 [ 370.231071][T11410] netlink_rcv_skb+0x158/0x420 [ 370.231082][T11410] ? __pfx_genl_rcv_msg+0x10/0x10 [ 370.231096][T11410] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 370.231113][T11410] ? netlink_deliver_tap+0x1ae/0xd30 [ 370.231133][T11410] genl_rcv+0x28/0x40 [ 370.231145][T11410] netlink_unicast+0x5aa/0x870 [ 370.231158][T11410] ? __pfx_netlink_unicast+0x10/0x10 [ 370.231175][T11410] netlink_sendmsg+0x8c8/0xdd0 [ 370.231189][T11410] ? __pfx_netlink_sendmsg+0x10/0x10 [ 370.231201][T11410] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 370.231242][T11410] ____sys_sendmsg+0xa98/0xc70 [ 370.231261][T11410] ? __pfx_____sys_sendmsg+0x10/0x10 [ 370.231273][T11410] ? get_compat_msghdr+0x11a/0x170 [ 370.231297][T11410] ___sys_sendmsg+0x134/0x1d0 [ 370.231308][T11410] ? __pfx____sys_sendmsg+0x10/0x10 [ 370.231325][T11410] ? find_held_lock+0x2b/0x80 [ 370.231345][T11410] __sys_sendmsg+0x16d/0x220 [ 370.231356][T11410] ? __pfx___sys_sendmsg+0x10/0x10 [ 370.231372][T11410] ? rcu_is_watching+0x12/0xc0 [ 370.231386][T11410] __do_fast_syscall_32+0x7c/0x300 [ 370.231401][T11410] do_fast_syscall_32+0x32/0x80 [ 370.231414][T11410] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 370.231432][T11410] RIP: 0023:0xf70ad579 [ 370.231440][T11410] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 370.231452][T11410] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 370.231463][T11410] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000440 [ 370.231470][T11410] RDX: 0000000020048810 RSI: 0000000000000000 RDI: 0000000000000000 [ 370.231476][T11410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 370.231482][T11410] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 370.231488][T11410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 370.231502][T11410] [ 370.284311][ T46] Bluetooth: (null): Invalid header checksum [ 370.284633][ C3] vkms_vblank_simulate: vblank timer overrun [ 370.285592][ T55] usb 5-1: Using ep0 maxpacket: 32 [ 370.353431][ T55] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 370.356271][ T55] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 370.359605][ T55] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 370.363122][ T55] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 370.367349][ T55] usb 5-1: config 0 interface 0 has no altsetting 0 [ 370.371557][ T55] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 370.374528][ T55] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 370.377192][ T55] usb 5-1: Product: syz [ 370.378827][ T55] usb 5-1: Manufacturer: syz [ 370.380731][ T55] usb 5-1: SerialNumber: syz [ 370.384901][ T55] usb 5-1: config 0 descriptor?? [ 370.388138][ T55] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 370.392126][ T55] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 370.397635][ T46] Bluetooth: (null): Invalid header checksum [ 370.504394][ T1143] Bluetooth: (null): Invalid header checksum [ 370.516961][T11414] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 370.519683][T11414] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 370.523081][T11414] vhci_hcd vhci_hcd.0: Device attached [ 370.647174][ T1143] Bluetooth: (null): Invalid header checksum [ 370.724078][ T46] Bluetooth: (null): Invalid header checksum [ 370.833977][ T46] Bluetooth: (null): Invalid header checksum [ 370.883808][T11279] usb 39-1: new low-speed USB device number 18 using vhci_hcd [ 370.981825][T11420] syz.2.1294 (11420): drop_caches: 2 [ 370.988087][T11420] syz.2.1294 (11420): drop_caches: 2 [ 371.150324][T11415] vhci_hcd: connection reset by peer [ 371.158983][ T46] vhci_hcd: stop threads [ 371.160952][ T46] vhci_hcd: release socket [ 371.164111][ T46] vhci_hcd: disconnect device [ 371.633722][ T29] vhci_hcd: vhci_device speed not set [ 374.852298][T11497] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1309'. [ 374.856673][T11497] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1309'. [ 375.489383][T11507] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 375.492157][T11507] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 375.497049][T11507] vhci_hcd vhci_hcd.0: Device attached [ 375.662838][T11408] ldusb 5-1:0.0: Couldn't submit HID_REQ_SET_REPORT -110 [ 375.684874][ T13] Bluetooth: (null): Invalid header checksum [ 375.691104][ T13] Bluetooth: (null): Invalid header checksum [ 375.711628][ T7268] usb 5-1: USB disconnect, device number 24 [ 375.787088][ T7268] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 375.823827][ T53] usb 7-1: new full-speed USB device number 24 using dummy_hcd [ 375.855326][ T13] Bluetooth: (null): Invalid header checksum [ 375.904329][ T13] Bluetooth: (null): Invalid header checksum [ 376.014822][ T13] Bluetooth: (null): Invalid header checksum [ 376.124958][ T46] Bluetooth: (null): Invalid header checksum [ 376.128390][ T1143] Bluetooth: (null): Invalid header checksum [ 376.136393][ T46] Bluetooth: (null): Invalid header checksum [ 376.216349][T11521] bridge_slave_0: left allmulticast mode [ 376.219141][T11521] bridge_slave_0: left promiscuous mode [ 376.221364][T11521] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.234377][ T13] Bluetooth: (null): Invalid header checksum [ 376.237203][ T46] Bluetooth: (null): Invalid header checksum [ 376.242012][T11521] bridge_slave_1: left allmulticast mode [ 376.246660][T11521] bridge_slave_1: left promiscuous mode [ 376.249423][T11521] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.265921][T11521] bond0: (slave bond_slave_0): Releasing backup interface [ 376.277692][T11521] bond0: (slave bond_slave_1): Releasing backup interface [ 376.346242][ T1143] Bluetooth: (null): Invalid header checksum [ 376.419075][T11521] team0: Port device team_slave_0 removed [ 376.432430][T11521] team0: Port device team_slave_1 removed [ 376.436932][T11521] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 376.449870][T11521] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 376.456600][ T1143] Bluetooth: (null): Invalid header checksum [ 376.461586][T11521] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 376.565048][ T46] Bluetooth: (null): Invalid header checksum [ 376.573446][ T7782] Bluetooth: (null): Invalid header checksum [ 376.577859][ T7782] Bluetooth: (null): Invalid header checksum [ 376.588613][ T7782] Bluetooth: (null): Invalid header checksum [ 376.675707][ T7782] Bluetooth: (null): Invalid header checksum [ 376.706380][ T13] Bluetooth: (null): Invalid header checksum [ 376.785028][ T7782] Bluetooth: (null): Invalid header checksum [ 376.814966][ T7782] Bluetooth: (null): Invalid header checksum [ 376.840691][T11508] vhci_hcd: connection reset by peer [ 376.846505][ T7782] vhci_hcd: stop threads [ 376.851374][ T7782] vhci_hcd: release socket [ 376.867473][ T7782] vhci_hcd: disconnect device [ 376.895357][ T7782] Bluetooth: (null): Invalid header checksum [ 376.934884][ T7782] Bluetooth: (null): Invalid header checksum [ 376.937430][T11279] vhci_hcd: vhci_device speed not set [ 377.005910][ T1143] Bluetooth: (null): Invalid header checksum [ 377.045779][ T46] Bluetooth: (null): Invalid header checksum [ 377.117178][ T1184] Bluetooth: (null): Invalid header checksum [ 377.165367][ T46] Bluetooth: (null): Invalid header checksum [ 377.214687][T11528] netlink: 160 bytes leftover after parsing attributes in process `syz.0.1318'. [ 377.225281][ T7782] Bluetooth: (null): Invalid header checksum [ 377.238854][T11528] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1318'. [ 377.275025][ T1184] Bluetooth: (null): Invalid header checksum [ 377.335906][ T1184] Bluetooth: (null): Invalid header checksum [ 377.385491][ T1184] Bluetooth: (null): Invalid header checksum [ 377.445250][ T1184] Bluetooth: (null): Invalid header checksum [ 377.495040][ T1184] Bluetooth: (null): Invalid header checksum [ 377.555145][ T46] Bluetooth: (null): Invalid header checksum [ 377.605810][ T1184] Bluetooth: (null): Invalid header checksum [ 377.678937][ T7782] Bluetooth: (null): Invalid header checksum [ 377.683763][T11530] syz.1.1319 (11530): drop_caches: 2 [ 377.692292][T11530] syz.1.1319 (11530): drop_caches: 2 [ 377.714903][ T7782] Bluetooth: (null): Invalid header checksum [ 377.784900][ T46] Bluetooth: (null): Invalid header checksum [ 377.825433][ T7782] Bluetooth: (null): Invalid header checksum [ 377.905588][ T1184] Bluetooth: (null): Invalid header checksum [ 377.935294][ T7782] Bluetooth: (null): Invalid header checksum [ 378.020648][ T1143] Bluetooth: (null): Invalid header checksum [ 378.046033][ T1143] Bluetooth: (null): Invalid header checksum [ 378.136180][ T7782] Bluetooth: (null): Invalid header checksum [ 378.155643][ T1143] Bluetooth: (null): Invalid header checksum [ 378.254139][ T7782] Bluetooth: (null): Invalid header checksum [ 378.264713][ T1184] Bluetooth: (null): Invalid header checksum [ 378.374323][ T7782] Bluetooth: (null): Invalid header checksum [ 378.376573][ T1143] Bluetooth: (null): Invalid header checksum [ 378.484728][ T1184] Bluetooth: (null): Invalid header checksum [ 378.493991][ T1184] Bluetooth: (null): Invalid header checksum [ 378.595976][ T1143] Bluetooth: (null): Invalid header checksum [ 378.604487][ T7782] Bluetooth: (null): Invalid header checksum [ 378.704189][ T1184] Bluetooth: (null): Invalid header checksum [ 378.723994][ T1143] Bluetooth: (null): Invalid header checksum [ 378.816545][ T1143] Bluetooth: (null): Invalid header checksum [ 378.844639][ T1184] Bluetooth: (null): Invalid header checksum [ 378.924562][ T1143] Bluetooth: (null): Invalid header checksum [ 378.964248][ T7782] Bluetooth: (null): Invalid header checksum [ 379.042459][ T53] usb 7-1: unable to get BOS descriptor or descriptor too short [ 379.048364][ T53] usb 7-1: no configurations [ 379.049887][ T53] usb 7-1: can't read configurations, error -22 [ 380.593849][T11565] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 380.596603][T11565] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 380.604548][T11565] vhci_hcd vhci_hcd.0: Device attached [ 380.619423][T11565] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1325'. [ 380.625799][T11565] netlink: 'syz.1.1325': attribute type 10 has an invalid length. [ 380.906764][T11565] batadv_slave_0: entered promiscuous mode [ 380.912413][T11566] vhci_hcd: connection closed [ 380.918783][ T46] vhci_hcd: stop threads [ 380.922736][ T46] vhci_hcd: release socket [ 380.933955][ T46] vhci_hcd: disconnect device [ 380.983878][T11279] usb 40-1: enqueue for inactive port 0 [ 381.575307][T11279] usb usb40-port1: attempt power cycle [ 381.583188][T11586] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 381.585272][T11586] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 381.627419][T11586] vhci_hcd vhci_hcd.0: Device attached [ 382.254602][ T29] usb 37-1: new low-speed USB device number 13 using vhci_hcd [ 382.650069][T11279] usb usb40-port1: unable to enumerate USB device [ 383.175806][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.178371][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.275117][ T1143] Bluetooth: (null): Invalid header checksum [ 383.277327][ T1143] Bluetooth: (null): Invalid header checksum [ 383.384232][ T46] Bluetooth: (null): Invalid header checksum [ 383.413797][T11279] usb 7-1: new full-speed USB device number 26 using dummy_hcd [ 383.494625][ T46] Bluetooth: (null): Invalid header checksum [ 383.604567][ T1143] Bluetooth: (null): Invalid header checksum [ 383.724687][ T1143] Bluetooth: (null): Invalid header checksum [ 383.781187][T11606] bridge0: port 1(syz_tun) entered blocking state [ 383.783515][T11606] bridge0: port 1(syz_tun) entered disabled state [ 383.787022][T11606] syz_tun: entered allmulticast mode [ 383.789639][T11606] syz_tun: entered promiscuous mode [ 383.793167][T11606] bridge0: port 1(syz_tun) entered blocking state [ 383.795492][T11606] bridge0: port 1(syz_tun) entered forwarding state [ 383.833464][T11608] netlink: 'syz.1.1336': attribute type 30 has an invalid length. [ 383.837212][ T1184] Bluetooth: (null): Invalid header checksum [ 383.954871][ T7782] Bluetooth: (null): Invalid header checksum [ 384.302984][ T46] Bluetooth: (null): Invalid header checksum [ 384.307320][ T46] Bluetooth: (null): Invalid header checksum [ 384.311215][ T46] Bluetooth: (null): Invalid header checksum [ 384.406257][ T1184] Bluetooth: (null): Invalid header checksum [ 384.517400][ T12] Bluetooth: (null): Invalid header checksum [ 384.843968][ T13] Bluetooth: (null): Invalid header checksum [ 384.845929][ T13] Bluetooth: (null): Invalid header checksum [ 385.228251][ T7782] Bluetooth: (null): Invalid header checksum [ 385.253873][T11588] vhci_hcd: connection reset by peer [ 385.256012][ T1184] vhci_hcd: stop threads [ 385.257469][ T1184] vhci_hcd: release socket [ 385.262338][ T1184] vhci_hcd: disconnect device [ 385.290501][ T7782] Bluetooth: (null): Invalid header checksum [ 385.293866][ T7782] Bluetooth: (null): Invalid header checksum [ 385.297754][ T7782] Bluetooth: (null): Invalid header checksum [ 385.326159][ T7782] Bluetooth: (null): Invalid header checksum [ 385.506619][ T1143] Bluetooth: (null): Invalid header checksum [ 385.544939][ T1184] Bluetooth: (null): Invalid header checksum [ 385.655347][ T7782] Bluetooth: (null): Invalid header checksum [ 385.665715][T11635] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 385.667811][T11635] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 385.670628][T11635] vhci_hcd vhci_hcd.0: Device attached [ 385.791937][ T13] Bluetooth: (null): Invalid header checksum [ 385.875383][ T1184] Bluetooth: (null): Invalid header checksum [ 385.985201][ T7782] Bluetooth: (null): Invalid header checksum [ 386.094658][ T7782] Bluetooth: (null): Invalid header checksum [ 386.204907][ T7782] Bluetooth: (null): Invalid header checksum [ 386.314623][ T46] Bluetooth: (null): Invalid header checksum [ 386.382605][T11636] vhci_hcd: connection closed [ 386.384187][ T46] vhci_hcd: stop threads [ 386.387123][ T46] vhci_hcd: release socket [ 386.389894][ T46] vhci_hcd: disconnect device [ 386.421493][T11645] overlayfs: missing 'lowerdir' [ 386.464178][ T13] Bluetooth: (null): Invalid header checksum [ 386.572306][ T1143] Bluetooth: (null): Invalid header checksum [ 386.646375][ T1143] Bluetooth: (null): Invalid header checksum [ 386.754173][ T12] Bluetooth: (null): Invalid header checksum [ 386.864039][ T1143] Bluetooth: (null): Invalid header checksum [ 386.996764][ T1143] Bluetooth: (null): Invalid header checksum [ 387.084276][ T12] Bluetooth: (null): Invalid header checksum [ 387.194117][ T1184] Bluetooth: (null): Invalid header checksum [ 387.346125][ T12] Bluetooth: (null): Invalid header checksum [ 387.415205][ T12] Bluetooth: (null): Invalid header checksum [ 387.423743][ T29] vhci_hcd: vhci_device speed not set [ 387.523972][ T12] Bluetooth: (null): Invalid header checksum [ 387.633923][ T13] Bluetooth: (null): Invalid header checksum [ 387.744007][ T13] Bluetooth: (null): Invalid header checksum [ 387.854032][ T12] Bluetooth: (null): Invalid header checksum [ 387.963878][ T1184] Bluetooth: (null): Invalid header checksum [ 388.074576][ T12] Bluetooth: (null): Invalid header checksum [ 388.184086][ T1143] Bluetooth: (null): Invalid header checksum [ 388.295129][ T1143] Bluetooth: (null): Invalid header checksum [ 388.541930][ T12] Bluetooth: (null): Invalid header checksum [ 388.604274][T11279] usb 7-1: unable to get BOS descriptor or descriptor too short [ 388.608808][ T1143] Bluetooth: (null): Invalid header checksum [ 388.630269][ T1184] Bluetooth: (null): Invalid header checksum [ 388.654164][T11279] usb 7-1: no configurations [ 388.655682][T11279] usb 7-1: can't read configurations, error -22 [ 388.923974][ T1184] Bluetooth: (null): Invalid header checksum [ 388.926620][ T1184] Bluetooth: (null): Invalid header checksum [ 388.973938][ T1184] Bluetooth: (null): Invalid header checksum [ 389.063699][T11279] usb 7-1: new full-speed USB device number 27 using dummy_hcd [ 389.269006][ T1184] Bluetooth: (null): Invalid header checksum [ 389.271998][ T1184] Bluetooth: (null): Invalid header checksum [ 389.304013][ T12] Bluetooth: (null): Invalid header checksum [ 389.393771][T11279] usb 7-1: device descriptor read/64, error -32 [ 389.414636][ T12] Bluetooth: (null): Invalid header checksum [ 389.503831][T11279] usb usb7-port1: attempt power cycle [ 389.524109][ T1143] Bluetooth: (null): Invalid header checksum [ 389.633961][ T1184] Bluetooth: (null): Invalid header checksum [ 389.745934][ T1184] Bluetooth: (null): Invalid header checksum [ 389.843800][T11279] usb 7-1: new full-speed USB device number 28 using dummy_hcd [ 389.854089][ T12] Bluetooth: (null): Invalid header checksum [ 389.864040][T11279] usb 7-1: device descriptor read/8, error -32 [ 389.973923][ T12] Bluetooth: (null): Invalid header checksum [ 390.083967][ T1184] Bluetooth: (null): Invalid header checksum [ 390.124015][T11279] usb 7-1: new full-speed USB device number 29 using dummy_hcd [ 390.144012][T11279] usb 7-1: device descriptor read/8, error -32 [ 390.205368][ T13] Bluetooth: (null): Invalid header checksum [ 390.272208][T11279] usb usb7-port1: unable to enumerate USB device [ 390.306327][ T12] Bluetooth: (null): Invalid header checksum [ 391.835706][ T1184] Bluetooth: (null): Invalid header checksum [ 391.839318][ T1184] Bluetooth: (null): Invalid header checksum [ 391.944563][ T1143] Bluetooth: (null): Invalid header checksum [ 391.973882][T11515] usb 7-1: new full-speed USB device number 30 using dummy_hcd [ 392.055343][ T1143] Bluetooth: (null): Invalid header checksum [ 392.165214][ T1143] Bluetooth: (null): Invalid header checksum [ 392.303420][ T13] Bluetooth: (null): Invalid header checksum [ 392.385246][ T13] Bluetooth: (null): Invalid header checksum [ 392.495215][ T13] Bluetooth: (null): Invalid header checksum [ 392.604942][ T12] Bluetooth: (null): Invalid header checksum [ 392.777055][ T13] Bluetooth: (null): Invalid header checksum [ 392.837527][ T13] Bluetooth: (null): Invalid header checksum [ 392.951819][ T13] Bluetooth: (null): Invalid header checksum [ 393.085231][ T13] Bluetooth: (null): Invalid header checksum [ 393.170270][ T13] Bluetooth: (null): Invalid header checksum [ 393.280562][ T13] Bluetooth: (null): Invalid header checksum [ 393.389847][ T13] Bluetooth: (null): Invalid header checksum [ 393.511691][ T1184] Bluetooth: (null): Invalid header checksum [ 393.619461][ T13] Bluetooth: (null): Invalid header checksum [ 393.815377][ T1143] Bluetooth: (null): Invalid header checksum [ 393.846437][ T7782] Bluetooth: (null): Invalid header checksum [ 393.957983][ T1143] Bluetooth: (null): Invalid header checksum [ 394.067992][ T1184] Bluetooth: (null): Invalid header checksum [ 394.177665][ T7782] Bluetooth: (null): Invalid header checksum [ 394.285418][ T1184] Bluetooth: (null): Invalid header checksum [ 394.567219][ T1184] Bluetooth: (null): Invalid header checksum [ 394.573251][ T1184] Bluetooth: (null): Invalid header checksum [ 394.625331][ T7782] Bluetooth: (null): Invalid header checksum [ 394.632063][T11763] syz.1.1376 (11763): drop_caches: 2 [ 394.642774][T11763] syz.1.1376 (11763): drop_caches: 2 [ 394.733864][ T12] Bluetooth: (null): Invalid header checksum [ 394.853926][ T7782] Bluetooth: (null): Invalid header checksum [ 394.964071][ T12] Bluetooth: (null): Invalid header checksum [ 395.083935][ T12] Bluetooth: (null): Invalid header checksum [ 395.195070][T11515] usb 7-1: unable to get BOS descriptor or descriptor too short [ 395.198215][T11515] usb 7-1: no configurations [ 395.200755][T11515] usb 7-1: can't read configurations, error -22 [ 395.804420][T11783] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1380'. [ 398.316506][T11823] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 398.446315][T11825] sp0: Synchronizing with TNC [ 401.024113][T11860] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.027727][T11860] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.148142][T11860] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 401.164846][T11860] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 401.273715][ T1143] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 256 - 0 [ 401.283813][ T1143] netdevsim netdevsim3 eth0: unset [1, 1] type 2 family 0 port 6081 - 0 [ 401.370718][ T1143] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 256 - 0 [ 401.375756][ T1143] netdevsim netdevsim3 eth1: unset [1, 1] type 2 family 0 port 6081 - 0 [ 401.393023][ T1184] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 256 - 0 [ 401.395798][ T1184] netdevsim netdevsim3 eth2: unset [1, 1] type 2 family 0 port 6081 - 0 [ 401.398751][ T1184] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 256 - 0 [ 401.401595][ T1184] netdevsim netdevsim3 eth3: unset [1, 1] type 2 family 0 port 6081 - 0 [ 401.554083][T11886] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 401.556676][T11886] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 401.560709][T11886] vhci_hcd vhci_hcd.0: Device attached [ 401.774814][T11890] overlayfs: failed to resolve './bus': -2 [ 401.777744][T11889] delete_channel: no stack [ 401.816097][ T40] audit: type=1326 audit(1761266242.804:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.822896][ T40] audit: type=1326 audit(1761266242.804:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.834319][ T40] audit: type=1326 audit(1761266242.804:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.842695][ T40] audit: type=1326 audit(1761266242.804:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.851669][ T40] audit: type=1326 audit(1761266242.804:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.860305][ T40] audit: type=1326 audit(1761266242.804:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.869052][ T40] audit: type=1326 audit(1761266242.804:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.878565][ T40] audit: type=1326 audit(1761266242.804:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.886980][ T40] audit: type=1326 audit(1761266242.804:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 401.897600][ T40] audit: type=1326 audit(1761266242.804:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.0.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 402.258370][ T6010] usb 39-1: new low-speed USB device number 19 using vhci_hcd [ 402.901327][T11907] 9pnet_fd: Insufficient options for proto=fd [ 403.190390][T11912] FAULT_INJECTION: forcing a failure. [ 403.190390][T11912] name failslab, interval 1, probability 0, space 0, times 0 [ 403.197008][T11912] CPU: 2 UID: 0 PID: 11912 Comm: syz.2.1405 Not tainted syzkaller #0 PREEMPT(full) [ 403.197024][T11912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 403.197031][T11912] Call Trace: [ 403.197035][T11912] [ 403.197039][T11912] dump_stack_lvl+0x16c/0x1f0 [ 403.197068][T11912] should_fail_ex+0x512/0x640 [ 403.197086][T11912] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 403.197099][T11912] should_failslab+0xc2/0x120 [ 403.197114][T11912] kmem_cache_alloc_noprof+0x75/0x6e0 [ 403.197125][T11912] ? __might_fault+0xe3/0x190 [ 403.197134][T11912] ? prepare_creds+0x2c/0x7d0 [ 403.197155][T11912] ? prepare_creds+0x2c/0x7d0 [ 403.197171][T11912] prepare_creds+0x2c/0x7d0 [ 403.197188][T11912] __do_sys_capset+0x26c/0x460 [ 403.197200][T11912] ? __pfx___do_sys_capset+0x10/0x10 [ 403.197215][T11912] ? ksys_write+0x1ac/0x250 [ 403.197229][T11912] ? rcu_is_watching+0x12/0xc0 [ 403.197241][T11912] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 403.197257][T11912] __do_fast_syscall_32+0x7c/0x300 [ 403.197271][T11912] do_fast_syscall_32+0x32/0x80 [ 403.197284][T11912] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 403.197297][T11912] RIP: 0023:0xf701d579 [ 403.197306][T11912] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 403.197317][T11912] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000b9 [ 403.197327][T11912] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 0000000080000140 [ 403.197334][T11912] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 403.197340][T11912] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 403.197347][T11912] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 403.197353][T11912] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 403.197367][T11912] [ 403.309731][T11887] vhci_hcd: connection reset by peer [ 403.311897][ T1184] vhci_hcd: stop threads [ 403.313817][ T1184] vhci_hcd: release socket [ 403.315772][ T1184] vhci_hcd: disconnect device [ 403.364294][T11917] fuse: Unknown parameter 'grou00000000000000000000' [ 403.973756][ T53] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 404.154881][ T53] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 404.158269][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.161673][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 404.164836][ T53] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 404.169792][ T53] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 404.172691][ T53] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 404.175275][ T53] usb 5-1: Manufacturer: syz [ 404.178182][ T53] usb 5-1: config 0 descriptor?? [ 404.203773][ T1335] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 404.363974][ T1335] usb 6-1: Using ep0 maxpacket: 8 [ 404.368075][ T1335] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 404.370942][ T1335] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 404.374305][ T1335] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 404.377359][ T1335] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 404.380841][ T1335] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 404.385125][ T1335] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 404.387977][ T1335] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.597152][ T53] usbhid 5-1:0.0: can't add hid device: -71 [ 404.599116][ T53] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 404.607493][ T1335] usb 6-1: GET_CAPABILITIES returned 0 [ 404.609870][ T1335] usbtmc 6-1:16.0: can't read capabilities [ 404.616031][ T53] usb 5-1: USB disconnect, device number 25 [ 405.016221][ T5949] usb 6-1: USB disconnect, device number 21 [ 405.388495][T11953] fuse: Unknown parameter 'grou00000000000000000000' [ 406.174072][T11968] binder: 11967:11968 ioctl 4018620d 0 returned -22 [ 406.743783][ T5949] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 406.895879][ T5949] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 406.900399][ T5949] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 406.906147][ T5949] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 406.910123][ T5949] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 406.917644][ T5949] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 406.921380][ T5949] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 406.925096][ T5949] usb 6-1: Manufacturer: syz [ 406.929670][ T5949] usb 6-1: config 0 descriptor?? [ 407.351603][ T5949] usbhid 6-1:0.0: can't add hid device: -71 [ 407.368692][ T5949] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 407.368850][T11995] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1431'. [ 407.375884][ T5949] usb 6-1: USB disconnect, device number 22 [ 407.387751][T11996] netlink: 160 bytes leftover after parsing attributes in process `syz.2.1433'. [ 407.392999][T11996] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1433'. [ 407.400451][T11995] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1431'. [ 407.403863][ T6010] vhci_hcd: vhci_device speed not set [ 408.452881][T12015] syz.0.1437 (12015): drop_caches: 2 [ 408.455621][T12015] syz.0.1437 (12015): drop_caches: 2 [ 410.209736][T12032] fuse: Unknown parameter 'grou00000000000000000000' [ 410.727750][T12046] comedi comedi0: Minor 3 specified more than once! [ 411.348893][T12054] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1446'. [ 411.352856][T12054] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1446'. [ 411.583765][ T7268] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 411.677697][T12063] netlink: 160 bytes leftover after parsing attributes in process `syz.0.1449'. [ 411.683518][T12063] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1449'. [ 411.734015][ T7268] usb 6-1: Using ep0 maxpacket: 8 [ 411.739514][ T7268] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 411.744794][ T7268] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 411.751108][ T7268] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 411.755572][ T7268] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 411.759233][ T7268] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 411.766033][ T7268] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 411.770981][ T7268] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.984537][ T7268] usb 6-1: GET_CAPABILITIES returned 0 [ 411.986474][ T7268] usbtmc 6-1:16.0: can't read capabilities [ 412.617564][T12068] fuse: Unknown parameter 'group_i00000000000000000000' [ 413.027729][ T29] usb 6-1: USB disconnect, device number 23 [ 413.524052][T11869] usb 7-1: new high-speed USB device number 32 using dummy_hcd [ 413.559950][T12083] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1455'. [ 413.683869][T11869] usb 7-1: Using ep0 maxpacket: 32 [ 413.686975][T11869] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 413.689552][T11869] usb 7-1: config 0 has no interface number 0 [ 413.691490][T11869] usb 7-1: config 0 interface 1 has no altsetting 0 [ 413.695849][T11869] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 413.698531][T11869] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.700921][T11869] usb 7-1: Product: syz [ 413.702181][T11869] usb 7-1: Manufacturer: syz [ 413.703578][T11869] usb 7-1: SerialNumber: syz [ 413.707302][T11869] usb 7-1: config 0 descriptor?? [ 413.712749][T11869] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 413.715941][T11869] usb 7-1: selecting invalid altsetting 1 [ 413.718199][T11869] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 413.723511][T11869] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 413.728050][T11869] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 413.731339][T11869] usb 7-1: media controller created [ 413.743231][T11869] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 414.746113][T11869] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 414.748340][T11869] zl10353_read_register: readreg error (reg=127, ret==-32) [ 414.750608][T11869] usb 7-1: selecting invalid altsetting 0 [ 414.752411][T11869] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 416.397958][T12127] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 417.311900][ T6010] usb 7-1: USB disconnect, device number 32 [ 420.246213][T12187] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 420.248327][T12187] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 420.251944][T12187] vhci_hcd vhci_hcd.0: Device attached [ 420.483854][ T29] usb 41-1: new low-speed USB device number 17 using vhci_hcd [ 420.816597][T12200] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1485'. [ 420.860131][T12188] vhci_hcd: connection reset by peer [ 420.862604][ T12] vhci_hcd: stop threads [ 420.864574][ T12] vhci_hcd: release socket [ 420.866038][ T12] vhci_hcd: disconnect device [ 421.262775][T12211] fuse: Unknown parameter 'group_id00000000000000000000' [ 421.449328][T12214] ieee802154 phy0 wpan0: encryption failed: -22 [ 422.501180][T12235] ipvlan1: left promiscuous mode [ 422.503349][T12235] ipvlan1: left allmulticast mode [ 422.511394][T12235] veth0_vlan: left allmulticast mode [ 422.512526][T12236] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 422.516346][T12236] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 422.520698][T12235] mac80211_hwsim hwsim2 wlan0: left allmulticast mode [ 422.524472][T12235] geneve2: left promiscuous mode [ 422.526643][T12235] geneve2: left allmulticast mode [ 422.528072][T12236] vhci_hcd vhci_hcd.0: Device attached [ 422.533508][T12235] veth3: left promiscuous mode [ 422.764684][ T6010] usb 39-1: new low-speed USB device number 20 using vhci_hcd [ 423.603923][T12237] vhci_hcd: connection reset by peer [ 423.621073][ T1184] vhci_hcd: stop threads [ 423.622614][ T1184] vhci_hcd: release socket [ 423.625582][ T1184] vhci_hcd: disconnect device [ 424.263716][T10271] usb 7-1: new high-speed USB device number 33 using dummy_hcd [ 424.883709][T10271] usb 7-1: Using ep0 maxpacket: 32 [ 424.887255][T10271] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 424.890424][T10271] usb 7-1: config 0 has no interface number 0 [ 424.892374][T10271] usb 7-1: config 0 interface 1 has no altsetting 0 [ 424.896715][T10271] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 424.900305][T10271] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.904036][T10271] usb 7-1: Product: syz [ 424.905781][T10271] usb 7-1: Manufacturer: syz [ 424.907723][T10271] usb 7-1: SerialNumber: syz [ 424.914018][T10271] usb 7-1: config 0 descriptor?? [ 424.918964][T10271] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 424.925772][T10271] usb 7-1: selecting invalid altsetting 1 [ 424.927381][T12283] netlink: 160 bytes leftover after parsing attributes in process `syz.1.1503'. [ 424.927797][T10271] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 424.932450][T10271] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 424.933605][T12283] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1503'. [ 424.939586][T10271] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 424.942255][T10271] usb 7-1: media controller created [ 425.049980][T10271] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 425.613432][T10271] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 425.617973][T10271] zl10353_read_register: readreg error (reg=127, ret==-32) [ 425.620260][T10271] usb 7-1: selecting invalid altsetting 0 [ 425.622061][T10271] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 425.683751][ T29] vhci_hcd: vhci_device speed not set [ 426.531612][T12308] netlink: 160 bytes leftover after parsing attributes in process `syz.0.1510'. [ 427.364081][ T5949] usb 7-1: USB disconnect, device number 33 [ 427.756584][ T40] kauditd_printk_skb: 23 callbacks suppressed [ 427.756595][ T40] audit: type=1326 audit(1761266268.744:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.793693][ T40] audit: type=1326 audit(1761266268.764:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.800307][ T40] audit: type=1326 audit(1761266268.764:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.833731][ T40] audit: type=1326 audit(1761266268.764:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.862749][ T40] audit: type=1326 audit(1761266268.774:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.881634][ T40] audit: type=1326 audit(1761266268.774:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.901858][ T40] audit: type=1326 audit(1761266268.774:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.930885][ T40] audit: type=1326 audit(1761266268.774:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.961177][ T40] audit: type=1326 audit(1761266268.774:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 427.979843][ T40] audit: type=1326 audit(1761266268.774:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12320 comm="syz.0.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 428.177021][T12321] syz.0.1514 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 428.313791][T12321] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 428.316616][T12321] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 428.319826][T12321] vhci_hcd vhci_hcd.0: Device attached [ 428.407095][ T6010] vhci_hcd: vhci_device speed not set [ 428.604719][T12325] vhci_hcd: connection closed [ 428.608107][ T12] vhci_hcd: stop threads [ 428.611687][ T12] vhci_hcd: release socket [ 428.637462][ T12] vhci_hcd: disconnect device [ 428.949368][T12333] netlink: 160 bytes leftover after parsing attributes in process `syz.2.1516'. [ 428.954188][T12333] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1516'. [ 429.404124][ T7268] vhci_hcd: vhci_device speed not set [ 429.531791][T12346] binder: 12345:12346 ioctl c0306201 0 returned -14 [ 429.894112][ T6010] usb 7-1: new high-speed USB device number 34 using dummy_hcd [ 429.992164][T12357] bridge0: port 1(erspan0) entered blocking state [ 430.001233][T12357] bridge0: port 1(erspan0) entered disabled state [ 430.009507][T12357] erspan0: entered allmulticast mode [ 430.032495][T12357] erspan0: entered promiscuous mode [ 430.043869][ T6010] usb 7-1: Using ep0 maxpacket: 32 [ 430.051647][ T6010] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 430.056150][ T6010] usb 7-1: config 0 has no interface number 0 [ 430.061680][ T6010] usb 7-1: config 0 interface 1 has no altsetting 0 [ 430.077844][ T6010] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 430.083051][ T6010] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.090609][ T6010] usb 7-1: Product: syz [ 430.094766][ T6010] usb 7-1: Manufacturer: syz [ 430.099456][ T6010] usb 7-1: SerialNumber: syz [ 430.165065][ T6010] usb 7-1: config 0 descriptor?? [ 430.260369][ T6010] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 430.280661][ T6010] usb 7-1: selecting invalid altsetting 1 [ 430.282647][ T6010] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 430.352584][ T6010] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 430.378486][ T6010] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 430.403164][ T6010] usb 7-1: media controller created [ 430.561099][ T6010] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 430.742763][ T46] Bluetooth: (null): Invalid header checksum [ 430.782783][ T46] Bluetooth: (null): Invalid header checksum [ 430.834921][ T46] Bluetooth: (null): Invalid header checksum [ 430.864018][ T53] usb 5-1: new full-speed USB device number 26 using dummy_hcd [ 430.944961][ T7782] Bluetooth: (null): Invalid header checksum [ 431.000674][T12380] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1530'. [ 431.003985][T12380] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1530'. [ 431.057139][ T46] Bluetooth: (null): Invalid header checksum [ 431.143974][ T7268] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 431.166093][ T12] Bluetooth: (null): Invalid header checksum [ 431.203946][ T6010] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 431.242450][ T6010] zl10353_read_register: readreg error (reg=127, ret==-32) [ 431.245744][ T6010] usb 7-1: selecting invalid altsetting 0 [ 431.248121][ T6010] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 431.279088][ T46] Bluetooth: (null): Invalid header checksum [ 431.303304][ T7268] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 431.323050][ T7268] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 431.345227][ T7268] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 431.387126][ T7268] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 431.437228][ T46] Bluetooth: (null): Invalid header checksum [ 431.441625][ T7268] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 431.445736][ T7268] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 431.448615][ T7268] usb 6-1: Manufacturer: syz [ 431.500174][ T7268] usb 6-1: config 0 descriptor?? [ 431.558704][ T7782] Bluetooth: (null): Invalid header checksum [ 431.608320][ T46] Bluetooth: (null): Invalid header checksum [ 431.718274][ T7782] Bluetooth: (null): Invalid header checksum [ 431.826258][ T1143] Bluetooth: (null): Invalid header checksum [ 431.942136][ T7782] Bluetooth: (null): Invalid header checksum [ 432.021651][ T7268] usbhid 6-1:0.0: can't add hid device: -71 [ 432.040668][ T7268] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 432.103204][ T7782] Bluetooth: (null): Invalid header checksum [ 432.181640][ T7268] usb 6-1: USB disconnect, device number 24 [ 432.343771][ T46] Bluetooth: (null): Invalid header checksum [ 432.350817][ T46] Bluetooth: (null): Invalid header checksum [ 432.374212][ T46] Bluetooth: (null): Invalid header checksum [ 432.396786][ T53] usb 5-1: unable to get BOS descriptor or descriptor too short [ 432.401085][ T53] usb 5-1: no configurations [ 432.402928][ T53] usb 5-1: can't read configurations, error -22 [ 432.974976][T12393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1532'. [ 432.988445][T12393] wireguard0: entered promiscuous mode [ 432.990243][T12393] wireguard0: entered allmulticast mode [ 433.062551][T12399] bond1: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 433.071387][T12399] bond1 (unregistering): Released all slaves [ 433.275081][T10271] usb 7-1: USB disconnect, device number 34 [ 434.623804][ T40] kauditd_printk_skb: 72 callbacks suppressed [ 434.623822][ T40] audit: type=1800 audit(1761266274.784:701): pid=12411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1536" name="bus" dev="overlay" ino=2024 res=0 errno=0 [ 435.073811][ T5949] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 435.270595][T12427] NILFS (loop2): device size too small [ 436.156964][ T5949] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 436.160325][ T5949] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 436.163716][ T5949] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 436.166699][ T5949] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 436.171542][ T5949] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 436.174893][ T5949] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 436.177751][ T5949] usb 5-1: Manufacturer: syz [ 436.181431][ T5949] usb 5-1: config 0 descriptor?? [ 436.322365][T12434] netlink: 160 bytes leftover after parsing attributes in process `syz.1.1542'. [ 436.327171][T12434] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1542'. [ 436.590485][ C0] raw-gadget.0 gadget.0: ignoring, device is not running [ 436.593158][ T5949] usbhid 5-1:0.0: can't add hid device: -71 [ 436.595171][ T5949] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 436.601476][ T5949] usb 5-1: USB disconnect, device number 28 [ 438.462556][T12460] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 438.464900][T12460] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 438.468282][T12460] vhci_hcd vhci_hcd.0: Device attached [ 438.492701][ T40] audit: type=1326 audit(1761266279.474:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.500006][ T40] audit: type=1326 audit(1761266279.484:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.507028][ T40] audit: type=1326 audit(1761266279.484:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.514289][ T40] audit: type=1326 audit(1761266279.484:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.520967][ T40] audit: type=1326 audit(1761266279.484:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.534147][ T40] audit: type=1326 audit(1761266279.484:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.542550][ T40] audit: type=1326 audit(1761266279.484:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.549991][ T40] audit: type=1326 audit(1761266279.484:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.556762][ T40] audit: type=1326 audit(1761266279.484:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709d579 code=0x7ffc0000 [ 438.723730][ T6010] usb 39-1: new low-speed USB device number 21 using vhci_hcd [ 438.872920][T12464] blktrace: Concurrent blktraces are not allowed on nullb0 [ 438.883985][T12464] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 438.886290][T12464] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 438.890967][T12464] vhci_hcd vhci_hcd.0: Device attached [ 438.898176][T12477] vhci_hcd: connection closed [ 438.901227][ T1143] vhci_hcd: stop threads [ 438.904414][ T1143] vhci_hcd: release socket [ 438.905952][ T1143] vhci_hcd: disconnect device [ 439.064790][T12461] vhci_hcd: connection reset by peer [ 439.066700][ T13] vhci_hcd: stop threads [ 439.068527][ T13] vhci_hcd: release socket [ 439.070430][ T13] vhci_hcd: disconnect device [ 439.083726][T11869] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 439.236492][T11869] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 439.240035][T11869] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 439.243384][T11869] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 439.246534][T11869] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 439.251742][T11869] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 439.254883][T11869] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 439.257587][T11869] usb 5-1: Manufacturer: syz [ 439.270691][T11869] usb 5-1: config 0 descriptor?? [ 439.786379][T12492] netlink: 160 bytes leftover after parsing attributes in process `syz.2.1556'. [ 439.794231][T12492] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1556'. [ 441.140170][T11869] usbhid 5-1:0.0: can't add hid device: -71 [ 441.142665][T11869] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 441.155479][T11869] usb 5-1: USB disconnect, device number 29 [ 441.347544][T12499] ieee802154 phy0 wpan0: encryption failed: -22 [ 442.019039][ T12] Bluetooth: (null): Invalid header checksum [ 442.044666][ T12] Bluetooth: (null): Invalid header checksum [ 442.050142][ T12] Bluetooth: (null): Invalid header checksum [ 442.053305][ T12] Bluetooth: (null): Invalid header checksum [ 442.056423][ T12] Bluetooth: (null): Invalid header checksum [ 442.105290][ T12] Bluetooth: (null): Invalid header checksum [ 442.225744][T11869] usb 7-1: new full-speed USB device number 35 using dummy_hcd [ 442.230227][ T13] Bluetooth: (null): Invalid header checksum [ 442.322145][T12507] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1561'. [ 442.334649][ T1143] Bluetooth: (null): Invalid header checksum [ 442.454093][ T1143] Bluetooth: (null): Invalid header checksum [ 442.566710][ T1143] Bluetooth: (null): Invalid header checksum [ 442.684765][ T12] Bluetooth: (null): Invalid header checksum [ 443.684175][ T13] Bluetooth: (null): Invalid header checksum [ 443.686246][ T13] Bluetooth: (null): Invalid header checksum [ 443.688254][ T13] Bluetooth: (null): Invalid header checksum [ 443.690651][ T13] Bluetooth: (null): Invalid header checksum [ 443.693080][ T13] Bluetooth: (null): Invalid header checksum [ 443.696934][ T13] Bluetooth: (null): Invalid header checksum [ 443.699004][ T13] Bluetooth: (null): Invalid header checksum [ 443.700965][ T13] Bluetooth: (null): Invalid header checksum [ 443.704277][ T12] Bluetooth: (null): Invalid header checksum [ 443.824204][ T46] Bluetooth: (null): Invalid header checksum [ 443.934615][ T13] Bluetooth: (null): Invalid header checksum [ 444.044341][ T12] Bluetooth: (null): Invalid header checksum [ 444.155284][ T13] Bluetooth: (null): Invalid header checksum [ 444.263933][ T1143] Bluetooth: (null): Invalid header checksum [ 444.304195][ T6010] vhci_hcd: vhci_device speed not set [ 444.374275][ T12] Bluetooth: (null): Invalid header checksum [ 444.484541][ T12] Bluetooth: (null): Invalid header checksum [ 444.596795][ T12] Bluetooth: (null): Invalid header checksum [ 444.607242][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.609773][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.727532][ T46] Bluetooth: (null): Invalid header checksum [ 444.800414][T12534] overlay: Bad value for 'nfs_export' [ 444.824728][ T1143] Bluetooth: (null): Invalid header checksum [ 445.114621][ T12] Bluetooth: (null): Invalid header checksum [ 445.116705][ T12] Bluetooth: (null): Invalid header checksum [ 445.174086][ T1143] Bluetooth: (null): Invalid header checksum [ 445.291031][ T1143] Bluetooth: (null): Invalid header checksum [ 445.404206][ T13] Bluetooth: (null): Invalid header checksum [ 445.525095][ T13] Bluetooth: (null): Invalid header checksum [ 445.654576][ T7782] Bluetooth: (null): Invalid header checksum [ 445.680830][T12548] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 445.683629][T12548] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 445.698178][T12548] vhci_hcd vhci_hcd.0: Device attached [ 445.768022][T12554] fuse: Invalid rootmode [ 445.933832][ T6010] usb 43-1: new low-speed USB device number 24 using vhci_hcd [ 445.984079][T12550] vhci_hcd: connection reset by peer [ 445.986725][ T1143] vhci_hcd: stop threads [ 445.988311][ T1143] vhci_hcd: release socket [ 445.990037][ T1143] vhci_hcd: disconnect device [ 446.084904][ T13] Bluetooth: (null): Invalid header checksum [ 446.086913][ T13] Bluetooth: (null): Invalid header checksum [ 446.093771][ T13] Bluetooth: (null): Invalid header checksum [ 446.095929][ T13] Bluetooth: (null): Invalid header checksum [ 446.213847][ T13] Bluetooth: (null): Invalid header checksum [ 446.325520][ T7782] Bluetooth: (null): Invalid header checksum [ 446.544864][ T1143] Bluetooth: (null): Invalid header checksum [ 446.553486][ T1143] Bluetooth: (null): Invalid header checksum [ 446.655215][ T7782] Bluetooth: (null): Invalid header checksum [ 446.681446][T12565] syz.1.1575 (12565): drop_caches: 2 [ 446.683272][T12565] syz.1.1575 (12565): drop_caches: 2 [ 446.767495][ T13] Bluetooth: (null): Invalid header checksum [ 446.873951][ T13] Bluetooth: (null): Invalid header checksum [ 447.821806][T11869] usb 7-1: unable to get BOS descriptor or descriptor too short [ 447.825235][ T7782] Bluetooth: (null): Invalid header checksum [ 447.826072][T11869] usb 7-1: no configurations [ 447.827247][ T7782] Bluetooth: (null): Invalid header checksum [ 447.829146][T11869] usb 7-1: can't read configurations, error -22 [ 447.833168][ T7782] Bluetooth: (null): Invalid header checksum [ 447.835141][ T7782] Bluetooth: (null): Invalid header checksum [ 447.837083][ T7782] Bluetooth: (null): Invalid header checksum [ 447.839045][ T7782] Bluetooth: (null): Invalid header checksum [ 447.841013][ T7782] Bluetooth: (null): Invalid header checksum [ 447.842970][ T7782] Bluetooth: (null): Invalid header checksum [ 447.905563][ T7782] Bluetooth: (null): Invalid header checksum [ 447.953707][T11869] usb 7-1: new full-speed USB device number 36 using dummy_hcd [ 447.987251][T12578] ieee802154 phy0 wpan0: encryption failed: -22 [ 448.014769][ T46] Bluetooth: (null): Invalid header checksum [ 448.083703][T11869] usb 7-1: device descriptor read/64, error -32 [ 448.124846][ T7782] Bluetooth: (null): Invalid header checksum [ 448.193809][T11869] usb usb7-port1: attempt power cycle [ 448.234039][ T46] Bluetooth: (null): Invalid header checksum [ 448.344093][ T7782] Bluetooth: (null): Invalid header checksum [ 448.454149][ T46] Bluetooth: (null): Invalid header checksum [ 448.533781][T11869] usb 7-1: new full-speed USB device number 37 using dummy_hcd [ 448.553943][T11869] usb 7-1: device descriptor read/8, error -32 [ 448.564005][ T46] Bluetooth: (null): Invalid header checksum [ 448.673923][ T46] Bluetooth: (null): Invalid header checksum [ 448.784454][ T46] Bluetooth: (null): Invalid header checksum [ 448.793967][T11869] usb 7-1: new full-speed USB device number 38 using dummy_hcd [ 448.814042][T11869] usb 7-1: device descriptor read/8, error -32 [ 448.894432][ T46] Bluetooth: (null): Invalid header checksum [ 449.014613][ T46] Bluetooth: (null): Invalid header checksum [ 449.017700][T11869] usb usb7-port1: unable to enumerate USB device [ 449.114062][T11869] raw-gadget.0 gadget.2: failed to queue resume event [ 449.114064][ T7782] Bluetooth: (null): Invalid header checksum [ 449.173850][T11869] usb 7-1: new full-speed USB device number 39 using dummy_hcd [ 449.179283][ C0] raw-gadget.0 gadget.2: ignoring, device is not running [ 449.182987][T11869] raw-gadget.0 gadget.2: failed to queue reset event [ 449.196527][T12589] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 449.199254][T12589] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 449.207868][T12589] vhci_hcd vhci_hcd.0: Device attached [ 449.235010][ T7782] Bluetooth: (null): Invalid header checksum [ 449.264675][T11869] raw-gadget.0 gadget.2: failed to queue resume event [ 449.333759][T11869] usb 7-1: device descriptor read/64, error -32 [ 449.354254][ T46] Bluetooth: (null): Invalid header checksum [ 449.373132][T12593] fuse: Bad value for 'fd' [ 449.443881][T11869] raw-gadget.0 gadget.2: failed to queue suspend event [ 449.443879][ T6503] usb 37-1: new low-speed USB device number 15 using vhci_hcd [ 449.453050][T11869] raw-gadget.0 gadget.2: failed to queue reset event [ 449.468111][ T13] Bluetooth: (null): Invalid header checksum [ 449.523881][T11869] raw-gadget.0 gadget.2: failed to queue resume event [ 449.574111][ T46] Bluetooth: (null): Invalid header checksum [ 449.583731][T11869] usb 7-1: new full-speed USB device number 40 using dummy_hcd [ 449.591268][ C0] raw-gadget.0 gadget.2: ignoring, device is not running [ 449.594647][T11869] raw-gadget.0 gadget.2: failed to queue reset event [ 449.663964][T11869] raw-gadget.0 gadget.2: failed to queue resume event [ 449.684337][ T1143] Bluetooth: (null): Invalid header checksum [ 449.718967][T12596] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.724078][T11869] usb 7-1: device descriptor read/64, error -32 [ 449.804450][ T1143] Bluetooth: (null): Invalid header checksum [ 449.826210][T12590] vhci_hcd: connection reset by peer [ 449.829267][ T46] vhci_hcd: stop threads [ 449.831387][ T46] vhci_hcd: release socket [ 449.833800][T11869] raw-gadget.0 gadget.2: failed to queue suspend event [ 449.833840][ T46] vhci_hcd: disconnect device [ 449.836715][T11869] usb usb7-port1: attempt power cycle [ 449.840105][T11869] raw-gadget.0 gadget.2: failed to queue disconnect event [ 449.842724][T11869] raw-gadget.0 gadget.2: failed to queue reset event [ 449.903993][ T46] Bluetooth: (null): Invalid header checksum [ 449.913875][T11869] raw-gadget.0 gadget.2: failed to queue resume event [ 449.917280][T11869] raw-gadget.0 gadget.2: failed to queue reset event [ 450.024450][ T7782] Bluetooth: (null): Invalid header checksum [ 450.030137][T12598] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 450.123753][T11869] raw-gadget.0 gadget.2: failed to queue resume event [ 450.134060][ T46] Bluetooth: (null): Invalid header checksum [ 450.183893][T11869] usb 7-1: new full-speed USB device number 41 using dummy_hcd [ 450.203926][ C0] raw-gadget.0 gadget.2: ignoring, device is not running [ 450.206872][T11869] usb 7-1: device descriptor read/8, error -32 [ 450.258763][ T46] Bluetooth: (null): Invalid header checksum [ 450.315349][T11869] raw-gadget.0 gadget.2: failed to queue suspend event [ 450.318393][T11869] raw-gadget.0 gadget.2: failed to queue reset event [ 450.365510][ T46] Bluetooth: (null): Invalid header checksum [ 450.400907][T11869] raw-gadget.0 gadget.2: failed to queue resume event [ 450.555317][ T1143] Bluetooth: (null): Invalid header checksum [ 450.603845][ T1143] Bluetooth: (null): Invalid header checksum [ 450.613733][T11869] usb 7-1: new full-speed USB device number 42 using dummy_hcd [ 450.633942][ C0] raw-gadget.0 gadget.2: ignoring, device is not running [ 450.636442][T11869] usb 7-1: device descriptor read/8, error -32 [ 450.704023][ T1143] Bluetooth: (null): Invalid header checksum [ 451.073852][ T6010] vhci_hcd: vhci_device speed not set [ 451.442207][T12621] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1586'. [ 451.447004][T12621] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1586'. [ 451.706900][ T46] Bluetooth: (null): Invalid header checksum [ 451.713814][T11869] raw-gadget.0 gadget.2: failed to queue suspend event [ 451.714037][ T7782] Bluetooth: (null): Invalid header checksum [ 451.774639][ T7782] Bluetooth: (null): Invalid header checksum [ 451.777259][ T7782] Bluetooth: (null): Invalid header checksum [ 451.780047][ T7782] Bluetooth: (null): Invalid header checksum [ 451.783030][ T7782] Bluetooth: (null): Invalid header checksum [ 451.786691][ T7782] Bluetooth: (null): Invalid header checksum [ 451.788956][ T7782] Bluetooth: (null): Invalid header checksum [ 451.791544][ T7782] Bluetooth: (null): Invalid header checksum [ 452.647271][ T7782] Bluetooth: (null): Invalid header checksum [ 452.648661][T11869] usb usb7-port1: unable to enumerate USB device [ 452.653904][T12503] raw-gadget.0 gadget.2: failed to queue disconnect event [ 452.656512][ T7782] Bluetooth: (null): Invalid header checksum [ 452.707129][T12628] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 452.709467][T12628] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 452.712143][T12628] vhci_hcd vhci_hcd.0: Device attached [ 452.973739][ T6010] usb 39-1: new low-speed USB device number 22 using vhci_hcd [ 453.772569][ T12] Bluetooth: (null): Invalid header checksum [ 453.775392][ T12] Bluetooth: (null): Invalid header checksum [ 453.777957][ T12] Bluetooth: (null): Invalid header checksum [ 453.780127][ T12] Bluetooth: (null): Invalid header checksum [ 453.782357][ T12] Bluetooth: (null): Invalid header checksum [ 453.785482][ T12] Bluetooth: (null): Invalid header checksum [ 453.787867][ T12] Bluetooth: (null): Invalid header checksum [ 454.606786][ T12] Bluetooth: (null): Invalid header checksum [ 454.608844][ T12] Bluetooth: (null): Invalid header checksum [ 454.611448][ T12] Bluetooth: (null): Invalid header checksum [ 454.614620][ T12] Bluetooth: (null): Invalid header checksum [ 454.617325][ T12] Bluetooth: (null): Invalid header checksum [ 454.619281][ T12] Bluetooth: (null): Invalid header checksum [ 454.621246][ T12] Bluetooth: (null): Invalid header checksum [ 454.635629][ T7782] Bluetooth: (null): Invalid header checksum [ 454.661222][T12657] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 454.663862][T12657] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 454.673828][ T6503] vhci_hcd: vhci_device speed not set [ 454.678575][T12657] vhci_hcd vhci_hcd.0: Device attached [ 454.734389][ T46] Bluetooth: (null): Invalid header checksum [ 454.828863][T12629] vhci_hcd: connection reset by peer [ 454.831286][ T46] vhci_hcd: stop threads [ 454.833094][ T46] vhci_hcd: release socket [ 454.835712][ T46] vhci_hcd: disconnect device [ 454.853339][ T40] kauditd_printk_skb: 59 callbacks suppressed [ 454.853349][ T40] audit: type=1326 audit(1761266295.834:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.855236][ T1143] Bluetooth: (null): Invalid header checksum [ 454.855652][ T40] audit: type=1326 audit(1761266295.844:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.885595][T12658] vhci_hcd: connection closed [ 454.889778][T11279] usb 7-1: new full-speed USB device number 43 using dummy_hcd [ 454.896594][ T1184] vhci_hcd: stop threads [ 454.897574][ T40] audit: type=1326 audit(1761266295.864:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.899465][ T1184] vhci_hcd: release socket [ 454.908002][ T40] audit: type=1326 audit(1761266295.864:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.914018][ T1184] vhci_hcd: disconnect device [ 454.919258][ T40] audit: type=1326 audit(1761266295.864:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.930061][ T40] audit: type=1326 audit(1761266295.864:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.939317][ T40] audit: type=1326 audit(1761266295.864:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.943919][ T29] usb 43-1: new low-speed USB device number 25 using vhci_hcd [ 454.950731][ T40] audit: type=1326 audit(1761266295.864:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.950778][ T40] audit: type=1326 audit(1761266295.864:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.950813][ T40] audit: type=1326 audit(1761266295.864:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12660 comm="syz.0.1594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 454.972525][ T29] usb 43-1: enqueue for inactive port 0 [ 454.974755][ T1184] Bluetooth: (null): Invalid header checksum [ 455.043864][ T29] vhci_hcd: vhci_device speed not set [ 455.064242][ T46] Bluetooth: (null): Invalid header checksum [ 455.174229][ T7782] Bluetooth: (null): Invalid header checksum [ 455.187152][T12661] blktrace: Concurrent blktraces are not allowed on nullb0 [ 455.195860][T12661] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 455.198727][T12661] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 455.202322][T12661] vhci_hcd vhci_hcd.0: Device attached [ 455.284039][ T1184] Bluetooth: (null): Invalid header checksum [ 455.394208][ T1184] Bluetooth: (null): Invalid header checksum [ 455.504124][ T1184] Bluetooth: (null): Invalid header checksum [ 455.614377][ T1143] Bluetooth: (null): Invalid header checksum [ 455.627670][T12672] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1596'. [ 455.635003][T12672] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1596'. [ 455.643321][T11863] hid_parser_main: 74 callbacks suppressed [ 455.643338][T11863] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 455.651635][T11863] hid-generic 0000:0000:0000.0011: hidraw1: HID v0.00 Device [syz1] on syz0 [ 455.663773][ T6503] usb 37-1: device descriptor read/64, error -110 [ 455.686103][T12663] vhci_hcd: connection closed [ 455.686695][ T1143] vhci_hcd: stop threads [ 455.690537][ T1143] vhci_hcd: release socket [ 455.701139][ T1143] vhci_hcd: disconnect device [ 455.724569][ T7782] Bluetooth: (null): Invalid header checksum [ 455.834955][ T7782] Bluetooth: (null): Invalid header checksum [ 455.843822][ T6503] vhci_hcd: vhci_device speed not set [ 455.953980][ T7782] Bluetooth: (null): Invalid header checksum [ 456.064102][ T7782] Bluetooth: (null): Invalid header checksum [ 456.174114][ T1143] Bluetooth: (null): Invalid header checksum [ 456.286584][ T1143] Bluetooth: (null): Invalid header checksum [ 456.412219][ T46] Bluetooth: (null): Invalid header checksum [ 456.550082][ T46] Bluetooth: (null): Invalid header checksum [ 456.615017][ T1143] Bluetooth: (null): Invalid header checksum [ 456.709458][T12689] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 456.711603][T12689] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 456.717058][T12689] vhci_hcd vhci_hcd.0: Device attached [ 456.719761][T12688] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 456.721887][T12688] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 456.729754][ T46] Bluetooth: (null): Invalid header checksum [ 456.733023][T12688] vhci_hcd vhci_hcd.0: Device attached [ 457.038561][ T1143] Bluetooth: (null): Invalid header checksum [ 457.040992][ T7782] Bluetooth: (null): Invalid header checksum [ 457.055059][ T7782] Bluetooth: (null): Invalid header checksum [ 457.164308][ T6503] usb 37-1: new low-speed USB device number 17 using vhci_hcd [ 457.164658][ T1184] Bluetooth: (null): Invalid header checksum [ 457.274528][ T1184] Bluetooth: (null): Invalid header checksum [ 457.277994][T12692] vhci_hcd: connection closed [ 457.283823][ T1184] vhci_hcd: stop threads [ 457.286954][ T1184] vhci_hcd: release socket [ 457.288807][ T1184] vhci_hcd: disconnect device [ 457.462534][ T1184] Bluetooth: (null): Invalid header checksum [ 457.493954][ T1184] Bluetooth: (null): Invalid header checksum [ 457.514353][T12690] vhci_hcd: connection reset by peer [ 457.524103][ T46] vhci_hcd: stop threads [ 457.525674][ T46] vhci_hcd: release socket [ 457.529387][ T46] vhci_hcd: disconnect device [ 457.604443][ T46] Bluetooth: (null): Invalid header checksum [ 457.638503][T12697] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 457.640593][T12697] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 457.643327][T12697] vhci_hcd vhci_hcd.0: Device attached [ 457.822337][ T46] Bluetooth: (null): Invalid header checksum [ 457.824413][ T46] Bluetooth: (null): Invalid header checksum [ 457.933986][ T46] Bluetooth: (null): Invalid header checksum [ 458.044538][ T1143] Bluetooth: (null): Invalid header checksum [ 458.053823][ T1023] usb 43-1: new low-speed USB device number 26 using vhci_hcd [ 458.154118][ T1184] Bluetooth: (null): Invalid header checksum [ 458.242207][T12698] vhci_hcd: connection reset by peer [ 458.244222][ T1143] vhci_hcd: stop threads [ 458.245688][ T1143] vhci_hcd: release socket [ 458.247214][ T1143] vhci_hcd: disconnect device [ 458.264033][ T1184] Bluetooth: (null): Invalid header checksum [ 458.277855][T12704] [ 458.278662][T12704] ===================================================== [ 458.280775][T12704] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 458.283055][T12704] syzkaller #0 Not tainted [ 458.284609][T12704] ----------------------------------------------------- [ 458.287978][T12704] syz.0.1602/12704 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 458.290698][T12704] ffff88802ad45b20 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x31/0x3e0 [ 458.293384][T12704] [ 458.293384][T12704] and this task is already holding: [ 458.295697][T12704] ffff88806ad7f018 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 458.298388][T12704] which would create a new lock dependency: [ 458.300238][T12704] (&new->fa_lock){....}-{3:3} -> (&f_owner->lock){....}-{3:3} [ 458.302611][T12704] [ 458.302611][T12704] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 458.305492][T12704] (&dev->event_lock#2){..-.}-{3:3} [ 458.305513][T12704] [ 458.305513][T12704] ... which became SOFTIRQ-irq-safe at: [ 458.309479][T12704] lock_acquire+0x179/0x350 [ 458.310955][T12704] _raw_spin_lock_irqsave+0x3a/0x60 [ 458.312604][T12704] input_inject_event+0x9f/0x3b0 [ 458.314198][T12704] led_set_brightness+0x217/0x290 [ 458.315850][T12704] led_trigger_event+0xda/0x270 [ 458.317371][T12704] kbd_bh+0x21b/0x300 [ 458.318648][T12704] tasklet_action_common+0x284/0x400 [ 458.320312][T12704] handle_softirqs+0x219/0x8e0 [ 458.321845][T12704] __irq_exit_rcu+0x109/0x170 [ 458.323348][T12704] irq_exit_rcu+0x9/0x30 [ 458.324729][T12704] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 458.326543][T12704] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 458.328455][T12704] _raw_spin_unlock_irq+0x29/0x50 [ 458.330057][T12704] n_tty_ioctl_helper+0x113/0x2b0 [ 458.331673][T12704] n_tty_ioctl+0x7f/0x370 [ 458.333089][T12704] tty_ioctl+0x700/0x1680 [ 458.334504][T12704] tty_compat_ioctl+0xb9/0x4d0 [ 458.336079][T12704] __ia32_compat_sys_ioctl+0x242/0x370 [ 458.337797][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.339420][T12704] do_fast_syscall_32+0x32/0x80 [ 458.340977][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.342980][T12704] [ 458.342980][T12704] to a SOFTIRQ-irq-unsafe lock: [ 458.345158][T12704] (tasklist_lock){.+.+}-{3:3} [ 458.345174][T12704] [ 458.345174][T12704] ... which became SOFTIRQ-irq-unsafe at: [ 458.349105][T12704] ... [ 458.349109][T12704] lock_acquire+0x179/0x350 [ 458.351400][T12704] _raw_read_lock+0x5f/0x70 [ 458.352858][T12704] __do_wait+0x105/0x890 [ 458.354216][T12704] do_wait+0x21d/0x590 [ 458.355584][T12704] kernel_wait+0x9f/0x160 [ 458.356998][T12704] call_usermodehelper_exec_work+0xf1/0x170 [ 458.358868][T12704] process_one_work+0x9cf/0x1b70 [ 458.360441][T12704] worker_thread+0x6c8/0xf10 [ 458.361922][T12704] kthread+0x3c5/0x780 [ 458.363235][T12704] ret_from_fork+0x675/0x7d0 [ 458.364714][T12704] ret_from_fork_asm+0x1a/0x30 [ 458.366278][T12704] [ 458.366278][T12704] other info that might help us debug this: [ 458.366278][T12704] [ 458.369406][T12704] Chain exists of: [ 458.369406][T12704] &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock [ 458.369406][T12704] [ 458.373368][T12704] Possible interrupt unsafe locking scenario: [ 458.373368][T12704] [ 458.375943][T12704] CPU0 CPU1 [ 458.377608][T12704] ---- ---- [ 458.379285][T12704] lock(tasklist_lock); [ 458.380637][T12704] local_irq_disable(); [ 458.382715][T12704] lock(&dev->event_lock#2); [ 458.385018][T12704] lock(&new->fa_lock); [ 458.387141][T12704] [ 458.388247][T12704] lock(&dev->event_lock#2); [ 458.389773][T12704] [ 458.389773][T12704] *** DEADLOCK *** [ 458.389773][T12704] [ 458.392262][T12704] 5 locks held by syz.0.1602/12704: [ 458.393898][T12704] #0: ffff88804d9c6420 (sb_writers#5){.+.+}-{0:0}, at: path_openat+0x22f4/0x2cb0 [ 458.396780][T12704] #1: ffffffff8e60ca90 (file_rwsem){.+.+}-{0:0}, at: do_dentry_open+0x91f/0x1530 [ 458.399656][T12704] #2: ffff888028660f38 (&ctx->flc_lock){+.+.}-{3:3}, at: __break_lease+0x495/0x1810 [ 458.402591][T12704] #3: ffffffff8e3c42e0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510 [ 458.405422][T12704] #4: ffff88806ad7f018 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 458.408248][T12704] [ 458.408248][T12704] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 458.411350][T12704] -> (&dev->event_lock#2){..-.}-{3:3} { [ 458.413084][T12704] IN-SOFTIRQ-W at: [ 458.414357][T12704] lock_acquire+0x179/0x350 [ 458.416372][T12704] _raw_spin_lock_irqsave+0x3a/0x60 [ 458.418512][T12704] input_inject_event+0x9f/0x3b0 [ 458.420511][T12704] led_set_brightness+0x217/0x290 [ 458.422599][T12704] led_trigger_event+0xda/0x270 [ 458.424669][T12704] kbd_bh+0x21b/0x300 [ 458.426515][T12704] tasklet_action_common+0x284/0x400 [ 458.428708][T12704] handle_softirqs+0x219/0x8e0 [ 458.430783][T12704] __irq_exit_rcu+0x109/0x170 [ 458.432849][T12704] irq_exit_rcu+0x9/0x30 [ 458.434810][T12704] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 458.437113][T12704] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 458.439587][T12704] _raw_spin_unlock_irq+0x29/0x50 [ 458.441758][T12704] n_tty_ioctl_helper+0x113/0x2b0 [ 458.443972][T12704] n_tty_ioctl+0x7f/0x370 [ 458.445967][T12704] tty_ioctl+0x700/0x1680 [ 458.447952][T12704] tty_compat_ioctl+0xb9/0x4d0 [ 458.450046][T12704] __ia32_compat_sys_ioctl+0x242/0x370 [ 458.452371][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.454576][T12704] do_fast_syscall_32+0x32/0x80 [ 458.456740][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.459311][T12704] INITIAL USE at: [ 458.460588][T12704] lock_acquire+0x179/0x350 [ 458.462591][T12704] _raw_spin_lock_irqsave+0x3a/0x60 [ 458.464783][T12704] input_inject_event+0x9f/0x3b0 [ 458.466922][T12704] led_set_brightness+0x217/0x290 [ 458.469066][T12704] kbd_led_trigger_activate+0xcb/0x110 [ 458.471357][T12704] led_trigger_set+0x59a/0xc50 [ 458.473445][T12704] led_trigger_set_default+0x1e0/0x2e0 [ 458.475744][T12704] led_classdev_register_ext+0x7b8/0xa10 [ 458.478069][T12704] input_leds_connect+0x552/0x8e0 [ 458.480212][T12704] input_attach_handler.isra.0+0x176/0x250 [ 458.482627][T12704] input_register_device+0xab9/0x1180 [ 458.484924][T12704] atkbd_connect+0x5f8/0xa40 [ 458.486958][T12704] serio_driver_probe+0x7f/0xd0 [ 458.488987][T12704] really_probe+0x241/0xa90 [ 458.490962][T12704] __driver_probe_device+0x1de/0x440 [ 458.493119][T12704] driver_probe_device+0x4c/0x1b0 [ 458.495492][T12704] __driver_attach+0x283/0x580 [ 458.497660][T12704] bus_for_each_dev+0x13e/0x1d0 [ 458.499756][T12704] serio_handle_event+0x335/0xc30 [ 458.501985][T12704] process_one_work+0x9cf/0x1b70 [ 458.504154][T12704] worker_thread+0x6c8/0xf10 [ 458.506688][T12704] kthread+0x3c5/0x780 [ 458.509078][T12704] ret_from_fork+0x675/0x7d0 [ 458.511663][T12704] ret_from_fork_asm+0x1a/0x30 [ 458.514309][T12704] } [ 458.515438][T12704] ... key at: [] __key.7+0x0/0x40 [ 458.518328][T12704] -> (&client->buffer_lock){....}-{3:3} { [ 458.520678][T12704] INITIAL USE at: [ 458.522265][T12704] lock_acquire+0x179/0x350 [ 458.524743][T12704] _raw_spin_lock+0x2e/0x40 [ 458.527276][T12704] evdev_pass_values+0x10e/0x9b0 [ 458.529564][T12704] evdev_events+0x1bb/0x390 [ 458.531548][T12704] input_pass_values+0x74e/0x880 [ 458.533620][T12704] input_handle_event+0xf00/0x14d0 [ 458.535776][T12704] input_inject_event+0x1e8/0x3b0 [ 458.537875][T12704] evdev_write+0x2e1/0x440 [ 458.539798][T12704] vfs_write+0x2a0/0x11d0 [ 458.541728][T12704] ksys_write+0x1f8/0x250 [ 458.543647][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.546197][T12704] do_fast_syscall_32+0x32/0x80 [ 458.548692][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.551174][T12704] } [ 458.552174][T12704] ... key at: [] __key.83+0x0/0x40 [ 458.555092][T12704] ... acquired at: [ 458.556644][T12704] _raw_spin_lock+0x2e/0x40 [ 458.558159][T12704] evdev_pass_values+0x10e/0x9b0 [ 458.559808][T12704] evdev_events+0x1bb/0x390 [ 458.561302][T12704] input_pass_values+0x74e/0x880 [ 458.562931][T12704] input_handle_event+0xf00/0x14d0 [ 458.564610][T12704] input_inject_event+0x1e8/0x3b0 [ 458.566280][T12704] evdev_write+0x2e1/0x440 [ 458.567799][T12704] vfs_write+0x2a0/0x11d0 [ 458.569244][T12704] ksys_write+0x1f8/0x250 [ 458.570706][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.572380][T12704] do_fast_syscall_32+0x32/0x80 [ 458.573980][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.576062][T12704] [ 458.576848][T12704] -> (&new->fa_lock){....}-{3:3} { [ 458.578480][T12704] INITIAL USE at: [ 458.579741][T12704] lock_acquire+0x179/0x350 [ 458.581651][T12704] _raw_write_lock_irq+0x36/0x50 [ 458.583713][T12704] fasync_remove_entry+0xb2/0x1e0 [ 458.585811][T12704] fasync_helper+0xaf/0xd0 [ 458.587720][T12704] pipe_fasync+0xc7/0x200 [ 458.589589][T12704] __fput+0x96b/0xb70 [ 458.591286][T12704] task_work_run+0x150/0x240 [ 458.593233][T12704] get_signal+0x1d0/0x26d0 [ 458.595167][T12704] arch_do_signal_or_restart+0x8f/0x790 [ 458.597388][T12704] exit_to_user_mode_loop+0x85/0x130 [ 458.599529][T12704] __do_fast_syscall_32+0x240/0x300 [ 458.601635][T12704] do_fast_syscall_32+0x32/0x80 [ 458.603657][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.606133][T12704] INITIAL READ USE at: [ 458.607525][T12704] lock_acquire+0x179/0x350 [ 458.609583][T12704] _raw_read_lock_irqsave+0x74/0x90 [ 458.611863][T12704] kill_fasync+0x138/0x510 [ 458.614152][T12704] evdev_pass_values+0x619/0x9b0 [ 458.616926][T12704] evdev_events+0x1bb/0x390 [ 458.619495][T12704] input_pass_values+0x74e/0x880 [ 458.622200][T12704] input_handle_event+0xf00/0x14d0 [ 458.625005][T12704] input_inject_event+0x1e8/0x3b0 [ 458.627781][T12704] evdev_write+0x2e1/0x440 [ 458.630304][T12704] vfs_write+0x2a0/0x11d0 [ 458.632817][T12704] ksys_write+0x1f8/0x250 [ 458.635359][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.638151][T12704] do_fast_syscall_32+0x32/0x80 [ 458.640843][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.644090][T12704] } [ 458.645146][T12704] ... key at: [] __key.0+0x0/0x40 [ 458.647765][T12704] ... acquired at: [ 458.649295][T12704] _raw_read_lock_irqsave+0x74/0x90 [ 458.651464][T12704] kill_fasync+0x138/0x510 [ 458.653021][T12704] evdev_pass_values+0x619/0x9b0 [ 458.654654][T12704] evdev_events+0x1bb/0x390 [ 458.656154][T12704] input_pass_values+0x74e/0x880 [ 458.657774][T12704] input_handle_event+0xf00/0x14d0 [ 458.659541][T12704] input_inject_event+0x1e8/0x3b0 [ 458.661320][T12704] evdev_write+0x2e1/0x440 [ 458.663196][T12704] vfs_write+0x2a0/0x11d0 [ 458.665008][T12704] ksys_write+0x1f8/0x250 [ 458.666469][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.668324][T12704] do_fast_syscall_32+0x32/0x80 [ 458.670236][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.672478][T12704] [ 458.673331][T12704] [ 458.673331][T12704] the dependencies between the lock to be acquired [ 458.673339][T12704] and SOFTIRQ-irq-unsafe lock: [ 458.678134][T12704] -> (tasklist_lock){.+.+}-{3:3} { [ 458.679798][T12704] HARDIRQ-ON-R at: [ 458.681090][T12704] lock_acquire+0x179/0x350 [ 458.683062][T12704] _raw_read_lock+0x5f/0x70 [ 458.685067][T12704] __do_wait+0x105/0x890 [ 458.686992][T12704] do_wait+0x21d/0x590 [ 458.688863][T12704] kernel_wait+0x9f/0x160 [ 458.690831][T12704] call_usermodehelper_exec_work+0xf1/0x170 [ 458.693238][T12704] process_one_work+0x9cf/0x1b70 [ 458.695448][T12704] worker_thread+0x6c8/0xf10 [ 458.697518][T12704] kthread+0x3c5/0x780 [ 458.699458][T12704] ret_from_fork+0x675/0x7d0 [ 458.701791][T12704] ret_from_fork_asm+0x1a/0x30 [ 458.704425][T12704] SOFTIRQ-ON-R at: [ 458.705851][T12704] lock_acquire+0x179/0x350 [ 458.707856][T12704] _raw_read_lock+0x5f/0x70 [ 458.710054][T12704] __do_wait+0x105/0x890 [ 458.712461][T12704] do_wait+0x21d/0x590 [ 458.714757][T12704] kernel_wait+0x9f/0x160 [ 458.716984][T12704] call_usermodehelper_exec_work+0xf1/0x170 [ 458.719396][T12704] process_one_work+0x9cf/0x1b70 [ 458.721738][T12704] worker_thread+0x6c8/0xf10 [ 458.724327][T12704] kthread+0x3c5/0x780 [ 458.726668][T12704] ret_from_fork+0x675/0x7d0 [ 458.729070][T12704] ret_from_fork_asm+0x1a/0x30 [ 458.731662][T12704] INITIAL USE at: [ 458.733285][T12704] lock_acquire+0x179/0x350 [ 458.735306][T12704] _raw_write_lock_irq+0x36/0x50 [ 458.737441][T12704] copy_process+0x4fe3/0x76a0 [ 458.739474][T12704] kernel_clone+0xfc/0x930 [ 458.741636][T12704] user_mode_thread+0xc8/0x110 [ 458.744192][T12704] rest_init+0x23/0x2b0 [ 458.746465][T12704] start_kernel+0x3f6/0x4e0 [ 458.748507][T12704] x86_64_start_reservations+0x18/0x30 [ 458.750843][T12704] x86_64_start_kernel+0x130/0x190 [ 458.753045][T12704] common_startup_64+0x13e/0x148 [ 458.755311][T12704] INITIAL READ USE at: [ 458.756940][T12704] lock_acquire+0x179/0x350 [ 458.759214][T12704] _raw_read_lock+0x5f/0x70 [ 458.761800][T12704] __do_wait+0x105/0x890 [ 458.764340][T12704] do_wait+0x21d/0x590 [ 458.766707][T12704] kernel_wait+0x9f/0x160 [ 458.769332][T12704] call_usermodehelper_exec_work+0xf1/0x170 [ 458.772029][T12704] process_one_work+0x9cf/0x1b70 [ 458.774249][T12704] worker_thread+0x6c8/0xf10 [ 458.776478][T12704] kthread+0x3c5/0x780 [ 458.778647][T12704] ret_from_fork+0x675/0x7d0 [ 458.780889][T12704] ret_from_fork_asm+0x1a/0x30 [ 458.783021][T12704] } [ 458.783886][T12704] ... key at: [] tasklist_lock+0x18/0x40 [ 458.786384][T12704] ... acquired at: [ 458.787680][T12704] _raw_read_lock+0x5f/0x70 [ 458.789173][T12704] send_sigio+0xb8/0x3e0 [ 458.790606][T12704] dnotify_handle_event+0x15e/0x2b0 [ 458.792634][T12704] fsnotify_handle_inode_event.isra.0+0x1e2/0x3f0 [ 458.794734][T12704] fsnotify+0x13d6/0x1dc0 [ 458.796238][T12704] path_openat+0x1b50/0x2cb0 [ 458.798031][T12704] do_filp_open+0x20b/0x470 [ 458.799909][T12704] do_sys_openat2+0x11b/0x1d0 [ 458.801460][T12704] __ia32_compat_sys_openat+0x16d/0x210 [ 458.803272][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.804862][T12704] do_fast_syscall_32+0x32/0x80 [ 458.806494][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.808545][T12704] [ 458.809313][T12704] -> (&f_owner->lock){....}-{3:3} { [ 458.810953][T12704] INITIAL USE at: [ 458.812200][T12704] lock_acquire+0x179/0x350 [ 458.814113][T12704] _raw_write_lock_irq+0x36/0x50 [ 458.816134][T12704] __f_setown+0x61/0x3c0 [ 458.817965][T12704] do_fcntl+0x1098/0x15a0 [ 458.819844][T12704] do_compat_fcntl64+0x367/0x710 [ 458.821871][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.823956][T12704] do_fast_syscall_32+0x32/0x80 [ 458.825998][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.828746][T12704] INITIAL READ USE at: [ 458.830280][T12704] lock_acquire+0x179/0x350 [ 458.832334][T12704] _raw_read_lock_irqsave+0x74/0x90 [ 458.834677][T12704] send_sigio+0x31/0x3e0 [ 458.836691][T12704] dnotify_handle_event+0x15e/0x2b0 [ 458.839205][T12704] fsnotify_handle_inode_event.isra.0+0x1e2/0x3f0 [ 458.841834][T12704] fsnotify+0x13d6/0x1dc0 [ 458.844317][T12704] path_openat+0x1b50/0x2cb0 [ 458.846937][T12704] do_filp_open+0x20b/0x470 [ 458.849288][T12704] do_sys_openat2+0x11b/0x1d0 [ 458.851848][T12704] __ia32_compat_sys_openat+0x16d/0x210 [ 458.854859][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.857653][T12704] do_fast_syscall_32+0x32/0x80 [ 458.860339][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.863619][T12704] } [ 458.864639][T12704] ... key at: [] __key.1+0x0/0x40 [ 458.867470][T12704] ... acquired at: [ 458.869016][T12704] lock_acquire+0x179/0x350 [ 458.870894][T12704] _raw_read_lock_irqsave+0x74/0x90 [ 458.873005][T12704] send_sigio+0x31/0x3e0 [ 458.874803][T12704] kill_fasync+0x214/0x510 [ 458.876687][T12704] lease_break_callback+0x23/0x30 [ 458.878757][T12704] __break_lease+0x674/0x1810 [ 458.880692][T12704] do_dentry_open+0x91f/0x1530 [ 458.882704][T12704] vfs_open+0x82/0x3f0 [ 458.884411][T12704] path_openat+0x1de4/0x2cb0 [ 458.886340][T12704] do_filp_open+0x20b/0x470 [ 458.888263][T12704] do_sys_openat2+0x11b/0x1d0 [ 458.890205][T12704] __ia32_sys_creat+0xcb/0x120 [ 458.892199][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.894298][T12704] do_fast_syscall_32+0x32/0x80 [ 458.896368][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.898454][T12704] [ 458.899224][T12704] [ 458.899224][T12704] stack backtrace: [ 458.901100][T12704] CPU: 1 UID: 0 PID: 12704 Comm: syz.0.1602 Not tainted syzkaller #0 PREEMPT(full) [ 458.901124][T12704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 458.901132][T12704] Call Trace: [ 458.901137][T12704] [ 458.901142][T12704] dump_stack_lvl+0x116/0x1f0 [ 458.901161][T12704] check_irq_usage+0x7dc/0x920 [ 458.901186][T12704] ? check_path.constprop.0+0x24/0x50 [ 458.901208][T12704] ? __lock_acquire+0x1285/0x1c90 [ 458.901228][T12704] __lock_acquire+0x1285/0x1c90 [ 458.901250][T12704] ? lockdep_unlock+0x64/0xe0 [ 458.901264][T12704] ? __lock_acquire+0x1053/0x1c90 [ 458.901285][T12704] lock_acquire+0x179/0x350 [ 458.901305][T12704] ? send_sigio+0x31/0x3e0 [ 458.901323][T12704] ? lock_acquire+0x179/0x350 [ 458.901338][T12704] _raw_read_lock_irqsave+0x74/0x90 [ 458.901349][T12704] ? send_sigio+0x31/0x3e0 [ 458.901377][T12704] send_sigio+0x31/0x3e0 [ 458.901392][T12704] kill_fasync+0x214/0x510 [ 458.901407][T12704] lease_break_callback+0x23/0x30 [ 458.901422][T12704] __break_lease+0x674/0x1810 [ 458.901433][T12704] ? __pfx___break_lease+0x10/0x10 [ 458.901449][T12704] ? apparmor_file_open+0x1a1/0x9c0 [ 458.901478][T12704] ? find_held_lock+0x2b/0x80 [ 458.901488][T12704] ? __pfx_apparmor_file_open+0x10/0x10 [ 458.901504][T12704] ? mnt_get_write_access+0x52/0x2f0 [ 458.901518][T12704] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 458.901532][T12704] do_dentry_open+0x91f/0x1530 [ 458.901546][T12704] vfs_open+0x82/0x3f0 [ 458.901561][T12704] path_openat+0x1de4/0x2cb0 [ 458.901575][T12704] ? __pfx_path_openat+0x10/0x10 [ 458.901586][T12704] ? __lock_acquire+0xb8a/0x1c90 [ 458.901601][T12704] do_filp_open+0x20b/0x470 [ 458.901616][T12704] ? __pfx_do_filp_open+0x10/0x10 [ 458.901631][T12704] ? alloc_fd+0x471/0x7d0 [ 458.901643][T12704] do_sys_openat2+0x11b/0x1d0 [ 458.901658][T12704] ? __pfx_do_sys_openat2+0x10/0x10 [ 458.901686][T12704] __ia32_sys_creat+0xcb/0x120 [ 458.901705][T12704] ? __pfx___ia32_sys_creat+0x10/0x10 [ 458.901722][T12704] ? rcu_is_watching+0x12/0xc0 [ 458.901733][T12704] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 458.901746][T12704] ? lockdep_hardirqs_on+0x7c/0x110 [ 458.901757][T12704] __do_fast_syscall_32+0x7c/0x300 [ 458.901771][T12704] do_fast_syscall_32+0x32/0x80 [ 458.901783][T12704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.901797][T12704] RIP: 0023:0xf7f15579 [ 458.901804][T12704] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 458.901815][T12704] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000008 [ 458.901825][T12704] RAX: ffffffffffffffda RBX: 0000000080000240 RCX: 0000000000000160 [ 458.901832][T12704] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 458.901838][T12704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 458.901844][T12704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 458.901850][T12704] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 458.901859][T12704] [ 459.012088][ T7782] Bluetooth: (null): Invalid header checksum [ 459.164344][ T1184] Bluetooth: (null): Invalid header checksum [ 459.233969][ T6010] vhci_hcd: vhci_device speed not set [ 459.273923][ T1184] Bluetooth: (null): Invalid header checksum [ 459.384112][ T46] Bluetooth: (null): Invalid header checksum [ 459.494130][ T46] Bluetooth: (null): Invalid header checksum [ 459.604112][ T46] Bluetooth: (null): Invalid header checksum [ 459.713854][ T7782] Bluetooth: (null): Invalid header checksum [ 459.823972][ T46] Bluetooth: (null): Invalid header checksum [ 459.934230][ T1184] Bluetooth: (null): Invalid header checksum [ 460.044074][ T1184] Bluetooth: (null): Invalid header checksum [ 460.123951][T11279] usb 7-1: unable to get BOS descriptor or descriptor too short [ 460.127188][T11279] usb 7-1: no configurations [ 460.128637][T11279] usb 7-1: can't read configurations, error -22 [ 460.154054][ T46] Bluetooth: (null): Invalid header checksum [ 460.253723][T11279] usb 7-1: new full-speed USB device number 44 using dummy_hcd [ 460.264124][ T46] Bluetooth: (null): Invalid header checksum [ 460.374013][ T1184] Bluetooth: (null): Invalid header checksum [ 460.383731][T11279] usb 7-1: device descriptor read/64, error -32 [ 460.483957][ T1143] Bluetooth: (null): Invalid header checksum [ 460.493934][T11279] usb usb7-port1: attempt power cycle [ 460.594331][ T1184] Bluetooth: (null): Invalid header checksum [ 460.704050][ T1143] Bluetooth: (null): Invalid header checksum [ 460.813934][ T1143] Bluetooth: (null): Invalid header checksum [ 460.833738][T11279] usb 7-1: new full-speed USB device number 45 using dummy_hcd [ 460.853958][T11279] usb 7-1: device descriptor read/8, error -32 [ 460.923941][ T46] Bluetooth: (null): Invalid header checksum [ 461.033908][ T1184] Bluetooth: (null): Invalid header checksum [ 461.093781][T11279] usb 7-1: new full-speed USB device number 46 using dummy_hcd [ 461.114414][T11279] usb 7-1: device descriptor read/8, error -32 [ 461.143882][ T46] Bluetooth: (null): Invalid header checksum [ 461.223843][T11279] usb usb7-port1: unable to enumerate USB device [ 462.273826][ T6503] vhci_hcd: vhci_device speed not set [ 463.153738][ T1023] vhci_hcd: vhci_device speed not set VM DIAGNOSIS: 00:38:19 Registers: info registers vcpu 0 CPU#0 RAX=00000000007d4f6c RBX=0000000000000000 RCX=ffffffff8b5d12a9 RDX=ffffed1005646656 RSI=ffffffff8bf07140 RDI=ffffffff8191cffd RBP=fffffbfff1c12f40 RSP=ffffffff8e007df8 R8 =0000000000000000 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e097a00 R14=ffffffff90822ad0 R15=0000000000000000 RIP=ffffffff8b5cfd5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097812000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000002 CR3=0000000069350000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff852669a5 RDI=ffffffff9adc0d60 RBP=ffffffff9adc0d20 RSP=ffffc900079cf0e0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff9adc0d20 R15=ffffffff85266940 RIP=ffffffff852669cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097912000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000004dfab000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=0000000000000010 RCX=ffffffff84aa7158 RDX=00000000000007f5 RSI=00000000000007f5 RDI=0000000000000007 RBP=ffffc900034cf320 RSP=ffffc900034cf188 R8 =0000000000000001 R9 =0000000000000040 R10=0000000000000015 R11=0000000000000012 R12=0000000000000015 R13=ffffc900034cf300 R14=ffff88806f1fc413 R15=00000000000007f5 RIP=ffffffff81bc657b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f8d9f1ea300 ffffffff 00c00000 GS =0000 ffff888097a12000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000560672bdc000 CR3=0000000020e6c000 CR4=00352ef0 DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0400000000000083 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff883e3dc4 ffffffff823c9502 0000000200000004 0000000600040008 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000064a 0000001400000000 0000000000000000 0000000000000017 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800040800000800 0a010de80e800202 014bf43a000027f1 0000001800000001 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8180030004000184 0800000201c70800 080049a400707364 2f7665642f01ffff ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffed08 0003000800020800 560800060171880f ffffffff02040800 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000208007c08 000a014cd4000800 0fffffffff0201c7 0800060140ee0fff ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0200080000 080006010df60fff ffffff0207800210 8080808080808c80 ZMM24=ce66b265ce66b265 ce66b265ce66b265 ce66b265ce66b265 ce66b265ce66b265 ce66b265ce66b265 ce66b265ce66b265 ce66b265ce66b265 ce66b265ce66b265 ZMM25=3950b1a53950b1a5 3950b1a53950b1a5 3950b1a53950b1a5 3950b1a53950b1a5 3950b1a53950b1a5 3950b1a53950b1a5 3950b1a53950b1a5 3950b1a53950b1a5 ZMM26=da71ec8bda71ec8b da71ec8bda71ec8b da71ec8bda71ec8b da71ec8bda71ec8b da71ec8bda71ec8b da71ec8bda71ec8b da71ec8bda71ec8b da71ec8bda71ec8b ZMM27=6392cefb6392cefb 6392cefb6392cefb 6392cefb6392cefb 6392cefb6392cefb 6392cefb6392cefb 6392cefb6392cefb 6392cefb6392cefb 6392cefb6392cefb ZMM28=000000b0000000af 000000ae000000ad 000000ac000000ab 000000aa000000a9 000000a8000000a7 000000a6000000a5 000000a4000000a3 000000a2000000a1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=760e0000760e0000 760e0000760e0000 760e0000760e0000 760e0000760e0000 760e0000760e0000 760e0000760e0000 760e0000760e0000 760e0000760e0000 info registers vcpu 3 CPU#3 RAX=0000000000000007 RBX=ffffffff9aca22e0 RCX=0000000000000006 RDX=0000000000000000 RSI=0000000000000004 RDI=ffffffff9aca22e0 RBP=0000000000000006 RSP=ffffc900005e8d10 R8 =0000000000000001 R9 =fffff520000bd198 R10=0000000000000003 R11=ffffc900005e8ff8 R12=0000000000000001 R13=dffffc0000000000 R14=ffff88805bfcaf18 R15=1ffff920000bd1ac RIP=ffffffff82240890 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097b12000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f72b4840 CR3=000000004dfab000 CR4=00352ef0 DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0400000000000083 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000